| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 04 Jul 2014 09:57:20 -0700
From: Joe Perches <joe@...ches.com>
To: Dan Carpenter <dan.carpenter@...cle.com>
Cc: Stephan Mueller <smueller@...onox.de>,
Stephen Rothwell <sfr@...b.auug.org.au>,
Herbert Xu <herbert@...dor.apana.org.au>,
kbuild test robot <fengguang.wu@...el.com>, kbuild@...org,
linux-crypto@...r.kernel.org, Randy Dunlap <rdunlap@...radead.org>,
linux-next@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 3/4] DRBG: Fix format string for debugging statements
On Fri, 2014-07-04 at 14:21 +0300, Dan Carpenter wrote:
> On Sat, Jun 28, 2014 at 08:53:19PM -0700, Joe Perches wrote:
> > On Sun, 2014-06-29 at 05:46 +0200, Stephan Mueller wrote:
> > > Am Sonntag, 29. Juni 2014, 12:24:02 schrieb Stephen Rothwell:
> > >
> > > Hi Stephen,
> > >
> > > > Hi Stephan,
> > > >
> > > > On Sat, 28 Jun 2014 22:01:46 +0200 Stephan Mueller <smueller@...onox.de>
> > > wrote:
> > > > > @@ -1987,8 +1987,9 @@ static int __init drbg_init(void)
> > > > >
> > > > > if (ARRAY_SIZE(drbg_cores) * 2 > ARRAY_SIZE(drbg_algs)) {
> > > > >
> > > > > pr_info("DRBG: Cannot register all DRBG types"
> > > > >
> > > > > - "(slots needed: %lu, slots available: %lu)\n",
> > > > > - ARRAY_SIZE(drbg_cores) * 2, ARRAY_SIZE(drbg_algs));
> > > > > + "(slots needed: %u, slots available: %u)\n",
> > > > > + (unsigned int)ARRAY_SIZE(drbg_cores) * 2,
> > > > > + (unsigned int)ARRAY_SIZE(drbg_algs));
> > > >
> > > > Doesn't ARRAY_SIZE() always return a size_t? In which case surely we
> > > > need no casts, but need to us %zu in the format string.
> > >
> > > Unfortunately not at all. On my x86_64, I get the compiler warning that
> > > ARRAY_SIZE is a long unsigned int without the cast.
It doesn't seem to for 4.8.
Is there some specific gcc version where this occurs?
> > diff --git a/include/linux/kernel.h b/include/linux/kernel.h
[]
> > -#define ARRAY_SIZE(arr) (sizeof(arr) / sizeof((arr)[0]) + __must_be_array(arr))
> > +#define ARRAY_SIZE(arr) \
> > + (sizeof(arr) / sizeof((arr)[0]) + (size_t)__must_be_array(arr))
>
>
> This change is a no-op isn't it?
Yes, it is. Dumb idea.
Assuming there's some odd promotion, size_t should have been around the
whole thing
#define ARRAY_SIZE(arr) \
((size_t)((sizeof(arr) / sizeof((arr)[0]) + __must_be_array(arr)))
> I think Stephen Rothwell's suggestion
> is correct. In linux-next this was changed to %lu which also works...
>
> Are there arches %zu and %lu are different?
I get the same output types and error warnings compiling this
either -m32 or -m64
#include <stdio.h>
#include <stdlib.h>
#define typecheck(type, x) \
({ \
type __dummy; \
typeof(x) __dummy2; \
(void)(&__dummy == &__dummy2); \
1; \
})
#define BUILD_BUG_ON_ZERO(e) (sizeof(struct { int:-!!(e); }))
#define __same_type(a, b) __builtin_types_compatible_p(typeof(a), typeof(b))
#define __must_be_array(a) BUILD_BUG_ON_ZERO(__same_type((a), &(a)[0]))
#define ARRAY_SIZE(arr) (sizeof(arr) / sizeof((arr)[0]) + __must_be_array(arr))
int main(int argc, char **argv)
{
char foo[100];
size_t array = sizeof(foo);
typeof (ARRAY_SIZE(foo)) member = ARRAY_SIZE(foo);
int member1 = ARRAY_SIZE(foo);
size_t member2 = ARRAY_SIZE(foo);
typecheck(size_t, member);
typecheck(int, member);
typecheck(size_t, member1);
typecheck(int, member1);
typecheck(size_t, member2);
typecheck(int, member2);
printf("array: %zu, member: %zu\n", array, (int)member);
return 0;
}
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists