Oct. 8, 2014
11:24 a.m.
On 10/08/2014 06:20 AM, Christos Zoulas wrote:
I prefer not to return random bits from the heap to the user.
On my platform a timezone_t struct has 25488 bytes, and clearing them all would take a bit of time. Since the user can look at the heap anyway, clearing the bits wouldn't add security.
There were other NetBSD changes that were not carried forward, and perhaps they should
Thanks, the attached proposed patch should address those issues. I've left the issue of documenting return and errno values for another day.