lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 13 Apr 2012 23:46:56 +0200
From:	Lubos Lunak <l.lunak@...e.cz>
To:	Linus Torvalds <torvalds@...ux-foundation.org>
Cc:	Andrew Morton <akpm@...ux-foundation.org>,
	linux-kernel@...r.kernel.org, Arnd Bergmann <arnd@...db.de>
Subject: Re: [PATCH][RESEND] do not redefine userspace's NULL #define

On Friday 13 of April 2012, Linus Torvalds wrote:
> On Fri, Apr 13, 2012 at 12:24 PM, Lubos Lunak <l.lunak@...e.cz> wrote:
> > GCC's NULL is actually __null, which allows detecting some questionable
> > NULL usage and warn about it. Moreover each platform/compiler should have
> > its own stddef.h anyway (which is different from linux/stddef.h).
> > So there's no good reason to override what the compiler provides.
> > Keep the #define conditionally, in order to keep the headers
> > self-contained.
>
> There's no way user should ever include the linux internal stddef.h.

 If that were the case, one of the earlier versions of the patch would have 
been correct then, but as Arnd has pointed out, user applications do include 
the header. It's even as simple as:

#include <signal.h>

( -> bits/sigcontext.h -> asm/sigcontext.h -> linux/types.h -> 
linux/posix_types.h -> linux/stddef.h ).

> And quite frankly, kernel-external definitions of NULL have
> traditionally been pure sh*t (ie plain "0" without the cast to a
> pointer), so I'm not entirely convinced about this patch.

 Quite frankly, I do not care what happens with it in kernel builds. I just 
don't want the suboptimal definition to leak to userspace. If you instead 
make sure linux/stddef.h is never used by userspace, that's fine with me.

> So what is the *actual* thing this helps with?

 Random example:

/home/tinderbox/clang-master-build/vcl/unx/gtk/fpicker/SalGtkFilePicker.cxx:216:66: 
warning: missing sentinel in function call [-Wsentinel]
            GTK_CELL_LAYOUT (m_pLists[i]), pCell, "text", 0, NULL);
                                                                 ^
                                                                 , NULL

 I used the Clang compiler for the more detailed error output (and the in this 
context somewhat amusing fix-it hint), but it's of course the same with GCC.

 And from 'man gcc' (4.6):

       -Wstrict-null-sentinel (C++ and Objective-C++ only)
           Warn also about the use of an uncasted "NULL" as sentinel.  When 
compiling only with GCC this is a valid sentinel, as "NULL" is defined 
to "__null".  Although it is a null pointer constant not a null pointer, it 
is guaranteed to be of the same size as a pointer.  But this use is not 
portable across different compilers.

-- 
 Lubos Lunak
 l.lunak@...e.cz
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