Date: Fri, 7 Sep 2001 19:22:19 -0400 From: Leo Bicknell <bicknell@ufp.org> To: Chris Costello <chris@calldei.com> Cc: Leo Bicknell <bicknell@ufp.org>, FreeBSD Hackers <hackers@FreeBSD.ORG> Subject: Re: tiny patch to pkg_add Message-ID: <20010907192219.A67548@ussenterprise.ufp.org> In-Reply-To: <20010907174626.A548@holly.calldei.com>; from chris@calldei.com on Fri, Sep 07, 2001 at 05:46:26PM -0500 References: <20010907150416.A38565@dub.net> <20010907151935.A40146@dub.net> <20010907183242.A66179@ussenterprise.ufp.org> <20010907174626.A548@holly.calldei.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Sep 07, 2001 at 05:46:26PM -0500, Chris Costello wrote: > > bzero((void *)packagesite, sizeof(packagesite)); > > That's unnecessary unless you know you're going to be reading > data from that string starting somewhere other than > &packagesite[0];. And the `void *' cast is unnecessary, as an > array is converted to a pointer when passed to a function, and > any data pointer is also implicitly converted to a `void *' > pointer where necessary. That's not the only reason to do it. Many people in the past have gotten passwords out of various applications by making them core dump, sifting through /dev/kmem, and other things. While it's not clear that his application might have these issues, I come from the better safe than sorry school. If you want to make a string "empty", make it empty, don't just clobber the first character. The void * is necessary to make lint happy. It is not necessary for the program to work right. -- Leo Bicknell - bicknell@ufp.org Systems Engineer - Internetworking Engineer - CCIE 3440 Read TMBG List - tmbg-list-request@tmbg.org, www.tmbg.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010907192219.A67548>