This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: [PATCH 2/4] enhance overflow and truncation detection in strncpy and strncat (PR 81117)
On 08/09/2017 11:00 PM, Jeff Law wrote:
On 08/06/2017 02:07 PM, Martin Sebor wrote:
Part 2 of the series adds attribute nostring to annotate arrays
of and pointers to char with that are intended to store sequences
of characters that aren't necessarily valid (nul-terminated)
strings. In the subsequent patch the attribute is relied on to
avoid diagnosing strcncpy calls that truncate strings and create
such copies. In the future I'd like to also use the attribute
to diagnose when arrays or pointers with the attribute are passed
to functions that expect nul-terminated strings (such as strlen
or strcpy).
Martin
gcc-81117-2.diff
PR c/81117 - Improve buffer overflow checking in strncpy
gcc/ChangeLog:
PR c/81117
* builtin-attrs.def (attribute nonstring): New.
* doc/extend.texi (attribute nonstring): Document new attribute.
gcc/c-family/ChangeLog:
PR c/81117
* c-attribs.c (c_common_attribute_table): Add nonstring entry.
(handle_nonstring_attribute): New function.
gcc/testsuite/ChangeLog:
PR c/81117
* c-c++-common/attr-nonstring-1.c: New test.
--- a/gcc/builtin-attrs.def
+++ b/gcc/builtin-attrs.def
@@ -93,6 +93,7 @@ DEF_ATTR_IDENT (ATTR_FORMAT, "format")
DEF_ATTR_IDENT (ATTR_FORMAT_ARG, "format_arg")
DEF_ATTR_IDENT (ATTR_MALLOC, "malloc")
DEF_ATTR_IDENT (ATTR_NONNULL, "nonnull")
+DEF_ATTR_IDENT (ATTR_NONSTRING, "nonstring")
DEF_ATTR_IDENT (ATTR_NORETURN, "noreturn")
DEF_ATTR_IDENT (ATTR_NOTHROW, "nothrow")
DEF_ATTR_IDENT (ATTR_LEAF, "leaf")
So all the attributes here are associated with functions I believe.
You're defining a variable attribute. In fact, I'm not even sure that
variable attributes get a DEF_ATTR_<whatever>
I assumed every attribute needed to define an identifier but
nothing broke after I removed it so it looks like you're right
variable attributes don't need one. Go figure. It would be
nice if there was a comment above the block that mentioned that.
I'll try to remember to add one separately.
diff --git a/gcc/doc/extend.texi b/gcc/doc/extend.texi
index b253ccc..1954ca5 100644
--- a/gcc/doc/extend.texi
+++ b/gcc/doc/extend.texi
@@ -5835,6 +5835,30 @@ The @code{deprecated} attribute can also be used for functions and
types (@pxref{Common Function Attributes},
@pxref{Common Type Attributes}).
+@item nonstring (@var{nonstring})
+@cindex @code{nonstring} variable attribute
+The @code{nonstring} variable attribute specifies that an object or member
+declaration with type array of @code{char} or pointer to @code{char} is
+intended to store character arrays that do not necessarily contain
+a terminating @code{NUL} character. This is useful to avoid warnings
+when such an array or pointer is used as an argument to a bounded string
+manipulation function such as @code{strncpy}. For example, without the
+attribute, GCC will issue a warning for the call below because it may
+truncate the copy without appending the terminating NUL character. Using
+the attribute makes it possible to suppress the warning.
[ ... ]
I think this is in the wrong section, I believe it belongs in the
"Variable Attributes" section.
It is in the Variable Attributes section. The "pxref{Common Type
Attributes})." reference above is just a cross-reference to the
Type Attributes section.
Assuming you don't actually need the ATTR_NONSTRING, this patch is fine
with that hunk removed and the documentation moved into the right section.
Okay, thanks.
Martin