Page MenuHomeFreeBSD
Files F133297592

D3043.id6861.diff
No OneTemporary
Actions

D3043.id6861.diff
View Options

Index: etc/mtree/BSD.include.dist
===================================================================
--- etc/mtree/BSD.include.dist
+++ etc/mtree/BSD.include.dist
@@ -321,6 +321,8 @@
mac_partition
..
..
+ secure
+ ..
ssp
..
sys
Index: include/Makefile
===================================================================
--- include/Makefile
+++ include/Makefile
@@ -6,7 +6,7 @@
.include <src.opts.mk>
CLEANFILES= osreldate.h version vers.c
-SUBDIR= arpa protocols rpcsvc rpc xlocale
+SUBDIR= arpa protocols rpcsvc rpc secure xlocale
INCS= a.out.h ar.h assert.h bitstring.h complex.h cpio.h _ctype.h ctype.h \
db.h \
dirent.h dlfcn.h elf.h elf-hints.h err.h fmtmsg.h fnmatch.h fstab.h \
Index: include/secure/Makefile
===================================================================
--- /dev/null
+++ include/secure/Makefile
@@ -0,0 +1,6 @@
+# $FreeBSD$
+
+INCS= security.h _poll.h _select.h _socket.h _stat.h _stdio.h _string.h _strings.h _unistd.h
+INCSDIR= ${INCLUDEDIR}/secure
+
+.include <bsd.prog.mk>
Index: include/secure/_poll.h
===================================================================
--- /dev/null
+++ include/secure/_poll.h
@@ -0,0 +1,94 @@
+/*
+ * Copyright (C) 2008 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: eeb9f5e41662828989f3913d81ec23229a668434
+ *
+ * $FreeBSD$
+ */
+
+#ifndef _SYS_POLL_H_
+#error "You should not use <secure/_poll.h> directly; include <sys/poll.h> instead."
+#endif
+
+#ifndef _SECURE_POLL_H_
+#define _SECURE_POLL_H_
+
+#include <secure/security.h>
+
+__BEGIN_DECLS
+
+int __poll_chk(struct pollfd *, nfds_t, int, size_t);
+int __poll_real(struct pollfd *, nfds_t, int) __RENAME(poll);
+__errordecl(__poll_too_small_error, "poll: pollfd array smaller than fd count");
+
+int __ppoll_chk(struct pollfd *, nfds_t, const struct timespec *, const sigset_t *, size_t);
+int __ppoll_real(struct pollfd *, nfds_t, const struct timespec *, const sigset_t *) __RENAME(ppoll);
+__errordecl(__ppoll_too_small_error, "ppoll: pollfd array smaller than fd count");
+
+#if defined(__BSD_FORTIFY)
+
+__FORTIFY_INLINE int
+poll(struct pollfd *fds, nfds_t fd_count, int timeout)
+{
+
+#if defined(__clang__)
+ return (__poll_chk(fds, fd_count, timeout, __bos(fds)));
+#else
+ if (__bos(fds) != __FORTIFY_UNKNOWN_SIZE) {
+ if (!__builtin_constant_p(fd_count))
+ return (__poll_chk(fds, fd_count, timeout, __bos(fds)));
+ else if (__bos(fds) / sizeof(*fds) < fd_count)
+ __poll_too_small_error();
+ }
+ return (__poll_real(fds, fd_count, timeout));
+#endif
+}
+
+#if __BSD_VISIBLE
+__FORTIFY_INLINE int
+ppoll(struct pollfd *fds, nfds_t fd_count, const struct timespec *timeout, const sigset_t *mask)
+{
+
+#if defined(__clang__)
+ return (__ppoll_chk(fds, fd_count, timeout, mask, __bos(fds)));
+#else
+ if (__bos(fds) != __FORTIFY_UNKNOWN_SIZE) {
+ if (!__builtin_constant_p(fd_count))
+ return (__ppoll_chk(fds, fd_count, timeout, mask, __bos(fds)));
+ else if (__bos(fds) / sizeof(*fds) < fd_count)
+ __ppoll_too_small_error();
+ }
+ return (__ppoll_real(fds, fd_count, timeout, mask));
+#endif
+}
+#endif
+
+#endif
+
+__END_DECLS
+
+#endif /* !_SECURE_POLL_H_ */
Index: include/secure/_select.h
===================================================================
--- /dev/null
+++ include/secure/_select.h
@@ -0,0 +1,59 @@
+/*-
+ * Copyright (C) 2008 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: eeb9f5e41662828989f3913d81ec23229a668434
+ *
+ * $FreeBSD$
+ */
+
+#ifndef _SYS_SELECT_H_
+#error "You should not use <secure/_select.h> directly; include <sys/select.h> instead."
+#endif
+
+#ifndef _SECURE_SELECT_H_
+#define _SECURE_SELECT_H_
+
+#include <secure/security.h>
+
+__BEGIN_DECLS
+
+extern void __FD_CLR_chk(int, fd_set *, size_t);
+extern void __FD_SET_chk(int, fd_set *, size_t);
+extern int __FD_ISSET_chk(int, fd_set *, size_t);
+
+#if defined(__BSD_FORTIFY)
+#undef FD_CLR
+#define FD_CLR(fd, set) __FD_CLR_chk(fd, set, __bos(set))
+#undef FD_SET
+#define FD_SET(fd, set) __FD_SET_chk(fd, set, __bos(set))
+#undef FD_ISSET
+#define FD_ISSET(fd, set) __FD_ISSET_chk(fd, set, __bos(set))
+#endif /* defined(__BSD_FORTIFY) */
+
+__END_DECLS
+
+#endif /* !_SECURE_SELECT_H_ */
Index: include/secure/_socket.h
===================================================================
--- /dev/null
+++ include/secure/_socket.h
@@ -0,0 +1,81 @@
+/*
+ * Copyright (C) 2008 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: a8993c994e45ec2dc00dcef15910560e22d67be9
+ *
+ * $FreeBSD$
+ */
+
+
+#ifndef _SYS_SOCKET_H_
+#error "You should not use <secure/socket.h> directly; include <sys/socket.h> instead."
+#endif
+
+#ifndef _SECURE_SOCKET_H_
+#define _SECURE_SOCKET_H_
+
+#include <secure/security.h>
+
+__BEGIN_DECLS
+
+extern ssize_t __recvfrom_chk(int, void *, size_t, size_t, int, struct sockaddr * __restrict, socklen_t * __restrict);
+extern ssize_t __recvfrom_real(int, void *, size_t, int, const struct sockaddr *, socklen_t *)__RENAME(recvfrom);
+__errordecl(__recvfrom_error, "recvfrom called with size bigger than buffer");
+
+#if defined(__BSD_FORTIFY)
+
+__FORTIFY_INLINE ssize_t
+recvfrom(int fd, void *buf, size_t len, int flags,
+ struct sockaddr * __restrict src_addr, socklen_t * __restrict addr_len)
+{
+ size_t bos = __bos0(buf);
+
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__recvfrom_real(fd, buf, len, flags, src_addr, addr_len));
+#if !defined(__clang__)
+ if (__builtin_constant_p(len) && (len <= bos))
+ return (__recvfrom_real(fd, buf, len, flags, src_addr, addr_len));
+ if (__builtin_constant_p(len) && (len > bos))
+ __recvfrom_error();
+#endif
+
+ return (__recvfrom_chk(fd, buf, len, bos, flags, src_addr, addr_len));
+}
+
+
+__FORTIFY_INLINE ssize_t
+recv(int socket, void *buf, size_t len, int flags)
+{
+
+ return recvfrom(socket, buf, len, flags, NULL, 0);
+}
+
+#endif /* !__BSD_FORTIFY */
+
+__END_DECLS
+
+#endif /* !_SECURE_SOCKET_H */
Index: include/secure/_stat.h
===================================================================
--- /dev/null
+++ include/secure/_stat.h
@@ -0,0 +1,67 @@
+/*-
+ * Copyright (C) 2008 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: d807b9a12d3e49132b095df3d883618452033b51
+ *
+ * $FreeBSD$
+ */
+
+#ifndef _SYS_STAT_H_
+#error "You should not use <secure/stat.h> directly; include <sys/stat.h> instead."
+#endif
+
+#ifndef _SECURE_STAT_H_
+#define _SECURE_STAT_H_
+
+#include <secure/security.h>
+
+__BEGIN_DECLS
+
+extern mode_t __umask_chk(mode_t);
+extern mode_t __umask_real(mode_t) __RENAME(umask);
+__errordecl(__umask_invalid_mode, "umask called with invalid mode");
+
+#if defined(__BSD_FORTIFY)
+
+__FORTIFY_INLINE mode_t
+umask(mode_t mode)
+{
+#if !defined(__clang__)
+ if (__builtin_constant_p(mode)) {
+ if ((mode & 0777) != mode)
+ __umask_invalid_mode();
+
+ return (__umask_real(mode));
+ }
+#endif
+ return (__umask_chk(mode));
+}
+#endif /* defined(__BSD_FORTIFY) */
+
+__END_DECLS
+
+#endif /* !_SECURE_STAT_H_ */
Index: include/secure/_stdio.h
===================================================================
--- /dev/null
+++ include/secure/_stdio.h
@@ -0,0 +1,209 @@
+/* $FreeBSD$ */
+/* $OpenBSD: stdio.h,v 1.35 2006/01/13 18:10:09 miod Exp $ */
+/* $NetBSD: stdio.h,v 1.18 1996/04/25 18:29:21 jtc Exp $ */
+/* bionic rev: 6cc98af72b0c48c58b2ab5fdb5f7abb842175299 */
+
+/*-
+ * Copyright (c) 1990 The Regents of the University of California.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to Berkeley by
+ * Chris Torek.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * @(#)stdio.h 5.17 (Berkeley) 6/3/91
+ */
+
+#ifndef _STDIO_H_
+#error "You should not use <secure/stdio.h> directly; include <stdio.h> instead."
+#endif
+
+#ifndef _SECURE_STDIO_H_
+#define _SECURE_STDIO_H_
+
+#include <secure/security.h>
+#include <stdarg.h>
+
+__BEGIN_DECLS
+
+extern char *__fgets_chk(char *, int, FILE *, size_t);
+extern char *__fgets_real(char *, int, FILE *) __RENAME(fgets);
+extern char *__gets_chk(char *, size_t);
+extern char *__gets_real(char *) __RENAME(gets);
+__errordecl(__fgets_too_big_error, "fgets called with size bigger than buffer");
+__errordecl(__fgets_too_small_error, "fgets called with size less than zero");
+extern char *__gets_real(char *) __RENAME(gets);
+extern int __sprintf_real(char * __restrict, const char * __restrict, ...) __RENAME(sprintf);
+extern int __vsprintf_real(char * __restrict, const char * __restrict, __va_list) __RENAME(vsprintf);
+#if __ISO_C_VISIBLE >= 1999
+extern int __snprintf_real(char * __restrict, size_t, const char * __restrict, ...) __RENAME(snprintf) __printflike(3, 4);
+extern int __vsnprintf_real(char * __restrict, size_t, const char * __restrict, __va_list) __RENAME(vsnprintf) __printflike(3, 0);
+#endif
+
+#if defined(__BSD_FORTIFY)
+
+#if __ISO_C_VISIBLE >= 1999
+__FORTIFY_INLINE __printflike(3, 0) int
+vsnprintf(char *dest, size_t size, const char *format, __va_list ap)
+{
+ size_t bos = __bos(dest);
+
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__vsnprintf_real(dest, size, format, ap));
+
+ return (__vsnprintf_chk(dest, size, 0, bos, format, ap));
+}
+#endif /* __ISO_C_VISIBLE */
+
+__FORTIFY_INLINE __printflike(2, 0) int
+vsprintf(char *dest, const char *format, __va_list ap)
+{
+ size_t bos = __bos(dest);
+
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__vsprintf_real(dest, format, ap));
+
+ return (__vsprintf_chk(dest, 0, bos, format, ap));
+}
+
+#if __ISO_C_VISIBLE >= 1999
+#if !__GNUC_PREREQ__(4, 3) /* defined(__clang__) */
+#if !defined(snprintf)
+#define __wrap_snprintf(dest, size, ...) \
+ ({ \
+ size_t bos = __bos(dest); \
+ int ret; \
+ \
+ if (bos == __FORTIFY_UNKNOWN_SIZE) \
+ ret = __snprintf_real((dest), (size), __VA_ARGS__); \
+ else \
+ ret = __snprintf_chk((dest), (size), 0, bos, __VA_ARGS__); \
+ ret; \
+ })
+#define snprintf(dest, size, ...) __wrap_snprintf((dest), (size), __VA_ARGS__)
+#endif /* !snprintf */
+#else /* __GNUC_PREREQ__(4, 3) */
+__FORTIFY_INLINE __printflike(3, 4) int
+snprintf(char *dest, size_t size, const char *format, ...)
+{
+ size_t bos = __bos(dest);
+
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__snprintf_real(dest, size, format,
+ __builtin_va_arg_pack()));
+
+ return (__snprintf_chk(dest, size, 0, bos, format,
+ __builtin_va_arg_pack()));
+}
+#endif /* !__GNUC_PREREQ__(4, 3) */
+#endif /* __ISO_C_VISIBLE */
+
+#if !__GNUC_PREREQ__(4, 3) /* defined(__clang__) */
+#if !defined(sprintf)
+#define __wrap_sprintf(dest, ...) \
+ ({ \
+ size_t bos = __bos(dest); \
+ int ret; \
+ \
+ if (bos == __FORTIFY_UNKNOWN_SIZE) \
+ ret = __sprintf_real((dest), __VA_ARGS__); \
+ else \
+ ret = __sprintf_chk((dest), 0, bos, __VA_ARGS__); \
+ ret; \
+ })
+#define sprintf(dest, ...) __wrap_sprintf((dest), __VA_ARGS__)
+#endif /* !sprintf */
+#else /* __GNUC_PREREQ__(4, 3) */
+__FORTIFY_INLINE __printflike(2, 3) int
+sprintf(char *dest, const char *format, ...)
