Monolith compile verify.c

[Michael Wojcik]

> From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf Of
> Matt Caswell
> Sent: Thursday, June 25, 2020 04:51
>
> On 24/06/2020 20:20, Michael Mueller wrote:
> >
> > Questions
> >
> > 1. Is the fix valid?
>
> Seems ok, but it looks like the compiler warning is a bit over zealous.

It's valid, but I'd argue it's not a "fix".

As Rich Salz pointed out, omitting initializers is permitted by the C standard. In fact it's endorsed, in the sense that the standard makes this behavior explicit (see e.g. ISO 9899-1999 6.7.8 #21 for arrays, or in the case of subobjects #19), and the Rationale (I'm referring to 5.10, published 2003) does not discourage its use, as it does for e.g. omitting braces for compound object initializers and relying on the mandated top-down-parse semantics.

In his monumental /The New C Standard: An Economic and Cultural Commentary/ (2005), Derek M. Jones comments on this aspect of the language by noting some costs involved in requiring all members be explicitly initialized, and concludes: " Given these costs and the fact that developers are generally aware of the default behavior, there does not appear to be a worthwhile benefit in a guideline recommending that the behavior be made explicit." (1669) The GCC developers (like all C implementors) would have done well to read Jones.

> We have the same pattern in many parts of the code I think without problems.

Yes, as it should be.

> > 2.  If fix is valid, what are the chances of getting the change accepted?
>
> Doubtful.

And I'd say that's appropriate. Some of the GCC developers would prefer programmers use a language which is similar to, but distinctly not C, eschewing useful constructs and employing various others which are not part of the C language. OpenSSL is written in C.

--
Michael Wojcik
Distinguished Engineer, Micro Focus