From 7f2b3f9431f279d71a59dc73b77139d2ce16e503 Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Fri, 7 Apr 2023 14:57:13 +0200 Subject: [PATCH] BUILD: bug.h: add a warning in the base API when unsafe functions are used Once in a while we introduce an sprintf() or strncat() function by accident. These ones are particularly dangerous and must never ever be used because the only way to use them safely is at least as complicated if not more, than their safe counterparts. By redefining a few of these functions with an attribute_warning() we can deliver a message to the developer who is tempted to use them. This commit does it for strcat(), strcpy(), strncat(), sprintf(), vsprintf(). More could come later if needed, such as strtok() and maybe a few others, but these are less common. --- include/haproxy/bug.h | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/include/haproxy/bug.h b/include/haproxy/bug.h index a5c134196..acdd72e54 100644 --- a/include/haproxy/bug.h +++ b/include/haproxy/bug.h @@ -382,6 +382,43 @@ struct mem_stats { #endif /* DEBUG_MEM_STATS*/ +/* Add warnings to users of such functions. These will be reported at link time + * indicating what file name and line used them. The goal is to remind their + * users that these are extremely unsafe functions that never have a valid + * reason for being used. + */ +#undef strcat +__attribute__warning("\n" +" * WARNING! strcat() must never be used, because there is no convenient way\n" +" * to use it that is safe. Use memcpy() instead!\n") +extern char *strcat(char *__restrict dest, const char *__restrict src); + +#undef strcpy +__attribute__warning("\n" +" * WARNING! strcpy() must never be used, because there is no convenient way\n" +" * to use it that is safe. Use memcpy() or strlcpy2() instead!\n") +extern char *strcpy(char *__restrict dest, const char *__restrict src); + +#undef strncat +__attribute__warning("\n" +" * WARNING! strncat() must never be used, because there is no convenient way\n" +" * to use it that is safe. Use memcpy() instead!\n") +extern char *strncat(char *__restrict dest, const char *__restrict src, size_t n); + +#undef sprintf +__attribute__warning("\n" +" * WARNING! sprintf() must never be used, because there is no convenient way\n" +" * to use it that is safe. Use snprintf() instead!\n") +extern int sprintf(char *__restrict dest, const char *__restrict fmt, ...); + +#if defined(_VA_LIST_DEFINED) || defined(_VA_LIST_DECLARED) || defined(_VA_LIST) +#undef vsprintf +__attribute__warning("\n" +" * WARNING! vsprintf() must never be used, because there is no convenient way\n" +" * to use it that is safe. Use vsnprintf() instead!\n") +extern int vsprintf(char *__restrict dest, const char *__restrict fmt, va_list ap); +#endif + #endif /* _HAPROXY_BUG_H */ /*