diff options
| author |   avsm <avsm@openbsd.org> | 2003-06-26 18:30:05 +0000 |
|---|---|---|
| committer | avsm <avsm@openbsd.org> | 2003-06-26 18:30:05 +0000 |
| commit | b27d04fb8e04e7e970b5c287ca2f510173d6ba87 (patch) | |
| tree | 568b8fb902e6d4c56934d983dbc97e5d753a5133 /usr.bin/diff/diff.c | |
| parent | correct an example, and fix BUGS; (diff) | |
| download | wireguard-openbsd-b27d04fb8e04e7e970b5c287ca2f510173d6ba87.tar.xz wireguard-openbsd-b27d04fb8e04e7e970b5c287ca2f510173d6ba87.zip | |
Introduce a simple static checker for making sure that the bounds
length passed to common functions such as strlcpy/strlcat match the
real length of the buffer. It also checks to make sure that the bound
length was not incorrectly derived from a sizeof(pointer) operation.
Functions must be marked with the new attribute __bounded__, and warnings
are turned on by -Wbounded. Specifying -Wformat also enables bounds
checking for scanf(3) bounds to '%s' format variables. -Wall now turns
on -Wbounded also.
The checking is pretty limited right now to constant parameters, and the
buffers must be statically declared, and not inside a record type. This
simple checking still found hundreds of bugs around the ports tree though,
and there have been no false positive warnings.
10x to niklas@, Richard Sharp and David Scott {rich,dave}@recoil.org for
compiler advice. deraadt@ ok, miod@ tested on his collection of hardware
You need to recompile gcc now if source upgrading in -current before
doing a make world.
Diffstat (limited to 'usr.bin/diff/diff.c')
0 files changed, 0 insertions, 0 deletions