-
-
Notifications
You must be signed in to change notification settings - Fork 5.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Consider not overriding _FORTIFY_SOURCE= define: port to c99 flexible arrays #5581
Comments
It was reported that some kind of old compilers don't support omitting the array size. Line 226 in eed3571
Some kind of #ifdef might be needed?
I think that there are many codes that rely on it. Such codes need to be changed. |
E.g. #ifdef HAS_FLEXARRY_SUPPORT
# define FLEXARRY_SIZE
# define FLEXARRY_ADD 1
#else
# define FLEXARRY_SIZE 1
# define FLEXARRY_ADD 0
#endif
...
struct dictitem_S
{
typval_T di_tv; // type and value of the variable
char_u di_flags; // DI_FLAGS_ flags (only used for variable)
char_u di_key[FLEXARRY_SIZE]; // key (actually longer!)
};
...
di = alloc(sizeof(dictitem_T) + STRLEN(varname) + FLEXARRY_ADD); |
Indeed, some compilers unfortunately don't support flexible arrays. |
This has been discussed before (and actually included as of 561f8a5 and f3a4117). Unfortunately not all compilers support this. See e.g. this thread on patch 8.0.1735 (https://groups.google.com/d/msg/vim_dev/jWEXfiRJv_4/nKEYbB_7CAAJ) when this was rolled back last time (commit 285e335). I am closing this and leave it to Bram to include the fix in #5580 |
I'd like to clarify my main worry: gcc already assumes that arrays are 1 byte long and optimises code based on that. If there are no plans to eliminate 1-byte arrays usage would it be feasible/welcome to add runtime check into The check would fail at |
I'd like to clarify my main worry: gcc already assumes that arrays are
1 byte long and optimises code based on that. `-D_FORTIFY_SOURCE=2` is
only a side-effect.
If there are no plans to eliminate 1-byte arrays usage would it be
feasible/welcome to add runtime check into `configure.ac`?
The check would fail at `./configure` phase with a clear error about
unsupported compiler instead of cryptic buffer overflow crash which
takes a while to track back to intended use of 1-byte arrays.
This was discussed before: There are still a few compilers that don't
support the "empty array" feature. Making two implementations is going
to cause duplication of code, where one version won't be used much and
can easily break. Best is to just keep it as-is.
…--
hundred-and-one symptoms of being an internet addict:
36. You miss more than five meals a week downloading the latest games from
Apogee.
/// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net \\\
/// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\ an exciting new programming language -- http://www.Zimbu.org ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///
|
@trofi What's wrong with |
@tonymec wrote:
In my opinion, the problem comes from Ubuntu's silly decision to
I think that Ubuntu should not do that by default. See the explanation about
Using flexible array members would certainly have been nice. |
Describe the bug
vim is not
_FORTIFY_SOURCE=2
clean (useschar[1]
array). This causes the following problems:configure.ac
occasionally fails to catch new way to define_FORTIFY_SOURCE=2
and users get cryptic buffer overflow crashes_FORTIFY_SOURCE=2
by introspecting array length)To Reproduce
It's a downstream version of https://bugs.gentoo.org/706324 where gcc-10 was not detected and
_FORTIFY_SOURCE=2
default was missed (worked around in #5580).Expected behavior
vim should build and run on
_FORTIFY_SOURCE=2
compiler.Environment (please complete the following information):
If vim can afford using flexible array members (https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html) it might use those:
I did not check if the rest of code does not rely on sizeof(struct dictitem_S).
The text was updated successfully, but these errors were encountered: