On Sat, Jan 01, 2005 at 11:02:18AM -0800, Matthew Dillon wrote: > > I think the answer is 'yes', because it makes audits easier, but > it's also very easy to make mistakes when doing such conversions > (e.g. like accidently using sizeof(variable) where variable is a > pointer rather then a buffer), so any such patches would have to > be carefully reviewed. Feed them slowly :-) If you're interested, we've got some simple modifications in the OpenBSD gcc (both 2.95 and 3.3) which checks for these kinds of errors. It does need relevant functions like strlcpy(3) to be marked up with attributes to indicate which arguments are buffers and which are buffer sizes. I haven't had a chance to feed these back into gcc, but they should be pretty easy to extract from the OpenBSD tree, and are documented here: http://www.openbsd.org/cgi-bin/man.cgi?query=gcc-local -- Anil Madhavapeddy http://anil.recoil.org University of Cambridge http://www.cl.cam.ac.uk