README.Coding: initialize pointers

[nivanova/samba-autobuild/.git] / README.Coding

diff --git a/README.Coding b/README.Coding
index 52dca49bede76e0e884d77a32c0055e47170f68c..9073b77118af0ae06f6621128f6012c0912d8241 100644 (file)
--- a/README.Coding
+++ b/README.Coding
@@ -320,6 +320,39 @@ Samba tries to avoid "typedef struct { .. } x_t;" so we do always try to use
 "struct x { .. };". We know there are still such typedefs in the code,
 but for new code, please don't do that anymore.
 
+Initialize pointers
+-------------------
+
+All pointer variables MUST be initialized to NULL. History has
+demonstrated that uninitialized pointer variables have lead to various
+bugs and security issues.
+
+Pointers MUST be initialized even if the assignment directly follows
+the declaration, like pointer2 in the example below, because the
+instructions sequence may change over time.
+
+Good Example:
+
+       char *pointer1 = NULL;
+       char *pointer2 = NULL;
+
+       pointer2 = some_func2();
+
+       ...
+
+       pointer1 = some_func1();
+
+Bad Example:
+
+       char *pointer1;
+       char *pointer2;
+
+       pointer2 = some_func2();
+
+       ...
+
+       pointer1 = some_func1();
+
 Make use of helper variables
 ----------------------------
 
@@ -329,7 +362,7 @@ it's also easier to use the "step" command within gdb.
 
 Good Example:
 
-       char *name;
+       char *name = NULL;
 
        name = get_some_name();
        if (name == NULL) {