Hi, * Brendan Cully [06-05-02 15:32:03 -0700] wrote:
sorry, that was dumb. I thought for a moment that eg char** automatically downcast to void** like char* does for void*.
IIRC there was some mailing list discussion leading up to the move making safe_free() taking only void*. But I don't have a pointer to it. Maybe Thomas or someone else knows.
You're probably right, it might be better to have check_sec look out for & in the argument to safe_free or FREE.
That's what I think, too. A big fat warning still might be a good idea anyway since it's pretty dangerous.
The reality is that many people use more or less heavily patched versions of mutt. And with the check_sec.sh I found some improper uses of FREE() without ampersand in patches that are said to run stable.
As some people may have switched to FREE() and other still use safe_free() I'm not really sure on how to proceed, i.e. remove FREE() or not.
While we're discussing the memory wrapper function: how about making the preprocessor add __FILE__ and __LINE__ to calls of safe_malloc() et. al so we get the exact location of a problem? It's not really helpful if a user writes a bug report that mutt exits with only 'Integer overflow' detected...
bye, Rocco -- :wq!