Re: [PATCH 3/4] security/selinux: decrement sizeof size in strncmp

[Raja R Harinath]

Hi,

Casey Schaufler <casey@xxxxxxxxxxxxxxxx> writes:

> Joe Perches wrote:
[snip]
>> I assert that code should be made as readable
>> as possible and that the code used fit the
>> reader's expectations.
>>
>> strcmp(foo, "BAR") is natural.
>> strncmp(foo, "BAR", sizeof("BAR")) is unnatural
>> and should not be used.
>
> Oh good gravy. I've been writing C code since the 1970's and
> have seen enough "unnatural" code to make most people think that
> PASCAL was a good idea. This is not unnatural code. This is an
> argument over which side of the head of the pin the odd angel
> should dance on. Give it up. You're advocating a gratuitous
> change. Can't y'all go find some questionable casts to expunge?
> That might actually be useful.

I think the point is that

    strncmp(foo, "BAR", sizeof("BAR"))

is exceedingly similar to

    strncmp(foo, "BAR", strlen("BAR"))

which mean different things.  The point of this series was the suspicion
that people who intended the "strlen" variant might have used the
"sizeof" variant.

And, since this confusion exists, it is probably better to use two
canonical forms for the two different meanings

   strcmp(foo, "BAR")
   strncmp(foo, "BAR", strlen("BAR"))

and avoid other equivalent formulations.

- Hari

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/