[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.LFD.0.999.0707171954230.27353@woody.linux-foundation.org>
Date: Tue, 17 Jul 2007 19:56:55 -0700 (PDT)
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Roland Dreier <rdreier@...co.com>
cc: Jeff Garzik <jeff@...zik.org>, akpm@...ux-foundation.org,
linux-kernel@...r.kernel.org, linux-ide@...r.kernel.org,
chas@....nrl.navy.mil, rolandd@...co.com, dwmw2@...radead.org,
gregkh@...e.de
Subject: Re: [git patches 1/2] warnings: attack valid cases spotted by
warnings
On Tue, 17 Jul 2007, Roland Dreier wrote:
>
> So setting a variable to something meaningless (guaranteeing that a
> garbage value is used in case of a bug) just to shut up a warning makes
> no sense -- it's no safer than leaving the code as is.
Wrong.
It's safer for two reasons:
- now everybody will see the *same* behaviour
- the "meaningless value" is guaranteed to not be a security leak
but the whole "shut up bogus warnings" is the best reason.
So it *is* safer than leaving the code as-is.
Of course, usually the best approach is to rewrite the code to be simpler,
so that even gcc sees that something is obviously initialized. Sadly,
people seldom do the right thing, and sometimes gcc just blows incredibly
hard.
Linus
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists