lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20200124082443.GY14914@hirez.programming.kicks-ass.net>
Date:   Fri, 24 Jan 2020 09:24:43 +0100
From:   Peter Zijlstra <peterz@...radead.org>
To:     Nick Desaulniers <ndesaulniers@...gle.com>
Cc:     Will Deacon <will@...nel.org>, LKML <linux-kernel@...r.kernel.org>,
        linux-arch <linux-arch@...r.kernel.org>,
        kernel-team <kernel-team@...roid.com>,
        Michael Ellerman <mpe@...erman.id.au>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Segher Boessenkool <segher@...nel.crashing.org>,
        Christian Borntraeger <borntraeger@...ibm.com>,
        Luc Van Oostenryck <luc.vanoostenryck@...il.com>,
        Arnd Bergmann <arnd@...db.de>,
        Peter Oberparleiter <oberpar@...ux.ibm.com>,
        Masahiro Yamada <masahiroy@...nel.org>,
        Pablo Neira Ayuso <pablo@...filter.org>,
        Jozsef Kadlecsik <kadlec@...filter.org>,
        Florian Westphal <fw@...len.de>,
        "David S. Miller" <davem@...emloft.net>
Subject: Re: [PATCH v2 02/10] netfilter: Avoid assigning 'const' pointer to
 non-const pointer

On Thu, Jan 23, 2020 at 11:07:59AM -0800, Nick Desaulniers wrote:

> Good thing it's the variable being modified was not declared const; I
> get spooked when I see -Wdiscarded-qualifiers because of Section
> 6.7.3.6 of the ISO C11 draft spec:
> 
> ```
> If an attempt is made to modify an object defined with a
> const-qualified type through use
> of an lvalue with non-const-qualified type, the behavior is undefined.
> If an attempt is
> made to refer to an object defined with a volatile-qualified type
> through use of an lvalue
> with non-volatile-qualified type, the behavior is undefined.133)
> 
> 133) This applies to those objects that behave as if they were defined
> with qualified types, even if they are
> never actually defined as objects in the program (such as an object at
> a memory-mapped input/output
> address).
> ```
> 
> Which is about the modification of a const-declared variable (explicit
> UB which Clang actively exploits), 

Just for curiosity's sake. What does clang actually do in that case?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