fortify-headers, branch 2.3

fortify-headers, branch 2.3 Standalone portable header-based implementation of FORTIFY_SOURCE=3 http://git.dustri.org/fortify-headers/atom?h=2.3 2024-05-26T20:19:27Z Add vasprintf/asprintf 2024-05-26T20:19:27Z jvoisin 2024-05-20T12:48:35Z urn:sha1:1becad43298e74ba73bc66f9d44523e5d121c667 The only hardening being done here is to set the char** parameter to thos functions to NULL in case of an error, to prevent it from being used should people forget to check return values. This is already done on some BSD, as well as in Rocky Linux. Improve the testsuite reliability wrt. gcc 2024-05-20T08:22:46Z jvoisin 2024-05-20T07:38:42Z urn:sha1:92c611ad8abb146ed548301de8bc011c2b17bccd Add a test 2024-04-24T16:40:13Z jvoisin 2024-04-24T16:36:10Z urn:sha1:3375426d8c18f43f58ab83c261735b04562828ae Fix some overlap mismatch 2024-04-24T15:14:46Z jvoisin 2024-04-24T15:09:08Z urn:sha1:a817e1555a755224cacc1cbdeeaefb6a1de606f0 This was caught by the following test: ``` int main(void) { char c[32]; memcpy(c, c + 16, 16); } ``` Reported-by: q66 Disable pedantic checks by default 2024-04-24T12:51:19Z jvoisin 2024-04-24T12:49:52Z urn:sha1:265fa03fa0c467c9c41d803ebe2a538e758cba20 They can be re-enabled via `PEDANTIC_CHECKS` Relax our checks for memchr on C11 and above 2024-03-19T17:35:13Z jvoisin 2024-03-19T17:35:13Z urn:sha1:8ed72e7c1caa0eb4238e649063c26a11720935de Since C11: > This function behaves as if it reads the bytes sequentially and stops as soon as a matching bytes is found: if the array pointed to by ptr is smaller than count, but the match is found within the array, the behavior is well-defined. Reported-by: q66 Add some NULL-pointers checks 2024-03-08T15:28:52Z jvoisin 2024-03-08T15:07:57Z urn:sha1:140cffbe84a08669d67c3257258d2bb70ff29c3b See: - https://www.imperialviolet.org/2016/06/26/nonnull.html - https://davidben.net/2024/01/15/empty-slices.html Add a .gitattributes file to simplify releases 2024-03-04T13:12:58Z jvoisin 2024-03-04T13:12:58Z urn:sha1:2f60f255af5d615ca31d554035fe8268ecc9825c Properly check for builtins 2024-01-13T19:34:19Z jvoisin 2024-01-13T19:34:19Z urn:sha1:1a8431430ec4b97f0baaf2bf3b385be5f5da08cf Clang's [documentation](https://clang.llvm.org/docs/LanguageExtensions.html#has-builtin) says: > __has_builtin should not be used to detect support for a builtin macro; use #ifdef instead. So we're now using both, since it's often tedious/non-trivial to find out what is a macro and what is a compiler builtin, across compilers and C versions. Re-enable previously disabled overlap checks 2023-12-28T15:13:37Z jvoisin 2023-12-27T16:07:32Z urn:sha1:22a8094b41b2606084dc0c0c70487e5ed0fcb652 They were previously disabled in 80a83a5