+{
+ size_t bos = __bos(dest);
+
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__sprintf_real(dest, __builtin_va_arg_pack()));
+
+ return (__sprintf_chk(dest, 0, __bos, format,
+ __builtin_va_arg_pack()));
+}
+
+#endif /* !__GNUC_PREREQ__(4, 3) */
+
+__FORTIFY_INLINE char *
+fgets(char *dest, int size, FILE *stream)
+{
+ size_t bos = __bos(dest);
+
+#if !defined(__clang__)
+ /*
+ * Compiler can prove, at compile time, that the passed in size
+ * is always negative.
+ * Force a compiler error.
+ */
+ if (__builtin_constant_p(size) && (size < 0))
+ __fgets_too_small_error();
+#endif
+ /*
+ * Compiler doesn 't know destination size.
+ * Don' t call __fgets_chk.
+ */
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__fgets_real(dest, size, stream));
+#if !defined(__clang__)
+ /*
+ * Compiler can prove, at compile time, that the passed in size
+ * is always <= the actual object size.
+ * Don 't call __fgets_chk.
+ */
+ if (__builtin_constant_p(size) && (size <= (int)bos))
+ return (__fgets_real(dest, size, stream));
+ /*
+ * Compiler can prove, at compile time, that the passed in size
+ * is always > the actual object size.
+ * Force a compiler error.
+ */
+ if (__builtin_constant_p(size) && (size > (int)bos))
+ __fgets_too_big_error();
+#endif
+ return (__fgets_chk(dest, size, stream, bos));
+}
+
+
+__FORTIFY_INLINE char *
+gets(char *dest)
+{
+ size_t bos = __bos(dest);
+
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__gets_real(dest));
+
+ return (__gets_chk(dest, bos));
+}
+
+#endif /* defined(__BSD_FORTIFY) */
+
+__END_DECLS
+
+#endif /* !_SECURE_STDIO_H_ */
Index: include/secure/_string.h
===================================================================
--- /dev/null
+++ include/secure/_string.h
@@ -0,0 +1,446 @@
+/*-
+ * Copyright (c) 2015 Oliver Pinter
+ * Copyright (C) 2008 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: 9ef26a3c4cd2e6d469f771815a07cb820800beb6
+ *
+ * $FreeBSD$
+ */
+
+#ifndef _STRING_H_
+#error "You should not use <secure/string.h> directly; include <string.h> instead."
+#endif
+
+#ifndef _SECURE_STRING_H_
+#define _SECURE_STRING_H_
+
+#include <secure/security.h>
+
+__BEGIN_DECLS
+
+extern void *__memccpy_chk(void *, const void *, int, size_t, size_t);
+extern void *__memccpy_real(void *, const void *, int, size_t) __RENAME(memccpy);
+extern void *__memchr_chk(const void *, int, size_t, size_t);
+extern void *__memchr_real(const void *, int, size_t) __RENAME(memchr);
+extern void *__memcpy_chk(void *, const void *, size_t, size_t);
+extern void *__memcpy_real(void *, const void *, size_t) __RENAME(memcpy);
+__errordecl(__memchr_buf_size_error, "memchr called with size bigger than buffer");
+extern void * __memmove_chk(void *, const void *, size_t, size_t);
+extern void * __memmove_real(void *, const void *, size_t) __RENAME(memmove);
+extern void *__memrchr_chk(const void *, int, size_t, size_t);
+extern void *__memrchr_real(const void *, int, size_t) __RENAME(memrchr);
+__errordecl(__memrchr_buf_size_error, "memrchr called with size bigger than buffer");
+extern void *__memset_chk(void *, int, size_t, size_t);
+extern void *__memset_real(void *, int, size_t) __RENAME(memset);
+extern char *__strcat_chk(char *__restrict, const char *__restrict, size_t);
+extern char *__strcat_real(char *__restrict, const char *__restrict) __RENAME(strcat);
+extern char *__strncat_chk(char *__restrict, const char *__restrict, size_t, size_t);
+extern char *__strncat_real(char *__restrict, const char *__restrict, size_t) __RENAME(strncat);
+extern char * __stpcpy_chk(char *, const char *, size_t);
+extern char * __stpcpy_real(char *, const char *) __RENAME(stpcpy);
+extern char *__stpncpy_chk(char * __restrict, const char * __restrict, size_t, size_t);
+extern char *__stpncpy_chk2(char * __restrict, const char * __restrict, size_t, size_t, size_t);
+extern char *__strncpy_chk2(char * __restrict, const char * __restrict, size_t, size_t, size_t);
+extern char *__strcpy_chk(char *, const char *, size_t);
+extern char *__strcpy_real(char *, const char *) __RENAME(strcpy);
+extern char *__strncpy_chk(char *, const char *, size_t, size_t);
+extern char *__strncpy_real(char *, const char *, size_t) __RENAME(strncpy);
+extern size_t __strlcpy_chk(char *, const char *, size_t, size_t);
+extern size_t __strlcpy_real(char * __restrict, const char * __restrict, size_t) __RENAME(strlcpy);
+extern size_t __strlcat_chk(char * __restrict, const char * __restrict, size_t, size_t);
+extern size_t __strlcat_real(char * __restrict, const char * __restrict, size_t) __RENAME(strlcat);
+extern size_t __strlen_chk(const char *, size_t);
+extern size_t __strlen_real(const char *) __RENAME(strlen);
+extern char *__strchr_chk(const char *, int, size_t);
+extern char *__strchr_real(const char *, int) __RENAME(strchr);
+extern char *__strchrnul_chk(const char *, int, size_t);
+extern char *__strchrnul_real(const char *, int) __RENAME(strchrnul);
+extern char *__strrchr_chk(const char *, int, size_t);
+extern char *__strrchr_real(const char *, int) __RENAME(strrchr);
+extern char *__rindex_chk(const char *, int, size_t);
+extern char *__rindex_real(const char *, int) __RENAME(rindex);
+
+#if defined(__BSD_FORTIFY)
+
+#if __XSI_VISIBLE >= 600
+__FORTIFY_INLINE void *
+memccpy(void * __restrict d, const void * __restrict s, int c, size_t n)
+{
+ size_t bos = __bos0(d);
+
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__memccpy_real(d, s, c, n));
+
+ return (__memccpy_chk(d, s, c, n, bos));
