lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 2 Sep 2022 22:12:25 -0700
From:   Kees Cook <>
To:     "Gustavo A. R. Silva" <>
Cc:     Mark Fasheh <>, Joel Becker <>,
        Joseph Qi <>,,,
Subject: Re: [PATCH][next] ocfs2: Replace zero-length arrays with

On Sat, Sep 03, 2022 at 12:59:36AM +0100, Gustavo A. R. Silva wrote:
> Zero-length arrays are deprecated and we are moving towards adopting
> C99 flexible-array members, instead. So, replace zero-length array
> declarations in a couple of structures and unions with the new
> DECLARE_FLEX_ARRAY() helper macro.
> This helper allows for a flexible-array member in a union and as
> only member in a structure.
> Also, this addresses multiple warnings reported when building with
> Clang-15 and -Wzero-length-array.
> Lastly, this will also help memcpy (in a coming hardening update)
> execute proper bounds-checking on variable length object i_symlink
> at fs/ocfs2/namei.c:1973:
> fs/ocfs2/namei.c:
> 1973                 memcpy((char *) fe->id2.i_symlink, symname, l);
> Link:
> Link:
> Link:
> Link:
> Signed-off-by: Gustavo A. R. Silva <>

Reviewed-by: Kees Cook <>

Kees Cook

Powered by blists - more mailing lists