lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20160531220515.17294.qmail@ns.sciencehorizons.net>
Date:	31 May 2016 18:05:15 -0400
From:	"George Spelvin" <linux@...encehorizons.net>
To:	andriy.shevchenko@...ux.intel.com, joe@...ches.com,
	linux@...encehorizons.net
Cc:	akpm@...ux-foundation.org, bjorn@...k.no,
	linux-kernel@...r.kernel.org, tytso@....edu
Subject: Re: [PATCH] lib/uuid.c: eliminate uuid_[bl]e_index arrays

> Functions with sized array arguments are generally undesired.
> 
> Linus once wrote: (http://comments.gmane.org/gmane.linux.kernel/2031400)
> 
>     array arguments in C don't
>    actually exist. Sadly, compilers accept it for various bad historical
>    reasons, and silently turn it into just a pointer argument. There are
>    arguments for them, but they are from weak minds.
>
> Perhaps this would be better using simple pointers and without the __
>
> static int __uuid_to_bin(const char *uuid, u8 *b, const u8 *si)

I haven't looked up the full original discussion to see if this is a point
on which I disagree with Linus, but I find it useful for documentation:
this is not just a pointer to "some" bytes, this is a pointer to [LENGTH]
bytes.  It's a reminder to the caller that they'd better pass in a buffer
of the required size.

Obviosuly, it makes no actual difference to the compiler.

C99 actually has a way to say this explicitly to the compiler, but the
syntax is ugly:

static int __uuid_to_bin(const char uuid[static 36], __u8 b[static 16],
	const u8 si[static 16])

(This includes the effect of __attribute__((nonnull)).)

Further discussion at
https://hamberg.no/erlend/posts/2013-02-18-static-array-indices.html
https://stackoverflow.com/questions/3430315/what-is-the-purpose-of-static-keyword-in-array-parameter-of-function-like-char


(FWIW, another two style points which I disagre with Linus about are
that I don't mind "sizeof variable" without parens, and that I don't
mind using a bare "0" for a null pointer.  More substantially, I like
"bool" a lot more than Linus does.)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