Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sun, 2 Jun 2024 05:01:10 +0200
From: Ismael Luceno <ismael@...ev.co.uk>
To: Rich Felker <dalias@...c.org>
Cc: musl@...ts.openwall.com
Subject: Re: [PATCH] ioctl: Fix implicit constant conversion overflow

On 31/May/2024 22:34, Rich Felker wrote:
<...>
> > +#define _IOW(a,b,c) _IOC(_IOC_WRITE,(a),(b),(int)sizeof(c))
> > +#define _IOR(a,b,c) _IOC(_IOC_READ,(a),(b),(int)sizeof(c))
> > +#define _IOWR(a,b,c) _IOC(_IOC_READ|_IOC_WRITE,(a),(b),(int)sizeof(c))
> 
> I don't see how this helps with the warning you're trying to suppress,

GCC disagrees; the warnings go away because it's this element that
causes the whole expression to be promoted to unsigned long long,
so making it smaller (we can use unsigned int instead) avoids the
issue.

> since _IOC_{READ,WRITE} already have unsigned type. If you changed
> that, you would then have *real overflows* (undefined behavior)
> instead of the well-defined, valid implicit conversions -Werror is
> complaining about.

This expresssion is supposed to fit 32-bit anyway, isn't it?

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.