CVS: cvs.openbsd.org: src

CVSROOT:	/cvs
Module name:	src
Changes by:	avsm@cvs.openbsd.org	2003/06/26 12:30:05

Modified files:
	gnu/egcs/gcc   : c-common.c c-decl.c c-tree.h c-typeck.c 
	                 fold-const.c toplev.c tree.h 
	gnu/egcs/gcc/cp: call.c cp-tree.h decl2.c typeck.c 

Log message:
Introduce a simple static checker for making sure that the bounds length passed to common functions such as strlcpy/strlcat match the real length of the buffer. It also checks to make sure that the bound length was not incorrectly derived from a sizeof(pointer) operation.

Functions must be marked with the new attribute __bounded__, and warnings are turned on by -Wbounded. Specifying -Wformat also enables bounds checking for scanf(3) bounds to '%s' format variables. -Wall now turns on -Wbounded also.

The checking is pretty limited right now to constant parameters, and the buffers must be statically declared, and not inside a record type. This simple checking still found hundreds of bugs around the ports tree though, and there have been no false positive warnings.

10x to niklas@, Richard Sharp and David Scott {rich,dave}@recoil.org for compiler advice. deraadt@ ok, miod@ tested on his collection of hardware

You need to recompile gcc now if source upgrading in -current before doing a make world. Received on Thu Jun 26 14:43:35 2003