lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <46B2578A.805@s5r6.in-berlin.de>
Date:	Fri, 03 Aug 2007 00:15:38 +0200
From:	Stefan Richter <stefanr@...6.in-berlin.de>
To:	Guennadi Liakhovetski <g.liakhovetski@....de>
CC:	Andi Kleen <andi@...stfloor.org>, linux-kernel@...r.kernel.org
Subject: Re: gcc fixed size char array initialization bug - known?

Guennadi Liakhovetski wrote:
> On Thu, 2 Aug 2007, Andi Kleen wrote:
>> 6.7.8.14 of C99:
>> ``
>> An array of character type may be initialized by a character string literal, optionally
>> enclosed in braces. Successive characters of the character string literal (including the
>> terminating null character if there is room or if the array is of unknown size) initialize the
>> elements of the array.
>> ''
>>
>> Note the "if there is room".
>>
>> I believe the rationale is that it still allows to conveniently initialize 
>> non zero terminated strings.
> 
> Right, I accept that it will compile, but I don't understand why "01234" 
> produces a warning and "0123" doesn't? Don't think C99 says anything about 

How should gcc know whether you actually wanted that char foo[len] to
contain a \0 as last element?

Given the respective command line switches, gcc does warn in some cases
where it is guesswork whether what you typed is what you intended.  For
example

	if (i = j())

is reason for gcc to warn even if that might exactly be what you wanted.
However this construct can easily be annotated as

	if ((i = j()))

to show to gcc and to carbon-based bipedals that you indeed wanted this.

Now there is no nice way to make an annotation that says "look, I'm
going to initialize an array of char with a string literal now, and the
resulting array will contain a non-zero member as last element, and I
mean it".  And since there is no such annotation possible, gcc does not
warn and demand that you annotate the perfectly valid and 100%
spec-compliant construct char a[4] = "1234";.
-- 
Stefan Richter
-=====-=-=== =--- ---==
http://arcgraph.de/sr/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