Re: [libvirt PATCH 05/11] Replace bzero() with memset()
On Thu, Jan 28, 2021 at 12:03:36PM +0100, Peter Krempa wrote:
On Thu, Jan 28, 2021 at 10:59:41 +0000, Daniel Berrange wrote:
> On Thu, Jan 28, 2021 at 11:45:07AM +0100, Peter Krempa wrote:
> > On Thu, Jan 28, 2021 at 11:24:35 +0100, Tim Wiederhake wrote:
> > > This was found by clang-tidy's
> > > "clang-analyzer-security.insecureAPI.bzero" check.
> >
> > Any reasoning behind why bzero is bad?
>
> Yeah, it is wierd to call this an insecure API. If anything memset is
> more dangerous because people invert the 2nd and 3rd args, resulting
> in not setting any bytes at all.
According to the manpage it can allegedly be optimized out:
The explicit_bzero() function performs the same task as bzero(). It
differs from bzero() in that it guarantees that compiler optimizations
will not remove the erase operation if the compiler deduces that the
operation is "unnecessary".
A compiler smart enough eliminate bzero can do also likely eliminate
memset.
> None the less bzero is deprecated, so it makes sense to use
the
> memset funtion in general.
Yes it does, but the reason should be mentioned in the commit message.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|