Re: CVE-2014-9900 fix is not upstream

From: One Thousand Gnomes
Date: Thu Aug 25 2016 - 12:10:47 EST

> > I see someone did request it 2 years ago:
> >
> I don't think this is sufficient. Basically if you write one field in a
> struct after a memset again, the compiler is allowed by the standard to
> write padding bytes again, causing them to be undefined.

The question is simply what gcc actually does. The rest is C language
lawyering and since the kernel isn't written to the C language spec but
to gcc only gcc matters.