On Thu, Jan 28, 2021 at 12:03:36PM +0100, Peter Krempa wrote: > On Thu, Jan 28, 2021 at 10:59:41 +0000, Daniel Berrange wrote: > > On Thu, Jan 28, 2021 at 11:45:07AM +0100, Peter Krempa wrote: > > > On Thu, Jan 28, 2021 at 11:24:35 +0100, Tim Wiederhake wrote: > > > > This was found by clang-tidy's > > > > "clang-analyzer-security.insecureAPI.bzero" check. > > > > > > Any reasoning behind why bzero is bad? > > > > Yeah, it is wierd to call this an insecure API. If anything memset is > > more dangerous because people invert the 2nd and 3rd args, resulting > > in not setting any bytes at all. > > According to the manpage it can allegedly be optimized out: > > The explicit_bzero() function performs the same task as bzero(). It > differs from bzero() in that it guarantees that compiler optimizations > will not remove the erase operation if the compiler deduces that the > operation is "unnecessary". A compiler smart enough eliminate bzero can do also likely eliminate memset. > > None the less bzero is deprecated, so it makes sense to use the > > memset funtion in general. > > Yes it does, but the reason should be mentioned in the commit message. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
