[tor-dev] Remove NULL checks for *_free() calls
Mansour Moufid
mansourmoufid at gmail.com
Mon Aug 31 02:37:02 UTC 2015
On Sun, Aug 30, 2015 at 8:13 PM, Michael McConville
<mmcconv1 at sccs.swarthmore.edu> wrote:
> free() is specified to be NULL-safe, and I don't know of any
> implementations that violate this.
I think those NULL checks are meant to avoid double-free bugs. If you
assign NULL to a pointer after you free it and check all pointers
before free, you avoid trying to free it again.
Like there:
> error:
> - if (x509) {
> - X509_free(x509);
> - x509 = NULL;
> - }
But you did find some places they forgot to assign NULL after free.
Here's a fun exercise: use Coccinelle to find and patch those.
http://coccinelle.lip6.fr/
A semantic patch might look like this:
@@
identifier f =~ "free";
expression x;
@@
f(x);
+ x = NULL;
Happy hacking!
Mansour
More information about the tor-dev
mailing list