[Png-mng-security] potentially serious memory handling error in libpng

Bob Friesenhahn bfriesen at simple.dallas.tx.us
Thu Feb 5 17:46:05 UTC 2009


On Thu, 5 Feb 2009, glennrp at comcast.net wrote:
>
> Googling for "memset null pointer" turns up a lot of flame wars and pretty much
> agreement that the NULL pointer does not have to be all zeroes. However, no
> one seems to be able to provide an example. Therefore in the above I would
> leave PNG_MEMSET_POINTERS_IS_UNSAFE undefined by default.

Don't the C and C++ specifications specify the value for NULL?  I have 
only seen mention of "0" or "(void *) 0".

My own software (and most other software) would fail to work if NULL 
was not also zero and I have never seen such a failure.

Bob
======================================
Bob Friesenhahn
bfriesen at simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer,    http://www.GraphicsMagick.org/




More information about the png-mng-security-archive mailing list