Paolo Bonzini wrote: > ... it makes no sense at all (and gives a false sense of security) to > add the attribute to fwrite if you do not add it to fflush and fclose too.
Additionally, it seems strange to use the same trigger (_FORTIFY_SOURCE = 2) for two semantically very different things: for enabling runtime checks against buffer overflows, and for enabling compile-time warnings for sloppy programming which in the worst case yields a crash through NULL pointer dereference. IMO the warnings would be better controlled by a gcc warning option, not by a C macro. Bruno
