On 09/05/17 20:08, Selva Nair wrote: > Hi, > > On Tue, May 9, 2017 at 1:47 PM, David Sommerseth > <open...@sf.lists.topphemmelig.net > <mailto:open...@sf.lists.topphemmelig.net>> wrote: > > That said, I think we should fix secure_memzero() to just return if the > input pointer is NULL. And even though most compilers do initialize > variables, I think it's good to be defensive here and initialize > `up` too. > > > No, compiler will not initialize such non-static local variables. In > fact in this case gcc will warn (with -Wall) that "up" may be used > uninitalized because of code paths where "up" is not allocated as you > pointed out. > > In that sense its better not to initialize such variables as > initialization can hide errors.
I agree that getting the warning is useful for developers. But I've just seen way too many packagers ignoring these warnings (or even removing -Wall) - and then ship binaries with undefined behaviour. I don't like that scenario at all. -- kind regards, David Sommerseth OpenVPN Technologies, Inc
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
