From: Petteri Aimonen <jpa@npb.mail.kapsi.fi>
Date: Tue, 23 Aug 2011 13:33:43 +0000 (+0000)
Subject: check return values
X-Git-Tag: 3.99.1~14^2~536
X-Git-Url: https://gerrit.automotivelinux.org/gerrit/gitweb?a=commitdiff_plain;h=8b635924ba6b199e792e22bf56e30af9ba37ecdb;p=apps%2Flow-level-can-service.git

check return values

git-svn-id: https://svn.kapsi.fi/jpa/nanopb@961 e3a754e5-d11d-0410-8d38-ebb782a927b9
---

diff --git a/pb_decode.c b/pb_decode.c
index 2692447..0e55cbf 100644
--- a/pb_decode.c
+++ b/pb_decode.c
@@ -3,11 +3,19 @@
  * 2011 Petteri Aimonen <jpa@kapsi.fi>
  */
 
+
+#ifdef __GNUC__
+/* Verify that we remember to check all return values for proper error propagation */
+#define checkreturn __attribute__((warn_unused_result))
+#else
+#define checkreturn
+#endif
+
 #include "pb.h"
 #include "pb_decode.h"
 #include <string.h>
 
-typedef bool (*pb_decoder_t)(pb_istream_t *stream, const pb_field_t *field, void *dest);
+typedef bool (*pb_decoder_t)(pb_istream_t *stream, const pb_field_t *field, void *dest) checkreturn;
 
 /* --- Function pointers to field decoders ---
  * Order in the array must match pb_action_t LTYPE numbering.
@@ -26,7 +34,7 @@ static const pb_decoder_t PB_DECODERS[PB_LTYPES_COUNT] = {
  * pb_istream *
  **************/
 
-bool pb_read(pb_istream_t *stream, uint8_t *buf, size_t count)
+bool checkreturn pb_read(pb_istream_t *stream, uint8_t *buf, size_t count)
 {
     if (stream->bytes_left < count)
         return false;
@@ -38,7 +46,7 @@ bool pb_read(pb_istream_t *stream, uint8_t *buf, size_t count)
     return true;
 }
 
-static bool buf_read(pb_istream_t *stream, uint8_t *buf, size_t count)
+static bool checkreturn buf_read(pb_istream_t *stream, uint8_t *buf, size_t count)
 {
     uint8_t *source = (uint8_t*)stream->state;
     
@@ -62,7 +70,7 @@ pb_istream_t pb_istream_from_buffer(uint8_t *buf, size_t bufsize)
  * Helper functions *
  ********************/
 
-static bool pb_decode_varint32(pb_istream_t *stream, uint32_t *dest)
+static bool checkreturn pb_decode_varint32(pb_istream_t *stream, uint32_t *dest)
 {
     uint64_t temp;
     bool status = pb_decode_varint(stream, &temp);
@@ -70,7 +78,7 @@ static bool pb_decode_varint32(pb_istream_t *stream, uint32_t *dest)
     return status;
 }
 
-bool pb_decode_varint(pb_istream_t *stream, uint64_t *dest)
+bool checkreturn pb_decode_varint(pb_istream_t *stream, uint64_t *dest)
 {
     uint8_t byte;
     uint8_t bitpos = 0;
@@ -88,7 +96,7 @@ bool pb_decode_varint(pb_istream_t *stream, uint64_t *dest)
     return false;
 }
 
-bool pb_skip_varint(pb_istream_t *stream)
+bool checkreturn pb_skip_varint(pb_istream_t *stream)
 {
     uint8_t byte;
     do
@@ -99,7 +107,7 @@ bool pb_skip_varint(pb_istream_t *stream)
     return true;
 }
 
-bool pb_skip_string(pb_istream_t *stream)
+bool checkreturn pb_skip_string(pb_istream_t *stream)
 {
     uint32_t length;
     if (!pb_decode_varint32(stream, &length))
@@ -113,7 +121,7 @@ bool pb_skip_string(pb_istream_t *stream)
  * to just assume the correct type and fail safely on corrupt message.
  */
 
