lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 14 Dec 2020 21:34:19 -0500
From:   Paul Moore <paul@...l-moore.com>
To:     Zheng Yongjun <zhengyongjun3@...wei.com>,
        Richard Guy Briggs <rgb@...hat.com>
Cc:     linux-audit@...hat.com, linux-kernel@...r.kernel.org
Subject: Re: [PATCH -next] kernel/audit: convert comma to semicolon

On Fri, Dec 11, 2020 at 10:33 AM Richard Guy Briggs <rgb@...hat.com> wrote:
> On 2020-12-11 16:42, Zheng Yongjun wrote:
> > Replace a comma between expression statements by a semicolon.
> >
> > Signed-off-by: Zheng Yongjun <zhengyongjun3@...wei.com>
> > ---
> >  kernel/audit.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/kernel/audit.c b/kernel/audit.c
> > index 68cee3bc8cfe..c8497115be35 100644
> > --- a/kernel/audit.c
> > +++ b/kernel/audit.c
> > @@ -2282,7 +2282,7 @@ static void audit_log_set_loginuid(kuid_t koldloginuid, kuid_t kloginuid,
> >
> >       uid = from_kuid(&init_user_ns, task_uid(current));
> >       oldloginuid = from_kuid(&init_user_ns, koldloginuid);
> > -     loginuid = from_kuid(&init_user_ns, kloginuid),
> > +     loginuid = from_kuid(&init_user_ns, kloginuid);
>
> Nice catch.  That went unnoticed through 3 patches, the last two mine...

Yes, thanks for catching this and submitting a patch.  However, as it
came very late in the v5.10-rcX release cycle I'm going to wait until
after this merge window to merge it into audit/next.

> Not quite sure why no compiler complained about it...

Because it is legal; odd, but legal. :)

The comma operator allows multiple expressions to be executed with
only the last expression returned.  Take the example below:

% cat test.c
#include <stdlib.h>
#include <stdio.h>

int main(int argc, char *argv[])
{
       int a, b, c;

       a = (b = 1, c = 2);
       printf("a = %d, b = %d, c = %d\n", a, b, c);

       return 0;
}
% gcc -o test test.c
% ./test
a = 2, b = 1, c = 2

... we see both "b=1" and "c=2" are executed, and the last statement
in the comma separated list of expressions is used as the right-hand
value in the "a" assignment.

In the case of this patch, the existing code is actually okay: both
expressions are executed and we don't assign either expression's value
to a variable so it doesn't matter.  However, it definitely looks odd
and is something we should fix.

-- 
paul moore
www.paul-moore.com

Powered by blists - more mailing lists