New macro MBEDTLS_CHECK_RETURN

Put this macro before a function declaration to indicate that its result
must be checked. This commit supports GCC-like compilers and MSVC >=2012.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

include/mbedtls/aes.h

@@ -45,6 +45,7 @@
 #else
 #include MBEDTLS_CONFIG_FILE
 #endif
+#include "mbedtls/platform_util.h"
 
 #include <stddef.h>
 #include <stdint.h>

include/mbedtls/des.h

@@ -32,6 +32,7 @@
 #else
 #include MBEDTLS_CONFIG_FILE
 #endif
+#include "mbedtls/platform_util.h"
 
 #include <stddef.h>
 #include <stdint.h>

include/mbedtls/platform_util.h

@@ -132,6 +132,26 @@ MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t;
 #endif /* MBEDTLS_DEPRECATED_WARNING */
 #endif /* MBEDTLS_DEPRECATED_REMOVED */
 
+/** \def MBEDTLS_CHECK_RETURN
+ *
+ * This macro appearing at the beginning of the declaration of a function
+ * indicates that its return value should be checked.
+ *
+ * This should appear before most functions returning an error code
+ * (as \c int in the \c mbedtls_xxx API or
+ * as ::psa_status_t in the \c psa_xxx API).
+ */
+#if !defined(MBEDTLS_CHECK_RETURN)
+#if defined(__GNUC__)
+#define MBEDTLS_CHECK_RETURN __attribute__((warn_unused_result))
+#elif defined(_MSC_VER) && _MSC_VER >= 1700
+#include <sal.h>
+#define MBEDTLS_CHECK_RETURN _Check_return_
+#else
+#define MBEDTLS_CHECK_RETURN
+#endif
+#endif
+
 /**
  * \brief       Securely zeroize a buffer
  *