On Sun, May 04, 2014 at 12:29:59AM -0700, Philip Guenther wrote: > On Sun, May 4, 2014 at 12:21 AM, patrick keshishian > <sids...@boxsoft.com>wrote: > > > On Sun, May 04, 2014 at 02:38:40AM -0400, Jean-Philippe Ouellet wrote: > > > ... > > > > - if ((irow = (char **)malloc(sizeof(char *) * > > > - (DB_NUMBER + 1))) == NULL) { > > > + irow = reallocarray(NULL, DB_NUMBER + 1, sizeof(char *)); > > > > why not use calloc(2)? > > > > Please justify your belief that the existing code is wrong by lack of > memset/bzero. Please do so for *ALL* the places where you suggested using > calloc() where Jean-Philippe Ouellet's patch suggest reallocarray().
How did you deduce my "belief" to be such? The code was changing malloc(n * size) to reallocarray(). Typical "correction" for this usage has been to convert to calloc(2), "in order to avoid possible integer overflows". Seeing that "reallocarray() appeared in OpenBSD 5.6", I am sure it is an equally fine interface. Any concern over the first strlen() change I pointed out? --patrick > Either: > a) the existing code's lack of memset/bzero is a bug (details?), OR > b) using calloc() instead of reallocarray() is *wrong*. > > > Philip Guenther