[PATCHv2] README.Coding: initialize pointers

Jeremy Allison jra at samba.org
Tue Oct 20 17:16:53 UTC 2015


On Tue, Oct 20, 2015 at 12:34:03PM +0200, Ralph Boehme wrote:
> On Tue, Oct 20, 2015 at 12:15:13PM +0200, Ralph Boehme wrote:
> > Hi!
> > 
> > What about actually adding the requirement of initializing pointers to
> > NULL to README.Coding ?
> 
> here is patch v2 with some improvements as suggested by metze.

Yay ! Now let's try and stick to it :-).

Pushed.

> -- 
> SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
> phone: +49-551-370000-0, fax: +49-551-370000-9
> AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
> http://www.sernet.de,mailto:kontakt@sernet.de

> From c6696a6cfc732ec8b79603ee6d2f10bc720dac68 Mon Sep 17 00:00:00 2001
> From: Ralph Boehme <slow at samba.org>
> Date: Tue, 20 Oct 2015 12:01:22 +0200
> Subject: [PATCH] README.Coding: initialize pointers
> 
> Pointers must be initialized to NULL.
> 
> Signed-off-by: Ralph Boehme <slow at samba.org>
> ---
>  README.Coding | 35 ++++++++++++++++++++++++++++++++++-
>  1 file changed, 34 insertions(+), 1 deletion(-)
> 
> diff --git a/README.Coding b/README.Coding
> index 52dca49..9073b77 100644
> --- a/README.Coding
> +++ b/README.Coding
> @@ -320,6 +320,39 @@ Samba tries to avoid "typedef struct { .. } x_t;" so we do always try to use
>  "struct x { .. };". We know there are still such typedefs in the code,
>  but for new code, please don't do that anymore.
>  
> +Initialize pointers
> +-------------------
> +
> +All pointer variables MUST be initialized to NULL. History has
> +demonstrated that uninitialized pointer variables have lead to various
> +bugs and security issues.
> +
> +Pointers MUST be initialized even if the assignment directly follows
> +the declaration, like pointer2 in the example below, because the
> +instructions sequence may change over time.
> +
> +Good Example:
> +
> +	char *pointer1 = NULL;
> +	char *pointer2 = NULL;
> +
> +	pointer2 = some_func2();
> +
> +	...
> +
> +	pointer1 = some_func1();
> +
> +Bad Example:
> +
> +	char *pointer1;
> +	char *pointer2;
> +
> +	pointer2 = some_func2();
> +
> +	...
> +
> +	pointer1 = some_func1();
> +
>  Make use of helper variables
>  ----------------------------
>  
> @@ -329,7 +362,7 @@ it's also easier to use the "step" command within gdb.
>  
>  Good Example:
>  
> -	char *name;
> +	char *name = NULL;
>  
>  	name = get_some_name();
>  	if (name == NULL) {
> -- 
> 2.1.0
> 




More information about the samba-technical mailing list