提交 48f0fbd2 编写于 作者: G ganlan

fortify 代码规范性整合

Signed-off-by: Nganlan <tony.gan@huawei.com>
上级 d196b326
......@@ -48,7 +48,7 @@ static void open_0020(void)
};
sigaction(SIGABRT, &sigabrt, NULL);
int flags = O_CREAT; // Fool the compiler.
int flags = O_CREAT;
int status;
int pid = fork();
switch (pid) {
......@@ -82,7 +82,7 @@ static void open_0030(void)
};
sigaction(SIGABRT, &sigabrt, NULL);
int flags = O_TMPFILE; // Fool the compiler.
int flags = O_TMPFILE;
int status;
int pid = fork();
switch (pid) {
......@@ -131,7 +131,7 @@ static void openat_0020(void)
};
sigaction(SIGABRT, &sigabrt, NULL);
int flags = O_CREAT; // Fool the compiler.
int flags = O_CREAT;
int status;
int pid = fork();
switch (pid) {
......@@ -165,7 +165,7 @@ static void openat_0030(void)
};
sigaction(SIGABRT, &sigabrt, NULL);
int flags = O_TMPFILE; // Fool the compiler.
int flags = O_TMPFILE;
int status;
int pid = fork();
switch (pid) {
......@@ -214,7 +214,7 @@ static void open64_0020(void)
};
sigaction(SIGABRT, &sigabrt, NULL);
int flags = O_CREAT; // Fool the compiler.
int flags = O_CREAT;
int status;
int pid = fork();
switch (pid) {
......@@ -248,7 +248,7 @@ static void open64_0030(void)
};
sigaction(SIGABRT, &sigabrt, NULL);
int flags = O_TMPFILE; // Fool the compiler.
int flags = O_TMPFILE;
int status;
int pid = fork();
switch (pid) {
......@@ -297,7 +297,7 @@ static void openat64_0020(void)
};
sigaction(SIGABRT, &sigabrt, NULL);
int flags = O_CREAT; // Fool the compiler.
int flags = O_CREAT;
int status;
int pid = fork();
switch (pid) {
......@@ -331,7 +331,7 @@ static void openat64_0030(void)
};
sigaction(SIGABRT, &sigabrt, NULL);
int flags = O_TMPFILE; // Fool the compiler.
int flags = O_TMPFILE;
int status;
int pid = fork();
switch (pid) {
......
......@@ -48,7 +48,7 @@ static void poll_0020(void)
};
sigaction(SIGABRT, &sigabrt, NULL);
nfds_t fd_count = atoi("2"); // suppress compiler optimizations
nfds_t fd_count = atoi("2");
struct pollfd buf[1] = {{0, POLLIN, 0}};
int status;
......@@ -58,7 +58,7 @@ static void poll_0020(void)
t_error("fork failed: %s\n", strerror(errno));
break;
case 0:
// Set timeout to zero to prevent waiting in poll when fortify test fails.
// Set timeout to 0 to prevent waiting for polling if hardening tests fail.
poll(buf, fd_count, 0);
exit(0);
default:
......@@ -100,7 +100,7 @@ static void ppoll_0020(void)
};
sigaction(SIGABRT, &sigabrt, NULL);
nfds_t fd_count = atoi("2"); // suppress compiler optimizations
nfds_t fd_count = atoi("2");
struct pollfd buf[1] = {{0, POLLIN, 0}};
// Set timeout to zero to prevent waiting in ppoll when fortify test fails.
struct timespec timeout;
......
......@@ -56,7 +56,7 @@ static void send_0010(void)
};
sigaction(SIGABRT, &sigabrt, NULL);
size_t data_len = atoi("11"); // suppress compiler optimizations
size_t data_len = atoi("11");
char buf[BUF_SIZE_10];
int status;
int pid = fork();
......@@ -91,7 +91,7 @@ static void recv_0010(void)
};
sigaction(SIGABRT, &sigabrt, NULL);
size_t data_len = atoi("11"); // suppress compiler optimizations
size_t data_len = atoi("11");
char buf[BUF_SIZE_10];
int status;
int pid = fork();
......@@ -153,7 +153,7 @@ static void sendto_0010(void)
};
sigaction(SIGABRT, &sigabrt, NULL);
size_t data_len = atoi("11"); // suppress compiler optimizations
size_t data_len = atoi("11");
char buf[BUF_SIZE_10];
int status;
int pid = fork();
......@@ -188,7 +188,7 @@ static void recvfrom_0010(void)
};
sigaction(SIGABRT, &sigabrt, NULL);
size_t data_len = atoi("11"); // suppress compiler optimizations
size_t data_len = atoi("11");
char buf[BUF_SIZE_10];
int status;
int pid = fork();
......
......@@ -30,7 +30,7 @@ int __open64_diagnose(const char*, int);
int __openat64_diagnose(int, const char*, int);
#endif
/*
* These are the easiest way to call the real open even in clang FORTIFY.
* Even in musl FORTIFY, the following is the easiest way to call a real open.
*/
int __open_real(const char*, int, ...) __DIAGNOSE_RENAME(open);
int __openat_real(int, const char*, int, ...) __DIAGNOSE_RENAME(openat);
......@@ -41,84 +41,84 @@ int __openat64_real(int, const char*, int, ...) __DIAGNOSE_RENAME(openat64);
#ifdef __FORTIFY_COMPILATION
__DIAGNOSE_FORTIFY_INLINE
int open(const char* const __DIAGNOSE_PASS_OBJECT_SIZE pathname, int flags)
int open(const char* const __DIAGNOSE_PASS_OBJECT_SIZE path, int flags)
__DIAGNOSE_OVERLOAD
__DIAGNOSE_ERROR_IF(__DIAGNOSE_OPEN_MODES_USEFUL(flags), "'open' " OPEN_TOO_FEW_ARGS_ERROR)
{
#ifdef __FORTIFY_RUNTIME
return __open_diagnose(pathname, flags);
return __open_diagnose(path, flags);
#else
return __open_real(pathname, flags);
return __open_real(path, flags);
#endif
}
__DIAGNOSE_FORTIFY_INLINE
int open(const char* const __DIAGNOSE_PASS_OBJECT_SIZE pathname, int flags, unsigned modes)
int open(const char* const __DIAGNOSE_PASS_OBJECT_SIZE path, int flags, unsigned modes)
__DIAGNOSE_OVERLOAD
__DIAGNOSE_WARNING_IF(!__DIAGNOSE_OPEN_MODES_USEFUL(flags) && modes, "'open' " OPEN_USELESS_MODES_WARNING)
{
return __open_real(pathname, flags, modes);
return __open_real(path, flags, modes);
}
__DIAGNOSE_FORTIFY_INLINE
int openat(int dirfd, const char* const __DIAGNOSE_PASS_OBJECT_SIZE pathname, int flags)
int openat(int dirfd, const char* const __DIAGNOSE_PASS_OBJECT_SIZE path, int flags)
__DIAGNOSE_OVERLOAD
__DIAGNOSE_ERROR_IF(__DIAGNOSE_OPEN_MODES_USEFUL(flags), "'openat' " OPEN_TOO_FEW_ARGS_ERROR)
{
#ifdef __FORTIFY_RUNTIME
return __openat_diagnose(dirfd, pathname, flags);
return __openat_diagnose(dirfd, path, flags);
#else
return __openat_real(dirfd, pathname, flags);
return __openat_real(dirfd, path, flags);
#endif
}
__DIAGNOSE_FORTIFY_INLINE
int openat(int dirfd, const char* const __DIAGNOSE_PASS_OBJECT_SIZE pathname, int flags, mode_t modes)
int openat(int dirfd, const char* const __DIAGNOSE_PASS_OBJECT_SIZE path, int flags, mode_t modes)
__DIAGNOSE_OVERLOAD
__DIAGNOSE_WARNING_IF(!__DIAGNOSE_OPEN_MODES_USEFUL(flags) && modes, "'openat' " OPEN_USELESS_MODES_WARNING)
{
return __openat_real(dirfd, pathname, flags, modes);
return __openat_real(dirfd, path, flags, modes);
}
#if defined(_LARGEFILE64_SOURCE) || defined(_GNU_SOURCE)
__DIAGNOSE_FORTIFY_INLINE
int open64(const char* const __DIAGNOSE_PASS_OBJECT_SIZE pathname, int flags)
int open64(const char* const __DIAGNOSE_PASS_OBJECT_SIZE path, int flags)
__DIAGNOSE_OVERLOAD
__DIAGNOSE_ERROR_IF(__DIAGNOSE_OPEN_MODES_USEFUL(flags), "'open64' " OPEN_TOO_FEW_ARGS_ERROR)
{
#ifdef __FORTIFY_RUNTIME
return __open64_diagnose(pathname, flags);
return __open64_diagnose(path, flags);
#else
return __open64_real(pathname, flags);
return __open64_real(path, flags);
#endif
}
__DIAGNOSE_FORTIFY_INLINE
int open64(const char* const __DIAGNOSE_PASS_OBJECT_SIZE pathname, int flags, mode_t modes)
int open64(const char* const __DIAGNOSE_PASS_OBJECT_SIZE path, int flags, mode_t modes)
__DIAGNOSE_OVERLOAD
__DIAGNOSE_WARNING_IF(!__DIAGNOSE_OPEN_MODES_USEFUL(flags) && modes, "'open64' " OPEN_USELESS_MODES_WARNING)
{
return __open64_real(pathname, flags, modes);
return __open64_real(path, flags, modes);
}
__DIAGNOSE_FORTIFY_INLINE
int openat64(int dirfd, const char* const __DIAGNOSE_PASS_OBJECT_SIZE pathname, int flags)
int openat64(int dirfd, const char* const __DIAGNOSE_PASS_OBJECT_SIZE path, int flags)
__DIAGNOSE_OVERLOAD
__DIAGNOSE_ERROR_IF(__DIAGNOSE_OPEN_MODES_USEFUL(flags), "'openat64' " OPEN_TOO_FEW_ARGS_ERROR)
{
#ifdef __FORTIFY_RUNTIME
return __openat64_diagnose(dirfd, pathname, flags);
return __openat64_diagnose(dirfd, path, flags);
#else
return __openat64_real(dirfd, pathname, flags);
return __openat64_real(dirfd, path, flags);
#endif
}
__DIAGNOSE_FORTIFY_INLINE
int openat64(int dirfd, const char* const __DIAGNOSE_PASS_OBJECT_SIZE pathname, int flags, mode_t modes)
int openat64(int dirfd, const char* const __DIAGNOSE_PASS_OBJECT_SIZE path, int flags, mode_t modes)
__DIAGNOSE_OVERLOAD
__DIAGNOSE_WARNING_IF(!__DIAGNOSE_OPEN_MODES_USEFUL(flags) && modes, "'openat64' " OPEN_USELESS_MODES_WARNING)
{
return __openat64_real(dirfd, pathname, flags, modes);
return __openat64_real(dirfd, path, flags, modes);
}
#endif
......
......@@ -82,14 +82,14 @@ extern "C" {
#define __DIAGNOSE_PASS_OBJECT_SIZE0 __DIAGNOSE_PASS_OBJECT_SIZE_N(0)
#define __DIAGNOSE_FORTIFY_UNKNOWN_SIZE ((unsigned int) -1)
/* Intended for use in unevaluated contexts, e.g. diagnose_if conditions. */
/* The following are intended for use in unevaluated environments, e.g. diagnose_if conditions. */
#define __DIAGNOSE_UNEVALUATED_LT(bos_val, val) \
((bos_val) != __DIAGNOSE_FORTIFY_UNKNOWN_SIZE && (bos_val) < (val))
#define __DIAGNOSE_UNEVALUATED_LE(bos_val, val) \
((bos_val) != __DIAGNOSE_FORTIFY_UNKNOWN_SIZE && (bos_val) <= (val))
/* Intended for use in evaluated contexts. */
/* The following acts in the context of evaluation. */
#define __DIAGNOSE_BOS_DYNAMIC_CHECK_IMPL_AND(bos_val, op, index, cond) \
((bos_val) == __DIAGNOSE_FORTIFY_UNKNOWN_SIZE || \
(__builtin_constant_p(index) && bos_val op index && (cond)))
......@@ -102,7 +102,10 @@ extern "C" {
#define __DIAGNOSE_OVERLOAD __attribute__((overloadable))
/* Used to rename functions so that the compiler emits a call to 'x' rather than the function this was applied to. */
/*
* A function to prevent this function from being applied.
* Used to rename the function so that the compiler emits a call to "x".
*/
#define __DIAGNOSE_RENAME(x) __asm__(#x)
#define __DIAGNOSE_OPEN_MODES_USEFUL(flags) (((flags) & O_CREAT) || ((flags) & O_TMPFILE) == O_TMPFILE)
#define __DIAGNOSE_BOS_FD_COUNT_TRIVIALLY_SAFE(bos_val, fds, fd_count) \
......@@ -116,14 +119,14 @@ extern "C" {
!__DIAGNOSE_UNSAFE_CHK_MUL_OVERFLOW(size, count))
#define FORTIFY_RUNTIME_ERROR_PREFIX "Musl Fortify runtime error: "
#define OPEN_TOO_MANY_ARGS_ERROR "too many arguments"
#define OPEN_TOO_FEW_ARGS_ERROR "called with O_CREAT or O_TMPFILE, but missing mode"
#define OPEN_USELESS_MODES_WARNING "has superfluous mode bits; missing O_CREAT?"
#define CALLED_WITH_STRING_BIGGER_BUFFER "called with string bigger than buffer"
#define FD_COUNT_LARGE_GIVEN_BUFFER "fd_count is larger than the given buffer"
#define CALLED_WITH_SIZE_BIGGER_BUFFER "called with size bigger than buffer"
#define OUTPUT_PARAMETER_BYTES "output parameter must be NULL or a pointer to a buffer with >= FORTIFY_PATH_MAX bytes"
#define SIZE_LARGER_THEN_DESTINATION_BUFFER "size is larger than the destination buffer"
#define OPEN_TOO_MANY_ARGS_ERROR "There are too many arguments"
#define OPEN_TOO_FEW_ARGS_ERROR "invoking with O_CREAT or O_TMPFILE, but missing pattern."
#define OPEN_USELESS_MODES_WARNING "having redundant mode bits; but missing O_CREAT."
#define CALLED_WITH_STRING_BIGGER_BUFFER "called with a string larger than the buffer"
#define FD_COUNT_LARGE_GIVEN_BUFFER "fd_count is greater than the given buffer"
#define CALLED_WITH_SIZE_BIGGER_BUFFER "called with bigger size than the buffer"
#define OUTPUT_PARAMETER_BYTES "the output parameter must be nullptr or a pointer to the buffer with >= FORTIFY_PATH_MAX bytes"
#define SIZE_LARGER_THEN_DESTINATION_BUFFER "the size is greater than the target buffer"
void __fortify_error(const char* info, ...);
......
......@@ -31,37 +31,37 @@ int __ppoll_chk(struct pollfd*, nfds_t, const struct timespec*, const sigset_t*,
#ifdef __FORTIFY_COMPILATION
__DIAGNOSE_FORTIFY_INLINE
int poll(struct pollfd* const fds __DIAGNOSE_PASS_OBJECT_SIZE, nfds_t fd_count, int timeout)
int poll(struct pollfd* const fds __DIAGNOSE_PASS_OBJECT_SIZE, nfds_t fd_amount, int timeout)
__DIAGNOSE_OVERLOAD
__DIAGNOSE_ERROR_IF(__DIAGNOSE_UNEVALUATED_LT(__DIAGNOSE_BOS(fds), sizeof(*fds) * fd_count),
__DIAGNOSE_ERROR_IF(__DIAGNOSE_UNEVALUATED_LT(__DIAGNOSE_BOS(fds), sizeof(*fds) * fd_amount),
"in call to 'poll', " FD_COUNT_LARGE_GIVEN_BUFFER)
{
#ifdef __FORTIFY_RUNTIME
size_t bos_fds = __DIAGNOSE_BOS(fds);
if (!__DIAGNOSE_BOS_FD_COUNT_TRIVIALLY_SAFE(bos_fds, fds, fd_count)) {
return __poll_diagnose(fds, fd_count, timeout, bos_fds);
if (!__DIAGNOSE_BOS_FD_COUNT_TRIVIALLY_SAFE(bos_fds, fds, fd_amount)) {
return __poll_diagnose(fds, fd_amount, timeout, bos_fds);
}
#endif
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(poll)(fds, fd_count, timeout);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(poll)(fds, fd_amount, timeout);
}
#ifdef _GNU_SOURCE
__DIAGNOSE_FORTIFY_INLINE
int ppoll(struct pollfd* const fds __DIAGNOSE_PASS_OBJECT_SIZE, nfds_t fd_count,
int ppoll(struct pollfd* const fds __DIAGNOSE_PASS_OBJECT_SIZE, nfds_t fd_amount,
const struct timespec* timeout, const sigset_t* mask)
__DIAGNOSE_OVERLOAD
__DIAGNOSE_ERROR_IF(__DIAGNOSE_UNEVALUATED_LT(__DIAGNOSE_BOS(fds), sizeof(*fds) * fd_count),
__DIAGNOSE_ERROR_IF(__DIAGNOSE_UNEVALUATED_LT(__DIAGNOSE_BOS(fds), sizeof(*fds) * fd_amount),
"in call to 'ppoll', " FD_COUNT_LARGE_GIVEN_BUFFER)
{
#ifdef __FORTIFY_RUNTIME
size_t bos_fds = __DIAGNOSE_BOS(fds);
if (!__DIAGNOSE_BOS_FD_COUNT_TRIVIALLY_SAFE(bos_fds, fds, fd_count)) {
return __ppoll_chk(fds, fd_count, timeout, mask, bos_fds);
if (!__DIAGNOSE_BOS_FD_COUNT_TRIVIALLY_SAFE(bos_fds, fds, fd_amount)) {
return __ppoll_chk(fds, fd_amount, timeout, mask, bos_fds);
}
#endif
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(ppoll)(fds, fd_count, timeout, mask);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(ppoll)(fds, fd_amount, timeout, mask);
}
#endif
......
......@@ -27,12 +27,12 @@ mode_t __umask_diagnose(mode_t);
mode_t __umask_real(mode_t mode) __DIAGNOSE_RENAME(umask);
#ifdef __FORTIFY_COMPILATION
/* Abuse enable_if to make this an overload of umask. */
/* Overload of umask. */
__DIAGNOSE_FORTIFY_INLINE
mode_t umask(mode_t mode)
__DIAGNOSE_OVERLOAD
__DIAGNOSE_ENABLE_IF(1, "")
__DIAGNOSE_ERROR_IF(mode & ~0777, "'umask' called with invalid mode")
__DIAGNOSE_ERROR_IF(mode & ~0777, "'umask' was called in invalid mode")
{
#ifdef __FORTIFY_RUNTIME
return __umask_diagnose(mode);
......
......@@ -77,7 +77,7 @@ __DIAGNOSE_ERROR_IF(__DIAGNOSE_UNEVALUATED_LT(__DIAGNOSE_BOS0(buf), size * count
__DIAGNOSE_FORTIFY_INLINE
char* fgets(char* const __DIAGNOSE_PASS_OBJECT_SIZE dest, int size, FILE* stream)
__DIAGNOSE_OVERLOAD
__DIAGNOSE_ERROR_IF(size < 0, "in call to 'fgets', size should not be negative")
__DIAGNOSE_ERROR_IF(size < 0, "in call to 'fgets', size should not be less than 0")
__DIAGNOSE_ERROR_IF(__DIAGNOSE_UNEVALUATED_LT(__DIAGNOSE_BOS(dest), size),
"in call to 'fgets', " SIZE_LARGER_THEN_DESTINATION_BUFFER)
{
......@@ -111,10 +111,10 @@ __DIAGNOSE_FORTIFY_VARIADIC __DIAGNOSE_PRINTFLIKE(FORMAT_PLACE_2, VALIST_PLACE_3
int sprintf(char* const __DIAGNOSE_PASS_OBJECT_SIZE dest, const char* format, ...)
__DIAGNOSE_OVERLOAD
{
va_list va;
va_start(va, format);
int result = __builtin___vsprintf_chk(dest, 0, __DIAGNOSE_BOS(dest), format, va);
va_end(va);
va_list va_l;
va_start(va_l, format);
int result = __builtin___vsprintf_chk(dest, 0, __DIAGNOSE_BOS(dest), format, va_l);
va_end(va_l);
return result;
}
......@@ -122,10 +122,10 @@ __DIAGNOSE_FORTIFY_VARIADIC __DIAGNOSE_PRINTFLIKE(FORMAT_PLACE_3, VALIST_PLACE_4
int snprintf(char* const __DIAGNOSE_PASS_OBJECT_SIZE dest, size_t size, const char* format, ...)
__DIAGNOSE_OVERLOAD
{
va_list va;
va_start(va, format);
int result = __builtin___vsnprintf_chk(dest, size, 0, __DIAGNOSE_BOS(dest), format, va);
va_end(va);
va_list va_l;
va_start(va_l, format);
int result = __builtin___vsnprintf_chk(dest, size, 0, __DIAGNOSE_BOS(dest), format, va_l);
va_end(va_l);
return result;
}
......
......@@ -33,132 +33,132 @@ size_t __strlen_chk(const char* s, size_t s_len);
#ifdef __FORTIFY_COMPILATION
__DIAGNOSE_FORTIFY_INLINE
char *strcpy(char *const dst __DIAGNOSE_PASS_OBJECT_SIZE, const char *src)
char *strcpy(char *const dest __DIAGNOSE_PASS_OBJECT_SIZE, const char *src)
__DIAGNOSE_OVERLOAD
__DIAGNOSE_ERROR_IF(__DIAGNOSE_UNEVALUATED_LE(__DIAGNOSE_BOS(dst), __builtin_strlen(src)),
__DIAGNOSE_ERROR_IF(__DIAGNOSE_UNEVALUATED_LE(__DIAGNOSE_BOS(dest), __builtin_strlen(src)),
"'strcpy' " CALLED_WITH_STRING_BIGGER_BUFFER)
{
#ifdef __FORTIFY_RUNTIME
return __builtin___strcpy_chk(dst, src, __DIAGNOSE_BOS(dst));
return __builtin___strcpy_chk(dest, src, __DIAGNOSE_BOS(dest));
#else
return __builtin_strcpy(dst, src);
return __builtin_strcpy(dest, src);
#endif
}
__DIAGNOSE_FORTIFY_INLINE
char *stpcpy(char *const dst __DIAGNOSE_PASS_OBJECT_SIZE, const char *src)
char *stpcpy(char *const dest __DIAGNOSE_PASS_OBJECT_SIZE, const char *src)
__DIAGNOSE_OVERLOAD
__DIAGNOSE_ERROR_IF(__DIAGNOSE_UNEVALUATED_LE(__DIAGNOSE_BOS(dst), __builtin_strlen(src)),
__DIAGNOSE_ERROR_IF(__DIAGNOSE_UNEVALUATED_LE(__DIAGNOSE_BOS(dest), __builtin_strlen(src)),
"'stpcpy' " CALLED_WITH_STRING_BIGGER_BUFFER)
{
#ifdef __FORTIFY_RUNTIME
return __builtin___stpcpy_chk(dst, src, __DIAGNOSE_BOS(dst));
return __builtin___stpcpy_chk(dest, src, __DIAGNOSE_BOS(dest));
#else
return __builtin_stpcpy(dst, src);
return __builtin_stpcpy(dest, src);
#endif
}
__DIAGNOSE_FORTIFY_INLINE
void *memmove(void *const dst __DIAGNOSE_PASS_OBJECT_SIZE0, const void *src, size_t len)
void *memmove(void *const dest __DIAGNOSE_PASS_OBJECT_SIZE0, const void *src, size_t len)
__DIAGNOSE_OVERLOAD
{
#ifdef __FORTIFY_RUNTIME
return __builtin___memmove_chk(dst, src, len, __DIAGNOSE_BOS(dst));
return __builtin___memmove_chk(dest, src, len, __DIAGNOSE_BOS(dest));
#else
return __builtin_memmove(dst, src, len);
return __builtin_memmove(dest, src, len);
#endif
}
__DIAGNOSE_FORTIFY_INLINE
void *mempcpy(void *const dst __DIAGNOSE_PASS_OBJECT_SIZE, const void *src, size_t copy_amount)
void *mempcpy(void *const dest __DIAGNOSE_PASS_OBJECT_SIZE, const void *src, size_t copy_amount)
__DIAGNOSE_OVERLOAD
__DIAGNOSE_ERROR_IF(__DIAGNOSE_UNEVALUATED_LT(__DIAGNOSE_BOS0(dst), copy_amount),
__DIAGNOSE_ERROR_IF(__DIAGNOSE_UNEVALUATED_LT(__DIAGNOSE_BOS0(dest), copy_amount),
"'mempcpy' " CALLED_WITH_STRING_BIGGER_BUFFER)
{
#ifdef __FORTIFY_RUNTIME
return __builtin___mempcpy_chk(dst, src, copy_amount, __DIAGNOSE_BOS0(dst));
return __builtin___mempcpy_chk(dest, src, copy_amount, __DIAGNOSE_BOS0(dest));
#else
return __builtin_mempcpy(dst, src, copy_amount);
return __builtin_mempcpy(dest, src, copy_amount);
#endif
}
__DIAGNOSE_FORTIFY_INLINE
char *strcat(char *const dst __DIAGNOSE_PASS_OBJECT_SIZE, const char *src)
char *strcat(char *const dest __DIAGNOSE_PASS_OBJECT_SIZE, const char *src)
__DIAGNOSE_OVERLOAD
__DIAGNOSE_ERROR_IF(__DIAGNOSE_UNEVALUATED_LE(__DIAGNOSE_BOS(dst), __builtin_strlen(src)),
__DIAGNOSE_ERROR_IF(__DIAGNOSE_UNEVALUATED_LE(__DIAGNOSE_BOS(dest), __builtin_strlen(src)),
"'strcat' " CALLED_WITH_STRING_BIGGER_BUFFER)
{
#ifdef __FORTIFY_RUNTIME
return __builtin___strcat_chk(dst, src, __DIAGNOSE_BOS(dst));
return __builtin___strcat_chk(dest, src, __DIAGNOSE_BOS(dest));
#else
return __builtin_strcat(dst, src);
return __builtin_strcat(dest, src);
#endif
}
#ifdef __FORTIFY_RUNTIME
__DIAGNOSE_FORTIFY_INLINE
char *strncat(char* const dst __DIAGNOSE_PASS_OBJECT_SIZE, const char* src, size_t n)
char *strncat(char* const dest __DIAGNOSE_PASS_OBJECT_SIZE, const char* src, size_t n)
__DIAGNOSE_OVERLOAD
{
return __builtin___strncat_chk(dst, src, n, __DIAGNOSE_BOS(dst));
return __builtin___strncat_chk(dest, src, n, __DIAGNOSE_BOS(dest));
}
#endif
#ifdef __FORTIFY_RUNTIME
__DIAGNOSE_FORTIFY_INLINE
char *stpncpy(char *const dst __DIAGNOSE_PASS_OBJECT_SIZE,
char *stpncpy(char *const dest __DIAGNOSE_PASS_OBJECT_SIZE,
const char *const src __DIAGNOSE_PASS_OBJECT_SIZE, size_t n)
__DIAGNOSE_OVERLOAD
{
size_t bos_dst = __DIAGNOSE_BOS(dst);
return __builtin___stpncpy_chk(dst, src, n, bos_dst);
size_t bos_dest = __DIAGNOSE_BOS(dest);
return __builtin___stpncpy_chk(dest, src, n, bos_dest);
}
#endif
#ifdef __FORTIFY_RUNTIME
__DIAGNOSE_FORTIFY_INLINE
char *strncpy(char *const dst __DIAGNOSE_PASS_OBJECT_SIZE,
char *strncpy(char *const dest __DIAGNOSE_PASS_OBJECT_SIZE,
const char *const src __DIAGNOSE_PASS_OBJECT_SIZE, size_t n)
__DIAGNOSE_OVERLOAD
{
size_t bos_dst = __DIAGNOSE_BOS(dst);
return __builtin___strncpy_chk(dst, src, n, bos_dst);
size_t bos_dest = __DIAGNOSE_BOS(dest);
return __builtin___strncpy_chk(dest, src, n, bos_dest);
}
#endif
#ifdef __FORTIFY_RUNTIME
__DIAGNOSE_FORTIFY_INLINE
void *memcpy(void *const dst __DIAGNOSE_PASS_OBJECT_SIZE0, const void *src, size_t copy_amount)
void *memcpy(void *const dest __DIAGNOSE_PASS_OBJECT_SIZE0, const void *src, size_t copy_amount)
__DIAGNOSE_OVERLOAD
{
return __builtin___memcpy_chk(dst, src, copy_amount, __DIAGNOSE_BOS0(dst));
return __builtin___memcpy_chk(dest, src, copy_amount, __DIAGNOSE_BOS0(dest));
}
#endif
#if defined(_BSD_SOURCE) || defined(_GNU_SOURCE)
__DIAGNOSE_FORTIFY_INLINE
size_t strlcpy(char *const dst __DIAGNOSE_PASS_OBJECT_SIZE, const char *src, size_t size)
size_t strlcpy(char *const dest __DIAGNOSE_PASS_OBJECT_SIZE, const char *src, size_t size)
__DIAGNOSE_OVERLOAD
__DIAGNOSE_ERROR_IF(__DIAGNOSE_UNEVALUATED_LT(__DIAGNOSE_BOS(dst), size),
__DIAGNOSE_ERROR_IF(__DIAGNOSE_UNEVALUATED_LT(__DIAGNOSE_BOS(dest), size),
"'strlcpy' called with size bigger than buffer")
{
#ifdef __FORTIFY_RUNTIME
return __strlcpy_diagnose(dst, src, size, __DIAGNOSE_BOS(dst));
return __strlcpy_diagnose(dest, src, size, __DIAGNOSE_BOS(dest));
#else
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(strlcpy)(dst, src, size);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(strlcpy)(dest, src, size);
#endif
}
__DIAGNOSE_FORTIFY_INLINE
size_t strlcat(char* const dst __DIAGNOSE_PASS_OBJECT_SIZE, const char* src, size_t size)
size_t strlcat(char* const dest __DIAGNOSE_PASS_OBJECT_SIZE, const char* src, size_t size)
__DIAGNOSE_OVERLOAD
__DIAGNOSE_ERROR_IF(__DIAGNOSE_UNEVALUATED_LT(__DIAGNOSE_BOS(dst), size),
__DIAGNOSE_ERROR_IF(__DIAGNOSE_UNEVALUATED_LT(__DIAGNOSE_BOS(dest), size),
"'strlcat' called with size bigger than buffer")
{
#ifdef __FORTIFY_RUNTIME
return __strlcat_diagnose(dst, src, size, __DIAGNOSE_BOS(dst));
return __strlcat_diagnose(dest, src, size, __DIAGNOSE_BOS(dest));
#else
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(strlcat)(dst, src, size);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(strlcat)(dest, src, size);
#endif
}
#endif // defined(_GNU_SOURCE) || defined(_BSD_SOURCE)
......
......@@ -119,7 +119,7 @@ static inline void __diagnose_buffer_access(const char* fn, const char* action,
size_t claim, size_t actual)
{
if (__DIAGNOSE_PREDICT_FALSE(claim > actual)) {
__fortify_error("%s: prevented %zu-byte %s %zu-byte buffer\n", fn, claim, action, actual);
__fortify_error("%s: avoid %zu-byte %s %zu-byte buffer\n", fn, claim, action, actual);
}
}
......@@ -157,8 +157,8 @@ mode_t __umask_diagnose(mode_t mode)
return __umask_real(mode);
}
// Runtime implementation of string related interface
// (used directly by the compiler, not in a header file).
// Runtime implementation of the string-dependent interface.
// Used directly by the compiler, not in a header file.
static inline void __diagnose_count(const char *fn, const char *identifier, size_t value)
{
if (__DIAGNOSE_PREDICT_FALSE(value > LONG_MAX)) {
......@@ -170,59 +170,59 @@ size_t __strlen_chk(const char* s, size_t s_len)
{
size_t ret = __DIAGNOSE_CALL_BYPASSING_FORTIFY(strlen)(s);
if (__DIAGNOSE_PREDICT_FALSE(ret >= s_len)) {
__fortify_error("strlen: detected read past end of buffer\n");
__fortify_error("strlen: diagnose read exceed end of buffer\n");
}
return ret;
}
char* __strncat_chk(char* dst, const char* src, size_t len, size_t dst_buf_size)
char* __strncat_chk(char* dest, const char* src, size_t len, size_t dst_buf_size)
{
size_t src_len = strlen(src) + strlen(dst);
size_t src_len = strlen(src) + strlen(dest);
__diagnose_buffer_access("strncat", "write into", src_len, dst_buf_size);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(strncat)(dst, src, len);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(strncat)(dest, src, len);
}
char* __strcat_chk(char* dst, const char* src, size_t dst_buf_size)
char* __strcat_chk(char* dest, const char* src, size_t dst_buf_size)
{
size_t src_len = strlen(src) + strlen(dst);
size_t src_len = strlen(src) + strlen(dest);
__diagnose_buffer_access("strcat", "write into", src_len, dst_buf_size);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(strcat)(dst, src);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(strcat)(dest, src);
}
char* __strcpy_chk(char* dst, const char* src, size_t dst_len)
char* __strcpy_chk(char* dest, const char* src, size_t dst_len)
{
size_t src_len = strlen(src) + 1;
__diagnose_buffer_access("strcpy", "write into", src_len, dst_len);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(strcpy)(dst, src);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(strcpy)(dest, src);
}
void* __memmove_chk(void* dst, const void* src, size_t len, size_t dst_len)
void* __memmove_chk(void* dest, const void* src, size_t len, size_t dst_len)
{
__diagnose_buffer_access("memmove", "write into", len, dst_len);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(memmove)(dst, src, len);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(memmove)(dest, src, len);
}
void* __memcpy_chk(void* dst, const void* src, size_t count, size_t dst_len)
void* __memcpy_chk(void* dest, const void* src, size_t count, size_t dst_len)
{
__diagnose_count("memcpy", "count", count);
__diagnose_buffer_access("memcpy", "write into", count, dst_len);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(memcpy)(dst, src, count);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(memcpy)(dest, src, count);
}
#ifdef _GNU_SOURCE
void* __mempcpy_chk(void* dst, const void* src, size_t count, size_t dst_len)
void* __mempcpy_chk(void* dest, const void* src, size_t count, size_t dst_len)
{
__diagnose_count("mempcpy", "count", count);
__diagnose_buffer_access("mempcpy", "write into", count, dst_len);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(mempcpy)(dst, src, count);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(mempcpy)(dest, src, count);
}
#endif
char* __stpcpy_chk(char* dst, const char* src, size_t dst_len)
char* __stpcpy_chk(char* dest, const char* src, size_t dst_len)
{
size_t src_len = strlen(src);
__diagnose_buffer_access("stpcpy", "write into", src_len, dst_len);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(stpcpy)(dst, src);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(stpcpy)(dest, src);
}
void* __memchr_diagnose(const void* s, int c, size_t n, size_t actual_size)
......@@ -232,56 +232,56 @@ void* __memchr_diagnose(const void* s, int c, size_t n, size_t actual_size)
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(memchr)(const_cast_s, c, n);
}
char* __stpncpy_chk(char* dst, const char* src, size_t len, size_t dst_len)
char* __stpncpy_chk(char* dest, const char* src, size_t len, size_t dst_len)
{
__diagnose_buffer_access("stpncpy", "write into", len, dst_len);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(stpncpy)(dst, src, len);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(stpncpy)(dest, src, len);
}
char *__strncpy_chk(char *dst, const char *src, size_t len, size_t dst_len)
char *__strncpy_chk(char *dest, const char *src, size_t len, size_t dst_len)
{
__diagnose_buffer_access("strncpy", "write into", len, dst_len);
if (len != 0) {
char *d = dst;
char *d = dest;
const char *s = src;
size_t src_len = strlen(src);
do {
size_t s_copy_len = (size_t)(s - src);
if (__DIAGNOSE_PREDICT_FALSE(s_copy_len >= src_len)) {
__fortify_error("strncpy: detected read past end of %zu-byte buffer\n", src_len);
__fortify_error("strncpy: diagnose read exceed end of %zu-byte buffer\n", src_len);
}
} while (--len != 0);
}
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(strncpy)(dst, src, len);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(strncpy)(dest, src, len);
}
void *__memset_chk(void *dst, int byte, size_t count, size_t dst_len)
void *__memset_chk(void *dest, int byte, size_t count, size_t dst_len)
{
__diagnose_count("memset", "count", count);
__diagnose_buffer_access("memset", "write into", count, dst_len);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(memset)(dst, byte, count);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(memset)(dest, byte, count);
}
#if defined(_GNU_SOURCE) || defined(_BSD_SOURCE)
size_t __strlcpy_diagnose(char *dst, const char *src,
size_t __strlcpy_diagnose(char *dest, const char *src,
size_t supplied_size, size_t dst_len_from_compiler)
{
__diagnose_buffer_access("strlcpy", "write into", supplied_size, dst_len_from_compiler);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(strlcpy)(dst, src, supplied_size);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(strlcpy)(dest, src, supplied_size);
}
size_t __strlcat_diagnose(char *dst, const char *src,
size_t __strlcat_diagnose(char *dest, const char *src,
size_t supplied_size, size_t dst_len_from_compiler)
{
__diagnose_buffer_access("strlcat", "write into", supplied_size, dst_len_from_compiler);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(strlcat)(dst, src, supplied_size);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(strlcat)(dest, src, supplied_size);
}
#endif
char* __strchr_diagnose(const char *s, int c, size_t s_len)
{
if (s_len == 0) {
__fortify_error("strchr: prevented read past end of buffer\n");
__fortify_error("strchr: avoid read exceed end of buffer\n");
}
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(strchr)(s, c);
}
......@@ -289,7 +289,7 @@ char* __strchr_diagnose(const char *s, int c, size_t s_len)
char *__strrchr_diagnose(const char *s, int c, size_t s_len)
{
if (s_len == 0) {
__fortify_error("strrchr: prevented read past end of buffer\n");
__fortify_error("strrchr: avoid read exceed end of buffer\n");
}
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(strrchr)(s, c);
}
......@@ -373,49 +373,49 @@ size_t __fwrite_chk(const void* buf, size_t size, size_t count, FILE* stream, si
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(fwrite)(buf, size, count, stream);
}
char* __fgets_chk(char* dst, int supplied_size, FILE* stream, size_t dst_len_from_compiler)
char* __fgets_chk(char* dest, int supplied_size, FILE* stream, size_t dst_len_from_compiler)
{
__diagnose_buffer_access("fgets", "write into", supplied_size, dst_len_from_compiler);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(fgets)(dst, supplied_size, stream);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(fgets)(dest, supplied_size, stream);
}
int __vsnprintf_chk(char* dst, size_t supplied_size, int flags,
int __vsnprintf_chk(char* dest, size_t supplied_size, int flags,
size_t dst_len_from_compiler, const char* format, va_list va)
{
__diagnose_buffer_access("vsnprintf", "write into", supplied_size, dst_len_from_compiler);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(vsnprintf)(dst, supplied_size, format, va);
return __DIAGNOSE_CALL_BYPASSING_FORTIFY(vsnprintf)(dest, supplied_size, format, va);
}
int __vsprintf_chk(char* dst, int flags,
int __vsprintf_chk(char* dest, int flags,
size_t dst_len_from_compiler, const char* format, va_list va)
{
// The compiler uses SIZE_MAX to mean "no idea", but our vsnprintf rejects sizes that large.
int result = __DIAGNOSE_CALL_BYPASSING_FORTIFY(vsnprintf)(dst,
// The compiler has SIZE_MAX, But vsnprintf cannot use such a large size.
int result = __DIAGNOSE_CALL_BYPASSING_FORTIFY(vsnprintf)(dest,
dst_len_from_compiler == SIZE_MAX ? SSIZE_MAX : dst_len_from_compiler,
format, va);
// Try to catch failures after the fact...
// Attempts to find out after the fact fail.
__diagnose_buffer_access("vsprintf", "write into", result + 1, dst_len_from_compiler);
return result;
}
#undef SSIZE_MAX
#undef SIZE_MAX
int __snprintf_chk(char* dst, size_t supplied_size, int flags,
int __snprintf_chk(char* dest, size_t supplied_size, int flags,
size_t dst_len_from_compiler, const char* format, ...)
{
va_list va;
va_start(va, format);
int result = __vsnprintf_chk(dst, supplied_size, flags, dst_len_from_compiler, format, va);
int result = __vsnprintf_chk(dest, supplied_size, flags, dst_len_from_compiler, format, va);
va_end(va);
return result;
}
int __sprintf_chk(char* dst, int flags, size_t dst_len_from_compiler, const char* format, ...)
int __sprintf_chk(char* dest, int flags, size_t dst_len_from_compiler, const char* format, ...)
{
va_list va;
va_start(va, format);
int result = __vsprintf_chk(dst, flags, dst_len_from_compiler, format, va);
int result = __vsprintf_chk(dest, flags, dst_len_from_compiler, format, va);
va_end(va);
return result;
}
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册