Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 19 Mar 2024 11:42:22 -0400
From: Rich Felker <dalias@...c.org>
To: Mike Cui <cuicui@...il.com>
Cc: NRK <nrk@...root.org>, musl@...ts.openwall.com
Subject: Re: Potential bug in __res_msend_rc() wrt to union
 initialization.

On Tue, Mar 19, 2024 at 08:04:31AM -0700, Mike Cui wrote:
> On Tue, Mar 19, 2024 at 6:18 AM Rich Felker <dalias@...c.org> wrote:
> 
> > On Mon, Mar 18, 2024 at 05:01:41PM -0700, Mike Cui wrote:
> > > Yeah I also just went over the C99 spec as well, section 6.7.8, and I
> > have
> > > to agree with clang developer's interpretation, that "{ 0 }"
> > > only initializes the first member of the union.
> >
> > There is no such thing as "only initializes [part]" in the C language.
> > The { 0 } *only provides a value for* the first member. The question
> > is about what happens to parts of the object for which the initializer
> > did not "provide a value". However, the C99 standard does not clearly
> > describe how the bits of a union that are not part of the member for
> > which a value is provided (usually the first, unless a designated
> > initializer is used) are filled on initialization.
> >
> > You are referring to this paragraph?
> 
> 6.7.9 ¶21
> If there are fewer initializers in a brace-enclosed list than there are
> elements or members of an aggregate, or fewer characters in a string
> literal used to initialize an array of known size than there are elements
> in the array, the remainder of the aggregate shall be initialized
> implicitly the same as objects that have static storage duration.
> 
> Folks on the LLVM discourse pointed out this paragraph does not apply to
> unions, since unions are not "aggegates" according to the definition in
> 6.2.5p21:
> 21. Arithmetic types and pointer types are collectively called scalar
> types. Array and structure types are collectively called *aggregate* types.

No, the part below that you didn't reply to covers unions:

> > C11 adds (in 6.7.9 ¶10):
> >
> >     "if it is a union, the first named member is initialized
> >     (recursively) according to these rules, and any padding is
> >     initialized to zero bits;"
> >
> > where C99 just had (6.7.8):
> >
> >     "if it is a union, the first named member is initialized
> >     (recursively) according to these rules."
> >
> > So I think C11 and later actually require the full zero
> > initialization of all bits, and clang is just wrong.
> >
> > > "{ }" apparently is added in C23 as the "universal zero initializer". So
> > > changing the order moving sin6 up is the only way to be C99 conformant.
> >
> > Indeed since at the source level we just depend on C99 not C11, this
> > should be changed. But clang needs to be fixed too.
> >
> > Rich
> >

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.