-static bool skip(pb_istream_t *stream, int wire_type)
+static bool checkreturn skip(pb_istream_t *stream, int wire_type)
 {
     switch (wire_type)
     {
@@ -128,7 +136,7 @@ static bool skip(pb_istream_t *stream, int wire_type)
 /* Read a raw value to buffer, for the purpose of passing it to callback as
  * a substream. Size is maximum size on call, and actual size on return.
  */
-static bool read_raw_value(pb_istream_t *stream, pb_wire_type_t wire_type, uint8_t *buf, size_t *size)
+static bool checkreturn read_raw_value(pb_istream_t *stream, pb_wire_type_t wire_type, uint8_t *buf, size_t *size)
 {
     size_t max_size = *size;
     switch (wire_type)
@@ -156,7 +164,7 @@ static bool read_raw_value(pb_istream_t *stream, pb_wire_type_t wire_type, uint8
 }
 
 /* Decode string length from stream and return a substream with limited length */
-static bool make_string_substream(pb_istream_t *stream, pb_istream_t *substream)
+static bool checkreturn make_string_substream(pb_istream_t *stream, pb_istream_t *substream)
 {
     uint32_t size;
     if (!pb_decode_varint32(stream, &size))
@@ -214,7 +222,7 @@ static bool pb_field_next(pb_field_iterator_t *iter)
     return notwrapped;
 }
 
-static bool pb_field_find(pb_field_iterator_t *iter, int tag)
+static bool checkreturn pb_field_find(pb_field_iterator_t *iter, int tag)
 {
     int start = iter->field_index;
     
@@ -231,7 +239,7 @@ static bool pb_field_find(pb_field_iterator_t *iter, int tag)
  * Decode a single field *
  *************************/
 
-static bool decode_field(pb_istream_t *stream, int wire_type, pb_field_iterator_t *iter)
+static bool checkreturn decode_field(pb_istream_t *stream, int wire_type, pb_field_iterator_t *iter)
 {
     pb_decoder_t func = PB_DECODERS[PB_LTYPE(iter->current->type)];
     
@@ -323,7 +331,7 @@ static bool decode_field(pb_istream_t *stream, int wire_type, pb_field_iterator_
  * Decode all fields *
  *********************/
 
-bool pb_decode(pb_istream_t *stream, const pb_field_t fields[], void *dest_struct)
+bool checkreturn pb_decode(pb_istream_t *stream, const pb_field_t fields[], void *dest_struct)
 {
     uint32_t fields_seen = 0; /* Used to check for required fields */
     pb_field_iterator_t iter;
@@ -421,7 +429,7 @@ static void endian_copy(void *dest, void *src, size_t destsize, size_t srcsize)
 #endif
 }
 
-bool pb_dec_varint(pb_istream_t *stream, const pb_field_t *field, void *dest)
+bool checkreturn pb_dec_varint(pb_istream_t *stream, const pb_field_t *field, void *dest)
 {
     uint64_t temp;
     bool status = pb_decode_varint(stream, &temp);
@@ -429,7 +437,7 @@ bool pb_dec_varint(pb_istream_t *stream, const pb_field_t *field, void *dest)
     return status;
 }
 
-bool pb_dec_svarint(pb_istream_t *stream, const pb_field_t *field, void *dest)
+bool checkreturn pb_dec_svarint(pb_istream_t *stream, const pb_field_t *field, void *dest)
 {
     uint64_t temp;
     bool status = pb_decode_varint(stream, &temp);
@@ -438,7 +446,7 @@ bool pb_dec_svarint(pb_istream_t *stream, const pb_field_t *field, void *dest)
     return status;
 }
 
-bool pb_dec_fixed(pb_istream_t *stream, const pb_field_t *field, void *dest)
+bool checkreturn pb_dec_fixed(pb_istream_t *stream, const pb_field_t *field, void *dest)
 {
 #ifdef __BIG_ENDIAN__
     uint8_t bytes[8] = {0};
@@ -452,7 +460,7 @@ bool pb_dec_fixed(pb_istream_t *stream, const pb_field_t *field, void *dest)
 #endif
 }
 
-bool pb_dec_bytes(pb_istream_t *stream, const pb_field_t *field, void *dest)
+bool checkreturn pb_dec_bytes(pb_istream_t *stream, const pb_field_t *field, void *dest)
 {
     pb_bytes_array_t *x = (pb_bytes_array_t*)dest;
     
@@ -467,7 +475,7 @@ bool pb_dec_bytes(pb_istream_t *stream, const pb_field_t *field, void *dest)
     return pb_read(stream, x->bytes, x->size);
 }
 
-bool pb_dec_string(pb_istream_t *stream, const pb_field_t *field, void *dest)
+bool checkreturn pb_dec_string(pb_istream_t *stream, const pb_field_t *field, void *dest)
 {
     uint32_t size;
     bool status;
@@ -482,7 +490,7 @@ bool pb_dec_string(pb_istream_t *stream, const pb_field_t *field, void *dest)
     return status;
 }
 
-bool pb_dec_submessage(pb_istream_t *stream, const pb_field_t *field, void *dest)
+bool checkreturn pb_dec_submessage(pb_istream_t *stream, const pb_field_t *field, void *dest)
 {
     pb_istream_t substream;
     
diff --git a/pb_encode.c b/pb_encode.c
index 2e74034..2a4d8e1 100644
--- a/pb_encode.c
+++ b/pb_encode.c
@@ -7,7 +7,15 @@
 #include "pb_encode.h"
 #include <string.h>
 
-typedef bool (*pb_encoder_t)(pb_ostream_t *stream, const pb_field_t *field, const void *src);
+#ifdef __GNUC__
+/* Verify that we remember to check all return values for proper error propagation */
+#define checkreturn __attribute__((warn_unused_result))
+#else
+#define checkreturn
+#endif
+
+
+typedef bool (*pb_encoder_t)(pb_ostream_t *stream, const pb_field_t *field, const void *src) checkreturn;
 
 /* --- Function pointers to field encoders ---
  * Order in the array must match pb_action_t LTYPE numbering.
@@ -24,7 +32,7 @@ static const pb_encoder_t PB_ENCODERS[PB_LTYPES_COUNT] = {
 
 /* pb_ostream_t implementation */
 
-static bool buf_write(pb_ostream_t *stream, const uint8_t *buf, size_t count)
+static bool checkreturn buf_write(pb_ostream_t *stream, const uint8_t *buf, size_t count)
 {
     uint8_t *dest = (uint8_t*)stream->state;
     memcpy(dest, buf, count);
@@ -42,7 +50,7 @@ pb_ostream_t pb_ostream_from_buffer(uint8_t *buf, size_t bufsize)
     return stream;
 }
 
-bool pb_write(pb_ostream_t *stream, const uint8_t *buf, size_t count)
+bool checkreturn pb_write(pb_ostream_t *stream, const uint8_t *buf, size_t count)
 {
     if (stream->callback != NULL)
     {
@@ -59,7 +67,7 @@ bool pb_write(pb_ostream_t *stream, const uint8_t *buf, size_t count)
 
 /* Main encoding stuff */
 
-static bool encode_array(pb_ostream_t *stream, const pb_field_t *field,
+static bool checkreturn encode_array(pb_ostream_t *stream, const pb_field_t *field,
                          const void *pData, size_t count, pb_encoder_t func)
 {
     int i;
@@ -89,7 +97,8 @@ static bool encode_array(pb_ostream_t *stream, const pb_field_t *field,
             size = sizestream.bytes_written;
         }
         
-        pb_encode_varint(stream, size);
+        if (!pb_encode_varint(stream, size))
+            return false;
         
         if (stream->callback == NULL)
             return pb_write(stream, NULL, size); /* Just sizing.. */
@@ -119,7 +128,7 @@ static bool encode_array(pb_ostream_t *stream, const pb_field_t *field,
     return true;
 }
 
-bool pb_encode(pb_ostream_t *stream, const pb_field_t fields[], const void *src_struct)
+bool checkreturn pb_encode(pb_ostream_t *stream, const pb_field_t fields[], const void *src_struct)
 {
     const pb_field_t *field = fields;
     const void *pData = src_struct;
@@ -181,7 +190,7 @@ bool pb_encode(pb_ostream_t *stream, const pb_field_t fields[], const void *src_
 }
 
