#3899: mutt_ssl's interactive_check_cert() has several issues
-----------------------+----------------------
Reporter: kevin8t8 | Owner: mutt-dev
Type: defect | Status: closed
Priority: major | Milestone:
Component: crypto | Version:
Resolution: fixed | Keywords:
-----------------------+----------------------
Comment (by vinc17):
Replying to [comment:22 kevin8t8]:
> You can trace it through, but it ends up using a gcc extension
!__builtin_types_compatible_p.
You can enable the check only for GCC and compatible compilers such as
clang. I assume that most developers (if not all) use such a compiler, so
that any bug due to bad type would be detected very quickly by a
compilation failure.
> In any case, if we use Vincent's declaration instead of the gcc
extension, this gives us a possibility:
>
> {{{
> #define BUILD_BUG_UNLESS_ZERO(e) (sizeof(struct { int:-!!(e); }))
> #define __must_be_array(a) BUILD_BUG_UNLESS_ZERO((void *) &(a) !=
(void *) &(a)[0])
> #define mutt_array_size(x) (sizeof (x) / sizeof ((x)[0]) +
__must_be_array(x))
> }}}
I'm not sure that this code is valid ISO C code, because {{{(void *) &(a)
!= (void *) &(a)[0]}}} is not a standard integer constant expression as
required by the bit-field size (though its value can be determined at
compile time). So, this would still be an extension of some compilers such
as GCC.
--
Ticket URL: <https://dev.mutt.org/trac/ticket/3899#comment:25>
Mutt <http://www.mutt.org/>
The Mutt mail user agent