* [PATCH] crypto: s5p-sss - Replace zero-length array with flexible-array member @ 2020-02-13 17:21 ` Gustavo A. R. Silva 2020-02-14 7:09 ` Kamil Konieczny 2020-02-22 1:43 ` Herbert Xu 0 siblings, 2 replies; 4+ messages in thread From: Gustavo A. R. Silva @ 2020-02-13 17:21 UTC (permalink / raw) To: Krzysztof Kozlowski, Vladimir Zapolskiy, Kamil Konieczny, Herbert Xu, David S. Miller Cc: linux-crypto, linux-samsung-soc, linux-kernel, Gustavo A. R. Silva The current codebase makes use of the zero-length array language extension to the C90 standard, but the preferred mechanism to declare variable-length types such as these ones is a flexible array member[1][2], introduced in C99: struct foo { int stuff; struct boo array[]; }; By making use of the mechanism above, we will get a compiler warning in case the flexible array does not occur last in the structure, which will help us prevent some kind of undefined behavior bugs from being inadvertently introduced[3] to the codebase from now on. Also, notice that, dynamic memory allocations won't be affected by this change: "Flexible array members have incomplete type, and so the sizeof operator may not be applied. As a quirk of the original implementation of zero-length arrays, sizeof evaluates to zero."[1] This issue was found with the help of Coccinelle. [1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html [2] https://github.com/KSPP/linux/issues/21 [3] commit 76497732932f ("cxgb3/l2t: Fix undefined behaviour") Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com> --- drivers/crypto/s5p-sss.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/s5p-sss.c b/drivers/crypto/s5p-sss.c index d66e20a2f54c..2a16800d2579 100644 --- a/drivers/crypto/s5p-sss.c +++ b/drivers/crypto/s5p-sss.c @@ -369,7 +369,7 @@ struct s5p_hash_reqctx { bool error; u32 bufcnt; - u8 buffer[0]; + u8 buffer[]; }; /** -- 2.25.0 ^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] crypto: s5p-sss - Replace zero-length array with flexible-array member 2020-02-13 17:21 ` [PATCH] crypto: s5p-sss - Replace zero-length array with flexible-array member Gustavo A. R. Silva @ 2020-02-14 7:09 ` Kamil Konieczny 2020-02-14 8:22 ` Krzysztof Kozlowski 2020-02-22 1:43 ` Herbert Xu 1 sibling, 1 reply; 4+ messages in thread From: Kamil Konieczny @ 2020-02-14 7:09 UTC (permalink / raw) To: Gustavo A. R. Silva, Krzysztof Kozlowski, Vladimir Zapolskiy, Herbert Xu, David S. Miller Cc: linux-crypto, linux-samsung-soc, linux-kernel, Bartlomiej Zolnierkiewicz, Marek Szyprowski On 13.02.2020 18:21, Gustavo A. R. Silva wrote: > The current codebase makes use of the zero-length array language > extension to the C90 standard, but the preferred mechanism to declare > variable-length types such as these ones is a flexible array member[1][2], > introduced in C99: > > struct foo { > int stuff; > struct boo array[]; > }; > > By making use of the mechanism above, we will get a compiler warning > in case the flexible array does not occur last in the structure, which > will help us prevent some kind of undefined behavior bugs from being > inadvertently introduced[3] to the codebase from now on. > > Also, notice that, dynamic memory allocations won't be affected by > this change: > > "Flexible array members have incomplete type, and so the sizeof operator > may not be applied. As a quirk of the original implementation of > zero-length arrays, sizeof evaluates to zero."[1] > > This issue was found with the help of Coccinelle. > > [1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html > [2] https://protect2.fireeye.com/url?k=7fbec6f4-22720d30-7fbf4dbb-0cc47a314e9a-2a4d03985644c7ed&u=https://github.com/KSPP/linux/issues/21 > [3] commit 76497732932f ("cxgb3/l2t: Fix undefined behaviour") > > Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com> > --- > drivers/crypto/s5p-sss.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/crypto/s5p-sss.c b/drivers/crypto/s5p-sss.c > index d66e20a2f54c..2a16800d2579 100644 > --- a/drivers/crypto/s5p-sss.c > +++ b/drivers/crypto/s5p-sss.c > @@ -369,7 +369,7 @@ struct s5p_hash_reqctx { > bool error; > > u32 bufcnt; > - u8 buffer[0]; > + u8 buffer[]; > }; > > /** > Looks good to me. Acked-by: Kamil Konieczny <k.konieczny@samsung.com> -- Best regards, Kamil Konieczny Samsung R&D Institute Poland ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] crypto: s5p-sss - Replace zero-length array with flexible-array member 2020-02-14 7:09 ` Kamil Konieczny @ 2020-02-14 8:22 ` Krzysztof Kozlowski 0 siblings, 0 replies; 4+ messages in thread From: Krzysztof Kozlowski @ 2020-02-14 8:22 UTC (permalink / raw) To: Kamil Konieczny Cc: Gustavo A. R. Silva, Vladimir Zapolskiy, Herbert Xu, David S. Miller, linux-crypto, linux-samsung-soc, linux-kernel, Bartlomiej Zolnierkiewicz, Marek Szyprowski On Fri, 14 Feb 2020 at 08:09, Kamil Konieczny <k.konieczny@samsung.com> wrote: > > On 13.02.2020 18:21, Gustavo A. R. Silva wrote: > > The current codebase makes use of the zero-length array language > > extension to the C90 standard, but the preferred mechanism to declare > > variable-length types such as these ones is a flexible array member[1][2], > > introduced in C99: > > > > struct foo { > > int stuff; > > struct boo array[]; > > }; > > > > By making use of the mechanism above, we will get a compiler warning > > in case the flexible array does not occur last in the structure, which > > will help us prevent some kind of undefined behavior bugs from being > > inadvertently introduced[3] to the codebase from now on. > > > > Also, notice that, dynamic memory allocations won't be affected by > > this change: > > > > "Flexible array members have incomplete type, and so the sizeof operator > > may not be applied. As a quirk of the original implementation of > > zero-length arrays, sizeof evaluates to zero."[1] > > > > This issue was found with the help of Coccinelle. > > > > [1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html > > [2] https://protect2.fireeye.com/url?k=7fbec6f4-22720d30-7fbf4dbb-0cc47a314e9a-2a4d03985644c7ed&u=https://github.com/KSPP/linux/issues/21 > > [3] commit 76497732932f ("cxgb3/l2t: Fix undefined behaviour") > > > > Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com> > > --- > > drivers/crypto/s5p-sss.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/drivers/crypto/s5p-sss.c b/drivers/crypto/s5p-sss.c > > index d66e20a2f54c..2a16800d2579 100644 > > --- a/drivers/crypto/s5p-sss.c > > +++ b/drivers/crypto/s5p-sss.c > > @@ -369,7 +369,7 @@ struct s5p_hash_reqctx { > > bool error; > > > > u32 bufcnt; > > - u8 buffer[0]; > > + u8 buffer[]; > > }; > > > > /** > > > > Looks good to me. > > Acked-by: Kamil Konieczny <k.konieczny@samsung.com> Why not making it simple/obvious u8 *buffer? Or fixed length (BUFLEN length)? Best regards, Krzysztof ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] crypto: s5p-sss - Replace zero-length array with flexible-array member 2020-02-13 17:21 ` [PATCH] crypto: s5p-sss - Replace zero-length array with flexible-array member Gustavo A. R. Silva 2020-02-14 7:09 ` Kamil Konieczny @ 2020-02-22 1:43 ` Herbert Xu 1 sibling, 0 replies; 4+ messages in thread From: Herbert Xu @ 2020-02-22 1:43 UTC (permalink / raw) To: Gustavo A. R. Silva Cc: Krzysztof Kozlowski, Vladimir Zapolskiy, Kamil Konieczny, David S. Miller, linux-crypto, linux-samsung-soc, linux-kernel On Thu, Feb 13, 2020 at 11:21:30AM -0600, Gustavo A. R. Silva wrote: > The current codebase makes use of the zero-length array language > extension to the C90 standard, but the preferred mechanism to declare > variable-length types such as these ones is a flexible array member[1][2], > introduced in C99: > > struct foo { > int stuff; > struct boo array[]; > }; > > By making use of the mechanism above, we will get a compiler warning > in case the flexible array does not occur last in the structure, which > will help us prevent some kind of undefined behavior bugs from being > inadvertently introduced[3] to the codebase from now on. > > Also, notice that, dynamic memory allocations won't be affected by > this change: > > "Flexible array members have incomplete type, and so the sizeof operator > may not be applied. As a quirk of the original implementation of > zero-length arrays, sizeof evaluates to zero."[1] > > This issue was found with the help of Coccinelle. > > [1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html > [2] https://github.com/KSPP/linux/issues/21 > [3] commit 76497732932f ("cxgb3/l2t: Fix undefined behaviour") > > Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com> > --- > drivers/crypto/s5p-sss.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) Patch applied. Thanks. -- Email: Herbert Xu <herbert@gondor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-02-22 1:43 UTC | newest] Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- [not found] <CGME20200213180724eucas1p1bb96993e9d0300cddf348d5d442f43aa@eucas1p1.samsung.com> 2020-02-13 17:21 ` [PATCH] crypto: s5p-sss - Replace zero-length array with flexible-array member Gustavo A. R. Silva 2020-02-14 7:09 ` Kamil Konieczny 2020-02-14 8:22 ` Krzysztof Kozlowski 2020-02-22 1:43 ` Herbert Xu
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).