lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 03 Aug 2007 12:57:23 +0800
From:	Carlo Florendo <subscribermail@...il.com>
To:	Guennadi Liakhovetski <g.liakhovetski@....de>
Cc:	Robert Hancock <hancockr@...w.ca>,
	Stefan Richter <stefanr@...6.in-berlin.de>,
	Andi Kleen <andi@...stfloor.org>, linux-kernel@...r.kernel.org
Subject: Re: gcc fixed size char array initialization bug - known?

Guennadi Liakhovetski wrote:
> On Thu, 2 Aug 2007, Robert Hancock wrote:
> 
>> Because 5 characters will not fit in a 4 character array, even without the
>> null terminator.
> 
> On Fri, 3 Aug 2007, Stefan Richter wrote:
> 
>> How should gcc know whether you actually wanted that char foo[len] to
>> contain a \0 as last element?
> 
> Robert, Stefan, I am sorry, I think, you are VERY wrong here. There is no 
> "even" and no guessing. The "string" DOES include a terminating '\0'. It 
> is EQUIVALENT to {'s', 't', 'r', 'i', 'n', 'g', '\0'}. And it contains 
> SEVEN characters. Please, re-read your K&R. Specifically, the Section 
> "Initialization" in the "Function and Program Structure" chapter (section 
> 4.9 in my copy), the paragraph about initialization with a string, which I 
> quoted in an earlier email.

Guennadi,

The declaration

char c[4] = "abcd";

is perfectly valid.

If other versions of gcc give warnings with that declaration, then those 
warnings may be useful but it does not mean to say that other versions of 
gcc follow the standards or not.

K&R is good as a reference but not as an authority.  They drafted the book 
as an informal specification of C.  C has evolved throughout the decades.

The current standard is C99. And as quoted earlier in this thread, 
character array initializations are described as:

6.7.8.14 of C99:
An array of character type may be initialized by a character string 
literal, optionally enclosed in braces. Successive characters of the 
character string literal (including the terminating null character if there 
is room or if the array is of unknown size) initialize the elements of the 
array.

The gcc warning you see on other versions is a warning that does not have 
anything to do with the current C standard. The other versions of gcc that 
do not emit such character initialization warnings do not mean that they 
are buggy in that respect.

IOW, the fact that you did not see the warning  in a certain gcc version 
does not mean that it is buggy in that respect.

Thank you very much.

Best Regards,

Carlo

-- 
Carlo Florendo
Softare Engineer/Network Co-Administrator
Astra Philippines Inc.
UP-Ayala Technopark, UP Campus Diliman
1101 Quezon City, Philippines
http://www.astra.ph

--
The Astra Group of Companies
5-3-11 Sekido, Tama City
Tokyo 206-0011, Japan
http://www.astra.co.jp
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