+}
+#endif /* __XSI_VISIBLE */
+
+
+__FORTIFY_INLINE void *
+memchr(const void *s, int c, size_t n)
+{
+ size_t bos = __bos(s);
+
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__memchr_real(s, c, n));
+
+#if !defined(__clang__)
+ if (__builtin_constant_p(n) && (n > bos))
+ __memchr_buf_size_error();
+
+ if (__builtin_constant_p(n) && (n <= bos))
+ return (__builtin_memchr(s, c, n));
+#endif
+
+ return (__memchr_chk(s, c, n, bos));
+}
+
+
+#if __BSD_VISIBLE
+__FORTIFY_INLINE void *
+memrchr(const void *s, int c, size_t n)
+{
+ size_t bos = __bos(s);
+
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__memrchr_real(s, c, n));
+
+#if !defined(__clang__)
+ if (__builtin_constant_p(n) && (n > bos))
+ (__memrchr_buf_size_error());
+
+ if (__builtin_constant_p(n) && (n <= bos))
+ return __memrchr_real(s, c, n);
+#endif
+
+ return (__memrchr_chk(s, c, n, bos));
+}
+#endif /* __BSD_VISIBLE */
+
+
+__FORTIFY_INLINE void *
+memcpy(void * __restrict d, const void * __restrict s, size_t n)
+{
+ size_t bos = __bos0(d);
+
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__memcpy_real(d, s, n));
+
+ return (__memcpy_chk(d, s, n, bos));
+}
+
+
+__FORTIFY_INLINE void *
+memmove(void *d, const void *s, size_t l)
+{
+ size_t bos = __bos0(d);
+
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__memmove_real(d, s, l));
+
+ return (__memmove_chk(d, s, l, __bos0(d)));
+}
+
+
+#if __POSIX_VISIBLE >= 200809
+__FORTIFY_INLINE char *
+stpcpy(char * __restrict d, const char * __restrict s)
+{
+ size_t bos = __bos(d);
+
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__stpcpy_real(d, s));
+
+ return (__stpcpy_chk(d, s, bos));
+}
+#endif /* __POSIX_VISIBLE */
+
+
+__FORTIFY_INLINE char *
+strcpy(char * __restrict d, const char * __restrict s)
+{
+ size_t bos = __bos(d);
+
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__strcpy_real(d, s));
+
+ return (__strcpy_chk(d, s, bos));
+}
+
+
+#if __POSIX_VISIBLE >= 200809
+__FORTIFY_INLINE char *
+stpncpy(char * __restrict d, const char * __restrict s, size_t n)
+{
+ size_t bos_dest = __bos(d);
+ size_t bos_src = __bos(s);
+#if !defined(__clang__)
+ size_t slen;
+#endif
+
+ if (bos_src == __FORTIFY_UNKNOWN_SIZE)
+ return (__stpncpy_chk(d, s, n, bos_dest));
+
+#if !defined(__clang__)
+ if (__builtin_constant_p(n) && (n <= bos_src))
+ return (__stpncpy_chk(d, s, n, bos_dest));
+
+ slen = __builtin_strlen(s);
+ if (__builtin_constant_p(slen))
+ return (__stpncpy_chk(d, s, n, bos_dest));
+#endif
+
+ return (__stpncpy_chk2(d, s, n, bos_dest, bos_src));
+}
+#endif /* __POSIX_VISIBLE */
+
+
+__FORTIFY_INLINE char *
+strncpy(char * __restrict d, const char * __restrict s, size_t n)
+{
+ size_t bos_dest = __bos(d);
+ size_t bos_src = __bos(s);
+#if !defined(__clang__)
+ size_t slen;
+#endif
+
+ if (bos_src == __FORTIFY_UNKNOWN_SIZE)
+ return (__strncpy_chk(d, s, n, bos_dest));
+
+#if !defined(__clang__)
+ if (__builtin_constant_p(n) && (n <= bos_src))
+ return (__strncpy_chk(d, s, n, bos_dest));
+
+ slen = __builtin_strlen(s);
+ if (__builtin_constant_p(slen))
+ return (__strncpy_chk(d, s, n, bos_dest));
+#endif
+
+ return (__strncpy_chk2(d, s, n, bos_dest, bos_src));
+}
+
+
+__FORTIFY_INLINE char *
+strcat(char * __restrict d, const char * __restrict s)
+{
+ size_t bos = __bos(d);
+
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__strcat_real(d, s));
+
+ return (__strcat_chk(d, s, bos));
+}
+
+
+__FORTIFY_INLINE char *
+strncat(char * __restrict d, const char * __restrict s, size_t n)
+{
+ size_t bos = __bos(d);
+
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__strncat_real(d, s, n));
+
+ return (__strncat_chk(d, s, n, bos));
+}
+
+
+__FORTIFY_INLINE void *
+memset(void *s, int c, size_t n)
+{
+ size_t bos = __bos(s);
+
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__memset_real(s, c, n));
+
+ return (__memset_chk(s, c, n, bos));
+}
+
+
+#if __BSD_VISIBLE
+__FORTIFY_INLINE size_t
+strlcpy(char * __restrict d, const char * __restrict s, size_t n)
+{
+ size_t bos = __bos(d);
+
+ /* Compiler doesn't know destination size. Don't call __strlcpy_chk. */
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__strlcpy_real(d, s, n));
+
+#if !defined(__clang__)
+ /*
+ * Compiler can prove, at compile time, that the passed in size
+ * is always <= the actual object size. Don't call __strlcpy_chk.
+ */
+ if (__builtin_constant_p(n) && (n <= bos))
+ return (__strlcpy_real(d, s, n));
+#endif
+
+ return (__strlcpy_chk(d, s, n, bos));
+}
+#endif /* __BSD_VISIBLE */
+
+
+#if __BSD_VISIBLE
+__FORTIFY_INLINE size_t
+strlcat(char * __restrict d, const char * __restrict s, size_t n)
+{
+ size_t bos = __bos(d);
+
+ /* Compiler doesn't know destination size. Don't call __strlcat_chk. */
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__strlcat_real(d, s, n));
+
+#if !defined(__clang__)
+ /*
+ * Compiler can prove, at compile time, that the passed in size
+ * is always <= the actual object size. Don't call __strlcat_chk.
+ */
+ if (__builtin_constant_p(n) && (n <= bos))
+ return (__strlcat_real(d, s, n));
+#endif
+
+ return (__strlcat_chk(d, s, n, bos));
+}
+#endif /* __BSD_VISIBLE */
+
+
+__FORTIFY_INLINE size_t
+strlen(const char *s)
+{
+ size_t bos = __bos(s);
+#if !defined(__clang__)
+ size_t slen;
+#endif
+
+ /* Compiler doesn't know destination size. Don't call __strlen_chk. */
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__strlen_real(s));
+
+#if !defined(__clang__)
+ slen = __builtin_strlen(s); // XXXOP __strlen_real?
+ if (__builtin_constant_p(slen))
+ return (slen);
+#endif
+
+ return (__strlen_chk(s, bos));
+}
+
+__FORTIFY_INLINE char *
+strchr(const char *s, int c)
+{
+ size_t bos = __bos(s);
+#if !defined(__clang__)
+ size_t slen;
+#endif
+
+ /* Compiler doesn't know destination size. Don't call __strchr_chk. */
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__strchr_real(s, c));
+
+#if !defined(__clang__)
+ /*
+ * Compiler can prove, at compile time, that the passed in size
+ * is always <= the actual object size. Don't call __strlcat_chk.
+ */
+ slen = (__builtin_strlen(s));
+ if (__builtin_constant_p(slen) && (slen < bos))
+ return (__strchr_real(s, c));
+#endif
+
+ return (__strchr_chk(s, c, bos));
+}
+
+
+__FORTIFY_INLINE char *
+strchrnul(const char *s, int c)
+{
+ size_t bos = __bos(s);
+
+ /* Compiler doesn't know destination size. Don't call __strchr_chk. */
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__strchrnul_real(s, c));
+
+ return (__strchrnul_chk(s, c, bos));
+}
+
+
+__FORTIFY_INLINE char *
+strrchr(const char *s, int c)
+{
+ size_t bos = __bos(s);
+#if !defined(__clang__)
+ size_t slen;
+#endif
+
+ /* Compiler doesn't know destination size. Don't call __strrchr_chk. */
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__strrchr_real(s, c));
+
+#if !defined(__clang__)
+ /*
+ * Compiler can prove, at compile time, that the passed in size
+ * is always <= the actual object size. Don't call __strlen_chk.
+ */
+ slen = __strlen_real(s);
+ if (__builtin_constant_p(slen) && (slen < bos))
+ return (__strrchr_real(s, c));
+#endif
+
+ return (__strrchr_chk(s, c, bos));
+}
+
+
+__FORTIFY_INLINE char *
+rindex(const char *s, int c)
+{
+ size_t bos = __bos(s);
+#if !defined(__clang__)
+ size_t slen;
+#endif
+
+ /* Compiler doesn't know destination size. Don't call __strrchr_chk. */
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__rindex_real(s, c));
+
+#if !defined(__clang__)
+ /*
+ * Compiler can prove, at compile time, that the passed in size
+ * is always <= the actual object size. Don't call __rindex_chk.
+ */
+ slen = __strlen_real(s);
+ if (__builtin_constant_p(slen) && (slen < bos))
+ return (__rindex_real(s, c));
+#endif
+
+ return (__rindex_chk(s, c, bos));
+}
+
+#endif /* defined(__BSD_FORTIFY) */
+
+__END_DECLS
+
+#endif /* !_SECURE_STRING_H */
Index: include/secure/_strings.h
===================================================================
--- /dev/null
+++ include/secure/_strings.h
@@ -0,0 +1,63 @@
+/* $NetBSD: strings.h,v 1.10 2005/02/03 04:39:32 perry Exp $ */
+
+/*-
+ * Copyright (c) 1998 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Klaus Klein.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the NetBSD
+ * Foundation, Inc. and its contributors.
+ * 4. Neither the name of The NetBSD Foundation nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ * bionic rev: eeb9f5e41662828989f3913d81ec23229a668434
+ *
+ * $FreeBSD$
+ */
+
+#ifndef _STRINGS_H_
+#error "You should not use <secure/_strings.h> directly; include <sys/strings.h> instead."
+#endif
+
+#ifndef _SECURE_STRINGS_H_
+#define _SECURE_STRINGS_H_
+
+#include <secure/security.h>
+
+__BEGIN_DECLS
+
+#if defined(__BSD_FORTIFY)
+#if __BSD_VISIBLE || __POSIX_VISIBLE <= 200112
+#define bcopy(b1, b2, len) (void)(__builtin___memmove_chk((b2), (b1), (len), __bos0(b2)))
+#define bzero(b, len) (void)(__builtin___memset_chk((b), '\0', (len), __bos0(b)))
+#endif
+#endif
+
+__END_DECLS
+
+#endif /* !defined(_SECURE_STRINGS_H_) */
Index: include/secure/_unistd.h
===================================================================
--- /dev/null
+++ include/secure/_unistd.h
@@ -0,0 +1,167 @@
+/*-
+ * Copyright (c) 2015 Oliver Pinter
+ * Copyright (C) 2008 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * rev: 9ef26a3c4cd2e6d469f771815a07cb820800beb6
+ *
+ * $FreeBSD$
+ */
+
+#ifndef _UNISTD_H_
+#error "You should not use <secure/unistd.h> directly; include <unistd.h> instead."
+#endif
+
+#ifndef _SECURE_UNISTD_H_
+#define _SECURE_UNISTD_H_
+
+#include <sys/limits.h>
+#include <secure/security.h>
+
+__BEGIN_DECLS
+
+extern ssize_t __pread_chk(int, void *, size_t, off_t, size_t);
+extern ssize_t __pread_real(int, void *, size_t, off_t) __RENAME(pread);
+__errordecl(__pread_dest_size_error, "pread called with size bigger than destination");
+__errordecl(__pread_count_toobig_error, "pread called with count > SSIZE_MAX");
+
+extern ssize_t __read_chk(int, void *, size_t, size_t);
+extern ssize_t __read_real(int, void *, size_t) __RENAME(read);
+__errordecl(__read_dest_size_error, "read called with size bigger than destination");
+__errordecl(__read_count_toobig_error, "read called with count > SSIZE_MAX");
+
+extern ssize_t __readlink_chk(const char *, char *, size_t, size_t);
+extern ssize_t __readlink_real(const char *, char *, size_t) __RENAME(readlink);
+__errordecl(__readlink_dest_size_error, "readlink called with size bigger than destination");
+__errordecl(__readlink_size_toobig_error, "readlink called with size > SSIZE_MAX");
+
+extern ssize_t __readlinkat_chk(int dirfd, const char *, char *, size_t, size_t);
+extern ssize_t __readlinkat_real(int dirfd, const char *, char *, size_t) __RENAME(readlinkat);
+__errordecl(__readlinkat_dest_size_error, "readlinkat called with size bigger than destination");
+__errordecl(__readlinkat_size_toobig_error, "readlinkat called with size > SSIZE_MAX");
+
+#if defined(__BSD_FORTIFY)
+
+/* 1003.1-2008 */
+#if __POSIX_VISIBLE >= 200809 || __XSI_VISIBLE
+__FORTIFY_INLINE ssize_t
+pread(int fd, void *buf, size_t count, off_t offset)
+{
+ size_t bos = __bos0(buf);
+
+#if !defined(__clang__)
+ if (__builtin_constant_p(count) && (count > SSIZE_MAX))
+ __pread_count_toobig_error();
+#endif
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__pread_real(fd, buf, count, offset));
+#if !defined(__clang__)
+ if (__builtin_constant_p(count) && (count > bos))
+ __pread_dest_size_error();
+ if (__builtin_constant_p(count) && (count <= bos))
+ return (__pread_real(fd, buf, count, offset));
+#endif
+
+ return (__pread_chk(fd, buf, count, offset, bos));
+}
+#endif /* __POSIX_VISIBLE >= 200809 || __XSI_VISIBLE */
+
+
