Always initialize your variables in C. It prevents a whole class of security and stability bugs. uid_t callerUID = 0; NO NO NO NO NO N—
-
-
Unconventional opinion: unless there's a default value that's semantically correct, variables should never be initalized. Let -W* work.
-
Non-portable (compiler warnings are not standard) and imperfect (compiler doesn’t always know if a variable gets initialized so can’t warn.)
-
Because use of an unintialized variable is UB, your program is then formally misspecified. Modern compilers go nuts when they see UB.
-
I agree that “always init” is reductionist but it is the best available option when constrained by the C standard. BUT.
-
The real root (heh!) of the problem is that uid_t and other security-sensitive types are just typedefs of int rather than non-scalar types.
-
This combined with making root 0 allows for this class of bug. UID 0 should be invalid, forcing a dev to be explicit when they mean root.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.