Checked-size array parameters in C
8 days ago
- #code safety
- #C programming
- #kernel development
- Ard Biesheuvel proposed improving the safety of the xchacha20poly1305_encrypt function by changing array parameter types to enforce size checks.
- Jason Donenfeld suggested using the 'static' keyword in array parameters for size checking without requiring caller changes.
- Linus Torvalds supported the use of 'static' despite its awkward syntax, noting its existing use in the kernel.
- Eric Biggers highlighted that GCC's warnings for array sizes were disabled in the kernel due to false positives.
- The discussion concluded that 'static' could be widely adopted in the kernel for safer array parameter handling.