[PATCH 01/11] Array: avoided void pointer arithmetic in nxt_array_copy().

Alejandro Colomar alx.manpages at gmail.com
Thu Jun 16 15:41:02 UTC 2022 

Hi Andrew,

On 6/16/22 03:00, Andrew Clayton wrote:
> As was pointed out by the cppcheck[0] static code analysis utility we
> were doing void pointer arithmetic on src->elts which is technically
> undefined behaviour.
> 
> While GCC allows this by treating the size of void as 1[1]. Same with
> Clang. Other compilers I'm not sure about, so lets just be safe and cast
> src->nelts to (char *) where sizeof(char) is guaranteed to be 1.
> 
> [0]: https://cppcheck.sourceforge.io/
> [1]: https://gcc.gnu.org/onlinedocs/gcc/Pointer-Arith.html

That is one of the GNU extensions I wish was in the standard, at least 
in POSIX.

I hate casts for the danger they pose by shutting (almost) all warnings 
off, and I think that danger is more real than the possible dangers 
caused by pointer arithmetics on `void *`.

In fact, the worst thing that could happen would be that the compiler 
refuses to compile, but if it compiles, it's almost forced to use `char 
*` rules, due to:

     6.2.5-27: A pointer to void shall have the same representation and
               alignment requirements as a pointer to a character type.

Since we seem to have support from all compilers we care (otherwise one 
would have already complained), I prefer not fixing this.

So, wontfix? :)

Cheers,

Alex

BTW, if you would like to CC me in patches to the mailing list, it would 
help me notice them.

> ---
>   src/nxt_array.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/src/nxt_array.c b/src/nxt_array.c
> index 1e13c22..0a7945e 100644
> --- a/src/nxt_array.c
> +++ b/src/nxt_array.c
> @@ -140,7 +140,7 @@ nxt_array_copy(nxt_mp_t *mp, nxt_array_t *dst, nxt_array_t *src)
>                   return NULL;
>               }
>   
> -            nxt_memcpy(data, src->elts + (i * size), size);
> +            nxt_memcpy(data, (char *) src->elts + (i * size), size);
>           }
>       }
>   

-- 
Alejandro Colomar
<http://www.alejandro-colomar.es/>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.nginx.org/pipermail/unit/attachments/20220616/c7e81bd0/attachment.bin>

More information about the unit mailing list