On 18/05/2021 15:01, Julien Grall wrote:
> From: Julien Grall <jgrall@amazon.com>
>
> Hi all,
>
> By default, both Clang and GCC will happily compile C code where
> non-const char * point to literal strings. This means the following
> code will be accepted:
>
> char *str = "test";
>
> str[0] = 'a';
>
> Literal strings will reside in rodata, so they are not modifiable.
> This will result to an permission fault at runtime if the permissions
> are enforced in the page-tables (this is the case in Xen).
>
> I am not aware of code trying to modify literal strings in Xen.
> However, there is a frequent use of non-const char * to point to
> literal strings. Given the size of the codebase, there is a risk
> to involuntarily introduce code that will modify literal strings.
>
> Therefore it would be better to enforce using const when pointing
> to such strings. Both GCC and Clang provide an option to warn
> for such case (see -Wwrite-strings) and therefore could be used
> by Xen.
>
> This series doesn't yet make use of -Wwrite-strings because
> the tree is not fully converted. Instead, it contains some easy
> and non-controversial use of const in the code.
>
> Julien Grall (2):
> xen/char: console: Use const whenever we point to literal strings
> tools/console: Use const whenever we point to literal strings
I have committed the two patches.
>
> tools/console/client/main.c | 4 ++--
> tools/console/daemon/io.c | 15 ++++++++-------
> xen/drivers/char/console.c | 7 ++++---
> 3 files changed, 14 insertions(+), 12 deletions(-)
>
--
Julien Grall