 /* Helper functions */
-bool pb_encode_varint(pb_ostream_t *stream, uint64_t value)
+bool checkreturn pb_encode_varint(pb_ostream_t *stream, uint64_t value)
 {
     uint8_t buffer[10];
     int i = 0;
@@ -200,13 +209,13 @@ bool pb_encode_varint(pb_ostream_t *stream, uint64_t value)
     return pb_write(stream, buffer, i);
 }
 
-bool pb_encode_tag(pb_ostream_t *stream, pb_wire_type_t wiretype, int field_number)
+bool checkreturn pb_encode_tag(pb_ostream_t *stream, pb_wire_type_t wiretype, int field_number)
 {
     int tag = wiretype | (field_number << 3);
     return pb_encode_varint(stream, tag);
 }
 
-bool pb_encode_tag_for_field(pb_ostream_t *stream, const pb_field_t *field)
+bool checkreturn pb_encode_tag_for_field(pb_ostream_t *stream, const pb_field_t *field)
 {
     pb_wire_type_t wiretype;
     switch (PB_LTYPE(field->type))
@@ -238,7 +247,7 @@ bool pb_encode_tag_for_field(pb_ostream_t *stream, const pb_field_t *field)
     return pb_encode_tag(stream, wiretype, field->tag);
 }
 
-bool pb_encode_string(pb_ostream_t *stream, const uint8_t *buffer, size_t size)
+bool checkreturn pb_encode_string(pb_ostream_t *stream, const uint8_t *buffer, size_t size)
 {
     if (!pb_encode_varint(stream, size))
         return false;
@@ -264,14 +273,14 @@ static void endian_copy(void *dest, const void *src, size_t destsize, size_t src
 #endif
 }
 
-bool pb_enc_varint(pb_ostream_t *stream, const pb_field_t *field, const void *src)
+bool checkreturn pb_enc_varint(pb_ostream_t *stream, const pb_field_t *field, const void *src)
 {
     uint64_t value = 0;
     endian_copy(&value, src, sizeof(value), field->data_size);
     return pb_encode_varint(stream, value);
 }
 
-bool pb_enc_svarint(pb_ostream_t *stream, const pb_field_t *field, const void *src)
+bool checkreturn pb_enc_svarint(pb_ostream_t *stream, const pb_field_t *field, const void *src)
 {
     uint64_t value = 0;
     uint64_t zigzagged;
@@ -288,7 +297,7 @@ bool pb_enc_svarint(pb_ostream_t *stream, const pb_field_t *field, const void *s
     return pb_encode_varint(stream, zigzagged);
 }
 
-bool pb_enc_fixed(pb_ostream_t *stream, const pb_field_t *field, const void *src)
+bool checkreturn pb_enc_fixed(pb_ostream_t *stream, const pb_field_t *field, const void *src)
 {
     #ifdef __BIG_ENDIAN__
     uint8_t bytes[8] = {0};
@@ -301,18 +310,18 @@ bool pb_enc_fixed(pb_ostream_t *stream, const pb_field_t *field, const void *src
     #endif
 }
 
-bool pb_enc_bytes(pb_ostream_t *stream, const pb_field_t *field, const void *src)
+bool checkreturn pb_enc_bytes(pb_ostream_t *stream, const pb_field_t *field, const void *src)
 {
     pb_bytes_array_t *bytes = (pb_bytes_array_t*)src;
     return pb_encode_string(stream, bytes->bytes, bytes->size);
 }
 
-bool pb_enc_string(pb_ostream_t *stream, const pb_field_t *field, const void *src)
+bool checkreturn pb_enc_string(pb_ostream_t *stream, const pb_field_t *field, const void *src)
 {
     return pb_encode_string(stream, (uint8_t*)src, strlen((char*)src));
 }
 
-bool pb_enc_submessage(pb_ostream_t *stream, const pb_field_t *field, const void *src)
+bool checkreturn pb_enc_submessage(pb_ostream_t *stream, const pb_field_t *field, const void *src)
 {
     pb_ostream_t substream = {0};
     size_t size;