libio: Add nonnull attribute for most FILE * arguments in stdio.h - mirror/glibc - mirror of git://sourceware.org/git/glibc.git

diff options

author	Xi Ruoyao <xry111@xry111.site>	2023-09-25 19:53:26 +0800
committer	Siddhesh Poyarekar <siddhesh@sourceware.org>	2023-09-26 20:11:38 -0400
commit	64b1a44183a3094672ed304532bedb9acc707554 (patch)
tree	41131e52fd02f763e2ab83cb9967386f4c40a515 /debug/obprintf_chk.c
parent	6b695e5c628734b9801fcf53149687cb4fe6926e (diff)
download	glibc-64b1a44183a3094672ed304532bedb9acc707554.tar.gz glibc-64b1a44183a3094672ed304532bedb9acc707554.tar.xz glibc-64b1a44183a3094672ed304532bedb9acc707554.zip

libio: Add nonnull attribute for most FILE * arguments in stdio.h

During the review of a GCC analyzer test case, we found most stdio
functions accepting a FILE * argument expect it to be nonnull and just
segfault when the argument is NULL.  Add nonnull attribute for them.

fflush and fflush_unlocked are well defined when __stream is NULL so
they are not touched.

For fputs, fgets, fread, fwrite, fprintf, vfprintf, and their unlocked
version, if __stream is empty but there is nothing to read or write,
they did not segfault.  But the standard disallow __stream to be empty
here, so nonnull attribute is also added for them.  Note that this may
blow up some old code already subtly broken.

Also add __nonnull for _chk variants and __fortify_function versions for
them.

Signed-off-by: Xi Ruoyao <xry111@xry111.site>
Reviewed-by: Alejandro Colomar <alx@kernel.org>
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>

Diffstat (limited to 'debug/obprintf_chk.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: