[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] use qemu_malloc and friends consistently

From: Gerd Hoffmann
Subject: Re: [Qemu-devel] [PATCH] use qemu_malloc and friends consistently
Date: Fri, 29 May 2009 14:36:50 +0200
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1b3pre) Gecko/20090513 Fedora/3.0-2.3.beta2.fc11 Lightning/1.0pre Thunderbird/3.0b2

a. return NULL
b. return malloc(1)
c. abort
d. do what OpenBSD does

(e) return malloc(0), without wrapping it into oom_check().

In a nutshell what i argue is that, if someone doesn't need any memory
it shouldn't be asking for it, and it's not that unlikely that the
author never considered the possibility of his code requesting zero
bytes of memory,

If the calling code correctly keeps track of the allocated amount of memory (which it should do anyway for correctness and security reasons) the zero-length case will not cause any hickups. It will happily copy zero bytes, do zero loop interations, or whatever else.

Aborting on qemu_malloc(0) forces the call sites to add a special case for len=0, even though correctly written code doesn't need a special case for it.

For the purpose of finding broken code returning NULL is IMHO the best option. Although dereferencing NULL is undefined, in practice it will segfault in most cases so the bugs shouldn't stay unnoticed for long.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]