lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <fdc46489-4266-48e3-99cc-ddb23b64f02e@kadam.mountain> Date: Mon, 2 Oct 2023 10:06:54 +0300 From: Dan Carpenter <dan.carpenter@...aro.org> To: "Gustavo A. R. Silva" <gustavo@...eddedor.com> Cc: Christophe JAILLET <christophe.jaillet@...adoo.fr>, Kent Overstreet <kent.overstreet@...ux.dev>, Brian Foster <bfoster@...hat.com>, Kees Cook <keescook@...omium.org>, "Gustavo A. R. Silva" <gustavoars@...nel.org>, Nathan Chancellor <nathan@...nel.org>, Nick Desaulniers <ndesaulniers@...gle.com>, Tom Rix <trix@...hat.com>, linux-kernel@...r.kernel.org, kernel-janitors@...r.kernel.org, linux-bcachefs@...r.kernel.org, linux-hardening@...r.kernel.org, llvm@...ts.linux.dev Subject: Re: [PATCH] bcachefs: Use struct_size() On Mon, Oct 02, 2023 at 09:42:06AM +0300, Dan Carpenter wrote: > On Sun, Oct 01, 2023 at 09:23:17AM +0200, Gustavo A. R. Silva wrote: > > > > > > On 10/1/23 09:13, Christophe JAILLET wrote: > > > Use struct_size() instead of hand writing it. > > > This is less verbose and more robust. > > > > > > While at it, prepare for the coming implementation by GCC and Clang of the > > > __counted_by attribute. Flexible array members annotated with __counted_by > > > can have their accesses bounds-checked at run-time checking via > > > CONFIG_UBSAN_BOUNDS (for array indexing) and CONFIG_FORTIFY_SOURCE (for > > > strcpy/memcpy-family functions). > > > > I would prefer this as two separate patches. > > > > I kind of feel like it's all part of one thing. It's easier to review > as one patch. Also I think there is static analysis which sees struct_size() allocations and pushes people to use __counted_by() so doing it in two steps is sort of like introducing a static checker bug and then silencing it in the next patch. regards, dan carpenter
Powered by blists - more mailing lists