From: Duncan Sands <baldrick@free.fr>
To: v.hoefler@acm.org,
Vinzent 'Gadget' Hoefler <ada.rocks@jlfencey.com>,
comp.lang.ada@ada-france.org
Subject: Re: C's trikery semantic opens up backdoor in new Linux kernel
Date: Wed, 12 Nov 2003 14:38:06 +0100
Date: 2003-11-12T14:38:06+01:00 [thread overview]
Message-ID: <mailman.332.1068645284.25614.comp.lang.ada@ada-france.org> (raw)
In-Reply-To: <bot7vd$1gtgp4$1@ID-175126.news.uni-berlin.de>
> >IMHO the real problem is that
>
> the syntax of C allows such things. Simple as that, it doesn't matter
> if you even can set strict coding standards to make such things hardly
> possible.
>
> >uid is not an opaque type and can
> >be changed with a simple assignment. Much better if that required
> >a function call.
>
> You can almost always find a workaround. The problem is to use it
> everytime and force people to use it.
I was under the impression that (using preprocessor trickery) it was possible
to get the equivalent of an Ada private type in C. Then everyone is forced
to use function calls to get/set the value, unless they do type casts etc.
In all cases, abuse would stand out more than it does now.
> For instance considering the simple rule that in a comparison with a
>
> constant value you should always state the constant first:
> |if ((__WCLONE|__WALL) == options) && (0 = current->uid))
>
> wouldn't compile, either.
No, but do you really think such a style could be enforced in the linux
kernel community? Think of "herding cats".
Duncan.
next prev parent reply other threads:[~2003-11-12 13:38 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-11-12 3:17 C's trikery semantic opens up backdoor in new Linux kernel Adrian Hoe
2003-11-12 4:26 ` Stephane Richard
2003-11-12 5:13 ` J Cusick
2003-11-12 7:18 ` Vinzent 'Gadget' Hoefler
2003-11-12 7:50 ` Duncan Sands
2003-11-12 12:08 ` Vinzent 'Gadget' Hoefler
2003-11-12 13:38 ` Duncan Sands [this message]
2003-11-12 14:09 ` Vinzent 'Gadget' Hoefler
2003-11-13 21:04 ` Craig Carey
2003-11-14 6:45 ` Freejack
2003-11-14 8:33 ` Erlo Haugen
2003-11-14 9:44 ` Vinzent 'Gadget' Hoefler
2003-11-14 10:16 ` Dmitry A. Kazakov
2003-11-25 10:06 ` Craig Carey
2003-11-25 11:20 ` Dmitry A. Kazakov
2003-11-14 15:31 ` Robert I. Eachus
2003-11-14 13:12 ` Georg Bauhaus
2003-11-14 13:31 ` Duncan Sands
2003-11-14 14:56 ` Vinzent 'Gadget' Hoefler
2003-11-14 15:08 ` Georg Bauhaus
2003-11-14 15:38 ` Duncan Sands
2003-11-14 17:57 ` Georg Bauhaus
2003-11-14 15:47 ` Robert I. Eachus
2003-11-14 16:38 ` Vinzent 'Gadget' Hoefler
2003-11-19 4:13 ` Dave Thompson
2003-11-21 15:34 ` Martin Krischik
2003-11-23 2:20 ` Hyman Rosen
2003-11-27 4:22 ` Dave Thompson
2003-11-28 14:01 ` Hyman Rosen
2003-11-12 17:37 ` tmoran
2003-11-12 18:03 ` Warren W. Gay VE3WWG
2003-11-12 8:51 ` Adrian Hoe
2003-11-12 12:32 ` Preben Randhol
2003-11-13 5:50 ` Chad R. Meiners
2003-11-12 22:59 ` Wes Groleau
2003-11-14 3:31 ` Adrian Hoe
2003-11-14 11:00 ` Dmytry Lavrov
2003-11-15 5:00 ` Adrian Hoe
2003-11-15 5:02 ` Adrian Hoe
2003-11-16 11:29 ` Dmytry Lavrov
2003-11-17 17:07 ` Warren W. Gay VE3WWG
2003-11-16 11:35 ` Dmytry Lavrov
2003-11-15 19:30 ` Wes Groleau
2003-11-12 8:52 ` Adrian Hoe
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox