Sorry, I went to bugzilla before reading all the e-mails here. As I
commented on the bug report states, there is nothing fishy going on.
While strlen(NULL) will always segfault, htcpBuildCountstr() wraps the
strlen() call with a check for a NULL pointer:
260 if (s)
261 len = strlen(s);
262 else
263 len = 0;
We could certainly add code to initialize req_hdrs to an empty string,
but with code like this, I'm suspicious that other function calls are
passing null pointers as well and the check won't be able to be removed
easily.
--Jason
Henrik Nordstrom wrote:
fre 2009-10-02 klockan 02:52 -0400 skrev Matt W. Benjamin:
Bzero? Is it an already-allocated array/byte sequence? (Apologies, I haven't
seen the code.) Assignment to NULL/0 is in fact correct for initializing a
sole pointer, and using bzero for that certainly isn't typical. Also, for
initializing a byte range, memset is preferred [see Linux BZERO(3), which
refers to POSIX.1-2008 on that point].
STYLE(9) says use NULL rather than 0, and it is clearer. But C/C++ programmers
should know that NULL is 0. And note that at least through 1998,
initialization to 0 was the preferred style in C++, IIRC.
You are both right.
the whole stuff should be zeroed before filled in to avoid accidental
leakage of "random" values from the stack, which also makes the explicit
assignment redundant.
bzero is not the right call (BSD specific), memset is preferred.
In C (which is what Squid-2 is written in) NULL is the right initializer
for pointers in all contexts.
C++ is different... no universally accepted pointer initializer value
there due to the slightly different type checks on pointers, often
needing casting.
But something is fishy here.. see my comment in bugzilla.
Regards
Henrik
