Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 19 Mar 2024 09:18:33 -0400
From: Rich Felker <dalias@...c.org>
To: Mike Cui <cuicui@...il.com>
Cc: NRK <nrk@...root.org>, musl@...ts.openwall.com
Subject: Re: Potential bug in __res_msend_rc() wrt to union
 initialization.

On Mon, Mar 18, 2024 at 05:01:41PM -0700, Mike Cui wrote:
> Yeah I also just went over the C99 spec as well, section 6.7.8, and I have
> to agree with clang developer's interpretation, that "{ 0 }"
> only initializes the first member of the union.

There is no such thing as "only initializes [part]" in the C language.
The { 0 } *only provides a value for* the first member. The question
is about what happens to parts of the object for which the initializer
did not "provide a value". However, the C99 standard does not clearly
describe how the bits of a union that are not part of the member for
which a value is provided (usually the first, unless a designated
initializer is used) are filled on initialization.

C11 adds (in 6.7.9 ¶10):

    "if it is a union, the first named member is initialized
    (recursively) according to these rules, and any padding is
    initialized to zero bits;"

where C99 just had (6.7.8):

    "if it is a union, the first named member is initialized
    (recursively) according to these rules."

So I think C11 and later actually require the full zero
initialization of all bits, and clang is just wrong.

> "{ }" apparently is added in C23 as the "universal zero initializer". So
> changing the order moving sin6 up is the only way to be C99 conformant.

Indeed since at the source level we just depend on C99 not C11, this
should be changed. But clang needs to be fixed too.

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.