[libvirt] [PATCH 0/6] sVirt AppArmor security driver

[Chris Lalancette]

Jamie Strandboge wrote:
> I don't see that 'syntax-check' enforces not using *alloc, but I did
> read in HACKING that *alloc are deprecated, though I had already written
> the code before reading it. I do see other examples of *alloc in the
> codebase, and I do properly check the return code of all calls to *alloc.
> If you insist on those calls being replaced, I can do that, but I didn't
> before submitting because I knew the current calls were correct and
> didn't want to introduce bugs into the code.

Yeah, make syntax-check doesn't do a check for the malloc/calloc/realloc in the
code base, but it probably should.  Actually, given the number of allocations
that libvirt actually does, there are surprisingly few uses of
malloc/calloc/realloc left, and we've been converting them as we come across
them.  It probably just needs a bit more concerted effort to finish the job.

For that reason, my preference would be to not introduce new ones into the code.
 Once your patches go in, they'll be modified over time anyway, so changing them
up-front shouldn't invalidate all of the testing.  They will obviously need to
be re-tested to make sure subtle issues didn't creep in, but it should be a
fairly mechanical change.

-- 
Chris Lalancette