From ac2a14343e81098c196cef5d67b52e440c05c230 Mon Sep 17 00:00:00 2001
From: Siddhesh Poyarekar <siddhesh@sourceware.org>
Date: Mon, 3 Apr 2023 10:20:04 -0400
Subject: [PATCH] manual: Document __wur usage under _FORTIFY_SOURCE

The __warn_unused_result__ attribute is only enabled when fortification
is enabled.  Mention that in the document.  The rationale for this is
essentially to mitigate against CWE-252:

[1] https://cwe.mitre.org/data/definitions/252.html

Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Reviewed-by: Florian Weimer <fweimer@redhat.com>
---
 manual/maint.texi | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/manual/maint.texi b/manual/maint.texi
index 76d4a1a147..a8441e20b6 100644
--- a/manual/maint.texi
+++ b/manual/maint.texi
@@ -207,6 +207,9 @@ hardened variant that does additional safety checks at runtime.  Some
 hardened variants need the size of the buffer to perform access
 validation and this is provided by the @code{__builtin_object_size} or
 the @code{__builtin_dynamic_object_size} builtin functions.
+@code{_FORTIFY_SOURCE} also enables additional compile time diagnostics,
+such as unchecked return values from some functions, to encourage
+developers to add error checking for those functions.
 
 At runtime, if any of those safety checks fail, the program will
 terminate with a @code{SIGABRT} signal.  @code{_FORTIFY_SOURCE} may be