[strongSwan-dev] malloc check policy
emeric.poupon at stormshield.eu
Mon Mar 21 14:23:37 CET 2016
Aren't you afraid by potential side effects using this approach?
You may get a NULL pointer and perform some operations with it, like pointer arithmetic, without crashing.
Furthermore you could possibly have security issues before eventually crash.
The question is: since you have done the job to get proper malloc hooks with the leak detective, why not just abort on failure?
----- Mail original -----
De: "Tobias Brunner" <tobias at strongswan.org>
À: "Emeric POUPON" <emeric.poupon at stormshield.eu>, dev at lists.strongswan.org
Envoyé: Lundi 21 Mars 2016 12:24:20
Objet: Re: [strongSwan-dev] malloc check policy
> I noticed that a lot of malloc calls are not checked in the code (may return NULL).
Yes, generally we don't check the return value.
> What is your policy on this behavior?
If malloc() fails you have a serious problem anyway. Handling this
gracefully is often not really possible so we don't even attempt it.
More information about the Dev