bzero() before free()

Thu Apr 2 05:25:31 EST 2009

Good point, I also thought of that, but it isn't done all the time (sometimes they do, sometimes they don't...)

Met vriendelijke groet 
Best regards 
Bien à vous 

Miguel SANDERS
ArcelorMittal Gent

UNIX Systems & Storage
IT Supply Western Europe | John Kennedylaan 51 
B-9042 Gent

T +32 9 347 3538 | F +32 9 347 4901 | M +32478 805 023
E miguel.sanders at arcelormittal.com
www.arcelormittal.com/gent 

________________________________

Van: Eduardo Silva [mailto:edsiper at gmail.com] 
Verzonden: woensdag 1 april 2009 20:16
Aan: SANDERS Miguel
CC: openssh-unix-dev at mindrot.org
Onderwerp: Re: bzero() before free()

I had to do that long time ago, that was the only way to avoid a problem generated by the compiler, I'm not talking about ssh, it was another project... maybe it was done for the same reason ?

On Wed, Apr 1, 2009 at 2:12 PM, <miguel.sanders at arcelormittal.com> wrote:

	Hi guys

	I've been browsing the code and at many places I found the following odd sequence:

	char * string=malloc(somesize);
	…
	bzero(string,strlen(string));
	free(string);

	I really don't see why you would zero a string and free the memory immediately afterwards?
	Any idea why this is done?

	Thanks!

	Met vriendelijke groet
	Best regards
	Bien à vous

	Miguel SANDERS
	ArcelorMittal Gent

	UNIX Systems & Storage
	IT Supply Western Europe | John Kennedylaan 51
	B-9042 Gent

	T +32 9 347 3538 | F +32 9 347 4901 | M +32478 805 023
	E miguel.sanders at arcelormittal.com
	www.arcelormittal.com/gent

	****
	This message and any attachment are confidential, intended solely for the use of the individual or entity to whom it is addressed and may be protected by professional secrecy or intellectual property rights.
	If you have received it by mistake, or are not the named recipient(s), please immediately notify the sender and delete the message. You are hereby notified that any unauthorized use, copying or dissemination of any or all information contained in this message is prohibited.
	Arcelormittal shall not be liable for the message if altered, falsified, or in case of error in the recipient.
	This message does not constitute any right or commitment for ArcelorMittal except when expressly agreed otherwise in writing in a separate agreement.
	****

	_______________________________________________
	openssh-unix-dev mailing list
	openssh-unix-dev at mindrot.org
	https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

-- 
Eduardo Silva
http://edsiper.linuxchile.cl

**** 
This message and any attachment are confidential, intended solely for the use of the individual or entity to whom it is addressed and may be protected by professional secrecy or intellectual property rights. 
If you have received it by mistake, or are not the named recipient(s), please immediately notify the sender and delete the message. You are hereby notified that any unauthorized use, copying or dissemination of any or all information contained in this message is prohibited. 
Arcelormittal shall not be liable for the message if altered, falsified, or in case of error in the recipient. 
This message does not constitute any right or commitment for ArcelorMittal except when expressly agreed otherwise in writing in a separate agreement.  
****  