Subject: Re: -current config(8) + files.opencrypto == cryptographic roulette?
To: Rafal Boni <rafal@pobox.com>
From: Jonathan Stone <jonathan@DSG.Stanford.EDU>
List: current-users
Date: 11/24/2003 12:38:29
In message <200311241913.hAOJDIvZ022577@fearless-vampire-killer.waterside.net>Rafal Boni writes
[ usr.sbin/config newnv() leaves fields uninitialized ]
I'm amazed nobody else saw it -- unless the malloc support routines
changed in the meantime? But why not zero the whole nvlist structure,
as defensive programming:
Index: util.c
===================================================================
RCS file: /cvsroot/src/usr.sbin/config/util.c,v
retrieving revision 1.18
diff -u -r1.18 util.c
--- util.c 19 Sep 2003 06:19:56 -0000 1.18
+++ util.c 24 Nov 2003 20:33:29 -0000
@@ -190,6 +190,7 @@
nv = emalloc(sizeof(*nv));
else
nvfreelist = nv->nv_next;
+ memset(nv, 0, sizeof(*nv));
nv->nv_next = next;
nv->nv_name = name;
if (ptr == NULL)
or even move the memset() into config's emalloc()? It shouldn't
be that big a factor in the run time.