On Fri, Jul 30, 2021 at 9:44 AM Kees Cook keescook@chromium.org wrote:
On Fri, Jul 30, 2021 at 12:00:54PM +0300, Dan Carpenter wrote:
On Fri, Jul 30, 2021 at 10:38:45AM +0200, David Sterba wrote:
Then is explicit memset the only reliable way accross all compiler flavors and supported versions?
The = { } initializer works. It's only when you start partially initializing the struct that it doesn't initialize holes.
No, partial works. It's when you _fully_ initialize the struct where the padding doesn't get initialized. *sob*
I'm pretty sure that this has more to do with whether or not the compiler applies SROA then observes uses of the individual members or not.
struct foo { u8 flag; /* padding */ void *ptr; };
These are fine:
struct foo ok1 = { }; struct foo ok2 = { .flag = 7 }; struct foo ok3 = { .ptr = NULL };
This is not:
struct foo bad = { .flag = 7, .ptr = NULL };
(But, of course, it depends on padding size, compiler version, and architecture. i.e. things remain unreliable.)
--