Merge "fortify: Migrate trivial cases to dynamic check macros"
am: a743f31981
Change-Id: If222a82b4c401a953c3dfe3bc4d5d52d0ae40eaf
This commit is contained in:
George Burgess IV
android-build-merger
commit
badc389096
3 changed files with 34 additions and 7 deletions
|
|
@ -45,7 +45,7 @@ ssize_t recvfrom(int fd, void* const buf __pass_object_size0, size_t len, int fl
|
|||
"'recvfrom' called with size bigger than buffer") {
|
||||
size_t bos = __bos0(buf);
|
||||
|
||||
if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
|
||||
if (__bos_trivially_not_lt(bos, len)) {
|
||||
return __call_bypassing_fortify(recvfrom)(fd, buf, len, flags, src_addr, addr_len);
|
||||
}
|
||||
return __recvfrom_chk(fd, buf, len, bos, flags, src_addr, addr_len);
|
||||
|
|
@ -60,7 +60,7 @@ ssize_t sendto(int fd, const void* const buf __pass_object_size0, size_t len, in
|
|||
"'sendto' called with size bigger than buffer") {
|
||||
size_t bos = __bos0(buf);
|
||||
|
||||
if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
|
||||
if (__bos_trivially_not_lt(bos, len)) {
|
||||
return __call_bypassing_fortify(sendto)(fd, buf, len, flags, dest_addr, addr_len);
|
||||
}
|
||||
return __sendto_chk(fd, buf, len, bos, flags, dest_addr, addr_len);
|
||||
|
|
|
|||
|
|
@ -46,7 +46,11 @@ void* memcpy(void* const dst __pass_object_size0, const void* src, size_t copy_a
|
|||
__overloadable
|
||||
__clang_error_if(__bos_unevaluated_lt(__bos0(dst), copy_amount),
|
||||
"'memcpy' called with size bigger than buffer") {
|
||||
return __builtin___memcpy_chk(dst, src, copy_amount, __bos0(dst));
|
||||
size_t bos_dst = __bos0(dst);
|
||||
if (__bos_trivially_not_lt(bos_dst, copy_amount)) {
|
||||
return __builtin_memcpy(dst, src, copy_amount);
|
||||
}
|
||||
return __builtin___memcpy_chk(dst, src, copy_amount, bos_dst);
|
||||
}
|
||||
|
||||
__BIONIC_FORTIFY_INLINE
|
||||
|
|
@ -54,7 +58,11 @@ void* memmove(void* const dst __pass_object_size0, const void* src, size_t len)
|
|||
__overloadable
|
||||
__clang_error_if(__bos_unevaluated_lt(__bos0(dst), len),
|
||||
"'memmove' called with size bigger than buffer") {
|
||||
return __builtin___memmove_chk(dst, src, len, __bos0(dst));
|
||||
size_t bos_dst = __bos0(dst);
|
||||
if (__bos_trivially_not_lt(bos_dst, len)) {
|
||||
return __builtin_memmove(dst, src, len);
|
||||
}
|
||||
return __builtin___memmove_chk(dst, src, len, bos_dst);
|
||||
}
|
||||
#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
|
||||
|
||||
|
|
@ -64,7 +72,11 @@ char* stpcpy(char* const dst __pass_object_size, const char* src)
|
|||
__overloadable
|
||||
__clang_error_if(__bos_unevaluated_leq(__bos(dst), __builtin_strlen(src)),
|
||||
"'stpcpy' called with string bigger than buffer") {
|
||||
return __builtin___stpcpy_chk(dst, src, __bos(dst));
|
||||
size_t bos_dst = __bos(dst);
|
||||
if (__bos_trivially_not_leq(bos_dst, __builtin_strlen(src))) {
|
||||
return __builtin_stpcpy(dst, src);
|
||||
}
|
||||
return __builtin___stpcpy_chk(dst, src, bos_dst);
|
||||
}
|
||||
#endif /* __ANDROID_API__ >= __ANDROID_API_L__ */
|
||||
|
||||
|
|
@ -74,7 +86,11 @@ char* strcpy(char* const dst __pass_object_size, const char* src)
|
|||
__overloadable
|
||||
__clang_error_if(__bos_unevaluated_leq(__bos(dst), __builtin_strlen(src)),
|
||||
"'strcpy' called with string bigger than buffer") {
|
||||
return __builtin___strcpy_chk(dst, src, __bos(dst));
|
||||
size_t bos_dst = __bos(dst);
|
||||
if (__bos_trivially_not_leq(bos_dst, __builtin_strlen(src))) {
|
||||
return __builtin_strcpy(dst, src);
|
||||
}
|
||||
return __builtin___strcpy_chk(dst, src, bos_dst);
|
||||
}
|
||||
|
||||
__BIONIC_FORTIFY_INLINE
|
||||
|
|
@ -94,7 +110,11 @@ void* memset(void* const s __pass_object_size0, int c, size_t n)
|
|||
"'memset' called with size bigger than buffer")
|
||||
/* If you're a user who wants this warning to go away: use `(&memset)(foo, bar, baz)`. */
|
||||
__clang_warning_if(c && !n, "'memset' will set 0 bytes; maybe the arguments got flipped?") {
|
||||
return __builtin___memset_chk(s, c, n, __bos0(s));
|
||||
size_t bos = __bos0(s);
|
||||
if (__bos_trivially_not_lt(bos, n)) {
|
||||
return __builtin_memset(s, c, n);
|
||||
}
|
||||
return __builtin___memset_chk(s, c, n, bos);
|
||||
}
|
||||
#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
|
||||
|
||||
|
|
|
|||
|
|
@ -296,6 +296,13 @@
|
|||
#define __bos_unevaluated_leq(bos_val, val) \
|
||||
((bos_val) != __BIONIC_FORTIFY_UNKNOWN_SIZE && (bos_val) <= (val))
|
||||
|
||||
/* Intended for use in evaluated contexts. */
|
||||
#define __bos_dynamic_check_impl(bos_val, op, index) \
|
||||
(bos_val == __BIONIC_FORTIFY_UNKNOWN_SIZE || (__builtin_constant_p(index) && bos_val op index))
|
||||
|
||||
/* The names here are meant to match nicely with the __bos_unevaluated macros above. */
|
||||
#define __bos_trivially_not_lt(bos_val, index) __bos_dynamic_check_impl((bos_val), >=, (index))
|
||||
#define __bos_trivially_not_leq(bos_val, index) __bos_dynamic_check_impl((bos_val), >, (index))
|
||||
|
||||
#if defined(__BIONIC_FORTIFY) || defined(__BIONIC_DECLARE_FORTIFY_HELPERS)
|
||||
# define __BIONIC_INCLUDE_FORTIFY_HEADERS 1
|
||||
|
|
|
|||
Loading…
Reference in a new issue