On Wed, May 03, 2023 at 02:30:27AM +0800, James Raphael Tiovalen wrote: > This commit adds zero-initializations by changing `SFL_ALLOC` from > `malloc` to `xzalloc`, adding a `memset` call to `sflAlloc`, > initializing a `pollfd` struct variable with zeroes, and changing some > calls to `xmalloc` to `xzalloc`. This is to prevent potential data leaks > or undefined behavior from potentially uninitialized variables. > > Some variables would always be initialized by either the code flow or > the compiler. Thus, some of the associated Coverity reports might be > false positives. That said, it is still considered best practice to > zero-initialize variables upfront just in case to ensure the overall > resilience and security of OVS, as long as they do not impact > performance-critical code. As a bonus, it would also make static > analyzer tools, such as Coverity, happy. > > Signed-off-by: James Raphael Tiovalen <jamestio...@gmail.com>
Reviewed-by: Simon Horman <simon.hor...@corigine.com> _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
