From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <siddhesh@sourceware.org>
Received: by sourceware.org (Postfix, from userid 2206)
	id F24F93858D37; Mon,  3 Apr 2023 14:20:31 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org F24F93858D37
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org;
	s=default; t=1680531631;
	bh=XxYnCKdgns+UE2O/ihStWg/bsenFYrmtUCZ6OICrR7w=;
	h=From:To:Subject:Date:From;
	b=MunW0XtQkURYXXJEimUd57W+SNAV4gdCDWqvcqkVNtjoUME6k/GPH/B4Bd+pZnBn+
	 l9Fl2/sMyUUJaI2fMW9KmjOTOH3u1PPmQfHYPRvjcoigDDalgExLPy/rIhFaiKeUlf
	 0QYQw5QFhuqLRIJRE5ycC2on6k6wbAwgMX2qpOhg=
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Siddhesh Poyarekar <siddhesh@sourceware.org>
To: glibc-cvs@sourceware.org
Subject: [glibc] manual: Document __wur usage under _FORTIFY_SOURCE
X-Act-Checkin: glibc
X-Git-Author: Siddhesh Poyarekar <siddhesh@sourceware.org>
X-Git-Refname: refs/heads/master
X-Git-Oldrev: 7b3d8558d92a123743699c577704aab4a2f3d949
X-Git-Newrev: ac2a14343e81098c196cef5d67b52e440c05c230
Message-Id: <20230403142031.F24F93858D37@sourceware.org>
Date: Mon,  3 Apr 2023 14:20:31 +0000 (GMT)
List-Id: <glibc-cvs.sourceware.org>

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ac2a14343e81098c196cef5d67b52e440c05c230

commit ac2a14343e81098c196cef5d67b52e440c05c230
Author: Siddhesh Poyarekar <siddhesh@sourceware.org>
Date:   Mon Apr 3 10:20:04 2023 -0400

    manual: Document __wur usage under _FORTIFY_SOURCE
    
    The __warn_unused_result__ attribute is only enabled when fortification
    is enabled.  Mention that in the document.  The rationale for this is
    essentially to mitigate against CWE-252:
    
    [1] https://cwe.mitre.org/data/definitions/252.html
    
    Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
    Reviewed-by: Florian Weimer <fweimer@redhat.com>

Diff:
---
 manual/maint.texi | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/manual/maint.texi b/manual/maint.texi
index 76d4a1a147..a8441e20b6 100644
--- a/manual/maint.texi
+++ b/manual/maint.texi
@@ -207,6 +207,9 @@ hardened variant that does additional safety checks at runtime.  Some
 hardened variants need the size of the buffer to perform access
 validation and this is provided by the @code{__builtin_object_size} or
 the @code{__builtin_dynamic_object_size} builtin functions.
+@code{_FORTIFY_SOURCE} also enables additional compile time diagnostics,
+such as unchecked return values from some functions, to encourage
+developers to add error checking for those functions.
 
 At runtime, if any of those safety checks fail, the program will
 terminate with a @code{SIGABRT} signal.  @code{_FORTIFY_SOURCE} may be