+__FORTIFY_INLINE ssize_t
+read(int fd, void *buf, size_t count)
+{
+ size_t bos = __bos0(buf);
+
+#if !defined(__clang__)
+ if (__builtin_constant_p(count) && (count > SSIZE_MAX))
+ __read_count_toobig_error();
+#endif
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return (__read_real(fd, buf, count));
+#if !defined(__clang__)
+ if (__builtin_constant_p(count) && (count > bos))
+ __read_dest_size_error();
+ if (__builtin_constant_p(count) && (count <= bos))
+ return (__read_real(fd, buf, count));
+#endif
+
+ return (__read_chk(fd, buf, count, bos));
+}
+
+
+/* 1003.1-2001 */
+#if __POSIX_VISIBLE >= 200112 || __XSI_VISIBLE
+__FORTIFY_INLINE ssize_t
+readlink(const char *path, char *buf, size_t size)
+{
+ size_t bos = __bos(buf);
+
+#if !defined(__clang__)
+ if (__builtin_constant_p(size) && (size > SSIZE_MAX))
+ __readlink_size_toobig_error();
+#endif
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return __readlink_real(path, buf, size);
+#if !defined(__clang__)
+ if (__builtin_constant_p(size) && (size > bos))
+ __readlink_dest_size_error();
+ if (__builtin_constant_p(size) && (size <= bos))
+ return __readlink_real(path, buf, size);
+#endif
+
+ return (__readlink_chk(path, buf, size, bos));
+}
+#endif /* __POSIX_VISIBLE >= 200112 || __XSI_VISIBLE */
+
+
+#if __POSIX_VISIBLE >= 200809
+__FORTIFY_INLINE ssize_t
+readlinkat(int dirfd, const char *path, char *buf, size_t size)
+{
+ size_t bos = __bos(buf);
+
+#if !defined(__clang__)
+ if (__builtin_constant_p(size) && (size > SSIZE_MAX))
+ (__readlinkat_size_toobig_error());
+#endif
+ if (bos == __FORTIFY_UNKNOWN_SIZE)
+ return __readlinkat_real(dirfd, path, buf, size);
+#if !defined(__clang__)
+ if (__builtin_constant_p(size) && (size > bos))
+ __readlinkat_dest_size_error();
+ if (__builtin_constant_p(size) && (size <= bos))
+ return (__readlinkat_real(dirfd, path, buf, size));
+#endif
+
+ return (__readlinkat_chk(dirfd, path, buf, size, bos));
+}
+#endif /* __POSIX_VISIBLE >= 200809 */
+
+#endif /* defined(__BSD_FORTIFY) */
+
+__END_DECLS
+
+#endif /* !_SECURE_UNISTD_H_ */
Index: include/secure/security.h
===================================================================
--- /dev/null
+++ include/secure/security.h
@@ -0,0 +1,58 @@
+/*-
+ * Copyright (c) 2015 Olivér Pintér <op@FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#ifndef _SECURE_SECURITY_
+#define _SECURE_SECURITY_
+
+#include <sys/cdefs.h>
+#include <sys/types.h>
+
+#if !defined(__clang__)
+#define __errordecl(name, msg) extern void name(void) __error_attr(msg)
+#else
+#define __errordecl(name, msg)
+#endif
+
+#define __RENAME(x) __asm__(#x)
+
+__BEGIN_DECLS
+
+/* Common fail function. */
+void __secure_fail(const char *msg) __dead2 __nonnull(1);
+
+/* SSP related fail functions. */
+void __chk_fail(void) __dead2;
+void __stack_chk_fail(void) __dead2;
+
+/* FORTIFY_SOURCE related fail function. */
+void __fortify_chk_fail(const char* msg) __dead2 __nonnull(1);
+int __fortify_chk_overlap(const void *a, const void *b, size_t len);
+
+__END_DECLS
+
+#endif /* !_SECURE_SECURITY_ */
Index: include/stdio.h
===================================================================
--- include/stdio.h
+++ include/stdio.h
@@ -521,4 +521,9 @@
#endif /* __cplusplus */
__END_DECLS
+
+#if defined(__BSD_FORTIFY)
+#include <secure/_stdio.h>
+#endif
+
#endif /* !_STDIO_H_ */
Index: include/string.h
===================================================================
--- include/string.h
+++ include/string.h
@@ -141,4 +141,8 @@
#endif
__END_DECLS
+#if defined(__BSD_FORTIFY)
+#include <secure/_string.h>
+#endif
+
#endif /* _STRING_H_ */
Index: include/strings.h
===================================================================
--- include/strings.h
+++ include/strings.h
@@ -68,4 +68,8 @@
#endif
__END_DECLS
+#if defined(__BSD_FORTIFY)
+#include <secure/_strings.h>
+#endif
+
#endif /* _STRINGS_H_ */
Index: include/unistd.h
===================================================================
--- include/unistd.h
+++ include/unistd.h
@@ -589,4 +589,8 @@
#endif /* __BSD_VISIBLE */
__END_DECLS
+#if defined(__BSD_FORTIFY)
+#include <secure/_unistd.h>
+#endif
+
#endif /* !_UNISTD_H_ */
Index: lib/libc/Makefile
===================================================================
--- lib/libc/Makefile
+++ lib/libc/Makefile
@@ -95,6 +95,7 @@
.include "${LIBC_SRCTOP}/stdtime/Makefile.inc"
.include "${LIBC_SRCTOP}/string/Makefile.inc"
.include "${LIBC_SRCTOP}/sys/Makefile.inc"
+.include "${LIBC_SRCTOP}/secure/Makefile.inc"
.include "${LIBC_SRCTOP}/rpc/Makefile.inc"
.include "${LIBC_SRCTOP}/uuid/Makefile.inc"
.include "${LIBC_SRCTOP}/xdr/Makefile.inc"
Index: lib/libc/secure/Makefile.inc
===================================================================
--- /dev/null
+++ lib/libc/secure/Makefile.inc
@@ -0,0 +1,51 @@
+# secure sources
+.PATH: ${LIBC_SRCTOP}/secure
+
+# Sources common to both syscall interfaces:
+SRCS+= \
+ fortify_source.c \
+ secure_common.c \
+ stack_protector.c \
+ stack_protector_compat.c
+
+# Sources which contains FORTIFY_SOURCE functions:
+SRCS+= \
+ __fgets_chk.c \
+ __gets_chk.c \
+ __memccpy_chk.c \
+ __memchr_chk.c \
+ __memcpy_chk.c \
+ __memmove_chk.c \
+ __memrchr_chk.c \
+ __memset_chk.c \
+ __pread_chk.c \
+ __read_chk.c \
+ __readlink_chk.c \
+ __readlinkat_chk.c \
+ __stpcpy_chk.c \
+ __stpncpy_chk.c \
+ __strcat_chk.c \
+ __strchr_chk.c \
+ __strchrnul_chk.c \
+ __strcpy_chk.c \
+ __strlcat_chk.c \
+ __strlcpy_chk.c \
+ __strlen_chk.c \
+ __strncat_chk.c \
+ __strncpy_chk.c \
+ __strrchr_chk.c \
+ __vsnprintf_chk.c \
+ __vsprintf_chk.c
+
+# Sources which contains FORTIFY_SOURCE functions,
+# but live in .h files under sys/sys
+SRCS+= \
+ __FD_chk.c \
+ __poll_chk.c \
+ __recvfrom_chk.c \
+ __umask_chk.c
+
+SYM_MAPS+= ${LIBC_SRCTOP}/secure/Symbol.map
+
+MAN+= __builtin_object_size.3
+
Index: lib/libc/secure/Symbol.map
===================================================================
--- /dev/null
+++ lib/libc/secure/Symbol.map
@@ -0,0 +1,69 @@
+/*
+ * $FreeBSD$
+ */
+
+/*
+ * It'd be nice to have this automatically generated, but we don't
+ * know to what version they will eventually belong, so for now
+ * it has to be manual.
