lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <c65be7a615f5cfa300289a6f251d97286c8d81e9.camel@perches.com>
Date:   Fri, 26 May 2023 18:38:27 -0700
From:   Joe Perches <joe@...ches.com>
To:     Kees Cook <keescook@...omium.org>,
        Andy Whitcroft <apw@...onical.com>
Cc:     Dwaipayan Ray <dwaipayanray1@...il.com>,
        Lukas Bulwahn <lukas.bulwahn@...il.com>,
        "Gustavo A . R . Silva" <gustavoars@...nel.org>,
        linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Re: [PATCH v2] checkpatch: Warn about 0-length and 1-element arrays

On Fri, 2023-05-26 at 10:39 -0700, Kees Cook wrote:
> Fake flexible arrays have been deprecated since last millennium. Proper
> C99 flexible arrays must be used throughout the kernel so
> CONFIG_FORTIFY_SOURCE and CONFIG_UBSAN_BOUNDS can provide proper array
> bounds checking.
[]
> diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
> []
> @@ -7430,6 +7430,21 @@ sub process {
>  			}
>  		}
>  
> +# check for array definition/declarations that should use flexible arrays instead
> +		if ($sline =~ /^[\+ ]\s*}\s*;\s*$/ &&
> +		    $prevline =~ /^\+\s*(?:(?:struct|union|enum)\s+$Ident|\}|$Type)\s*$Ident\s*\[\s*(0|1)\s*\]\s*;\s*$/) {

I think this is overly complicated and not necessary

		    $prevline =~ /^\+\s*$Type\s*$Ident\s*\[\s*(0|1)\s*\]\s*;\s*$/) {

should work no?

($Type already includes this from @typeList):
	qr{struct\s+$Ident},
	qr{union\s+$Ident},
	qr{enum\s+$Ident},

> +			if ($1 == '0') {
> +				if (WARN("ZERO_LENGTH_ARRAY",
> +					 "Use C99 flexible arrays instead of zero-length arrays - see https://github.com/KSPP/linux/issues/78\n" . $hereprev) &&
> +				    $fix) {
> +					$fixed[$fixlinenr - 1] =~ s/\[0\]/[]/g;

And this $fix doesn't work if the line is struct foo bar[ 0 ];
and the use of /g is odd.

Because the message is a WARN and not an ERR, please use
"Prefer/over" and not "Use/instead of"

					$fixed[$fixlinenr - 1] =~ s/\[\s*0\s*\]/[]/;
> +				}
> +			} else {
> +				WARN("ONE_ELEMENT_ARRAY",
> +				     "Use C99 flexible arrays instead of one-element arrays - see https://github.com/KSPP/linux/issues/79\n" . $hereprev);
> +			}

And this could have a $fix change too

				if (WARN("ONE_ELEMENT_ARRAY",
					 ...) &&
				    $fix) {
					$fixed[$fixlinenr - 1] =~ s/\[\s*1\s*\]/[]/;
> +		}
> +
>  # nested likely/unlikely calls
>  		if ($line =~ /\b(?:(?:un)?likely)\s*\(\s*!?\s*(IS_ERR(?:_OR_NULL|_VALUE)?|WARN)/) {
>  			WARN("LIKELY_MISUSE",

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