Path: csiph.com!tncsrv06.tnetconsulting.net!newsfeed.endofthelinebbs.com!panix!.POSTED.spitfire.i.gajendra.net!not-for-mail
From: cross@spitfire.i.gajendra.net (Dan Cross)
Newsgroups: comp.lang.c
Subject: Re: "Catch-23: The New C Standard,Sets the World on Fire" by Terence Kelly with Special Guest Borer Yekai Pan
Date: Tue, 29 Aug 2023 01:20:51 -0000 (UTC)
Organization: PANIX Public Access Internet and UNIX, NYC
Message-ID: <ucjh5j$msg$1@reader2.panix.com>
References: <u0fn0g$34scf$1@dont-email.me> <86r0nmwzn2.fsf@linuxsc.com> <ucjbd4$k8c$1@reader2.panix.com> <Y6Oy4M3MEjvyiR0tr@bongo-ra.co>
Injection-Date: Tue, 29 Aug 2023 01:20:51 -0000 (UTC)
Injection-Info: reader2.panix.com; posting-host="spitfire.i.gajendra.net:166.84.136.80"; logging-data="23440"; mail-complaints-to="abuse@panix.com"
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
Originator: cross@spitfire.i.gajendra.net (Dan Cross)
Xref: csiph.com comp.lang.c:173132

In article <Y6Oy4M3MEjvyiR0tr@bongo-ra.co>,
Spiros Bousbouras  <spibou@gmail.com> wrote:
>On Mon, 28 Aug 2023 23:42:28 -0000 (UTC)
>cross@spitfire.i.gajendra.net (Dan Cross) wrote:
>> In article <86r0nmwzn2.fsf@linuxsc.com>,
>> Tim Rentsch  <tr.17687@z991.linuxsc.com> wrote:
>> >cross@spitfire.i.gajendra.net (Dan Cross) writes:
>> >> See https://twitter.com/__phantomderp/status/1643674954750197760
>> >> and
>> >> https://awakened1712.github.io/hacking/hacking-whatsapp-gif-rce/
>> >
>> >AFAICT the twitter link is just a reference to the second URL.
>> 
>> The twitter thread is from the co-chair of the C23 committee
>> when asked about the realloc(..., 0)-is-UB change.
>> 
>> >The paper at the second link is not concerned with what we are
>> >discussing;  it doesn't mention using realloc().  The problem
>> >does concern "re-allocation" but the paper says this:
>> >
>> >    Re-allocation is a combination of free and malloc.  If the
>> >    size of the re-allocation is 0, it is simply a free.
>> >
>> >Any questions about realloc() don't come into the picture here.
>> 
>> I think the committee cochair, and the person who wrote the
>> paper suggesting that realloc(..., 0), become UB, would find
>> that surprising as that was the example they cited when asked
>> about this issue.  (Note that JeanHyde and Seacord both weighed
>> in on that Twitter thread.  Of course, Twitter seems to be
>> broken at the moment, so I find it hard to see.
>
>So members of the C standard committee are discussing issues of the standard
>on twitter ? Now *that's* scary.

More like responding to questions about this particular issue,
mostly because it was easy for me to contact JeanHyde there.

	- Dan C.