<<< Date Index >>>     <<< Thread Index >>>

Re: [PATCH] Fix memory function use



On Tuesday, 02 May 2006 at 15:08, Brendan Cully wrote:
> On Tuesday, 02 May 2006 at 20:43, Rocco Rutte wrote:
> > Hi,
> > 
> > * Brendan Cully [06-05-02 13:25:30 -0700] wrote:
> > 
> > >I never got the point of FREE vs safe_free - I don't see it as a bug
> > >to use safe_free, though it is an inconsistency.
> > 
> > If I recall correctly, some years ago there was:
> > 
> >   safe_free (void**);
> >   #define FREE(X)       safe_free((void**)(X))
> > 
> > just to avoid having to write all the casts manually.
> > 
> > Now it's even more dangerous since safe_free() dereferences its 
> > pointers without a big fat warning somewhere. In fact, before adding the 
> > check_sec.sh checks I though about just adding a note somewhere but 
> > couldn't really find an accurate place for it...
> 
> That's why I don't like the automatic cast - the compiler should get a
> chance to check whether the argument is a ** type. That may be why the
> current macro is
> # define FREE(x) safe_free(x)
> 
> But I don't think I understand why safe_free is
> void safe_free (void *)
> instead of
> void safe_free (void **)
> 
> wouldn't this be the proper fix?

sorry, that was dumb. I thought for a moment that eg char**
automatically downcast to void** like char* does for void*.

You're probably right, it might be better to have check_sec look out
for & in the argument to safe_free or FREE.

Attachment: pgpEKg20wgflu.pgp
Description: PGP signature