GCC extension for protecting applications from format string attacks
Richard Henderson
rth@redhat.com
Thu Apr 5 23:50:00 GMT 2001
On Fri, Apr 06, 2001 at 03:40:05PM +0900, Hiroaki Etoh wrote:
> - macro definition
> I think the following is the correnct definition, right?
> #define printf(FMT, __VA_LIST__...) \
> xprintf(check_it(__VA_LIST__), (FMT), __VA_LIST__)
No, what I wrote was correct.
> - check_it implementation using marcro or library
> I don't think it works well using check_it implementation using macro or
> library. Because each argument of printf appears in two different
> location of the xprintf. It means that each argument will be evaluated
> two times. And it also may break the evaluation order of arguments.
Not necessarily. Neither implementation I had in mind would
have evaluated the arguments to check_it.
> The builtin function will returns a char array of
> argument sizes instead of enum type_class values. Is it OK?
Huh? If I understand you correctly, no, it's not ok. Did you
not follow my explanation of argument types vs register classes?
r~
More information about the Gcc-patches
mailing list