fortify-headers

standalone fortify-source implementation
git clone git://git.2f30.org/fortify-headers
Log | Files | Refs | README | LICENSE
commit b333df29dcfabcd4ad0cf630fdb648eaa38ec1c7
parent 190e386fe8666a1250e8aedce73bf8e32ab8c0fd
Author: jvoisin <julien.voisin@dustri.org>
Date:   Sun,  9 Jul 2023 18:50:30 +0200

Add some `format` annotations

Diffstat:

Minclude/fortify-headers.h | 6++++++


Minclude/stdio.h | 2++


Mtests/test_vsprintf.c | 2+-


3 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/include/fortify-headers.h b/include/fortify-headers.h
@@ -60,6 +60,12 @@
 #define __access(...)
 #endif
 
+#if defined __has_attribute && __has_attribute (format)
+#define __format(...) __attribute__ ((format (__VA_ARGS__)))
+#else
+#define __format(...)
+#endif
+
 
 /* TODO(jvoisin) Figure a nice way to make use of __builtin_mul_overflow while ignoring the result. */
 /* TODO(jvoisin) Make use of C23's stdckdint header: https://gustedt.gitlabpages.inria.fr/c23-library/#stdckdint */
diff --git a/include/stdio.h b/include/stdio.h
@@ -116,6 +116,7 @@ _FORTIFY_FN(vsprintf) int vsprintf(char * _FORTIFY_POS0 __s, const char *__f,
  */
 
 __access(read_write, 1, 2)
+__format(printf, 3, 4)
 _FORTIFY_FN(snprintf) int snprintf(char *__s, size_t __n,
                                     const char *__f, ...)
 {
@@ -126,6 +127,7 @@ _FORTIFY_FN(snprintf) int snprintf(char *__s, size_t __n,
 	return __orig_snprintf(__s, __n, __f, __builtin_va_arg_pack());
 }
 
+__format(printf, 2, 3)
 _FORTIFY_FN(sprintf) int sprintf(char *__s, const char *__f, ...)
 {
 	size_t __b = __bos(__s, 0);
diff --git a/tests/test_vsprintf.c b/tests/test_vsprintf.c
@@ -12,7 +12,7 @@ int msg_valid(const char * format, ... ) {
   va_end (args);
 }
 
-int msg(int n, const char * format, ... ) {
+int msg(const char * format, ... ) {
   va_list args;
   va_start (args, format);
   CHK_FAIL_START