bug-gnulib
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] inttostr.h: add compile-time buffer overrun checks

From: Pádraig Brady
Subject: Re: [PATCH] inttostr.h: add compile-time buffer overrun checks
Date: Mon, 18 Oct 2010 12:53:12 +0100
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.8) Gecko/20100227 Thunderbird/3.0.3 
On 17/10/10 20:58, Bruno Haible wrote:
> +/* When, on glibc systems, -D_FORTIFY_SOURCE=1 or -D_FORTIFY_SOURCE=2 is 
> used,
> +   enable extra bounds checking, based on the object bounds analysis done by
> +   GCC.
> +   The user can disable this bounds checking by defining _GL_NO_FORTIFY.
> +   __attribute__ __warning__ requires GCC >= 4.3.
> +   __builtin_object_size requires GCC >= 4.1.
> +   __always_inline__ requires GCC >= 3.2.  */
> +#if __USE_FORTIFY_LEVEL > 0 && !defined _GL_NO_FORTIFY && __GNUC_PREREQ (4, 
> 3)

How about adding support for older compilers as follows.
This might also be a stepping stone for people trying
to understand the more thorough version?

cheers,
Pádraig.

#if __USE_FORTIFY_LEVEL > 0 && !defined _GL_NO_FORTIFY

#if __GNUC_PREREQ (4, 3)
[do thorough checks]

/* __builtin_constant_p is available since gcc 2.95  */
#elif __GNUC_PREREQ (2, 95)

/* Like sizeof, except that it treats a variable sized array
   as a pointer rather than determining the size at runtime.  */
#define CT_SIZEOF(x) (__builtin_constant_p(sizeof x) ? sizeof x: sizeof (void*))

# define imaxtostr(n, s)                                                    \
   ((void) verify_true (CT_SIZEOF (s) == sizeof (void *)                    \
                        || INT_BUFSIZE_BOUND (intmax_t) <= CT_SIZEOF (s)),  \
    (imaxtostr) (n, s))

...
#endif
reply via email to
[Prev in Thread] Current Thread [Next in Thread]