diff options
author | Ulrich Drepper <drepper@redhat.com> | 2004-10-18 04:17:19 +0000 |
---|---|---|
committer | Ulrich Drepper <drepper@redhat.com> | 2004-10-18 04:17:19 +0000 |
commit | b5cc329c4fb831ce99cd683caf3c5b5114c90010 (patch) | |
tree | 620ffc2f72cafdb90b9a679c022d3406a88c392c /string | |
parent | 10e0498e2d2de538b51b2685befc56f5c2691bf4 (diff) | |
download | glibc-b5cc329c4fb831ce99cd683caf3c5b5114c90010.tar glibc-b5cc329c4fb831ce99cd683caf3c5b5114c90010.tar.gz glibc-b5cc329c4fb831ce99cd683caf3c5b5114c90010.tar.bz2 glibc-b5cc329c4fb831ce99cd683caf3c5b5114c90010.zip |
2004-10-15 Jakub Jelinek <jakub@redhat.com>
* elf/dl-minimal.c (__chk_fail): New. Add rtld_hidden_def.
* sysdeps/unix/sysv/linux/readonly-area.c: New file.
* sysdeps/i386/i686/memmove.S (__memmove_chk): Add checking
routine.
* sysdeps/i386/i686/memcpy.S (__memcpy_chk): Likewise.
* sysdeps/i386/i686/mempcpy.S (__mempcpy_chk): Likewise.
* sysdeps/i386/i686/memset.S (__memset_chk): Likewise.
* sysdeps/i386/i686/memmove-chk.S: New file.
* sysdeps/i386/i686/memcpy-chk.S: Likewise.
* sysdeps/i386/i686/mempcpy-chk.S: Likewise.
* sysdeps/i386/i686/memset-chk.S: Likewise.
* sysdeps/generic/strcat-chk.c (__strcat_chk): Don't __chk_fail
if exactly fitting into buffer.
* sysdeps/generic/strncat-chk.c (__strncat_chk): Likewise.
* sysdeps/generic/readonly-area.c: New file.
* sysdeps/generic/strncpy-chk.c (__strncpy_chk): Only test
destlen once.
* sysdeps/x86_64/memset.S (__memset_chk): Add checking routine.
* sysdeps/x86_64/memcpy.S (__memcpy_chk): Likewise.
* sysdeps/x86_64/mempcpy.S (__memcpy_chk): Define to __mempcpy_chk.
* sysdeps/x86_64/memcpy-chk.S: New file.
* sysdeps/x86_64/mempcpy-chk.S: Likewise.
* sysdeps/x86_64/memset-chk.S: Likewise.
* sysdeps/x86_64/strcpy-chk.S: Likewise.
* sysdeps/x86_64/stpcpy-chk.S: Likewise.
* argp/argp-xinl.c (__OPTIMIZE__): Define to 1 instead of nothing.
* argp/argp-fs-xinl.c (__OPTIMIZE__): Likewise.
* debug/tst-chk1.c: New test.
* debug/tst-chk2.c: Likewise.
* debug/tst-chk3.c: Likewise.
* debug/test-strcpy_chk.c: Likewise.
* debug/test-stpcpy_chk.c: Likewise.
* debug/vsprintf_chk.c (__vsprintf_chk): If flags > 0, request
_IO_FLAGS2_CHECK_PERCENT_N. Add libc_hidden_def.
* debug/Makefile (routines): Add printf_chk, fprintf_chk, vprintf_chk,
vfprintf_chk, gets_chk and readonly-area.
(CFLAGS-*_chk.c): Set.
(tests): Add tst-chk1, tst-chk2, tst-chk3, test-strcpy_chk and
test-stpcpy_chk.
* debug/vprintf_chk.c: New file.
* debug/printf_chk.c: Likewise.
* debug/vfprintf_chk.c: Likewise.
* debug/fprintf_chk.c: Likewise.
* debug/gets_chk.c: Likewise.
* debug/chk_fail.c (__chk_fail): Add libc_hidden_def.
* debug/snprintf_chk.c (__snprintf_chk): Fix order of arguments
passed to __vsnprintf_chk.
* debug/Versions (libc): Export __printf_chk, __fprintf_chk,
__vprintf_chk, __vfprintf_chk and __gets_chk @GLIBC_2.3.4.
* debug/vsnprintf_chk.c (__vsnprintf_chk): Don't call
__vsnprintf, instead create a temporary file with
_IO_strn_jumps jumptable. If flags > 0, request
_IO_FLAGS2_CHECK_PERCENT_N. Add libc_hidden_def.
* libio/Makefile (headers): Add bits/stdio2.h.
* libio/stdio.h: Include <bits/stdio2.h> if __USE_FORTIFY_LEVEL.
(sprintf, snprintf, vsprintf, vsnprintf): Remove defines.
* libio/strfile.h (_IO_strnfile): New type.
(_IO_strn_jumps): New extern.
* libio/vsnprintf.c (_IO_strnfile): Remove.
(_IO_strn_jumps): Remove static.
* libio/bits/stdio2.h: New file.
* libio/vswprintf.c (_IO_strnfile): Rename type to...
(_IO_wstrnfile): ...this. Adjust all uses.
* libio/libio.h (_IO_FLAGS2_CHECK_PERCENT_N): Define.
* stdio-common/vfprintf.c (STR_LEN): Define.
(vfprintf): Add readonly_format variable.
Handle _IO_FLAGS2_CHECK_PERCENT_N.
(buffered_vfprintf): Copy _flags2.
* include/stdio.h (__sprintf_chk, __snprintf_chk, __vsprintf_chk,
__vsnprintf_chk, __printf_chk, __fprintf_chk, __vprintf_chk,
__vfprintf_chk): New prototypes.
(__vsprintf_chk, __vsnprintf_chk): Add libc_hidden_proto.
* include/string.h (__memcpy_chk, __memmove_chk, __mempcpy_chk,
__memset_chk, __strcpy_chk, __stpcpy_chk, __strncpy_chk, __strcat_chk,
__strncat_chk): New prototypes.
* include/bits/string3.h: New file.
* include/sys/cdefs.h (__chk_fail): Add libc_hidden_proto
and rtld_hidden_proto.
* string/Makefile (headers): Add bits/string3.h.
* string/bits/string3.h (bcopy, bzero): New defines.
(memset, memcpy, memmove, strcpy, strncpy, strcat, strncat): Change
macros so that inlines are used only if unknown destination size
or side-effects in destination argument.
(mempcpy, stpcpy): Likewise. Protect with #ifdef __USE_GNU.
2004-09-16 Ulrich Drepper <drepper@redhat.com>
* debug/Makefile (routines): Add *_chk.
* debug/Versions (libc): Export __chk_fail, __memcpy_chk,
__memmove_chk, __mempcpy_chk, __memset_chk, __stpcpy_chk,
__strcat_chk, __strcpy_chk, __strncat_chk, __strncpy_chk,
__sprintf_chk, __vsprintf_chk, __snprintf_chk, __vsnprintf_chk
@GLIBC_2.3.4.
* debug/chk_fail.c: New file.
* debug/snprintf_chk.c: Likewise.
* debug/sprintf_chk.c: Likewise.
* debug/vsnprintf_chk.c: Likewise.
* debug/vsprintf_chk.c: Likewise.
* include/features.h (_FORTIFY_SOURCE): Document, handle.
(__USE_FORTIFY_LEVEL): Define.
(__GNUC_PREREQ): Move to earlier location.
* include/sys/cdefs.h (__chk_fail): New prototype.
* libio/bits/stdio.h (sprintf, vsprintf, snprintf, vsnprintf):
Define if __USE_FORTIFY_LEVEL.
* misc/sys/cdefs.h (__bos, __bos0): Define.
* string/string.h: Include <bits/string3.h> if __USE_FORTIFY_LEVEL.
* bits/string/string3.h: New header.
* sysdeps/generic/memcpy_chk.c: New file.
* sysdeps/generic/memmove_chk.c: Likewise.
* sysdeps/generic/mempcpy_chk.c: Likewise.
* sysdeps/generic/memset_chk.c: Likewise.
* sysdeps/generic/stpcpy_chk.c: Likewise.
* sysdeps/generic/strcat_chk.c: Likewise.
* sysdeps/generic/strcpy_chk.c: Likewise.
* sysdeps/generic/strncat_chk.c: Likewise.
* sysdeps/generic/strncpy_chk.c: Likewise.
2004-10-15 Jakub Jelinek <jakub@redhat.com>
* elf/dl-minimal.c (__chk_fail): New. Add rtld_hidden_def.
* sysdeps/unix/sysv/linux/readonly-area.c: New file.
* sysdeps/i386/i686/memmove.S (__memmove_chk): Add checking
routine.
* sysdeps/i386/i686/memcpy.S (__memcpy_chk): Likewise.
* sysdeps/i386/i686/mempcpy.S (__mempcpy_chk): Likewise.
* sysdeps/i386/i686/memset.S (__memset_chk): Likewise.
* sysdeps/i386/i686/memmove-chk.S: New file.
* sysdeps/i386/i686/memcpy-chk.S: Likewise.
* sysdeps/i386/i686/mempcpy-chk.S: Likewise.
* sysdeps/i386/i686/memset-chk.S: Likewise.
* sysdeps/generic/strcat-chk.c (__strcat_chk): Don't __chk_fail
if exactly fitting into buffer.
* sysdeps/generic/strncat-chk.c (__strncat_chk): Likewise.
* sysdeps/generic/readonly-area.c: New file.
* sysdeps/generic/strncpy-chk.c (__strncpy_chk): Only test
destlen once.
* sysdeps/x86_64/memset.S (__memset_chk): Add checking routine.
* sysdeps/x86_64/memcpy.S (__memcpy_chk): Likewise.
* sysdeps/x86_64/mempcpy.S (__memcpy_chk): Define to __mempcpy_chk.
* sysdeps/x86_64/memcpy-chk.S: New file.
* sysdeps/x86_64/mempcpy-chk.S: Likewise.
* sysdeps/x86_64/memset-chk.S: Likewise.
* sysdeps/x86_64/strcpy-chk.S: Likewise.
* sysdeps/x86_64/stpcpy-chk.S: Likewise.
* argp/argp-xinl.c (__OPTIMIZE__): Define to 1 instead of nothing.
* argp/argp-fs-xinl.c (__OPTIMIZE__): Likewise.
* debug/tst-chk1.c: New test.
* debug/tst-chk2.c: Likewise.
* debug/tst-chk3.c: Likewise.
* debug/test-strcpy_chk.c: Likewise.
* debug/test-stpcpy_chk.c: Likewise.
* debug/vsprintf_chk.c (__vsprintf_chk): If flags > 0, request
_IO_FLAGS2_CHECK_PERCENT_N. Add libc_hidden_def.
* debug/Makefile (routines): Add printf_chk, fprintf_chk, vprintf_chk,
vfprintf_chk, gets_chk and readonly-area.
(CFLAGS-*_chk.c): Set.
(tests): Add tst-chk1, tst-chk2, tst-chk3, test-strcpy_chk and
test-stpcpy_chk.
* debug/vprintf_chk.c: New file.
* debug/printf_chk.c: Likewise.
* debug/vfprintf_chk.c: Likewise.
* debug/fprintf_chk.c: Likewise.
* debug/gets_chk.c: Likewise.
* debug/chk_fail.c (__chk_fail): Add libc_hidden_def.
* debug/snprintf_chk.c (__snprintf_chk): Fix order of arguments
passed to __vsnprintf_chk.
* debug/Versions (libc): Export __printf_chk, __fprintf_chk,
__vprintf_chk, __vfprintf_chk and __gets_chk @GLIBC_2.3.4.
* debug/vsnprintf_chk.c (__vsnprintf_chk): Don't call
__vsnprintf, instead create a temporary file with
_IO_strn_jumps jumptable. If flags > 0, request
_IO_FLAGS2_CHECK_PERCENT_N. Add libc_hidden_def.
* libio/Makefile (headers): Add bits/stdio2.h.
* libio/stdio.h: Include <bits/stdio2.h> if __USE_FORTIFY_LEVEL.
(sprintf, snprintf, vsprintf, vsnprintf): Remove defines.
* libio/strfile.h (_IO_strnfile): New type.
(_IO_strn_jumps): New extern.
* libio/vsnprintf.c (_IO_strnfile): Remove.
(_IO_strn_jumps): Remove static.
* libio/bits/stdio2.h: New file.
* libio/vswprintf.c (_IO_strnfile): Rename type to...
(_IO_wstrnfile): ...this. Adjust all uses.
* libio/libio.h (_IO_FLAGS2_CHECK_PERCENT_N): Define.
* stdio-common/vfprintf.c (STR_LEN): Define.
(vfprintf): Add readonly_format variable.
Handle _IO_FLAGS2_CHECK_PERCENT_N.
(buffered_vfprintf): Copy _flags2.
* include/stdio.h (__sprintf_chk, __snprintf_chk, __vsprintf_chk,
__vsnprintf_chk, __printf_chk, __fprintf_chk, __vprintf_chk,
__vfprintf_chk): New prototypes.
(__vsprintf_chk, __vsnprintf_chk): Add libc_hidden_proto.
* include/string.h (__memcpy_chk, __memmove_chk, __mempcpy_chk,
__memset_chk, __strcpy_chk, __stpcpy_chk, __strncpy_chk, __strcat_chk,
__strncat_chk): New prototypes.
* include/bits/string3.h: New file.
* include/sys/cdefs.h (__chk_fail): Add libc_hidden_proto
and rtld_hidden_proto.
