On Fri, Oct 14, 2016 at 12:12:43AM +0200, none wrote: > Hello, > > I wanted to known the rules in coding guidelines concerning the use of > size_t. > It seems the signed int type is used most of the time for representing > string sizes, including in some parts written by Linus in /lib. > They’re can buffer overflows attack if ssize_t if larger than sizeof(int) > (though I agree this isn’t the only way, but at least it´s less error > prone).
Huh? size_t is the type of sizoef result; ssize_t is its signed counterpart. > So is it guaranteed for all current and future cpu architectures the Linux > kernel support that ssize_t will always be equal to sizeof(int) ? Of course it isn't. Not true on any 64bit architecture we support... What attacks are, in your opinion, enabled by that fact? I'm sure that libc (and C standard) folks would be very interested, considering that e.g. strlen() is declared as function that takes a pointer to const char and returns size_t...
