From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 38924 invoked by alias); 10 Aug 2017 05:02:19 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Received: (qmail 118353 invoked by uid 89); 10 Aug 2017 05:00:13 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-26.9 required=5.0 tests=BAYES_00,GIT_PATCH_0,GIT_PATCH_1,GIT_PATCH_2,GIT_PATCH_3,RP_MATCHES_RCVD,SPF_HELO_PASS autolearn=ham version=3.3.2 spammy= X-HELO: mx1.redhat.com Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Thu, 10 Aug 2017 05:00:09 +0000 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 0809016E319; Thu, 10 Aug 2017 05:00:04 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 0809016E319 Authentication-Results: ext-mx09.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx09.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=law@redhat.com Received: from localhost.localdomain (ovpn-116-95.phx2.redhat.com [10.3.116.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id C740991B1C; Thu, 10 Aug 2017 05:00:03 +0000 (UTC) Subject: Re: [PATCH 2/4] enhance overflow and truncation detection in strncpy and strncat (PR 81117) To: Martin Sebor , Gcc Patch List References: <13944863-99a8-4144-1703-c6e1a2f36425@gmail.com> <0bbc91cd-fcdb-be61-e1d0-4b230f23b1a9@redhat.com> <4f4fbd4c-cb46-b80d-5749-ebb6bb050bc4@gmail.com> <164d8b08-ced6-f2b2-ae6e-ee96afebb52e@gmail.com> From: Jeff Law Message-ID: <492f0259-d37a-d20d-28b5-64fc24439415@redhat.com> Date: Thu, 10 Aug 2017 06:39:00 -0000 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 In-Reply-To: <164d8b08-ced6-f2b2-ae6e-ee96afebb52e@gmail.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-IsSubscribed: yes X-SW-Source: 2017-08/txt/msg00716.txt.bz2 On 08/06/2017 02:07 PM, Martin Sebor wrote: > Part 2 of the series adds attribute nostring to annotate arrays > of and pointers to char with that are intended to store sequences > of characters that aren't necessarily valid (nul-terminated) > strings. In the subsequent patch the attribute is relied on to > avoid diagnosing strcncpy calls that truncate strings and create > such copies. In the future I'd like to also use the attribute > to diagnose when arrays or pointers with the attribute are passed > to functions that expect nul-terminated strings (such as strlen > or strcpy). > > Martin > > > gcc-81117-2.diff > > > PR c/81117 - Improve buffer overflow checking in strncpy > > gcc/ChangeLog: > > PR c/81117 > * builtin-attrs.def (attribute nonstring): New. > * doc/extend.texi (attribute nonstring): Document new attribute. > > gcc/c-family/ChangeLog: > > PR c/81117 > * c-attribs.c (c_common_attribute_table): Add nonstring entry. > (handle_nonstring_attribute): New function. > > gcc/testsuite/ChangeLog: > > PR c/81117 > * c-c++-common/attr-nonstring-1.c: New test. > > --- a/gcc/builtin-attrs.def > +++ b/gcc/builtin-attrs.def > @@ -93,6 +93,7 @@ DEF_ATTR_IDENT (ATTR_FORMAT, "format") > DEF_ATTR_IDENT (ATTR_FORMAT_ARG, "format_arg") > DEF_ATTR_IDENT (ATTR_MALLOC, "malloc") > DEF_ATTR_IDENT (ATTR_NONNULL, "nonnull") > +DEF_ATTR_IDENT (ATTR_NONSTRING, "nonstring") > DEF_ATTR_IDENT (ATTR_NORETURN, "noreturn") > DEF_ATTR_IDENT (ATTR_NOTHROW, "nothrow") > DEF_ATTR_IDENT (ATTR_LEAF, "leaf") So all the attributes here are associated with functions I believe. You're defining a variable attribute. In fact, I'm not even sure that variable attributes get a DEF_ATTR_ > diff --git a/gcc/doc/extend.texi b/gcc/doc/extend.texi > index b253ccc..1954ca5 100644 > --- a/gcc/doc/extend.texi > +++ b/gcc/doc/extend.texi > @@ -5835,6 +5835,30 @@ The @code{deprecated} attribute can also be used for functions and > types (@pxref{Common Function Attributes}, > @pxref{Common Type Attributes}). > > +@item nonstring (@var{nonstring}) > +@cindex @code{nonstring} variable attribute > +The @code{nonstring} variable attribute specifies that an object or member > +declaration with type array of @code{char} or pointer to @code{char} is > +intended to store character arrays that do not necessarily contain > +a terminating @code{NUL} character. This is useful to avoid warnings > +when such an array or pointer is used as an argument to a bounded string > +manipulation function such as @code{strncpy}. For example, without the > +attribute, GCC will issue a warning for the call below because it may > +truncate the copy without appending the terminating NUL character. Using > +the attribute makes it possible to suppress the warning. [ ... ] I think this is in the wrong section, I believe it belongs in the "Variable Attributes" section. Assuming you don't actually need the ATTR_NONSTRING, this patch is fine with that hunk removed and the documentation moved into the right section. jeff