Re: when to size_t for representing length instead of int ?

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Al Viro <viro@ZenIV.linux.org.uk>
To: none <ytrezq@sdf-eu.org>
Cc: linux-kernel@vger.kernel.org
Subject: Re: when to size_t for representing length instead of int ?
Date: Fri, 14 Oct 2016 00:37:22 +0100	[thread overview]
Message-ID: <20161013233722.GX19539@ZenIV.linux.org.uk> (raw)
In-Reply-To: <f71827f285f30906df9b5aa2c682cce5@mx.sdfeu.org>

On Fri, Oct 14, 2016 at 12:12:43AM +0200, none wrote:
> Hello,
> 
> I wanted to known the rules in coding guidelines concerning the use of
> size_t.
> It seems the signed int type is used most of the time for representing
> string sizes, including in some parts written by Linus in /lib.
> They’re can buffer overflows attack if ssize_t if larger than sizeof(int)
> (though I agree this isn’t the only way, but at least it´s less error
> prone).

Huh?  size_t is the type of sizoef result; ssize_t is its signed counterpart.

> So is it guaranteed for all current and future cpu architectures the Linux
> kernel support that ssize_t will always be equal to sizeof(int) ?

Of course it isn't.  Not true on any 64bit architecture we support...
What attacks are, in your opinion, enabled by that fact?  I'm sure that
libc (and C standard) folks would be very interested, considering that
e.g. strlen() is declared as function that takes a pointer to const char and
returns size_t...

next prev parent reply	other threads:[~2016-10-13 23:38 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-10-13 22:12 when to size_t for representing length instead of int ? none
2016-10-13 23:37 ` Al Viro [this message]
2016-10-16  2:04   ` none

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20161013233722.GX19539@ZenIV.linux.org.uk \
    --to=viro@zeniv.linux.org.uk \
    --cc=linux-kernel@vger.kernel.org \
    --cc=ytrezq@sdf-eu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.