On Fri, Oct 14, 2016 at 12:12:43AM +0200, none wrote:
> Hello,
> I wanted to known the rules in coding guidelines concerning the use of
> size_t.
> It seems the signed int type is used most of the time for representing
> string sizes, including in some parts written by Linus in /lib.
> They’re can buffer overflows attack if ssize_t if larger than sizeof(int)
> (though I agree this isn’t the only way, but at least it´s less error
> prone).

Huh?  size_t is the type of sizoef result; ssize_t is its signed counterpart.

> So is it guaranteed for all current and future cpu architectures the Linux
> kernel support that ssize_t will always be equal to sizeof(int) ?

Of course it isn't.  Not true on any 64bit architecture we support...
What attacks are, in your opinion, enabled by that fact?  I'm sure that
libc (and C standard) folks would be very interested, considering that
e.g. strlen() is declared as function that takes a pointer to const char and
returns size_t...

Reply via email to