SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Skip Research Menus

Research Menu

Research Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List Re: [PATCH] Basic policy representation This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] [ Replies ] From: Stephen Smalley <sds_at_tycho.nsa.gov> Date: Tue, 08 May 2007 15:05:31 -0400 On Tue, 2007-05-08 at 14:37 -0400, Joshua Brindle wrote: > Stephen Smalley wrote: > > On Tue, 2007-05-08 at 12:11 -0400, Karl MacMillan wrote: > > > >> On Tue, 2007-05-08 at 11:48 -0400, Joshua Brindle wrote: > >> > > <snip> > > > >>>>>> +int sepol_policy_create(struct sepol_handle h, struct sepol_policy *policy) > >>>>>> +{ > >>>>>> + int ret; > >>>>>> + struct sepol_policy x;* > >>>>>> + > >>>>>> + policy = NULL;* > >>>>>> + x = calloc(1, sizeof(struct sepol_policy)); > >>>>>> > >>>>>> > >>>>>> > >>>>> I am adverse to calloc used on structs, this implicitly initializes the > >>>>> struct and makes it harder to update the initial state. Why not have an > >>>>> explicit initializer? > >>>>> > >>>>> > >>>>> > >>>> I like calloc because you don't have to explicitly set all of the > >>>> members and the code tends (in my experience) to be more reliable in the > >>>> face of change because of this. I don't have a strong opinion though - > >>>> what do others think? > >>>> > >>>> > >>>> > >>> an initializer that does memset would be just as reliable in the face of > >>> change and have the additional advantage of being maintainable when > >>> initial state changes. > >>> > >>> > >> I think I'm missing something - what is the difference between malloc + > >> memset and calloc? And what do you mean by initializer? > >> > > > > I'd say stay with calloc here. > > > > > > Umm, and then when the initial state changes we have to audit every user > of the struct to make sure its initialized correctly instead of just > doing it from the beginning and using an initialization function? This is the initialization (and allocation) function for struct sepol_policy. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Tue 8 May 2007 - 15:05:37 EDT This message: [ Message body ] Next message: Stephen Smalley: "[PATCH -trunk] newrole: enable use of alternate pam configurations for running applications in a different context (Was: Re: launching apps at level (MLS) and polyinstantiation)" Previous message: Joshua Brindle: "Re: [PATCH] Basic policy representation" In reply to: Joshua Brindle: "Re: [PATCH] Basic policy representation" Next in thread: Joshua Brindle: "Re: [PATCH] Basic policy representation" Reply: Joshua Brindle: "Re: [PATCH] Basic policy representation" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom