On Wed, Feb 20, 2013 at 12:24:35PM -0500, Kevyn-Alexandre Paré
<kap...@rogue-research.com> wrote:
> My only concern about this way of freeing is about that post:
>
> https://www.securecoding.cert.org/confluence/display/seccode/MEM04-C.+Do+not+perform+zero-length+allocations
I am not a friend of the secure coding standards, and this is a good
example why:
Basically it says that when you allocate n bytes, you shouldn't access
anything beyond those n bytes.
Except it only talks about the very special and unimportant case n == 0,
while the cases where n > 0 are much more common in practise. But overall,
it's trivial.
The explanation of why you shouldn't has nothing to do with the special
semantics of realloc etc., or with the size being 0.
It does get some points for talking about the problem of realloc failing,
but a thorough discussion about this problem would have been much better
and more useful than saying that accessing memory behind a pointer to a
zero-sized memory area is invalid because it is beyond the allocated area,
and therefore implying that this might not be so if the size is not zero.
That strongly reminds me of the prof. at the university who once told his
students that in a U-pipe, IF the two pipes have the same diameter, THEN
the liquid level is the same in both pipes, causing one of his doctorands
to exclaim later:
"wow, this is great, you go to the beach, make a small hole and the water
will just GUSH OUT in a big fountain!"
No, really, the secure coding standards are an unholy mix of very
dangerous ideas and very important issues, and are not very useful unless
you already know most of these issues.
--
The choice of a Deliantra, the free code+content MORPG
-----==- _GNU_ http://www.deliantra.net
----==-- _ generation
---==---(_)__ __ ____ __ Marc Lehmann
--==---/ / _ \/ // /\ \/ / schm...@schmorp.de
-=====/_/_//_/\_,_/ /_/\_\
_______________________________________________
libev mailing list
libev@lists.schmorp.de
http://lists.schmorp.de/cgi-bin/mailman/listinfo/libev
