lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <aXooSDxHbpewFzgQ@devuan>
Date: Wed, 28 Jan 2026 16:21:03 +0100
From: Alejandro Colomar <alx@...nel.org>
To: Daniel Thompson <daniel@...cstar.com>
Cc: Martin Uecker <uecker@...raz.at>, 
	Christopher Bazley <chris.bazley.wg14@...il.com>, Alex Celeste <alexg.nvfp@...il.com>, 
	Joseph Myers <josmyers@...hat.com>, Aaron Ballman <aaron@...onballman.com>, 
	Douglas McIlroy <douglas.mcilroy@...tmouth.edu>, Bruno Haible <bruno@...sp.org>, Paul Eggert <eggert@...ucla.edu>, 
	Florian Weimer <fweimer@...hat.com>, Jonathan Corbet <corbet@....net>, Kees Cook <kees@...nel.org>, 
	Eric Biggers <ebiggers@...nel.org>, Ard Biesheuvel <ardb@...nel.org>, 
	Daniel Thompson <danielt@...nel.org>, Daniel Lundin <daniel.lundin.mail@...il.com>, 
	"Valentin V. Bartenev" <vbartenev@...il.com>, Andrew Clayton <andrew@...ital-domain.net>, 
	"Brian W. Kernighan" <bwk@...princeton.edu>, "G. Branden Robinson" <branden@...ian.org>, 
	"Basil L. Contovounesios" <basil@...tovou.net>, "Jason A. Donenfeld" <jason@...c4.com>, 
	Linus Torvalds <torvalds@...ux-foundation.org>, onf <onf@...root.org>, Rich Felker <dalias@...c.org>, 
	linux-hardening@...r.kernel.org
Subject: Re: [RFC v3 5/6] alx-0081r2 - array parameters of 0 elements

Hi Daniel,

On 2026-01-28T10:14:23+0000, Daniel Thompson wrote:
> On Mon, Jan 26, 2026 at 01:49:16PM +0100, Alejandro Colomar wrote:
> > Proposed wording
> > 	Based on N3685.
> >
> >     6.7.7.3  Array declarators
> > 	@@ Constraints, p1
> > 	 In addition to optional type qualifiers and the keyword static,
> > 	 the [ and ] can delimit an expression or *.
> > 	 If they delimit an expression,
> > 	 called the array length expression,
> > 	 the expression shall have an integer type.
> > 	 If the expression is a constant expression,
> > 	-it shall have a value greater than zero.
> > 	+it shall have a nonnegative value.
> > 	+An array length expression
> > 	+that is a constant expression with value zero
> > 	+shall appear only in
> > 	+a declaration of a function parameter with an array type,
> > 	+and then only in the outermost array type derivation.
> 
> This change did not have any motivating example within the discussion.
> Providing a motivational example showing why it is useful to allow array
> parameters whose constant length is zero would be good.

Makes sense; I'll add that.

Here's a function that I use in shadow-utils:

	char *
	stpecpy(char dst[], const char end[];
	    char dst[dst?end-dst:0], const char end[0], const char *restrict src)
	{
		ssize_t  dlen;

		if (dst == NULL)
			return NULL;

		dlen = strtcpy(dst, src, end - dst);
		if (dlen == -1)
			return NULL;

		return dst + dlen;
	}

It's essentially the same as Plan9's strecpy(2), except that Plan9's
API has an important bug.

Here's a GCC bug that shows such a use case:
<https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108036>


Have a lovely day!
Alex

> Daniel.

-- 
<https://www.alejandro-colomar.es>

Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