aboutsummaryrefslogtreecommitdiff
path: root/debug
diff options
context:
space:
mode:
Diffstat (limited to 'debug')
-rw-r--r--debug/Makefile10
-rw-r--r--debug/Versions4
-rw-r--r--debug/asprintf_chk.c38
-rw-r--r--debug/dprintf_chk.c37
-rw-r--r--debug/obprintf_chk.c117
-rw-r--r--debug/tst-chk1.c36
-rw-r--r--debug/vasprintf_chk.c97
-rw-r--r--debug/vdprintf_chk.c69
8 files changed, 405 insertions, 3 deletions
diff --git a/debug/Makefile b/debug/Makefile
index a2c28f9737..ece7ee6bd7 100644
--- a/debug/Makefile
+++ b/debug/Makefile
@@ -1,4 +1,4 @@
-# Copyright (C) 1998-2001,2004,2005,2006,2007 Free Software Foundation, Inc.
+# Copyright (C) 1998-2001,2004-2008 Free Software Foundation, Inc.
# This file is part of the GNU C Library.
# The GNU C Library is free software; you can redistribute it and/or
@@ -41,7 +41,8 @@ routines = backtrace backtracesyms backtracesymsfd noophooks \
confstr_chk getgroups_chk ttyname_r_chk getlogin_r_chk \
gethostname_chk getdomainname_chk wcrtomb_chk mbsnrtowcs_chk \
wcsnrtombs_chk mbsrtowcs_chk wcsrtombs_chk mbstowcs_chk \
- wcstombs_chk \
+ wcstombs_chk asprintf_chk vasprintf_chk dprintf_chk \
+ vdprintf_chk obprintf_chk \
stack_chk_fail fortify_fail \
$(static-only-routines)
static-only-routines := warning-nop stack_chk_fail_local
@@ -51,6 +52,11 @@ CFLAGS-sprintf_chk.c = -D_IO_MTSAFE_IO
CFLAGS-snprintf_chk.c = -D_IO_MTSAFE_IO
CFLAGS-vsprintf_chk.c = -D_IO_MTSAFE_IO
CFLAGS-vsnprintf_chk.c = -D_IO_MTSAFE_IO
+CFLAGS-asprintf_chk.c = -D_IO_MTSAFE_IO
+CFLAGS-vasprintf_chk.c = -D_IO_MTSAFE_IO
+CFLAGS-obprintf_chk.c = -D_IO_MTSAFE_IO
+CFLAGS-dprintf_chk.c = -D_IO_MTSAFE_IO $(exceptions)
+CFLAGS-vdprintf_chk.c = -D_IO_MTSAFE_IO $(exceptions)
CFLAGS-printf_chk.c = -D_IO_MTSAFE_IO $(exceptions)
CFLAGS-fprintf_chk.c = -D_IO_MTSAFE_IO $(exceptions)
CFLAGS-vprintf_chk.c = -D_IO_MTSAFE_IO $(exceptions)
diff --git a/debug/Versions b/debug/Versions
index e467cc0602..ef6b08b7b3 100644
--- a/debug/Versions
+++ b/debug/Versions
@@ -42,6 +42,10 @@ libc {
GLIBC_2.7 {
__fread_chk; __fread_unlocked_chk;
}
+ GLIBC_2.8 {
+ __asprintf_chk; __vasprintf_chk; __dprintf_chk; __vdprintf_chk;
+ __obstack_printf_chk; __obstack_vprintf_chk;
+ }
GLIBC_PRIVATE {
__fortify_fail;
}
diff --git a/debug/asprintf_chk.c b/debug/asprintf_chk.c
new file mode 100644
index 0000000000..fd943c851b
--- /dev/null
+++ b/debug/asprintf_chk.c
@@ -0,0 +1,38 @@
+/* Copyright (C) 1991, 1995, 1997, 1998, 2004, 2006, 2008
+ Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, write to the Free
+ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+ 02111-1307 USA. */
+
+#include <libioP.h>
+#include <stdarg.h>
+#include <stdio.h>
+
+
+/* Write formatted output from FORMAT to a string which is
+ allocated with malloc and stored in *STRING_PTR. */
+int
+__asprintf_chk (char **result_ptr, int flags, const char *format, ...)
