lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20080118094826.GN25527@unthought.net>
Date:	Fri, 18 Jan 2008 10:48:26 +0100
From:	Jakob Oestergaard <jakob@...hought.net>
To:	Linus Torvalds <torvalds@...ux-foundation.org>
Cc:	David Schwartz <davids@...master.com>,
	Johannes Weiner <hannes@...urebad.de>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	clameter@....com, penberg@...helsinki.fi
Subject: Re: Why is the kfree() argument const?

On Thu, Jan 17, 2008 at 01:25:39PM -0800, Linus Torvalds wrote:
...
> Why do you make that mistake, when it is PROVABLY NOT TRUE!
> 
> Try this trivial program:
> 
> 	int main(int argc, char **argv)
> 	{
> 	        int i;
> 	        const int *c;
> 	
> 	        i = 5;
> 	        c = &i;
> 	        i = 10;
> 	        return *c;
> 	}
> 
> and realize that according to the C rules, if it returns anything but 10, 
> the compiler is *buggy*.

That's not how this works (as we obviously agree).

Please consider a rewrite of your example, demonstrating the usefulness and
proper application of const pointers:

extern foo(const int *);

int main(int argc, char **argv)
{
 int i;

 i = 5;
 foo(&i);
 return i;
}

Now, if the program returns anything else than 5, it means someone cast away
const, which is generally considered a bad idea in most other software
projects, for this very reason.

*That* is the purpose of const pointers.

Besides, for most debugging-enabled free() implementations, free() does indeed
touch the memory pointed to by its argument, which makes giving it a const
pointer completely bogus except for a single potential optimized special-case
where it might actually not touch the memory.

-- 

 / jakob

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