usb: Annotate access to USB buffers

Annotate the USB transfer creation functions with the correct buffer
access attribute. Note that we only annotate them as read_only as the
functions may be used for sending and receiving.

Hopefully this will catch buffer overflows in drivers in the future.

libfprint/fpi-compat.h

@@ -37,3 +37,9 @@ typedef struct _FpDeviceClass FpDeviceClass;
 G_DEFINE_AUTOPTR_CLEANUP_FUNC (FpDeviceClass, g_type_class_unref);
 G_DEFINE_AUTOPTR_CLEANUP_FUNC (GDate, g_date_free);
 #endif
+
+#if  __GNUC__ > 10 || (__GNUC__ == 10 && __GNUC_MINOR__ >= 1)
+#define FP_GNUC_ACCESS(m, p, s) __attribute__((access (m, p, s)))
+#else
+#define FP_GNUC_ACCESS(m, p, s)
+#endif

libfprint/fpi-usb-transfer.h

@@ -20,6 +20,7 @@
 #pragma once
 
 #include <gusb.h>
+#include "fpi-compat.h"
 #include "fpi-device.h"
 
 G_BEGIN_DECLS
@@ -115,6 +116,7 @@ void               fpi_usb_transfer_fill_bulk (FpiUsbTransfer *transfer,
                                                guint8          endpoint,
                                                gsize           length);
 
+FP_GNUC_ACCESS (read_only, 3, 4)
 void               fpi_usb_transfer_fill_bulk_full (FpiUsbTransfer *transfer,
                                                     guint8          endpoint,
                                                     guint8         *buffer,
@@ -134,6 +136,7 @@ void               fpi_usb_transfer_fill_interrupt (FpiUsbTransfer *transfer,
                                                     guint8          endpoint,
                                                     gsize           length);
 
+FP_GNUC_ACCESS (read_only, 3, 4)
 void               fpi_usb_transfer_fill_interrupt_full (FpiUsbTransfer *transfer,
                                                          guint8          endpoint,
                                                          guint8         *buffer,