+{
+ va_list arg;
+ int done;
+
+ va_start (arg, format);
+ done = __vasprintf_chk (result_ptr, flags, format, arg);
+ va_end (arg);
+
+ return done;
+}
diff --git a/debug/dprintf_chk.c b/debug/dprintf_chk.c
new file mode 100644
index 0000000000..d9e6705db0
--- /dev/null
+++ b/debug/dprintf_chk.c
@@ -0,0 +1,37 @@
+/* Copyright (C) 1991, 1995, 1997, 1998, 2004, 2006, 2008
+ Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, write to the Free
+ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+ 02111-1307 USA. */
+
+#include <libioP.h>
+#include <stdarg.h>
+#include <stdio.h>
+
+
+/* Write formatted output to D, according to the format string FORMAT. */
+int
+__dprintf_chk (int d, int flags, const char *format, ...)
+{
+ va_list arg;
+ int done;
+
+ va_start (arg, format);
+ done = __vdprintf_chk (d, flags, format, arg);
+ va_end (arg);
+
+ return done;
+}
diff --git a/debug/obprintf_chk.c b/debug/obprintf_chk.c
new file mode 100644
index 0000000000..8e7014f394
--- /dev/null
+++ b/debug/obprintf_chk.c
@@ -0,0 +1,117 @@
+/* Print output of stream to given obstack.
+ Copyright (C) 1996,1997,1999,2000,2001,2002,2003,2004,2005,2006,2008
+ Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+ Contributed by Ulrich Drepper <drepper@cygnus.com>, 1996.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, write to the Free
+ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+ 02111-1307 USA. */
+
+
+#include <stdlib.h>
+#include <libioP.h>
+#include "../libio/strfile.h"
+#include <assert.h>
+#include <string.h>
+#include <errno.h>
+#include <obstack.h>
+#include <stdarg.h>
+#include <stdio_ext.h>
+
+
+struct _IO_obstack_file
+{
+ struct _IO_FILE_plus file;
+ struct obstack *obstack;
+};
+
+extern const struct _IO_jump_t _IO_obstack_jumps attribute_hidden;
+
+int
+__obstack_vprintf_chk (struct obstack *obstack, int flags, const char *format,
+ va_list args)
+{
+ struct obstack_FILE
+ {
+ struct _IO_obstack_file ofile;
+ } new_f;
+ int result;
+ int size;
+ int room;
+
+#ifdef _IO_MTSAFE_IO
+ new_f.ofile.file.file._lock = NULL;
+#endif
+
+ _IO_no_init (&new_f.ofile.file.file, _IO_USER_LOCK, -1, NULL, NULL);
+ _IO_JUMPS (&new_f.ofile.file) = &_IO_obstack_jumps;
+ room = obstack_room (obstack);
+ size = obstack_object_size (obstack) + room;
+ if (size == 0)
+ {
+ /* We have to handle the allocation a bit different since the
+ `_IO_str_init_static' function would handle a size of zero
+ different from what we expect. */
+
+ /* Get more memory. */
+ obstack_make_room (obstack, 64);
+
+ /* Recompute how much room we have. */
+ room = obstack_room (obstack);
+ size = room;
+
+ assert (size != 0);
+ }
+
+ _IO_str_init_static_internal ((struct _IO_strfile_ *) &new_f.ofile,
+ obstack_base (obstack),
+ size, obstack_next_free (obstack));
+ /* Now allocate the rest of the current chunk. */
+ assert (size == (new_f.ofile.file.file._IO_write_end
+ - new_f.ofile.file.file._IO_write_base));
+ assert (new_f.ofile.file.file._IO_write_ptr
+ == (new_f.ofile.file.file._IO_write_base
+ + obstack_object_size (obstack)));
+ obstack_blank_fast (obstack, room);
+
+ new_f.ofile.obstack = obstack;
+
+ /* For flags > 0 (i.e. __USE_FORTIFY_LEVEL > 1) request that %n
+ can only come from read-only format strings. */
+ if (flags > 0)
+ new_f.ofile.file.file._flags2 |= _IO_FLAGS2_FORTIFY;
+
+ result = INTUSE(_IO_vfprintf) (&new_f.ofile.file.file, format, args);
+
+ /* Shrink the buffer to the space we really currently need. */
+ obstack_blank_fast (obstack, (new_f.ofile.file.file._IO_write_ptr
+ - new_f.ofile.file.file._IO_write_end));
+
+ return result;
+}
+libc_hidden_def (__obstack_vprintf_chk)
+
+
+int
+__obstack_printf_chk (struct obstack *obstack, int flags, const char *format,
+ ...)
+{
+ int result;
+ va_list ap;
+ va_start (ap, format);
+ result = __obstack_vprintf_chk (obstack, flags, format, ap);
+ va_end (ap);
+ return result;
+}
diff --git a/debug/tst-chk1.c b/debug/tst-chk1.c
index 487b071026..e03f3dba6d 100644
--- a/debug/tst-chk1.c
+++ b/debug/tst-chk1.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 2004, 2005, 2006, 2007 Free Software Foundation, Inc.
+/* Copyright (C) 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
This file is part of the GNU C Library.
Contributed by Jakub Jelinek <jakub@redhat.com>, 2004.
@@ -20,6 +20,7 @@
#include <assert.h>
#include <fcntl.h>
#include <locale.h>
+#include <obstack.h>
#include <paths.h>
#include <setjmp.h>
#include <signal.h>
@@ -31,6 +32,9 @@
#include <sys/socket.h>
#include <sys/un.h>
+#define obstack_chunk_alloc malloc
+#define obstack_chunk_free free
+
char *temp_filename;
static void do_prepare (void);
static int do_test (void);
@@ -705,6 +709,36 @@ do_test (void)
if (fprintf (fp, buf2 + 4, str5) != 7)
FAIL ();
+ char *my_ptr = NULL;
+ strcpy (buf2 + 2, "%n%s%n");
+ /* When the format string is writable and contains %n,
+ with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */
+ CHK_FAIL2_START
+ if (asprintf (&my_ptr, buf2, str4, &n1, str5, &n1) != 14)
+ FAIL ();
+ else
+ free (my_ptr);
+ CHK_FAIL2_END
+
+ struct obstack obs;
+ obstack_init (&obs);
+ CHK_FAIL2_START
+ if (obstack_printf (&obs, buf2, str4, &n1, str5, &n1) != 14)
+ FAIL ();
+ CHK_FAIL2_END
+ obstack_free (&obs, NULL);
+
+ my_ptr = NULL;
+ if (asprintf (&my_ptr, "%s%n%s%n", str4, &n1, str5, &n1) != 14)
+ FAIL ();
+ else
+ free (my_ptr);
+
+ obstack_init (&obs);
+ if (obstack_printf (&obs, "%s%n%s%n", str4, &n1, str5, &n1) != 14)
+ FAIL ();
+ obstack_free (&obs, NULL);
+
if (freopen (temp_filename, "r", stdin) == NULL)
{
puts ("could not open temporary file");
diff --git a/debug/vasprintf_chk.c b/debug/vasprintf_chk.c
new file mode 100644
index 0000000000..6105516d59
--- /dev/null
+++ b/debug/vasprintf_chk.c
@@ -0,0 +1,97 @@
+/* Copyright (C) 1995,1997,1999-2002,2004,2006,2008
+ Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, write to the Free
+ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+ 02111-1307 USA.
+
+ As a special exception, if you link the code in this file with
+ files compiled with a GNU compiler to produce an executable,
+ that does not cause the resulting executable to be covered by
+ the GNU Lesser General Public License. This exception does not
+ however invalidate any other reasons why the executable file
+ might be covered by the GNU Lesser General Public License.
+ This exception applies to code released by its copyright holders
+ in files containing the exception. */
+
+#include <malloc.h>
+#include <string.h>
+#include <stdio.h>
+#include <stdio_ext.h>
+#include "../libio/libioP.h"
+#include "../libio/strfile.h"
+
+int
+__vasprintf_chk (char **result_ptr, int flags, const char *format,
+ va_list args)
+{
+ /* Initial size of the buffer to be used. Will be doubled each time an
+ overflow occurs. */
+ const _IO_size_t init_string_size = 100;
+ char *string;
+ _IO_strfile sf;
+ int ret;
+ _IO_size_t needed;
+ _IO_size_t allocated;
+ /* No need to clear the memory here (unlike for open_memstream) since
+ we know we will never seek on the stream. */
+ string = (char *) malloc (init_string_size);
+ if (string == NULL)
+ return -1;
+#ifdef _IO_MTSAFE_IO
+ sf._sbf._f._lock = NULL;
+#endif
+ _IO_no_init ((_IO_FILE *) &sf._sbf, _IO_USER_LOCK, -1, NULL, NULL);
+ _IO_JUMPS ((struct _IO_FILE_plus *) &sf._sbf) = &_IO_str_jumps;
+ _IO_str_init_static_internal (&sf, string, init_string_size, string);
+ sf._sbf._f._flags &= ~_IO_USER_BUF;
+ sf._s._allocate_buffer = (_IO_alloc_type) malloc;
+ sf._s._free_buffer = (_IO_free_type) free;
+
+ /* For flags > 0 (i.e. __USE_FORTIFY_LEVEL > 1) request that %n
+ can only come from read-only format strings. */
+ if (flags > 0)
+ sf._sbf._f._flags2 |= _IO_FLAGS2_FORTIFY;
+
+ ret = INTUSE(_IO_vfprintf) (&sf._sbf._f, format, args);
+ if (ret < 0)
+ {
+ free (sf._sbf._f._IO_buf_base);
+ return ret;
+ }
+ /* Only use realloc if the size we need is of the same (binary)
+ order of magnitude then the memory we allocated. */
+ needed = sf._sbf._f._IO_write_ptr - sf._sbf._f._IO_write_base + 1;
+ allocated = sf._sbf._f._IO_write_end - sf._sbf._f._IO_write_base;
+ if ((allocated >> 1) <= needed)
+ *result_ptr = (char *) realloc (sf._sbf._f._IO_buf_base, needed);
+ else
+ {
+ *result_ptr = (char *) malloc (needed);
+ if (*result_ptr != NULL)
+ {
+ memcpy (*result_ptr, sf._sbf._f._IO_buf_base, needed - 1);
+ free (sf._sbf._f._IO_buf_base);
+ }
+ else
+ /* We have no choice, use the buffer we already have. */
+ *result_ptr = (char *) realloc (sf._sbf._f._IO_buf_base, needed);
+ }
+ if (*result_ptr == NULL)
+ *result_ptr = sf._sbf._f._IO_buf_base;
+ (*result_ptr)[needed - 1] = '\0';
+ return ret;
+}
+libc_hidden_def (__vasprintf_chk)
diff --git a/debug/vdprintf_chk.c b/debug/vdprintf_chk.c
new file mode 100644
index 0000000000..8f3d332a40
--- /dev/null
+++ b/debug/vdprintf_chk.c
@@ -0,0 +1,69 @@
+/* Copyright (C) 1995, 1997-2000, 2001, 2002, 2003, 2006, 2008
+ Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, write to the Free
+ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+ 02111-1307 USA.
+
+ As a special exception, if you link the code in this file with
+ files compiled with a GNU compiler to produce an executable,
+ that does not cause the resulting executable to be covered by
+ the GNU Lesser General Public License. This exception does not
+ however invalidate any other reasons why the executable file
+ might be covered by the GNU Lesser General Public License.
+ This exception applies to code released by its copyright holders
+ in files containing the exception. */
+
+#include <libioP.h>
+#include <stdio_ext.h>
+
+int
+__vdprintf_chk (int d, int flags, const char *format, va_list arg)
+{
+ struct _IO_FILE_plus tmpfil;
+ struct _IO_wide_data wd;
+ int done;
+
+#ifdef _IO_MTSAFE_IO
+ tmpfil.file._lock = NULL;
+#endif
+ _IO_no_init (&tmpfil.file, _IO_USER_LOCK, 0, &wd, &_IO_wfile_jumps);
+ _IO_JUMPS (&tmpfil) = &_IO_file_jumps;
+ INTUSE(_IO_file_init) (&tmpfil);
+#if !_IO_UNIFIED_JUMPTABLES
+ tmpfil.vtable = NULL;
+#endif
+ if (INTUSE(_IO_file_attach) (&tmpfil.file, d) == NULL)
+ {
+ INTUSE(_IO_un_link) (&tmpfil);
+ return EOF;
+ }
+ tmpfil.file._IO_file_flags =
+ (_IO_mask_flags (&tmpfil.file, _IO_NO_READS,
+ _IO_NO_READS+_IO_NO_WRITES+_IO_IS_APPENDING)
+ | _IO_DELETE_DONT_CLOSE);
+
+ /* For flags > 0 (i.e. __USE_FORTIFY_LEVEL > 1) request that %n
+ can only come from read-only format strings. */
+ if (flags > 0)
+ tmpfil.file._flags2 |= _IO_FLAGS2_FORTIFY;
+
+ done = INTUSE(_IO_vfprintf) (&tmpfil.file, format, arg);
+
+ _IO_FINISH (&tmpfil.file);
+
+ return done;
+}
+libc_hidden_def (__vdprintf_chk)