From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.5 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED,
	MAILING_LIST_MULTI,RCVD_IN_DNSWL_LOW,T_SCC_BODY_TEXT_LINE
	autolearn=ham autolearn_force=no version=3.4.4
Received: (qmail 13901 invoked from network); 25 May 2023 14:45:35 -0000
Received: from second.openwall.net (193.110.157.125)
  by inbox.vuxu.org with ESMTPUTF8; 25 May 2023 14:45:35 -0000
Received: (qmail 30234 invoked by uid 550); 25 May 2023 14:45:30 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
List-ID: <musl.lists.openwall.com>
Reply-To: musl@lists.openwall.com
Received: (qmail 30194 invoked from network); 25 May 2023 14:45:30 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
  d=inria.fr; s=dc;
  h=from:to:subject:date:message-id:mime-version:
   content-transfer-encoding;
  bh=ty+/0VR0lJHVHT0bG09H+J0zUhrOVI7XqrFCbu/KwAA=;
  b=uEB36PE+B+Idy0DkNieleeTSHOiwyYgzmco9ct1Uxu16x6z+bxdSNguy
   RJ0tonYQKmD/3U/+ZHcBhM1aPL8bPAl52mjNcWyqW6grTun0193JHEvVi
   JUwjfd/XFhjLM92oo32GF8+NhCRmsc5H7mamTahO8HMa0MKQfTHsB7T8d
   M=;
Authentication-Results: mail3-relais-sop.national.inria.fr; dkim=none (message not signed) header.i=none; spf=SoftFail smtp.mailfrom=Jens.Gustedt@inria.fr; dmarc=fail (p=none dis=none) d=inria.fr
X-IronPort-AV: E=Sophos;i="6.00,191,1681164000"; 
   d="scan'208";a="57007332"
From: Jens Gustedt <Jens.Gustedt@inria.fr>
To: musl@lists.openwall.com
Date: Thu, 25 May 2023 16:44:58 +0200
Message-Id: <cover.1684932942.git.Jens.Gustedt@inria.fr>
X-Mailer: git-send-email 2.34.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Subject: [musl] [C23 const 0/2] some interfaces become type-generic

In C23, some interfaces become type-generic with the aim that they
respect the const-contract for their pointer parameters.

With the functions alone, non-qualified pointers of buffers that are
`const`-qualified can escape. The type-generic functions/macros at an
additional security here, that compilers may then check.

This code needs `_Generic`, so it only works for compilers with at
least C11. Other compilers should still see the function interfaces as
before.

Jens Gustedt (2):
  C23: change bsearch to a macro that respects the const contract
  C23: change string.h and wchar.h interfaces to macros that respects
    the const contract

 include/stdlib.h     | 12 +++++++++-
 include/string.h     | 54 ++++++++++++++++++++++++++++++++++++++-----
 include/wchar.h      | 55 +++++++++++++++++++++++++++++++++++++++-----
 src/include/stdlib.h |  2 ++
 src/include/string.h |  6 +++++
 src/include/wchar.h  |  6 +++++
 src/stdlib/bsearch.c |  2 +-
 src/string/memchr.c  |  2 +-
 src/string/strchr.c  |  2 +-
 src/string/strpbrk.c |  2 +-
 src/string/strrchr.c |  2 +-
 src/string/strstr.c  |  2 +-
 src/string/wcschr.c  |  2 +-
 src/string/wcspbrk.c |  2 +-
 src/string/wcsrchr.c |  2 +-
 src/string/wcsstr.c  |  2 +-
 src/string/wmemchr.c |  2 +-
 17 files changed, 133 insertions(+), 24 deletions(-)

-- 
2.34.1