+ */
+FBSD_1.0 {
+ __chk_fail;
+ __stack_chk_fail;
+ __stack_chk_guard;
+};
+
+FBSD_1.1 {
+};
+
+FBSD_1.2 {
+};
+
+FBSD_1.3 {
+};
+
+FBSD_1.4 {
+ __FD_ISSET_chk;
+ __FD_CLR_chk;
+ __FD_SET_chk;
+ __fgets_chk;
+ __fortify_chk_fail;
+ __gets_chk;
+ __memccpy_chk;
+ __memchr_chk;
+ __memcpy_chk;
+ __memmove_chk;
+ __memrchr_chk;
+ __memset_chk;
+ __poll_chk;
+ __ppoll_chk;
+ __pread_chk;
+ __read_chk;
+ __readlink_chk;
+ __readlinkat_chk;
+ __recvfrom_chk;
+ __rindex_chk;
+ __snprintf_chk;
+ __sprintf_chk;
+ __stpcpy_chk;
+ __stpncpy_chk;
+ __stpncpy_chk2;
+ __strcat_chk;
+ __strchr_chk;
+ __strchrnul_chk;
+ __strcpy_chk;
+ __strlcat_chk;
+ __strlcpy_chk;
+ __strlen_chk;
+ __strncat_chk;
+ __strncpy_chk;
+ __strncpy_chk2;
+ __strrchr_chk;
+ __umask_chk;
+ __vsnprintf_chk;
+ __vsprintf_chk;
+ __secure_fail;
+};
+
+FBSDprivate_1.0 {
+};
Index: lib/libc/secure/__FD_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__FD_chk.c
@@ -0,0 +1,80 @@
+/*-
+ * Copyright (C) 2013 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: eeb9f5e41662828989f3913d81ec23229a668434
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <sys/select.h>
+#include <secure/security.h>
+#include "secure/_select.h"
+
+int
+__FD_ISSET_chk(int fd, fd_set *set, size_t set_size)
+{
+
+ if (__predict_false(fd < 0))
+ __fortify_chk_fail("FD_ISSET: file descriptor < 0");
+ if (__predict_false(fd >= FD_SETSIZE))
+ __fortify_chk_fail("FD_ISSET: file descriptor >= FD_SETSIZE");
+ if (__predict_false(set_size < sizeof(fd_set)))
+ __fortify_chk_fail("FD_ISSET: set is too small");
+
+ return (FD_ISSET(fd, set));
+}
+
+void
+__FD_CLR_chk(int fd, fd_set *set, size_t set_size)
+{
+
+ if (__predict_false(fd < 0))
+ __fortify_chk_fail("FD_CLR: file descriptor < 0");
+ if (__predict_false(fd >= FD_SETSIZE))
+ __fortify_chk_fail("FD_CLR: file descriptor >= FD_SETSIZE");
+ if (__predict_false(set_size < sizeof(fd_set)))
+ __fortify_chk_fail("FD_CLR: set is too small");
+
+ FD_CLR(fd, set);
+}
+
+void
+__FD_SET_chk(int fd, fd_set *set, size_t set_size)
+{
+
+ if (__predict_false(fd < 0))
+ __fortify_chk_fail("FD_SET: file descriptor < 0");
+ if (__predict_false(fd >= FD_SETSIZE))
+ __fortify_chk_fail("FD_SET: file descriptor >= FD_SETSIZE");
+ if (__predict_false(set_size < sizeof(fd_set)))
+ __fortify_chk_fail("FD_SET: set is too small");
+
+ FD_SET(fd, set);
+}
Index: lib/libc/secure/__builtin_object_size.3
===================================================================
--- /dev/null
+++ lib/libc/secure/__builtin_object_size.3
@@ -0,0 +1,101 @@
+.\" $NetBSD: __builtin_object_size.3,v 1.10 2012/07/19 06:44:12 wiz Exp $
+.\"
+.\" Copyright (c) 2007 The NetBSD Foundation, Inc.
+.\" All rights reserved.
+.\"
+.\" This code is derived from software contributed to The NetBSD Foundation
+.\" by Christos Zoulas.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+.\" POSSIBILITY OF SUCH DAMAGE.
+.\"
+.\"
+.Dd July 18, 2012
+.Dt __BUILTIN_OBJECT_SIZE 3
+.Os
+.Sh NAME
+.Nm __builtin_object_size
+.Nd return the size of the given object
+.Sh SYNOPSIS
+.Ft size_t
+.Fn __builtin_object_size "void *ptr" "int type"
+.Sh DESCRIPTION
+The
+.Fn __builtin_object_size
+function is a
+.Xr gcc 1
+built-in function that returns the size of the
+.Fa ptr
+object if known at compile time and the object does not have any side
+effects.
+.Sh RETURN VALUES
+If the size of the object is not known or it has side effects the
+.Fn __builtin_object_size
+function returns:
+.Bl -tag -width (size_t)\-1 -offset indent
+.It Dv (size_t)\-1
+for
+.Fa type
+.Dv 0
+and
+.Dv 1 .
+.It Dv (size_t)0
+for
+.Fa type
+.Dv 2
+and
+.Dv 3 .
+.El
+.Pp
+If the size of the object is known, then the
+.Fn __builtin_object_size
+function returns the maximum size of all the objects that the compiler
+knows that they can be pointed to by
+.Fa ptr
+when
+.Fa type
+.Dv \*[Am] 2 == 0 ,
+and the minimum size when
+.Fa type
+.Dv \*[Am] 2 != 0 .
+.Sh SEE ALSO
+.Xr gcc 1 ,
+.Xr __builtin_return_address 3 ,
+.Xr attribute 3 ,
+.Xr ssp 3
+.Sh HISTORY
+The
+.Fn __builtin_object_size
+appeared in
+.Tn GCC 4.1 .
