Re: Switch on compiler hardening defaults
Ben Hutchings, le Sun 01 Nov 2009 19:06:59 +0000, a écrit :
> On Sun, 2009-11-01 at 19:53 +0100, Matthias Klose wrote:
> > On 25.10.2009 19:55, Kees Cook wrote:
> > > - makes more work for dealing with warnings.
> > > Rebuttal: those warnings are there for a reason -- they can
> > > be real security issues, and should be fixed.
> > there are some functions in glibc which are questionably declared with the "warn
> > about unused result" attribute (fwrite*). This seems to force a programming
> > style which not everybody agrees with (having to check the return value after
> > each operation instead of checking errno later).
> In general you cannot rely on checking errno because it is not defined
> whether a successful operation clears it.
But you can clear it by hand before calling them.