catch errors

[Ulrich Drepper <drepper@redhat.com>]

[-- Attachment #1.1: Type: text/plain, Size: 375 bytes --]

Given the buffer overflow which has been fixed recently I think it's
worthwhile adding to debug features.  It's using the same technology as
glibc's _FORTIFY_SOURCE functionality.  I would unconditionally define
DEBUG, in most cases the compiler can figure out there is no problem.

-- 
➧ Ulrich Drepper ➧ Red Hat, Inc. ➧ 444 Castro St ➧ Mountain View, CA ❖

[-- Attachment #1.2: d-libsepol-chk --]
[-- Type: text/plain, Size: 771 bytes --]

diff -durp libsepol-2.0.7/src/private.h libsepol-2.0.7-chk/src/private.h
--- libsepol-2.0.7/src/private.h	2007-08-28 14:43:36.000000000 -0700
+++ libsepol-2.0.7-chk/src/private.h	2007-08-28 14:47:26.000000000 -0700
@@ -45,3 +45,13 @@ extern struct policydb_compat_info *poli
 extern int next_entry(void *buf, struct policy_file *fp, size_t bytes) hidden;
 extern size_t put_entry(const void *ptr, size_t size, size_t n,
 		        struct policy_file *fp) hidden;
+
+#ifdef DEBUG
+# if __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR >= 1)
+#  define next_entry(buf, fp, bytes) \
+  ({ size_t _bytes = bytes; \
+     __builtin_object_size (buf, 0) != (size_t) -1 && sizeof (buf) < _bytes \
+     ? (abort (), -1) \
+     : next_entry (buf, fp, _bytes); })
+# endif
+#endif

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]