From owner-freebsd-hackers  Fri Sep  7 23:45:33 2001
Delivered-To: freebsd-hackers@freebsd.org
Received: from maxim.gbch.net (gw.gbch.net [203.24.22.66])
	by hub.freebsd.org (Postfix) with SMTP id 84F2237B405
	for <hackers@FreeBSD.ORG>; Fri,  7 Sep 2001 23:45:27 -0700 (PDT)
Received: (qmail 93021 invoked by uid 1001); 8 Sep 2001 16:45:25 +1000
Message-ID: <nospam-999931525.93020@maxim.gbch.net>
X-Posted-By: GJB-Post 2.21 16-Jun-2001
X-Operating-System: FreeBSD 4.2-RELEASE i386
X-Location: Brisbane, Australia; 27.49841S 152.98439E
X-URL: http://www.gbch.net/gjb.html
X-Image-URL: http://www.gbch.net/gjb/gjb-auug048.gif
X-GPG-Fingerprint: EBB2 2A92 A79D 1533 AC00  3C46 5D83 B6FB 4B04 B7D6
X-PGP-Public-Keys: http://www.gbch.net/keys.html
Date: Sat, 08 Sep 2001 16:45:25 +1000
From: Greg Black <gjb@gbch.net>
To: Leo Bicknell <bicknell@ufp.org>
Cc: Chris Costello <chris@calldei.com>,
	FreeBSD Hackers <hackers@FreeBSD.ORG>
Subject: Re: tiny patch to pkg_add 
References: <20010907150416.A38565@dub.net> <20010907151935.A40146@dub.net> <20010907183242.A66179@ussenterprise.ufp.org> <20010907174626.A548@holly.calldei.com> <20010907192219.A67548@ussenterprise.ufp.org> 
In-reply-to: <20010907192219.A67548@ussenterprise.ufp.org> 
	of Fri, 07 Sep 2001 19:22:19 -0400
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

Leo Bicknell wrote:

| On Fri, Sep 07, 2001 at 05:46:26PM -0500, Chris Costello wrote:
| > > bzero((void *)packagesite, sizeof(packagesite));
| > 
| >    That's unnecessary unless you know you're going to be reading
| > data from that string starting somewhere other than
| > &packagesite[0];.  And the `void *' cast is unnecessary, as an
| > array is converted to a pointer when passed to a function, and
| > any data pointer is also implicitly converted to a `void *'
| > pointer where necessary.
| 
| That's not the only reason to do it.  Many people in the past have
| gotten passwords out of various applications by making them core
| dump, sifting through /dev/kmem, and other things.  While it's not
| clear that his application might have these issues, I come from
| the better safe than sorry school.  If you want to make a string
| "empty", make it empty, don't just clobber the first character.

If this was a password, then there would be reasons to clear it
out, but it's not.  Don't just make work for the sake of it, but
understand the code and do what is needed.

| The void * is necessary to make lint happy.  It is not necessary
| for the program to work right.

If you have a lint that needs the cast, throw it away because
it's wrong.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message