Avoid casting malloc to char* explicitly

nuvious / pam-duress

A Pluggable Authentication Module (PAM) which allows the establishment of alternate passwords that can be used to perform actions to clear sensitive data, notify IT/Security staff, close off sensitive network connections, etc if a user is coerced into giving a threat actor a password.

GNU Lesser General Public License v3.0

1.33k stars 39 forks source link

Avoid casting malloc to char* explicitly #18

Closed Vality closed 3 years ago

Vality commented 3 years ago

General comment on this codebase as a whole as requested.

In many instances this code uses the construct

char * foo = (char *) malloc(x);

In this case the cast is not required as void* is implicitly promotable, and casting explicitly can create some subtle bugs if done wrongly. Instead the code should probably remove the cast such as:

char * foo = malloc(x);

nuvious commented 3 years ago

Addressed in PR #12 but forgot to link it before merge.

https://github.com/nuvious/pam-duress/commit/11e4941f15188e0528424318fc62f160d0baf3f6#diff-e09f7ecc98829b9d5785ffeb3ee146bbd042519f48ca8cd724212784cf73ab4d