Re: bzero

From: The Fungi (fungi@yuggoth.org)
Date: 09/03/02


On Tue, Sep 03, 2002 at 06:59:33PM -0700, Shane P. Lee wrote:
[snip]
> bzero(buf, sizeof(buf));
> writes 0 bytes to the first argument for every instance of the second.
[clip]

The only place I see this being of any benefit is to completely
destroy the former contents of an array after its usefulness has
expired in situations where you fear a sensitive value might be
retrieved (an unhashed password, for example). Circle doesn't appear
to do this, but the char *arg used in this case gets overwritten
fairly quickly within nanny(). For systems with insecure memory read
access this might still be a good idea, or if you think you might
have buggy code that could read beyond the end of the next
allocation and echo part of those addresses former contents to
another user. But widescale null-initializing arrays before reuse is
just an inefficient crutch for hacks, unless I'm missing something.
Why would you ever want to read from an uninitialized array? Fix the
unterminated or incorrectly-dimensioned arrays in your code (not you
specifically, but a more general "you" meant to encompass coders who
would rather waste cycles and turn a blind eye to sloppy code).
--
{ IRL(Jeremy_Stanley); PGP(9E8DFF2E4F5995F8FEADDC5829ABF7441FB84657);
SMTP(fungi@yuggoth.org); IRC(fungi@irc.yuggoth.org#ccl); ICQ(114362511);
AIM(dreadazathoth); YAHOO(crawlingchaoslabs); FINGER(fungi@yuggoth.org);
MUD(Nergel@mud.yuggoth.org:2325); WWW(http://fungi.yuggoth.org/); }

--
   +---------------------------------------------------------------+
   | FAQ: http://qsilver.queensu.ca/~fletchra/Circle/list-faq.html |
   | Archives: http://post.queensu.ca/listserv/wwwarch/circle.html |
   | Newbie List:  http://groups.yahoo.com/group/circle-newbies/   |
   +---------------------------------------------------------------+



This archive was generated by hypermail 2b30 : 06/25/03 PDT