On Thu, Jan 28, 2021 at 11:45:07AM +0100, Peter Krempa wrote: > On Thu, Jan 28, 2021 at 11:24:35 +0100, Tim Wiederhake wrote: > > This was found by clang-tidy's > > "clang-analyzer-security.insecureAPI.bzero" check. > > Any reasoning behind why bzero is bad?
Yeah, it is wierd to call this an insecure API. If anything memset is more dangerous because people invert the 2nd and 3rd args, resulting in not setting any bytes at all. None the less bzero is deprecated, so it makes sense to use the memset funtion in general. > > > > > > Signed-off-by: Tim Wiederhake <twied...@redhat.com> > > --- > > src/util/virarptable.c | 2 +- > > tests/virpcimock.c | 2 +- > > 2 files changed, 2 insertions(+), 2 deletions(-) > Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
