| From: | Aleksander Alekseev <a(dot)alekseev(at)postgrespro(dot)ru> |
|---|---|
| To: | Chapman Flack <chap(at)anastigmatix(dot)net> |
| Cc: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Re: PROPOSAL: make PostgreSQL sanitizers-friendly (and prevent information disclosure) |
| Date: | 2016-03-21 15:13:58 |
| Message-ID: | 20160321181358.21a5517c@fujitsu |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> I'm new here so someone more experienced would have to weigh in,
> but I would wonder a couple of things:
>
> a. whether a braced struct assignment is supported in every
> C compiler that PostgreSQL still intends to support
>
> b. whether such a struct assignment is guaranteed to initialize
> padding spaces as well as declared fields (in all supported
> C versions/compilers).
>
> It's possible that memset() would be more convincing.
Frankly I'm not sure regarding all supported C versions/compilers. But
it seems to be a valid ANSI C. Here is a test program:
```
#include <stdio.h>
typedef struct {
int i;
char c;
long l;
short s;
} MyStruct;
int main()
{
int i, sum = 0;
char *c;
MyStruct s = {0};
s.i = 11;
s.c = 22;
s.l = 33;
s.s = 44;
c = (char*)&s;
for(i = 0; i < sizeof(s); i++) {
sum += *c;
c++;
}
printf("Sum: %d\n", sum);
return 0;
}
```
I compiled it with various versions of GCC and CLang with different
optimization flags:
clang38 -O3 -ansi -g t.c -o t
gcc -O0 -ansi -g t.c -o t
In all cases running a program under debugger shows that structure is
properly initialized:
(gdb) b main
Breakpoint 1 at 0x4007ae: file t.c, line 12.
(gdb) r
Starting program: /usr/home/eax/temp/t
Breakpoint 1, main () at t.c:12
12 int i, sum = 0;
(gdb) p memset(&s, 0xEA, sizeof(MyStruct))
$1 = -5376
(gdb) x/24xb &s
0x7fffffffeb00: 0xea 0xea 0xea 0xea 0xea 0xea 0xea 0xea
0x7fffffffeb08: 0xea 0xea 0xea 0xea 0xea 0xea 0xea 0xea
0x7fffffffeb10: 0xea 0xea 0xea 0xea 0xea 0xea 0xea 0xea
(gdb) n
14 MyStruct s = {0};
(gdb)
16 s.i = 11;
(gdb) x/24xb &s
0x7fffffffeb00: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x7fffffffeb08: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x7fffffffeb10: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
(gdb) quit
Naturally we could use memset() as well. But I personally find it a bit
less readable. And in theory it doesn't prevent some _very_ "smart" C
compiler from not cleaning the whole structure anyway.
--
Best regards,
Aleksander Alekseev
http://eax.me/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David G. Johnston | 2016-03-21 15:17:33 | Re: [GENERAL] Request - repeat value of \pset title during \watch interations |
| Previous Message | Craig Ringer | 2016-03-21 15:11:37 | Re: Proposal: Generic WAL logical messages |