On Fri, Jul 30, 2021 at 9:44 AM Kees Cook [off-list ref] wrote:

On Fri, Jul 30, 2021 at 12:00:54PM +0300, Dan Carpenter wrote:

quoted

On Fri, Jul 30, 2021 at 10:38:45AM +0200, David Sterba wrote:

quoted

Then is explicit memset the only reliable way accross all compiler
flavors and supported versions?

The = { } initializer works.  It's only when you start partially
initializing the struct that it doesn't initialize holes.

No, partial works. It's when you _fully_ initialize the struct where the
padding doesn't get initialized. *sob*

I'm pretty sure that this has more to do with whether or not the
compiler applies SROA then observes uses of the individual members or
not.

struct foo {
        u8 flag;
        /* padding */
        void *ptr;
};

These are fine:

struct foo ok1 = { };
struct foo ok2 = { .flag = 7 };
struct foo ok3 = { .ptr = NULL };

This is not:

struct foo bad = { .flag = 7, .ptr = NULL };

(But, of course, it depends on padding size, compiler version, and
architecture. i.e. things remain unreliable.)

--

-- 
Thanks,
~Nick Desaulniers