[PATCHv2] README.Coding: initialize pointers
Ralph Boehme
rb at sernet.de
Tue Oct 20 10:34:03 UTC 2015
On Tue, Oct 20, 2015 at 12:15:13PM +0200, Ralph Boehme wrote:
> Hi!
>
> What about actually adding the requirement of initializing pointers to
> NULL to README.Coding ?
here is patch v2 with some improvements as suggested by metze.
-Ralph
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de,mailto:kontakt@sernet.de
-------------- next part --------------
From c6696a6cfc732ec8b79603ee6d2f10bc720dac68 Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Tue, 20 Oct 2015 12:01:22 +0200
Subject: [PATCH] README.Coding: initialize pointers
Pointers must be initialized to NULL.
Signed-off-by: Ralph Boehme <slow at samba.org>
---
README.Coding | 35 ++++++++++++++++++++++++++++++++++-
1 file changed, 34 insertions(+), 1 deletion(-)
diff --git a/README.Coding b/README.Coding
index 52dca49..9073b77 100644
--- a/README.Coding
+++ b/README.Coding
@@ -320,6 +320,39 @@ Samba tries to avoid "typedef struct { .. } x_t;" so we do always try to use
"struct x { .. };". We know there are still such typedefs in the code,
but for new code, please don't do that anymore.
+Initialize pointers
+-------------------
+
+All pointer variables MUST be initialized to NULL. History has
+demonstrated that uninitialized pointer variables have lead to various
+bugs and security issues.
+
+Pointers MUST be initialized even if the assignment directly follows
+the declaration, like pointer2 in the example below, because the
+instructions sequence may change over time.
+
+Good Example:
+
+ char *pointer1 = NULL;
+ char *pointer2 = NULL;
+
+ pointer2 = some_func2();
+
+ ...
+
+ pointer1 = some_func1();
+
+Bad Example:
+
+ char *pointer1;
+ char *pointer2;
+
+ pointer2 = some_func2();
+
+ ...
+
+ pointer1 = some_func1();
+
Make use of helper variables
----------------------------
@@ -329,7 +362,7 @@ it's also easier to use the "step" command within gdb.
Good Example:
- char *name;
+ char *name = NULL;
name = get_some_name();
if (name == NULL) {
--
2.1.0
More information about the samba-technical
mailing list