This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] Avoid undefined behavior in __FD_MASK

From: Florian Weimer <fweimer at redhat dot com>
To: Roland McGrath <roland at hack dot frob dot com>
Cc: libc-alpha <libc-alpha at sourceware dot org>
Date: Fri, 12 Apr 2013 10:29:33 +0200
Subject: Re: [PATCH] Avoid undefined behavior in __FD_MASK
References: <51651881 dot 2020906 at redhat dot com> <20130411203232 dot 72CA82C092 at topped-with-meat dot com>

On 04/11/2013 10:32 PM, Roland McGrath wrote:

__fd_mask
should really be an unsigned type, but changing that is more risky.


That really is the right fix (and then your change is unnecessary).
What risks do you imagine with the type change?

The fd_bits member used to be part of the public API in the 90s, andsomeone might point a long * variable to it. There's also a comment:


/* The fd_set member is required to be an array of longs.  */
typedef long int __fd_mask;

If someone still has the discussion to Austin group issue bwg2001-005(which led to the removal of the fd_bits member), it might shed somelight onto this.


But I'm probably overly conservative here.

--
Florian Weimer / Red Hat Product Security Team

References:
- [PATCH] Avoid undefined behavior in __FD_MASK
  - From: Florian Weimer
- Re: [PATCH] Avoid undefined behavior in __FD_MASK
  - From: Roland McGrath

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]