lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 19 Nov 2022 20:08:10 +0530
From:   Deepak R Varma <drv@...lo.com>
To:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:     linux-staging@...ts.linux.dev, linux-kernel@...r.kernel.org,
        gustavoars@...nel.org
Subject: Re: [PATCH] staging: wlan-ng: Replace zero-length arrays with
 DECLARE_FLEX_ARRAY() helper

On Thu, Nov 17, 2022 at 07:03:21PM +0100, Greg Kroah-Hartman wrote:
> On Thu, Nov 17, 2022 at 06:50:55PM +0530, Deepak R Varma wrote:
> > On Thu, Nov 17, 2022 at 01:54:49PM +0100, Greg Kroah-Hartman wrote:
> > > On Thu, Nov 17, 2022 at 03:48:45PM +0530, Deepak R Varma wrote:
> > > >
> > > >  struct hfa384x_pdr_refdac_measurements {
> > > > -	u16 value[0];
> > > > +	DECLARE_FLEX_ARRAY(u16, value);
> > > >  } __packed;
> > >
> > > Why?  This structure is never used anywhere, right?  So why is this
> > > needed to be changed and not just removed entirely?  Same for the other
> > > structures in this patch.
> >
> > Hello Greg,
> > I am unable to confirm that these structures are truly not needed in the absence
> > if a real device based testing. I could only validate that using the compile
> > build and driver loading.
>
> Think this through, if no one is actually using this structure, and it
> is of 0 size, then do you think it is being used?

Hello Greg,
I did not find any memory allocation for these zero length array structures.
Also, the union or its enclosing structure do not appear to access the members.
Hence I am leaning towards concluding that these zero length array structures do
not appear to be necessary.

There are a few other structures that are part of the same union, however, they
too do not appear to be used for accessing the memory assigned to the union [or
its enclosing structure]. I think most of the members of these unions can be
replaced by one max size structure of this union [e.g. struct
hfa384x_pdr_mkk_measurements].

Could you please comment if I am reading the code right?

For your quick reference, the zero length structure declaration are online 963
whereas the union is on line number 1080 of the file drivers/staging/wlan-ng/hfa384x.h


Thank you,
./drv


>
> > This change that I am proposing in the interim would enable the compiler to
> > protect the structure from addition of a new member below the zero length array.
>
> Why would you want to add a new member below this?  That's not what is
> happening here at all.

I came across this one old commit where such an accident happened. This is from
a recent LWN article:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e48f129c2f20

I understand the C99 now protects from such an attempt at the compile time
itself.

Thank you,
./drv


>
> Please think this through a bit more.
>
> good luck!
>
> greg k-h
>


Powered by blists - more mailing lists