On Wed, Feb 28, 2024 at 01:37:36PM -0800, Kees Cook wrote: > On Wed, Feb 28, 2024 at 10:41:32PM +0200, Andy Shevchenko wrote: ... > > +#define struct_data_pointer(p, a) PTR_ALIGN((void *)((p) + 1), (a)) > > I'm not super excited about propagating the "p + 1" code pattern to find > things after an allocation. This leads to the compiler either being > blind to accesses beyond an allocation, or being too conservative about > accesses beyond an object. Instead of these helpers I would much prefer > that data structures that use this code pattern be converted to using > trailing flexible arrays, at which point the compiler is in a much > better position to reason about sizes. There is nothing about flexible arrays in this. Maybe you have been confused by my choice for name of the macros. In that case I also can argue that current struct_size() is a good one. (something like struct_size_with_flex_array() can be more specific) -- With Best Regards, Andy Shevchenko
