Thanks, Kees. If there is no objection, I will update my patches with this. And send the updated patches soon.
Qing > On Feb 9, 2023, at 11:46 AM, Kees Cook <keesc...@chromium.org> wrote: > > On Thu, Feb 09, 2023 at 02:40:57PM +0000, Qing Zhao wrote: >> So, the major question here is: >> >> in addition to the C99 standard flexible array member [ ], shall we include >> [0], [1] or even [4] into this extension, and treat the structure with a >> trailing [0], [1], or [4] embedded into another structure/union still as >> flexible-sized? >> >> I think that we might need to limit this extension ONLY to C99 standard FAM >> [ ]. All other [0], [1], or [4] should be excluded from this extension. The >> reasons are: >> >> 1. The real usages of such GCC extension (embedding structure with FAM into >> another structure/union), as my understanding, the old glibc’s <_G_config.h> >> (https://gcc.gnu.org/legacy-ml/gcc-patches/2002-08/msg01149.html), and the >> bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101832, ONLY involved C99 >> standard FAM; >> >> 2. Embedding a structure with C99 FAM [] into the end of another structure, >> and still treat it flexible sized might have more usages, and as discussed >> with Kees, it might be reasonable to promote this into a C standard later >> if needed. >> >> So, based on this consideration, I think I should only document the >> following as GCC extension: >> >> struct flex { int length; char data[ ]; }; >> struct out_flex { int m; struct flex flex_data; }; >> >> Issue warnings for the following: (when the structure is not at the end) >> >> struct out_flex_mid { struct flex flex_data; int m}; >> >> >> However, for the trailing [0], [1], or [4], when such structure embedded >> into the end of another structure, We should NOT treat the outer structure >> as flexible sized. >> Logically, we will NOT issue warnings when such structure is not at the end. >> >> Let me know if you have any comment or suggestions. > > FWIW this all sounds correct to me. > > -- > Kees Cook
