| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 22 Sep 2020 11:10:08 +0200
From: Alejandro Colomar <colomar.6.4.3@...il.com>
To: Ville Voutilainen <ville.voutilainen@...il.com>,
Jonathan Wakely <jwakely@...hat.com>,
Florian Weimer <fweimer@...hat.com>
Cc: gcc@....gnu.org, libstdc++ <libstdc++@....gnu.org>,
Libc-alpha <libc-alpha@...rceware.org>,
libc-coord@...ts.openwall.com, LKML <linux-kernel@...r.kernel.org>
Subject: Re: Expose 'array_length()' macro in <sys/param.h>
[[ CC += LKML ]]
Thanks for all your input. I learned some C++ :)
The following code works for all C and C++ standards:
g++ --std={c++98, c++03, c++11, c++14, c++17, c++20}
gcc --std={c89, c99, c11, c18, c2x}
With `-Wall -Wextra -Werror -pedantic -Wno-vla -Wno-sizeof-pointer-div`.
It doesn't compile when '+ __array_length(p)' is uncommented.
It compiles, and returns the correct value (18).
With some exceptions:
c++ doesn't accept the VLA (w[]):
array_length.c: In function 'int main()':
array_length.c:101:22: error: no matching function for call to
'__array_slength(int [y])'
101 | + __array_slength(w)
| ^
array_length.c:38:1: note: candidate: 'template<class T, long int N>
std::ptrdiff_t __array_slength(const T (&)[N])'
38 | __array_slength(const T(&)[N])
| ^~~~~~~~~~~~~~~
array_length.c:38:1: note: template argument deduction/substitution
failed:
array_length.c:101:22: note: variable-sized array type 'long int' is
not a valid template argument
101 | + __array_slength(w)
| ^
But we can live with limited support for VLAs in C++.
So I needed to comment '+ __array_slength(w)',
and then the program correctly returns 11.
As Ville suggested, I renamed the function/macro to __array_[s]length().
However, (some) BSDs already provide nitems() in <sys/param.h>,
so it probably wouldn't be very drastic to
provide this function/macro with the name '[s]nitems()' there.
Would you like to add anything else before I write the patch?
BTW, I should note one more thing:
Linux has a macro named '__must_be_array()' with the same API,
but slightly different internal implementation,
so they should be aware of this change.
However, I don't think they include <sys/param.h> a lot,
so maybe it doesn't break anything; but they should be aware anyway.
I CC'd the LKML so they are aware and can give any suggestions.
Thanks,
Alex
------------------------------------------------------------------------
#if defined(__cplusplus)
# include <cstddef>
# if __cplusplus >= 201703L
# include <iterator>
# endif
template<typename T, std::size_t N>
# if __cplusplus >= 201103L
constexpr
# endif
inline std::size_t
# if __cplusplus >= 201703L
__array_length(const T(&arr)[N])
# else
__array_length(const T(&)[N])
# endif
# if __cplusplus >= 201103L
noexcept
# endif
{
# if __cplusplus >= 201703L
return std::size(arr);
# else
return N;
# endif
}
template<typename T, std::ptrdiff_t N>
# if __cplusplus >= 201103L
constexpr
# endif
inline std::ptrdiff_t
# if __cplusplus >= 202002L
__array_slength(const T(&arr)[N])
# else
__array_slength(const T(&)[N])
# endif
# if __cplusplus >= 201103L
noexcept
# endif
{
# if __cplusplus >= 202002L
return std::ssize(arr);
# else
return N;
# endif
}
#else /* !defined(__cplusplus) */
#include <stddef.h>
# define __is_same_type(a, b) \
__builtin_types_compatible_p(__typeof__(a), __typeof__(b))
# define __is_array(arr) (!__is_same_type((arr), &(arr)[0]))
# if __STDC_VERSION__ >= 201112L
# define __must_be(e, msg) ( \
0 * (int)sizeof( \
struct { \
_Static_assert((e), msg); \
char ISO_C_forbids_a_struct_with_no_members__; \
} \
) \
)
# else
# define __must_be(e, msg) ( \
0 * (int)sizeof( \
struct { \
int : (-!(e)); \
char ISO_C_forbids_a_struct_with_no_members__; \
} \
) \
)
# endif
# define __must_be_array(arr) __must_be(__is_array(arr), "Must be an
array!")
# define __array_len(arr) (sizeof(arr) / sizeof((arr)[0]))
# define __array_length(arr) (__array_len(arr) + __must_be_array(arr))
# define __array_slength(arr) ((ptrdiff_t)__array_length(arr))
#endif
int main(void)
{
int a[5];
const int x = 6;
int v[x];
int y = 7;
int w[y];
int *p;
(void)p;
(void)v;
(void)w;
return __array_slength(a)
+ __array_slength(v)
+ __array_slength(w)
// + __array_length(p)
;
}
Powered by blists - more mailing lists