On Sun, 2009-11-01 at 19:53 +0100, Matthias Klose wrote:
> On 25.10.2009 19:55, Kees Cook wrote:
[...]
> > - makes more work for dealing with warnings.
> > Rebuttal: those warnings are there for a reason -- they can
> > be real security issues, and should be fixed.
>
> there are some functions in glibc which are questionably declared with the "warn
> about unused result" attribute (fwrite*). This seems to force a programming
> style which not everybody agrees with (having to check the return value after
> each operation instead of checking errno later).
[...]
In general you cannot rely on checking errno because it is not defined
whether a successful operation clears it.
Ben.
--
Ben Hutchings
The generation of random numbers is too important to be left to chance.
- Robert Coveyou
Attachment:
signature.asc
Description: This is a digitally signed message part