| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <nycvar.YFH.7.76.1810021622320.11696@n3.vanv.qr>
Date: Tue, 2 Oct 2018 16:52:56 +0200 (CEST)
From: Jan Engelhardt <jengelh@...i.de>
To: David Howells <dhowells@...hat.com>
cc: linux-api@...r.kernel.org, linux-kbuild@...r.kernel.org,
Coly Li <colyli@...e.de>,
Kent Overstreet <kent.overstreet@...il.com>,
linux-bcache@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 04/11] UAPI: bcache: Fix use of embedded flexible array
On Wed, 05 Sep 2018 16:55:03 +0100, David Howells wrote:
>
>The bkey struct defined by bcache is embedded in the jset struct. However,
>this is illegal in C++ as there's a "flexible array" at the end of the struct.
>Change this to be a 0-length struct instead.
>
>- __u64 ptr[];
>+ __u64 ptr[0];
As per the C++ standard, it is _also_ illegal to declare an array of size zero.
"""it [the array size expression] shall be a converted constant expression of
type std::size_t and its value shall be greater than zero."""
—http://eel.is/c++draft/dcl.array
That makes both "__u64 ptr[]" and "__u64 ptr[0]" *implementation-specific
extensions*.
3rd party tooling (concerns both C and C++):
Coverity Scan (IIRC) treats "__u64 ptr[0]" as an array of "definitely-zero"
size. Writing to any element will outright flag an out-of-bounds violation.
That is sensible, since only "ptr[]" was standardized.
Conclusion:
So please, do never use __u64 ptr[0].
Powered by blists - more mailing lists