From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-0.3 required=5.0 tests=BAYES_00,
	REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,71171f53c22d92b5
X-Google-Attributes: gid103376,public
X-Google-ArrivalTime: 2003-11-14 08:40:19 PST
Path: 
 archiver1.google.com!news2.google.com!fu-berlin.de!uni-berlin.de!adsl-213-200-246-247.cybernet.CH!not-for-mail
From: Vinzent 'Gadget' Hoefler <ada.rocks@jlfencey.com>
Newsgroups: comp.lang.ada
Subject: Re: C's trikery semantic opens up backdoor in new Linux kernel
Date: Fri, 14 Nov 2003 17:38:43 +0100
Organization: JeLlyFish software
Message-ID: <bp30hh$1jr66r$1@ID-175126.news.uni-berlin.de>
References: <3FB1A63C.9080200@nowhere.com>
 <mailman.328.1068623355.25614.comp.lang.ada@ada-france.org>
 <bot7vd$1gtgp4$1@ID-175126.news.uni-berlin.de>
 <mailman.332.1068645284.25614.comp.lang.ada@ada-france.org>
 <botf2c$1i2eq5$1@ID-175126.news.uni-berlin.de>
 <iPmdnYL7tN64ZCmiRVn-jw@comcast.com>
Reply-To: v.hoefler@acm.org
NNTP-Posting-Host: adsl-213-200-246-247.cybernet.ch (213.200.246.247)
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
X-Trace: news.uni-berlin.de 1068828018 54368475 213.200.246.247 (16 [175126])
X-Newsreader: Forte Agent 1.8/32.548
Xref: archiver1.google.com comp.lang.ada:2501
Date: 2003-11-14T17:38:43+01:00
List-Id: <comp.lang.ada>

Robert I. Eachus wrote:

>if (options =3D=3D (__WCLONE|__WALL) && current->uid =3D 0)
>
>would generate a compiler warning message about the assignment to=20
>current -> uid.  The Linux kernel coding standards make "redundant"=20
>parentheses in conditions illegal for exactly that reason,

So you're saying that a style to use parentheses where it is not
*absolutely* clear which is meant is a bad style? Yes, I am talking
about operator precedence, this is especially bad in C where
programmer and compiler might have different opinions about a
particular construct and still it compiles.

>and one of=20
>the things that made it clear that this was an intentional attempt to=20
>get root was the "extra" parentheses.

The circumstances tell us that this was intentional, yes.

I'd use constants on the left side, but suppose I would not do that,
then I would more tend to write:

|if ((options =3D=3D (__WCLONE|__WALL)) && (current->uid =3D=3D 0))

without any bad ideas in mind.

Hmm. Now the typo, a job on a banking account system and, because I
wrote the parentheses, which in turn prove I was intentionally doing
that, I'm going to jail.


Vinzent.