On Sun 01 Apr 2012 13:01, Bruno Haible <br...@clisp.org> writes: > This is normal documented behaviour. The function's description at [1] > > uint8_t * u32_to_u8 (const uint32_t *s, size_t n, uint8_t *resultbuf, > size_t *lengthp) > > is preceded by the general conventions explanation [2]: > > Functions returning a string result take a (resultbuf, lengthp) > argument pair. If resultbuf is not NULL and the result fits into > *lengthp units, it is put in resultbuf, and resultbuf is returned. > Otherwise, a freshly allocated string is returned. In both cases, > *lengthp is set to the length (number of units) of the returned string. > In case of error, NULL is returned and errno is set. > > In your program, the "Otherwise" applies, so: > - A freshly allocated string is returned. > - *lengthp is set to the length (number of units) of the returned string. > > Since you pass lengthp == a null pointer, you provoke a null pointer > dereference.
Thanks for the explanation. I've fixed Guile's usage of this function (introduced recently). Regards, Andy -- http://wingolog.org/
