diff options
| -rw-r--r-- | banned.h | 16 | ||||
| -rw-r--r-- | git-compat-util.h | 6 |
2 files changed, 22 insertions, 0 deletions
diff --git a/banned.h b/banned.h new file mode 100644 index 0000000000..1a3e526570 --- /dev/null +++ b/banned.h @@ -0,0 +1,16 @@ +#ifndef BANNED_H +#define BANNED_H + +/* + * This header lists functions that have been banned from our code base, + * because they're too easy to misuse (and even if used correctly, + * complicate audits). Including this header turns them into compile-time + * errors. + */ + +#define BANNED(func) sorry_##func##_is_a_banned_function + +#undef strcpy +#define strcpy(x,y) BANNED(strcpy) + +#endif /* BANNED_H */ diff --git a/git-compat-util.h b/git-compat-util.h index 9a64998b24..89d37095c7 100644 --- a/git-compat-util.h +++ b/git-compat-util.h @@ -1239,4 +1239,10 @@ extern void unleak_memory(const void *ptr, size_t len); #define UNLEAK(var) do {} while (0) #endif +/* + * This include must come after system headers, since it introduces macros that + * replace system names. + */ +#include "banned.h" + #endif |