Mercurial > dovecot > original-hg > dovecot-1.2
changeset 3935:51406aaccb46 HEAD
Added something about setting freed pointers to NULL.
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Sun, 22 Jan 2006 21:59:21 +0200 |
| parents | 863a3fcac7b2 |
| children | 8e827b05047b |
| files | doc/securecoding.txt |
| diffstat | 1 files changed, 9 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/doc/securecoding.txt Sun Jan 22 21:36:44 2006 +0200 +++ b/doc/securecoding.txt Sun Jan 22 21:59:21 2006 +0200 @@ -86,6 +86,15 @@ See lib/mempool.h +Deinitialize safely +------------------- + +Whenever you free a pointer, set it to NULL. That way if you accidentally +try to free it again, it's less likely to cause a security hole. Dovecot +does this automatically with most of its free() calls, but you should also +make it a habit of making all your _destroy() functions take a +pointer-to-pointer parameter which you set to NULL. + Don't Keep Secrets ------------------