| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20210607104338.GS1955@kadam>
Date: Mon, 7 Jun 2021 13:43:38 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: Wenli Looi <wlooi@...lgary.ca>, linux-staging@...ts.linux.dev,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] staging: rtl8723bs: Fix uninitialized variable
On Mon, Jun 07, 2021 at 11:23:22AM +0200, Greg Kroah-Hartman wrote:
> On Mon, Jun 07, 2021 at 11:33:17AM +0300, Dan Carpenter wrote:
> > Greg asked about struct holes and the answer is "= {}" will zero out
> > struct holes but it's not important in this case. The "= {}" is a GCC
> > extension for zeroing structs and it's not part of the C standard.
> > The struct has a kernel pointer in it so we had better not be shairing
> > it to user space.
>
> I thought we proved that "= {}" will _NOT_ zero out holes in structures.
> Or did we really prove that? I can't remember now, do you?
>
Assigning a struct to a struct will not initialize the struct holes.
struct foo foo = *p;
We worried about = {} and people looked at the C standard. The
standard is not clear. But then people said that = {} is a GCC
extension and will initialize the struct holes.
The other thing is that in GCC they had intended "= {0};" to work
exactly the same as "= {};" and initialize the holes but there was a
version which had a bug and didn't. :P
regards,
dan carpenter
Powered by blists - more mailing lists