[PATCH] Add attributes to malloc-like functions

Sebastian Huber sebastian.huber@embedded-brains.de
Fri Sep 28 14:14:00 GMT 2018 

These attributes help static analysis tools to produce less false
positives, e.g. double free warnings.

Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
---
 newlib/libc/include/stdio.h  | 2 +-
 newlib/libc/include/stdlib.h | 5 +++--
 newlib/libc/include/string.h | 4 ++--
 newlib/libc/include/wchar.h  | 2 +-
 4 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/newlib/libc/include/stdio.h b/newlib/libc/include/stdio.h
index cbc0fa989..f8d60766a 100644
--- a/newlib/libc/include/stdio.h
+++ b/newlib/libc/include/stdio.h
@@ -186,7 +186,7 @@ char *	cuserid (char *);
 FILE *	tmpfile (void);
 char *	tmpnam (char *);
 #if __BSD_VISIBLE || __XSI_VISIBLE || __POSIX_VISIBLE >= 200112
-char *	tempnam (const char *, const char *);
+char *	tempnam (const char *, const char *) __malloc_like __result_use_check;
 #endif
 int	fclose (FILE *);
 int	fflush (FILE *);
diff --git a/newlib/libc/include/stdlib.h b/newlib/libc/include/stdlib.h
index cb74d7752..1972be79b 100644
--- a/newlib/libc/include/stdlib.h
+++ b/newlib/libc/include/stdlib.h
@@ -282,7 +282,8 @@ int	_unsetenv_r (struct _reent *, const char *__string);
 #endif /* !__CYGWIN__ */
 
 #if __POSIX_VISIBLE >= 200112
-int __nonnull ((1)) posix_memalign (void **, size_t, size_t);
+int	posix_memalign (void **, size_t, size_t) __malloc_like __nonnull((1))
+	    __alloc_align(2) __alloc_size(3) __result_use_check;
 #endif
 
 char *	_dtoa_r (struct _reent *, double, int, int, int *, int*, char**);
@@ -326,7 +327,7 @@ extern long double strtold (const char *__restrict, char **__restrict);
  */
 #if __ISO_C_VISIBLE >= 2011
 void *	aligned_alloc(size_t, size_t) __malloc_like __alloc_align(1)
-	    __alloc_size(2);
+	    __alloc_size(2) __result_use_check;
 int	at_quick_exit(void (*)(void));
 _Noreturn void
 	quick_exit(int);
diff --git a/newlib/libc/include/string.h b/newlib/libc/include/string.h
index 37febadc0..04c4d1828 100644
--- a/newlib/libc/include/string.h
+++ b/newlib/libc/include/string.h
@@ -81,11 +81,11 @@ char	*strcasestr (const char *, const char *);
 char 	*strchrnul (const char *, int);
 #endif
 #if __MISC_VISIBLE || __POSIX_VISIBLE >= 200809 || __XSI_VISIBLE >= 4
-char 	*strdup (const char *);
+char 	*strdup (const char *) __malloc_like __result_use_check;
 #endif
 char 	*_strdup_r (struct _reent *, const char *);
 #if __POSIX_VISIBLE >= 200809
-char 	*strndup (const char *, size_t);
+char 	*strndup (const char *, size_t) __malloc_like __result_use_check;
 #endif
 char 	*_strndup_r (struct _reent *, const char *, size_t);
 
diff --git a/newlib/libc/include/wchar.h b/newlib/libc/include/wchar.h
index c84834277..9f2441c4f 100644
--- a/newlib/libc/include/wchar.h
+++ b/newlib/libc/include/wchar.h
@@ -126,7 +126,7 @@ wchar_t	*wcscpy (wchar_t *__restrict, const wchar_t *__restrict);
 #if __POSIX_VISIBLE >= 200809
 wchar_t	*wcpcpy (wchar_t *__restrict,
 				 const wchar_t *__restrict);
-wchar_t	*wcsdup (const wchar_t *);
+wchar_t	*wcsdup (const wchar_t *) __malloc_like __result_use_check;
 #endif
 wchar_t	*_wcsdup_r (struct _reent *, const wchar_t * );
 size_t	wcscspn (const wchar_t *, const wchar_t *);
-- 
2.16.4

More information about the Newlib mailing list