Carlo Marcelo Arenas Belón <carenas@xxxxxxxxx> writes: > At least in glibc based systems, memset with a NULL first parameter > will cause a runtime exception. I take it to mean that the code assumes that it is OK to pass NULL as long as length is 0 (i.e. filling the range of memory whose size is 0 with the specified byte can happen safely no matter what the starting address of that range is, as size==0 by definition should mean a no-op). That would mean we have a rule on how members of dest must be set: .data is allowed to be NULL only when .len is 0. If so, I wonder if we want to guard with dest->len instead, i.e. if (dest->len) memset(dest->data, 0xff, dest->len); With the form in this patch, i.e. > - memset(dest->data, 0xff, dest->len); > + if (dest->data) > + memset(dest->data, 0xff, dest->len); we will fail to catch a bogus caller that violates the rule above that we have on <data, len>. But if we guard with dest->len, then a violator of <data, len> rule will be caught by memset(). Thanks.
