| Message ID | 20181218175122.3229-2-philmd@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | Fix strncpy() warnings for GCC8 new -Wstringop-truncation | expand |
On 12/18/18 11:51 AM, Philippe Mathieu-Daudé wrote: > GCC 8 introduced the -Wstringop-truncation checker to detect truncation by > the strncat and strncpy functions (closely related to -Wstringop-overflow, > which detect buffer overflow by string-modifying functions declared in > <string.h>). This paragraph talks about a new warning checker, but makes no mention of an attribute. > > Add the QEMU_NONSTRING macro which checks if the compiler supports this > attribute. Thus, "this attribute" has no antecedent; did you forget to add a sentence to the previous paragraph, or maybe put the mention of adding QEMU_NONSTRING after... > >>From the GCC manual [*]: > > The nonstring variable attribute specifies that an object or member > declaration with type array of char, signed char, or unsigned char, > or pointer to such a type is intended to store character arrays that > do not necessarily contain a terminating NUL. This is useful in detecting > uses of such arrays or pointers with functions that expect NUL-terminated > strings, and to avoid warnings when such an array or pointer is used as > an argument to a bounded string manipulation function such as strncpy. ...the explanation of how the attribute was added in tandem with the new warning checker for silencing specific instances of the warning? > > [*] https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html#index-nonstring-variable-attribute > > Suggested-by: Michael S. Tsirkin <mst@redhat.com> > Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> > --- > include/qemu/compiler.h | 15 +++++++++++++++ > 1 file changed, 15 insertions(+) > Reviewed-by: Eric Blake <eblake@redhat.com>
On 12/18/18 7:29 PM, Eric Blake wrote: > On 12/18/18 11:51 AM, Philippe Mathieu-Daudé wrote: >> GCC 8 introduced the -Wstringop-truncation checker to detect >> truncation by >> the strncat and strncpy functions (closely related to >> -Wstringop-overflow, >> which detect buffer overflow by string-modifying functions declared in >> <string.h>). > > This paragraph talks about a new warning checker, but makes no mention > of an attribute. > >> >> Add the QEMU_NONSTRING macro which checks if the compiler supports this >> attribute. > > Thus, "this attribute" has no antecedent; did you forget to add a > sentence to the previous paragraph, or maybe put the mention of adding > QEMU_NONSTRING after... > >> >>> From the GCC manual [*]: >> >> The nonstring variable attribute specifies that an object or member >> declaration with type array of char, signed char, or unsigned char, >> or pointer to such a type is intended to store character arrays that >> do not necessarily contain a terminating NUL. This is useful in >> detecting >> uses of such arrays or pointers with functions that expect >> NUL-terminated >> strings, and to avoid warnings when such an array or pointer is >> used as >> an argument to a bounded string manipulation function such as strncpy. > > ...the explanation of how the attribute was added in tandem with the new > warning checker for silencing specific instances of the warning? Yes... I will rewrite this. > >> >> [*] >> https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html#index-nonstring-variable-attribute >> >> >> Suggested-by: Michael S. Tsirkin <mst@redhat.com> >> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> >> --- >> include/qemu/compiler.h | 15 +++++++++++++++ >> 1 file changed, 15 insertions(+) >> > > Reviewed-by: Eric Blake <eblake@redhat.com> Thanks!
diff --git a/include/qemu/compiler.h b/include/qemu/compiler.h index 261842beae..2d8f507c73 100644 --- a/include/qemu/compiler.h +++ b/include/qemu/compiler.h @@ -151,6 +151,21 @@ # define QEMU_ERROR(X) #endif +/* + * The nonstring variable attribute specifies that an object or member + * declaration with type array of char or pointer to char is intended + * to store character arrays that do not necessarily contain a terminating + * NUL character. This is useful in detecting uses of such arrays or pointers + * with functions that expect NUL-terminated strings, and to avoid warnings + * when such an array or pointer is used as an argument to a bounded string + * manipulation function such as strncpy. + */ +#if __has_attribute(nonstring) +# define QEMU_NONSTRING __attribute__((nonstring)) +#else +# define QEMU_NONSTRING +#endif + /* Implement C11 _Generic via GCC builtins. Example: * * QEMU_GENERIC(x, (float, sinf), (long double, sinl), sin) (x)
GCC 8 introduced the -Wstringop-truncation checker to detect truncation by the strncat and strncpy functions (closely related to -Wstringop-overflow, which detect buffer overflow by string-modifying functions declared in <string.h>). Add the QEMU_NONSTRING macro which checks if the compiler supports this attribute. From the GCC manual [*]: The nonstring variable attribute specifies that an object or member declaration with type array of char, signed char, or unsigned char, or pointer to such a type is intended to store character arrays that do not necessarily contain a terminating NUL. This is useful in detecting uses of such arrays or pointers with functions that expect NUL-terminated strings, and to avoid warnings when such an array or pointer is used as an argument to a bounded string manipulation function such as strncpy. [*] https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html#index-nonstring-variable-attribute Suggested-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> --- include/qemu/compiler.h | 15 +++++++++++++++ 1 file changed, 15 insertions(+)