From: Junio C Hamano <gitster@pobox.com>
To: "Carlo Marcelo Arenas Belón" <carenas@gmail.com>
Cc: git@vger.kernel.org, hanwen@google.com
Subject: Re: [PATCH] reftable: avoid undefined behaviour breaking t0032
Date: Fri, 15 Apr 2022 00:10:51 -0700 [thread overview]
Message-ID: <xmqq8rs6g6tg.fsf@gitster.g> (raw)
In-Reply-To: <20220415070236.25280-1-carenas@gmail.com> ("Carlo Marcelo Arenas =?utf-8?Q?Bel=C3=B3n=22's?= message of "Fri, 15 Apr 2022 00:02:36 -0700")
Carlo Marcelo Arenas Belón <carenas@gmail.com> writes:
> At least in glibc based systems, memset with a NULL first parameter
> will cause a runtime exception.
I take it to mean that the code assumes that it is OK to pass NULL
as long as length is 0 (i.e. filling the range of memory whose size
is 0 with the specified byte can happen safely no matter what the
starting address of that range is, as size==0 by definition should
mean a no-op). That would mean we have a rule on how members of
dest must be set: .data is allowed to be NULL only when .len is 0.
If so, I wonder if we want to guard with dest->len instead, i.e.
if (dest->len)
memset(dest->data, 0xff, dest->len);
With the form in this patch, i.e.
> - memset(dest->data, 0xff, dest->len);
> + if (dest->data)
> + memset(dest->data, 0xff, dest->len);
we will fail to catch a bogus caller that violates the rule above
that we have on <data, len>. But if we guard with dest->len, then
a violator of <data, len> rule will be caught by memset().
Thanks.
next prev parent reply other threads:[~2022-04-15 7:11 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-15 7:02 [PATCH] reftable: avoid undefined behaviour breaking t0032 Carlo Marcelo Arenas Belón
2022-04-15 7:10 ` Junio C Hamano [this message]
2022-04-15 8:30 ` [PATCH v2] " Carlo Marcelo Arenas Belón
2022-04-15 10:21 ` [RFC PATCH 0/2] reftable: remove poor man's SANITIZE=address, fix a memset() bug Ævar Arnfjörð Bjarmason
2022-04-15 10:21 ` [RFC PATCH 1/2] reftable: remove the "return_block" abstraction Ævar Arnfjörð Bjarmason
2022-04-15 13:37 ` René Scharfe
2022-04-25 9:57 ` Han-Wen Nienhuys
2022-04-25 17:30 ` Junio C Hamano
2022-04-15 10:21 ` [RFC PATCH 2/2] reftable: don't memset() a NULL from failed malloc() Ævar Arnfjörð Bjarmason
2022-04-15 13:37 ` René Scharfe
2022-04-15 13:53 ` Ævar Arnfjörð Bjarmason
2022-04-15 14:30 ` Phillip Wood
2022-04-15 15:20 ` Ævar Arnfjörð Bjarmason
2022-04-15 16:23 ` Junio C Hamano
2022-04-25 10:30 ` Han-Wen Nienhuys
2022-04-25 10:18 ` [PATCH v2] reftable: avoid undefined behaviour breaking t0032 Han-Wen Nienhuys
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqq8rs6g6tg.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=carenas@gmail.com \
--cc=git@vger.kernel.org \
--cc=hanwen@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.