On 10/22/2013 09:00 PM, Jeff Law wrote:
So I was poking at this a bit. It's trival to use infer_nonnull_range
and to teach infer_nonnull_range to use the returns_nonnull attribute to
pick up that return x in an appropriately decorated function implies
that x is non-null.
We'll need a better place to shove infer_nonnull_range so that it's
available to both users.
Could you keep in mind that there is considerable interest in a
check_nonnull attribute which marks values (parameters, return values,
maybe even struct fields) that can be NULL and need to be checked
explictly prior to dereference? GCC would then warn if there is a path
on which the check is missing.
I don't have time at the moment to work on this, but it's on my
ever-growing TODO list. :)
--
Florian Weimer / Red Hat Product Security Team
