PengZheng commented on a change in pull request #392:
URL: https://github.com/apache/celix/pull/392#discussion_r790626170
##########
File path: libs/framework/src/bundle_context.c
##########
@@ -76,7 +76,7 @@ celix_status_t bundleContext_create(framework_pt framework,
celix_framework_logg
}
}
-
+ //FIXME: context == NULL?
Review comment:
Thanks for making the policy clear. I accept it and remove the FIXME.
Please note that Linux overcommit can be turned off and that malloc/calloc
can fail for other reasons, .e.g. ulimit.
One failure worth noting is that calloc return NULL when integer overflow is
detected (nmemb * size):
https://github.com/lattera/glibc/blob/master/malloc/malloc.c#L3361-L3370
If one of `nmemb` and `size` is from external source (like user input), it's
kind of Denial of Service vulnerability.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
