| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <305211.72066.qm@web180314.mail.gq1.yahoo.com> Date: Sat, 6 Nov 2010 12:07:57 -0700 (PDT) From: David Brownell <david-b@...bell.net> To: Alan Stern <stern@...land.harvard.edu> Cc: Vasiliy Kulikov <segooon@...il.com>, kernel-janitors@...r.kernel.org, Greg Kroah-Hartman <gregkh@...e.de>, Oliver Neukum <oliver@...kum.org>, Andi Kleen <ak@...ux.intel.com>, Chris Frey <cdfrey@...rsquare.net>, linux-usb@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] usb: core: fix information leak to userland --- On Sat, 11/6/10, Alan Stern <stern@...land.harvard.edu> wrote: > > > > Unfortunately I don't have a copy of the C standard here to > consult. > However... Although I'm perfectly willing to believe > that the standard > requires fields in a structure to be initialized to 0 if > they > aren't mentioned explicitly in the initializer, I'm > considerably more > doubtful that it also requires padding to be initialized! ISTR initialization-to-zero is the standard behavior defined for all _memory_ that gets initialized ... not just named fields ... whether the init is "static", "bss", or not. > > And I certainly wouldn't want to depend on compilers > _always_ using > memset to do this initialization. Of course not; just rely on init-to-zero, and let the compiler worry about efficiency. In some cases memset(); in others, the result might be as if memset were inlined, so only a few "write a zero at this address" type instructions would be needed. > > > There's certainly a fair amount of code I've seen > > that uses runtime initializers like that, to zero > > memory. I can't believe i's _all_ broken! > ;) > > Zeroing memory that belongs to a declared field is > different from > zeroing padding bytes. Maybe what you remember seeing > is the first and > not the second. I remember seeing both, and at one point looking at the issue to verify that padding was treated uniformly (like other memory). Also, writing code that relied on zero-initted padding. - Dave -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists