tequilaOS/platform_bionic
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Improve diagnostics from the assembler __memset_chk routines.

Browse source 
Change-Id: Ic165043ab8cd5e16866b3e11cfba960514cbdc57
This commit is contained in:
Elliott Hughes 2016-03-01 11:22:42 -08:00
parent 2de7983470
commit 62e59646f8
8 changed files with 20 additions and 62 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
libc/arch-arm/cortex-a15/bionic/memset.S
View file

@ -47,12 +47,7 @@ ENTRY(__memset_chk)
.cfi_def_cfa_offset 4
.cfi_rel_offset lr, 0
ldr r0, error_message
1:
add r0, pc
bl __fortify_fatal
error_message:
.word error_string-(1b+8)
bl __memset_chk_fail
END(__memset_chk)
ENTRY(bzero)
@ -181,7 +176,3 @@ ENTRY(memset)
ldmfd sp!, {r0}
bx lr
END(memset)
.data
error_string:
.string "memset: prevented write past end of buffer"

11
libc/arch-arm/cortex-a7/bionic/memset.S
View file

@ -47,12 +47,7 @@ ENTRY(__memset_chk)
.cfi_def_cfa_offset 4
.cfi_rel_offset lr, 0
ldr r0, error_message
1:
add r0, pc
bl __fortify_fatal
error_message:
.word error_string-(1b+8)
bl __memset_chk_fail
END(__memset_chk)
ENTRY(bzero)
@ -170,7 +165,3 @@ ENTRY(memset)
strbcs r1, [r3], #1
bx lr
END(memset)
.data
error_string:
.string "memset: prevented write past end of buffer"

11
libc/arch-arm/cortex-a9/bionic/memset.S
View file

@ -45,12 +45,7 @@ ENTRY(__memset_chk)
.cfi_def_cfa_offset 4
.cfi_rel_offset lr, 0
ldr r0, error_message
1:
add r0, pc
bl __fortify_fatal
error_message:
.word error_string-(1b+8)
bl __memset_chk_fail
END(__memset_chk)
ENTRY(bzero)
@ -172,7 +167,3 @@ ENTRY(memset)
strbcs r1, [r0]
ldmfd sp!, {r0, r4-r7, pc}
END(memset)
.data
error_string:
.string "memset: prevented write past end of buffer"

12
libc/arch-arm/denver/bionic/memset.S
View file

@ -49,13 +49,7 @@ ENTRY(__memset_chk)
.cfi_def_cfa_offset 4
.cfi_rel_offset lr, 0
ldr r0, error_message
1:
add r0, pc
bl __fortify_fatal
error_message:
.word error_string-(1b+8)
bl __memset_chk_fail
END(__memset_chk)
ENTRY(bzero)
@ -198,7 +192,3 @@ ENTRY(memset)
2:
bx lr
END(memset)
.data
error_string:
.string "memset: prevented write past end of buffer"

12
libc/arch-arm/generic/bionic/memset.S
View file

@ -40,13 +40,7 @@ ENTRY(__memset_chk)
cmp r2, r3
bls done
ldr r0, error_message
1:
add r0, pc
bl __fortify_fatal
error_message:
.word error_string-(1b+8)
bl __memset_chk_fail
END(__memset_chk)
ENTRY(bzero)
@ -123,7 +117,3 @@ ENTRY(memset)
strbcs r1, [r0]
ldmfd sp!, {r0, r4-r7, pc}
END(memset)
.data
error_string:
.string "memset: prevented write past end of buffer"

11
libc/arch-arm/krait/bionic/memset.S
View file

@ -47,12 +47,7 @@ ENTRY(__memset_chk)
.cfi_def_cfa_offset 4
.cfi_rel_offset lr, 0
ldr r0, error_message
1:
add r0, pc
bl __fortify_fatal
error_message:
.word error_string-(1b+8)
bl __memset_chk_fail
END(__memset_chk)
ENTRY(bzero)
@ -97,7 +92,3 @@ ENTRY(memset)
strbcs r1, [r3], #1
bx lr
END(memset)
.data
error_string:
.string "memset: prevented write past end of buffer"

8
libc/bionic/fortify.cpp
View file

@ -145,6 +145,14 @@ void* __memrchr_chk(const void* s, int c, size_t n, size_t actual_size) {
return memrchr(s, c, n);
}
// memset is performance-critical enough that we have assembler __memset_chk implementations.
// This function is used to give better diagnostics than we can easily do from assembler.
extern "C" void* __memset_chk_fail(void* /*dst*/, int /*byte*/, size_t count, size_t dst_len) {
__check_count("memset", "count", count);
__check_buffer_access("memset", "write into", count, dst_len);
abort(); // One of the above is supposed to have failed, otherwise we shouldn't have been called.
}
int __poll_chk(pollfd* fds, nfds_t fd_count, int timeout, size_t fds_size) {
__check_pollfd_array("poll", fds_size, fd_count);
return poll(fds, fd_count, timeout);

6
tests/fortify_test.cpp
View file

@ -560,6 +560,12 @@ TEST_F(DEATHTEST, memcpy_fortified) {
ASSERT_FORTIFY(memcpy(bufb, bufa, n));
}
TEST_F(DEATHTEST, memset_fortified) {
char buf[10];
size_t n = atoi("11");
ASSERT_FORTIFY(memset(buf, 0, n));
}
TEST_F(DEATHTEST, stpncpy_fortified) {
char bufa[15];
char bufb[10];