lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZTrJ/5Jrzz5D62hh@smile.fi.intel.com> Date: Thu, 26 Oct 2023 23:20:15 +0300 From: Andy Shevchenko <andriy.shevchenko@...ux.intel.com> To: Kees Cook <keescook@...omium.org> Cc: Steven Rostedt <rostedt@...dmis.org>, "Matthew Wilcox (Oracle)" <willy@...radead.org>, Christoph Hellwig <hch@....de>, Justin Stitt <justinstitt@...gle.com>, Kent Overstreet <kent.overstreet@...ux.dev>, Petr Mladek <pmladek@...e.com>, Rasmus Villemoes <linux@...musvillemoes.dk>, Sergey Senozhatsky <senozhatsky@...omium.org>, Masami Hiramatsu <mhiramat@...nel.org>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Arnd Bergmann <arnd@...db.de>, Jonathan Corbet <corbet@....net>, Yun Zhou <yun.zhou@...driver.com>, Jacob Keller <jacob.e.keller@...el.com>, Zhen Lei <thunder.leizhen@...wei.com>, linux-trace-kernel@...r.kernel.org, Yosry Ahmed <yosryahmed@...gle.com>, linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org Subject: Re: [PATCH v2] seq_buf: Introduce DECLARE_SEQ_BUF and seq_buf_str() On Thu, Oct 26, 2023 at 12:40:37PM -0700, Kees Cook wrote: > Solve two ergonomic issues with struct seq_buf; > > 1) Too much boilerplate is required to initialize: > > struct seq_buf s; > char buf[32]; > > seq_buf_init(s, buf, sizeof(buf)); > > Instead, we can build this directly on the stack. Provide > DECLARE_SEQ_BUF() macro to do this: > > DECLARE_SEQ_BUF(s, 32); > > 2) %NUL termination is fragile and requires 2 steps to get a valid > C String (and is a layering violation exposing the "internals" of > seq_buf): > > seq_buf_terminate(s); > do_something(s->buffer); > > Instead, we can just return s->buffer direction after terminating it > in refactored seq_buf_terminate(), now known as seq_buf_str(): > > do_soemthing(seq_buf_str(s)); ... > +#define DECLARE_SEQ_BUF(NAME, SIZE) \ > + char __ ## NAME ## _buffer[SIZE] = ""; \ > + struct seq_buf NAME = { .buffer = &__ ## NAME ## _buffer, \ > + .size = SIZE } Hmm... Wouldn't be more readable to have it as #define DECLARE_SEQ_BUF(NAME, SIZE) \ char __ ## NAME ## _buffer[SIZE] = ""; \ struct seq_buf NAME = { \ .buffer = &__ ## NAME ## _buffer, \ .size = SIZE, \ } ? ... > +static inline char *seq_buf_str(struct seq_buf *s) > { > if (WARN_ON(s->size == 0)) > - return; > + return ""; I'm wondering why it's a problem to have an empty string? > if (seq_buf_buffer_left(s)) > s->buffer[s->len] = 0; > else > s->buffer[s->size - 1] = 0; > + > + return s->buffer; > } -- With Best Regards, Andy Shevchenko
Powered by blists - more mailing lists