lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <200611282258.kASMwW2f025365@turing-police.cc.vt.edu>
Date:	Tue, 28 Nov 2006 17:58:32 -0500
From:	Valdis.Kletnieks@...edu
To:	Jesper Juhl <jesper.juhl@...il.com>
Cc:	linux-kernel@...r.kernel.org, Linus Torvalds <torvalds@...l.org>,
	Andrew Morton <akpm@...l.org>, trivial@...nel.org
Subject: Friends dont let friends use GCC -W (was Re: [PATCH] Don't compare unsigned

On Tue, 28 Nov 2006 23:17:13 +0100, Jesper Juhl said:
> In kernel/sys.c::sys_prctl() the argument named 'arg2' is very clearly
> of type 'unsigned long', and when compiling with "gcc -W" gcc also warns :
>   kernel/sys.c:2089: warning: comparison of unsigned expression < 0 is always false
>
> So this patch removes the test of "arg2 < 0".

For those playing along at home - often the bug (not here though) is it should
have been a *signed* long, because arg2 could be passed from some other
function that returns negative numbers on error?  Remember that papering over
a bug is a bad idea...

On Tue, 28 Nov 2006 14:27:51 PST, Linus Torvalds said:
> The fact is, if it's unsigned, it's not something that the programmer 
> should have to care about. We should write our code to be readable and 
> obviously safe, and that means that

Unfortunately, it's *easy* for GCC to determine that Something Odd has
happened. Either the variable was made unsigned in error, or the test is in
error. However, there's no real way for the compiler to know which was
intended.  And let's face it - we've had enough of our share of bugs *both*
ways, which is why GCC emits a warning.



Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