am 848efa9d: Merge "Revert "FORTIFY_SOURCE: fortify read()""

* commit '848efa9dae84ac4e5e45869abe26225affeb2038':
  Revert "FORTIFY_SOURCE: fortify read()"

libc/Android.mk

@@ -203,7 +203,6 @@ libc_common_src_files += \
     bionic/__memcpy_chk.cpp \
     bionic/__memmove_chk.cpp \
     bionic/__memset_chk.cpp \
-    bionic/__read_chk.cpp \
     bionic/__recvfrom_chk.cpp \
     bionic/__strcat_chk.cpp \
     bionic/__strchr_chk.cpp \

libc/bionic/__read_chk.cpp

@@ -1,43 +0,0 @@
-/*
- * Copyright (C) 2013 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *  * Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *  * Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-#include <unistd.h>
-#include "private/libc_logging.h"
-
-extern "C" ssize_t __read_chk(int fd, void* buf, size_t count, size_t buf_size) {
-  if (__predict_false(count > buf_size)) {
-    __fortify_chk_fail("read prevented write past end of buffer", 0);
-  }
-
-  if (__predict_false(count > SSIZE_MAX)) {
-    __fortify_chk_fail("read count > SSIZE_MAX", 0);
-  }
-
-  return read(fd, buf, count);
-}

libc/include/unistd.h

@@ -202,39 +202,6 @@ extern int setdomainname(const char *, size_t);
     } while (_rc == -1 && errno == EINTR); \
     _rc; })
 
-#if defined(__BIONIC_FORTIFY)
-extern ssize_t __read_chk(int, void*, size_t, size_t);
-__errordecl(__read_dest_size_error, "read called with size bigger than destination");
-__errordecl(__read_count_toobig_error, "read called with count > SSIZE_MAX");
-extern ssize_t __read_real(int, void*, size_t)
-    __asm__(__USER_LABEL_PREFIX__ "read");
-
-__BIONIC_FORTIFY_INLINE
-ssize_t read(int fd, void* buf, size_t count) {
-    size_t bos = __bos0(buf);
-
-#if !defined(__clang__)
-    if (__builtin_constant_p(count) && (count > SSIZE_MAX)) {
-        __read_count_toobig_error();
-    }
-
-    if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
-        return __read_real(fd, buf, count);
-    }
-
-    if (__builtin_constant_p(count) && (count > bos)) {
-        __read_dest_size_error();
-    }
-
-    if (__builtin_constant_p(count) && (count <= bos)) {
-        return __read_real(fd, buf, count);
-    }
-#endif
-
-    return __read_chk(fd, buf, count, bos);
-}
-#endif /* defined(__BIONIC_FORTIFY) */
-
 __END_DECLS
 
 #endif /* _UNISTD_H_ */

tests/fortify_test.cpp

@@ -21,7 +21,6 @@
 #include <sys/stat.h>
 #include <sys/socket.h>
 #include <malloc.h>
-#include <fcntl.h>
 
 // We have to say "DeathTest" here so gtest knows to run this test (which exits)
 // in its own process. Unfortunately, the C preprocessor doesn't give us an
@@ -569,15 +568,6 @@ TEST(DEATHTEST, FD_ZERO_fortified) {
   ASSERT_EXIT(FD_ZERO(set), testing::KilledBySignal(SIGABRT), "");
 }
 
-TEST(DEATHTEST, read_fortified) {
-  ::testing::FLAGS_gtest_death_test_style = "threadsafe";
-  char buf[1];
-  size_t ct = atoi("2"); // prevent optimizations
-  int fd = open("/dev/null", O_RDONLY);
-  ASSERT_EXIT(read(fd, buf, ct), testing::KilledBySignal(SIGABRT), "");
-  close(fd);
-}
-
 extern "C" char* __strncat_chk(char*, const char*, size_t, size_t);
 extern "C" char* __strcat_chk(char*, const char*, size_t);