* string/Makefile (headers): Add bits/string3.h.
* string/bits/string3.h (bcopy, bzero): New defines.
(memset, memcpy, memmove, strcpy, strncpy, strcat, strncat): Change
macros so that inlines are used only if unknown destination size
or side-effects in destination argument.
(mempcpy, stpcpy): Likewise. Protect with #ifdef __USE_GNU.
2004-09-16 Ulrich Drepper <drepper@redhat.com>
* debug/Makefile (routines): Add *_chk.
* debug/Versions (libc): Export __chk_fail, __memcpy_chk,
__memmove_chk, __mempcpy_chk, __memset_chk, __stpcpy_chk,
__strcat_chk, __strcpy_chk, __strncat_chk, __strncpy_chk,
__sprintf_chk, __vsprintf_chk, __snprintf_chk, __vsnprintf_chk
@GLIBC_2.3.4.
* debug/chk_fail.c: New file.
* debug/snprintf_chk.c: Likewise.
* debug/sprintf_chk.c: Likewise.
* debug/vsnprintf_chk.c: Likewise.
* debug/vsprintf_chk.c: Likewise.
* include/features.h (_FORTIFY_SOURCE): Document, handle.
(__USE_FORTIFY_LEVEL): Define.
(__GNUC_PREREQ): Move to earlier location.
* include/sys/cdefs.h (__chk_fail): New prototype.
* libio/bits/stdio.h (sprintf, vsprintf, snprintf, vsnprintf):
Define if __USE_FORTIFY_LEVEL.
* misc/sys/cdefs.h (__bos, __bos0): Define.
* string/string.h: Include <bits/string3.h> if __USE_FORTIFY_LEVEL.
* bits/string/string3.h: New header.
* sysdeps/generic/memcpy_chk.c: New file.
* sysdeps/generic/memmove_chk.c: Likewise.
* sysdeps/generic/mempcpy_chk.c: Likewise.
* sysdeps/generic/memset_chk.c: Likewise.
* sysdeps/generic/stpcpy_chk.c: Likewise.
* sysdeps/generic/strcat_chk.c: Likewise.
* sysdeps/generic/strcpy_chk.c: Likewise.
* sysdeps/generic/strncat_chk.c: Likewise.
* sysdeps/generic/strncpy_chk.c: Likewise.
Diffstat (limited to 'string')
-rw-r--r-- | string/Makefile | 2 | ||||
-rw-r--r-- | string/bits/string3.h | 167 | ||||
-rw-r--r-- | string/string.h | 5 |
3 files changed, 173 insertions, 1 deletions
diff --git a/string/Makefile b/string/Makefile index 5ab487f5ba..66469f586e 100644 --- a/string/Makefile +++ b/string/Makefile @@ -23,7 +23,7 @@ subdir := string headers := string.h strings.h memory.h endian.h bits/endian.h \ argz.h envz.h byteswap.h bits/byteswap.h bits/string.h \ - bits/string2.h + bits/string2.h bits/string3.h routines := strcat strchr strcmp strcoll strcpy strcspn \ strverscmp strdup strndup \ diff --git a/string/bits/string3.h b/string/bits/string3.h new file mode 100644 index 0000000000..87cbe35bb1 --- /dev/null +++ b/string/bits/string3.h @@ -0,0 +1,167 @@ +/* Copyright (C) 2004 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, write to the Free + Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307 USA. */ + +#ifndef _STRING_H +# error "Never use <bits/string3.h> directly; include <string.h> instead." +#endif + +/* XXX This is temporarily. We should not redefine any of the symbols + and instead integrate the error checking into the original + definitions. */ +#undef memcpy +#undef memmove +#undef memset +#undef strcat +#undef strcpy +#undef strncat +#undef strncpy +#ifdef __USE_GNU +# undef mempcpy +# undef stpcpy +#endif +#ifdef __USE_BSD +# undef bcopy +# undef bzero +#endif + + +#define memcpy(dest, src, len) \ + ((__bos0 (dest) != (size_t) -1) \ + ? __builtin___memcpy_chk (dest, src, len, __bos0 (dest)) \ + : __memcpy_ichk (dest, src, len)) +static __inline__ void * +__attribute__ ((__always_inline__)) +__memcpy_ichk (void *__restrict __dest, const void *__restrict __src, + size_t __len) +{ + return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest)); +} + + +#define memmove(dest, src, len) \ + ((__bos0 (dest) != (size_t) -1) \ + ? __builtin___memmove_chk (dest, src, len, __bos0 (dest)) \ + : __memmove_ichk (dest, src, len)) +static __inline__ void * +__attribute__ ((__always_inline__)) +__memmove_ichk (void *__dest, const void *__src, size_t __len) +{ + return __builtin___memmove_chk (__dest, __src, __len, __bos0 (__dest)); +} + + +#ifdef __USE_GNU +# define mempcpy(dest, src, len) \ + ((__bos0 (dest) != (size_t) -1) \ + ? __builtin___mempcpy_chk (dest, src, len, __bos0 (dest)) \ + : __mempcpy_ichk (dest, src, len)) +static __inline__ void * +__attribute__ ((__always_inline__)) +__mempcpy_ichk (void *__restrict __dest, const void *__restrict __src, + size_t __len) +{ + return __builtin___mempcpy_chk (__dest, __src, __len, __bos0 (__dest)); +} +#endif + + +#define memset(dest, ch, len) \ + ((__bos0 (dest) != (size_t) -1) \ + ? __builtin___memset_chk (dest, ch, len, __bos0 (dest)) \ + : __memset_ichk (dest, ch, len)) +static __inline__ void * +__attribute__ ((__always_inline__)) +__memset_ichk (void *__dest, int __ch, size_t __len) +{ + return __builtin___memset_chk (__dest, __ch, __len, __bos0 (__dest)); +} + +#ifdef __USE_BSD +# define bcopy(src, dest, len) ((void) \ + ((__bos0 (dest) != (size_t) -1) \ + ? __builtin___memmove_chk (dest, src, len, __bos0 (dest)) \ + : __memmove_ichk (dest, src, len))) +# define bzero(dest, len) ((void) \ + ((__bos0 (dest) != (size_t) -1) \ + ? __builtin___memset_chk (dest, '\0', len, __bos0 (dest)) \ + : __memset_ichk (dest, '\0', len))) +#endif + + +#define strcpy(dest, src) \ + ((__bos (dest) != (size_t) -1) \ + ? __builtin___strcpy_chk (dest, src, __bos (dest)) \ + : __strcpy_ichk (dest, src)) +static __inline__ char * +__attribute__ ((__always_inline__)) +__strcpy_ichk (char *__restrict __dest, const char *__restrict __src) +{ + return __builtin___strcpy_chk (__dest, __src, __bos (__dest)); +} + + +#ifdef __USE_GNU +# define stpcpy(dest, src) \ + ((__bos (dest) != (size_t) -1) \ + ? __builtin___stpcpy_chk (dest, src, __bos (dest)) \ + : __stpcpy_ichk (dest, src)) +static __inline__ char * +__attribute__ ((__always_inline__)) +__stpcpy_ichk (char *__restrict __dest, const char *__restrict __src) +{ + return __builtin___stpcpy_chk (__dest, __src, __bos (__dest)); +} +#endif + + +#define strncpy(dest, src, len) \ + ((__bos (dest) != (size_t) -1) \ + ? __builtin___strncpy_chk (dest, src, len, __bos (dest)) \ + : __strncpy_ichk (dest, src, len)) +static __inline__ char * +__attribute__ ((__always_inline__)) +__strncpy_ichk (char *__restrict __dest, const char *__restrict __src, + size_t __len) +{ + return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest)); +} + + +#define strcat(dest, src) \ + ((__bos (dest) != (size_t) -1) \ + ? __builtin___strcat_chk (dest, src, __bos (dest)) \ + : __strcat_ichk (dest, src)) +static __inline__ char * +__attribute__ ((__always_inline__)) +__strcat_ichk (char *__restrict __dest, const char *__restrict __src) +{ + return __builtin___strcat_chk (__dest, __src, __bos (__dest)); +} + + +#define strncat(dest, src, len) \ + ((__bos (dest) != (size_t) -1) \ + ? __builtin___strncat_chk (dest, src, len, __bos (dest)) \ + : __strncat_ichk (dest, src, len)) +static __inline__ char * +__attribute__ ((__always_inline__)) +__strncat_ichk (char *__restrict __dest, const char *__restrict __src, + size_t __len) +{ + return __builtin___strncat_chk (__dest, __src, __len, __bos (__dest)); +} diff --git a/string/string.h b/string/string.h index 4ea3a74ca7..1adf925bb0 100644 --- a/string/string.h +++ b/string/string.h @@ -416,6 +416,11 @@ extern char *basename (__const char *__filename) __THROW __nonnull ((1)); /* These are generic optimizations which do not add too much inline code. */ # include <bits/string2.h> # endif + +# if __USE_FORTIFY_LEVEL > 0 && !defined __cplusplus +/* Functions with security checks. */ +# include <bits/string3.h> +# endif #endif __END_DECLS |