[Snort-devel] Bug : misuse of calloc (patch included)

Erik de Castro Lopo erikd+snort at ...2292...
Thu Jul 29 16:08:10 EDT 2004

On Thu, 29 Jul 2004 13:55:29 -0400
"Marc Norton" <marc.norton at ...402...> wrote:

> Our experience has shown this to be a non-issue, even with Solaris/sun
> based systems, which can be pretty fussy.  I appreciate the diligence
> your applying in going through the code, but this is a non-issue for the
> reasons Gisle has cited.

The problem here is that just because nobody has been bitten
by this yet, you are assuming that noone will be bitten by
it in the future. This is probably a bad assumption.

So, I went away looking for the ISO C spec on what calloc
does and found this:


from which I quote:

    The pointer returned if the allocation succeeds shall be 
    suitably aligned so that it may be assigned to a pointer to 
    any type of object and then used to access such an object 
    or an array of such objects in the space allocated ...

which supports your postion. 

I have no problem relying on behaviour defined by the ISO C 
specifications. I do have a problem relying on "it seems to 
work for me".

However, there is still a good reason to fix it; when its
fixed, noone will bring this issue up again because the 
correct usage of calloc would then make unambiguous sense.

[N] Erik de Castro Lopo, Senior Computer Engineer
[E] erik.de.castro.lopo at ...2292...
[W] http://www.sensorynetworks.com
[T] +61 2 83022726 
[F] +61 2 94750316 
[A] L4/140 William St, East Sydney NSW 2011, Australia
A good debugger is no substitute for a good test suite.

More information about the Snort-devel mailing list