| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 27 Jan 2018 17:36:42 +0530 From: George B <gb4838913@...il.com> To: linux-kernel@...r.kernel.org Subject: Re: Hi (Assigning NULL to variable after freeing it). >> I have just started to contribute to linux kernel. I was thinking of >> giving a patch where a variable is made null after free if not already >> done. >> > General answer is no... unless that particular code expects a freed pointer > to be null. In many cases the code is written so that this isn't needed, > so you would have to check each usage on a case-by-case basis. The answer "no" is overconfidence. Linux kernel should be doing defensive programming. Not setting the variable to NULL after freeing it is non-defensive programming. I know that linux kernel developers think that they are the "best in the world" but this is not true. There are many better developers around the world and they do set the variable to NULL after freeing it. Even in linux kernel itself, many developers set the variable to NULL after freeing it. This should become a standard. But I know that linux kernel developers are obstinate and hence they will not agree to this. I hate "many" linux kernel developers because of their arrogance but I do not hate those linux kernel developers who are not arrogant or egoist. Many people believe that setting a variable to NULL after freeing it is totally justified and should be done. Here is a wikipedia page to make this case stronger: https://en.wikipedia.org/wiki/Dangling_pointer But I know that linux kernel developers are obstinate, arrogant, and egoists and hence they are not going to agree to this. George
Powered by blists - more mailing lists