Bug 17328 - mark __errno_location with __attribute__((returns_nonnull)) for gcc >=4.9.0
Summary: mark __errno_location with __attribute__((returns_nonnull)) for gcc >=4.9.0
Status: NEW
Alias: None
Product: glibc
Classification: Unclassified
Component: libc (show other bugs)
Version: 2.19
: P2 enhancement
Target Milestone: ---
Assignee: Not yet assigned to anyone
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-08-29 14:32 UTC by Zack Weinberg
Modified: 2015-03-02 22:58 UTC (History)
2 users (show)

See Also:
Host:
Target:
Build:
Last reconfirmed:
fweimer: security-


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Zack Weinberg 2014-08-29 14:32:58 UTC
gcc 4.9 added __attribute__((returns_nonnull)) which declares that a function returns a pointer that is guaranteed not to be NULL.

There are probably a whole bunch of functions to which glibc could advantageously add this annotation, but I suspect __errno_location is the most valuable.
Comment 1 Paul Pluzhnikov 2015-02-28 21:34:11 UTC
Related GCC bug requesting implementation of returns_nonnull:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=20318
Comment 2 Zack Weinberg 2015-03-02 22:25:30 UTC
Related GCC bug asking for -fsanitize=undefined to pay attention to returns_nonnull: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=62307
Comment 3 Paul Pluzhnikov 2015-03-02 22:58:13 UTC
Proposed patch:
https://sourceware.org/ml/libc-alpha/2015-02/msg00798.html

Discussion:
  https://sourceware.org/ml/libc-alpha/2015-03/msg00000.html
suggests that alternative approaches (e.g. making errno a TLS variable) may be preferred.