Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

vla: Use proper C99 flexible array #81895

Open
wants to merge 9 commits into
base: main
Choose a base branch
from
Open

vla: Use proper C99 flexible array #81895

wants to merge 9 commits into from
+164 −154

Conversation

ceolin
Copy link
Member

@ceolin ceolin commented Nov 25, 2024

As part of upcoming hardening buffer checks on Zephyr we need to sanitize the usage of flexible array. This pr properly declare flexible arrays according to C99 standard, not relying on non-portable GNU extension.

@ceolin
log: multidomain: Use proper flexible array
5e593a3 
0 length array is a GNU extension. Use proper flexible array.

Signed-off-by: Flavio Ceolin <[email protected]>
@ceolin
net: ip: Use proper flexible array
de66883 
0 length array is a GNU extension. Use proper C99 flexible
array.

Signed-off-by: Flavio Ceolin <[email protected]>
@ceolin ceolin force-pushed the security/vla branch 2 times, most recently from 9179363 to 2a2a658 Compare November 27, 2024 06:57
@ceolin
bluetooth: audio: Use proper flexible array
6934f9f 
0 length array is a GNU extension. Use proper C99 flexible
array.

Signed-off-by: Flavio Ceolin <[email protected]>
@ceolin
bluetooth: hci: Use proper flexible array
8d7de92 
0 length array is a GNU extension. Use proper C99 flexible
array.

Signed-off-by: Flavio Ceolin <[email protected]>
@ceolin
drivers: sensor: Use proper flexible array
20918a0 
0 length array is a GNU extension. Use proper C99 flexible
array.

Signed-off-by: Flavio Ceolin <[email protected]>
@ceolin
bluetooth: host: Use proper flexible array
0f74ad5 
0 length array is a GNU extension. Use proper C99 flexible
array.

Signed-off-by: Flavio Ceolin <[email protected]>
@ceolin
bluetooth: controller: User proper flexible array
51ab3fd 
0 length array is a GNU extension. Use proper C99 flexible
array.

Signed-off-by: Flavio Ceolin <[email protected]>
@ceolin
log: frontend: Use proper flexible array
db05088 
0 length array is a GNU extension. Use proper C99 flexible
array.

Signed-off-by: Flavio Ceolin <[email protected]>
@ceolin
shell: Use proper flexible array
9d0b177 
0 length array is a GNU extension. Use proper C99 flexible
array.

Signed-off-by: Flavio Ceolin <[email protected]>
@ceolin ceolin marked this pull request as ready for review November 28, 2024 06:19
@jhedberg
Copy link
Member

Do I understand correctly that [] is the C99 standard way and [0] is the GNU extension that should be avoided, and that the standard way can't be used in some corner cases (as outlined in the documentation of FLEXIBLE_ARRAY_DECLARE()?

Since using the macro doesn't really improve readability (quite the opposite), I'm wondering, why don't we limit the macro usage only to the situations where the standard way can't directly be used, and use just [] everywhere else?

sjanc
sjanc reviewed Nov 28, 2024
View reviewed changes
include/zephyr/bluetooth/hci_types.h
@@ -755,7 +755,7 @@ struct bt_hci_handle_count {
#define BT_HCI_OP_HOST_NUM_COMPLETED_PACKETS BT_OP(BT_OGF_BASEBAND, 0x0035) /* 0x0c35 */
struct bt_hci_cp_host_num_completed_packets {
uint8_t num_handles;
struct bt_hci_handle_count h[0];
FLEXIBLE_ARRAY_DECLARE(struct bt_hci_handle_count, h);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi,

why not simply use foo[] instead of macro which adds some extra __unused_foo members under the hood?

also, this declares unpacked structures inside packed structure, are those guaranteed to not affect packed struct alignment or no padding requirements?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@sjanc this was also my worry (see my earlier comment). I'd prefer if the macro was only used in the corner cases where you can't directly use [].

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sjanc sjanc sjanc left review comments

@alwa-nordic alwa-nordic Awaiting requested review from alwa-nordic

@asbjornsabo asbjornsabo Awaiting requested review from asbjornsabo

@babrsn babrsn Awaiting requested review from babrsn

@Casper-Bonde-Bose Casper-Bonde-Bose Awaiting requested review from Casper-Bonde-Bose

@fredrikdanebjer fredrikdanebjer Awaiting requested review from fredrikdanebjer

@hermabe hermabe Awaiting requested review from hermabe

@jhedberg jhedberg Awaiting requested review from jhedberg

@jthm-ot jthm-ot Awaiting requested review from jthm-ot

@kruithofa kruithofa Awaiting requested review from kruithofa

@larsgk larsgk Awaiting requested review from larsgk

@MariuszSkamra MariuszSkamra Awaiting requested review from MariuszSkamra

@niym-ot niym-ot Awaiting requested review from niym-ot

@pin-zephyr pin-zephyr Awaiting requested review from pin-zephyr

@Thalley Thalley Awaiting requested review from Thalley

At least 2 approving reviews are required to merge this pull request.

Assignees

@jhedberg jhedberg

@Thalley Thalley

@alwa-nordic alwa-nordic

Labels
area: Bluetooth Audio area: Bluetooth Classic area: Bluetooth Controller area: Bluetooth Controller area: Bluetooth Host area: Bluetooth area: Logging area: Networking area: Sensors Sensors area: Shell Shell subsystem
Projects
Bluetooth LE Audio
Status: In Review
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@ceolin @jhedberg @sjanc @Thalley @zephyrbot @alwa-nordic