Re: [libvirt PATCH 05/11] Replace bzero() with memset()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Jan 28, 2021 at 12:03:36PM +0100, Peter Krempa wrote:
> On Thu, Jan 28, 2021 at 10:59:41 +0000, Daniel Berrange wrote:
> > On Thu, Jan 28, 2021 at 11:45:07AM +0100, Peter Krempa wrote:
> > > On Thu, Jan 28, 2021 at 11:24:35 +0100, Tim Wiederhake wrote:
> > > > This was found by clang-tidy's
> > > > "clang-analyzer-security.insecureAPI.bzero" check.
> > > 
> > > Any reasoning behind why bzero is bad?
> > 
> > Yeah, it is wierd to call this an insecure API.  If anything memset is
> > more dangerous because people invert the 2nd and 3rd args, resulting
> > in not setting any bytes at all.
> 
> According to the manpage it can allegedly be optimized out:
> 
>        The  explicit_bzero()  function  performs the same task as bzero().  It
>        differs from bzero() in that it guarantees that compiler  optimizations
>        will  not  remove  the erase operation if the compiler deduces that the
>        operation is "unnecessary".

A compiler smart enough eliminate bzero can do also likely eliminate
memset.

> > None the less  bzero is deprecated, so it makes sense to use the
> > memset funtion in general.
> 
> Yes it does, but the reason should be mentioned in the commit message.

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux