Date: Fri, 3 Aug 2018 23:05:10 +0100
From: Roy Marples <r...@marples.name>
Message-ID: <4c9d72c8-cfd6-64dd-dd67-2406d4edc...@marples.name>
| So casting to (size_t) is the Right Thing To Do and no comment required?
For now it might be the right thing to do. But it should have a comment.
The cast is not required for correctness (not in any conceivable way)
only to pacify gcc.
I suspect (after a bit more thought) that this error, and some of the other
similar ones recently - including the one in openssh/dist/sshkey.c from
yesterday) are not actually sanitiser detected errors, they're just regular
gcc warnings. But if that's true, the warnings should have gone off
perviously.
The difference, I suspect, is that in order to make it easier for the
sanitisers to diagnose the kinds of problems they detect (at run time)
the relevant sources are being compiled -O0 rather than the normal -O2
or -O3 (whatever it is).
With that, the compiler has far less info available in this kinds of flow
analysis situations, and is issuing far more false warnings than usually
happens.
Before the sanitiser compiles, this same code compiled without warnings,
right? That is, I believe, that with -O2 (or more) the compiler did enough
analysis to know that all was fine, and there was no potential problem
(both in the dhcpcd case, and in the ssh case.) Bit with -O0 it does not
have that info, and so issues the false warning.
Kamil: assuming you agree that this is a reasonable analysis, I'd suggest
no more code changes based upon gcc warnings issued this way.
Instead, if you need to, when compiling for the santitsers, disable the
warnings (either file by file, as needed, or simply globally) - we do not
need the warnings in that case, all the code is being compiled normally,
without warnings (except in the few cases they are already explicitly
disabled) - any warning generated only with -O0 simply must be bogus.
So, just disable the idiot things (when sanitising.)
kre
