README.Coding: initialize pointers

Pointers must be initialized to NULL.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

1 files changed, 34 insertions, 1 deletions

diff --git a/README.Coding b/README.Coding
index 52dca49bede..9073b77118a 100644
--- a/README.Coding
+++ b/README.Coding
@@ -320,6 +320,39 @@ Samba tries to avoid "typedef struct { .. } x_t;" so we do always try to use
 "struct x { .. };". We know there are still such typedefs in the code,
 but for new code, please don't do that anymore.
 
+Initialize pointers
+-------------------
+
+All pointer variables MUST be initialized to NULL. History has
+demonstrated that uninitialized pointer variables have lead to various
+bugs and security issues.
+
+Pointers MUST be initialized even if the assignment directly follows
+the declaration, like pointer2 in the example below, because the
+instructions sequence may change over time.
+
+Good Example:
+
+	char *pointer1 = NULL;
+	char *pointer2 = NULL;
+
+	pointer2 = some_func2();
+
+	...
+
+	pointer1 = some_func1();
+
+Bad Example:
+
+	char *pointer1;
+	char *pointer2;
+
+	pointer2 = some_func2();
+
+	...
+
+	pointer1 = some_func1();
+
 Make use of helper variables
 ----------------------------
 
@@ -329,7 +362,7 @@ it's also easier to use the "step" command within gdb.
 
 Good Example:
 
-	char *name;
+	char *name = NULL;
 
 	name = get_some_name();
 	if (name == NULL) {