+.Sh CAVEATS
+This is a non-standard, compiler-specific extension.
+.Pp
+Note that currently the object size calculation pass is only done at -O1
+or above, meaning that this function always returns \-1 when the optimizer
+is off.
+.Pp
+There are some discussions about always doing the object size pass, but
+the issue is that without the optimization pass data sizes are not going
+to be correct.
+.Pp
+For that reason currently code fortification (size-checked replacement
+functions) is disabled when optimization is off.
Index: lib/libc/secure/__fgets_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__fgets_chk.c
@@ -0,0 +1,54 @@
+/*-
+ * Copyright (C) 2012 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: 6cc98af72b0c48c58b2ab5fdb5f7abb842175299
+ *
+ * $FreeBSD$
+ */
+
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include "secure/_stdio.h"
+
+char *
+__fgets_chk(char *dest, int supplied_size, FILE *stream,
+ size_t dest_len_from_compiler)
+{
+
+ if (supplied_size < 0)
+ __fortify_chk_fail("fgets: buffer size < 0");
+ if (((size_t)supplied_size) > dest_len_from_compiler)
+ __fortify_chk_fail(
+ "fgets: prevented write past end of buffer");
+
+ return (fgets(dest, supplied_size, stream));
+}
Index: lib/libc/secure/__gets_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__gets_chk.c
@@ -0,0 +1,78 @@
+/* $FreeBSD$ */
+/* $NetBSD: gets_chk.c,v 1.7 2013/10/04 20:49:16 christos Exp $ */
+
+/*-
+ * Copyright (c) 2006 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Christos Zoulas.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+__RCSID("$NetBSD: gets_chk.c,v 1.7 2013/10/04 20:49:16 christos Exp $");
+
+/*LINTLIBRARY*/
+
+#include <secure/security.h>
+#include <stdio.h>
+#include <string.h>
+#include <limits.h>
+#include <stdlib.h>
+#include "secure/_stdio.h"
+
+char *
+__gets_chk(char * __restrict buf, size_t slen)
+{
+ char *abuf;
+ size_t len;
+
+ if (slen >= (size_t)INT_MAX)
+ return (gets(buf));
+
+ if ((abuf = malloc(slen + 1)) == NULL)
+ return (gets(buf));
+
+ if (fgets(abuf, (int)(slen + 1), stdin) == NULL) {
+ free(abuf);
+ return (NULL);
+ }
+
+ len = strlen(abuf);
+ if (len > 0 && abuf[len - 1] == '\n')
+ --len;
+
+ if (len >= slen)
+ __fortify_chk_fail(
+ "gets: prevented write past end of buffer");
+
+ (void)memcpy(buf, abuf, len);
+
+ buf[len] = '\0';
+ free(abuf);
+
+ return (buf);
+}
Index: lib/libc/secure/__memccpy_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__memccpy_chk.c
@@ -0,0 +1,67 @@
+/*-
+ * Copyright (C) 2015 Oliver Pinter
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <string.h>
+#include <stdlib.h>
+#include "secure/_string.h"
+
+void *
+__memccpy_chk(void *dest, const void *src, int c, size_t copy_amount, size_t dest_len)
+{
+ void *ret;
+ size_t len;
+
+ if (__predict_false(copy_amount > dest_len)) {
+ __fortify_chk_fail("memccpy: prevented write past end of buffer");
+ }
+
+ /*
+ * If copy_amount was copied, then return NULL, otherwise
+ * a pointer to the byte after the copy of c in the string
+ * dest is returned.
+ *
+ * See the memccpy(3) manpage for more details.
+ */
+ ret = memccpy(dest, src, c, copy_amount);
+
+ if (ret != NULL) {
+ len = ret - dest;
+ }
+
+ if (__predict_false(__fortify_chk_overlap(dest, src, len))) {
+ __fortify_chk_fail("memccpy: prevented overlapping strings");
+ }
+
+ return (ret);
+}
Index: lib/libc/secure/__memchr_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__memchr_chk.c
@@ -0,0 +1,49 @@
+/*-
+ * Copyright (C) 2015 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: 6cc98af72b0c48c58b2ab5fdb5f7abb842175299
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <string.h>
+#include "secure/_string.h"
+
+void *
+__memchr_chk(const void *s, int c, size_t n, size_t buf_size)
+{
+
+ if (__predict_false(n > buf_size))
+ __fortify_chk_fail(
+ "memchr: prevented read past end of buffer");
+
+ return (memchr(s, c, n));
+}
Index: lib/libc/secure/__memcpy_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__memcpy_chk.c
@@ -0,0 +1,56 @@
+/*-
+ * Copyright (C) 2015 Oliver Pinter
+ * Copyright (C) 2012 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: 6cc98af72b0c48c58b2ab5fdb5f7abb842175299
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <string.h>
+#include <stdlib.h>
+#include "secure/_string.h"
+
+void *
+__memcpy_chk(void *dest, const void *src, size_t copy_amount, size_t dest_len)
+{
+
+
+ if (__predict_false(copy_amount > dest_len))
+ __fortify_chk_fail(
+ "memcpy: prevented write past end of buffer");
+
+ /* See the memcpy(3) for more details. */
+ if (__predict_false(__fortify_chk_overlap(dest, src, copy_amount)))
+ __fortify_chk_fail("memcpy: prevented overlaping strings");
+
+ return (memcpy(dest, src, copy_amount));
+}
Index: lib/libc/secure/__memmove_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__memmove_chk.c
@@ -0,0 +1,57 @@
+/*-
+ * Copyright (C) 2012 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: 6cc98af72b0c48c58b2ab5fdb5f7abb842175299
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <string.h>
+#include <stdlib.h>
+#include "secure/_string.h"
+
+void *
+__memmove_chk(void *dest, const void *src, size_t len, size_t dest_len)
+{
+
+ /*
+ * Compiler doesn 't know destination size.
+ * Fallback to the original function.
+ */
+ if (dest_len == __FORTIFY_UNKNOWN_SIZE)
+ return (memmove(dest, src, len));
+
+ if (__predict_false(len > dest_len))
+ __fortify_chk_fail(
+ "memmove: prevented write past end of buffer");
+
+ return (memmove(dest, src, len));
+}
Index: lib/libc/secure/__memrchr_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__memrchr_chk.c
@@ -0,0 +1,49 @@
+/*-
+ * Copyright (C) 2015 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: 6cc98af72b0c48c58b2ab5fdb5f7abb842175299
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <string.h>
+#include "secure/_string.h"
+
+void *
+__memrchr_chk(const void *s, int c, size_t n, size_t buf_size)
+{
+
+ if (__predict_false(n > buf_size))
+ __fortify_chk_fail(
+ "memrchr: prevented read past end of buffer");
+
+ return (memrchr(s, c, n));
+}
Index: lib/libc/secure/__memset_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__memset_chk.c
@@ -0,0 +1,50 @@
+/*-
+ * Copyright (C) 2012 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: 6cc98af72b0c48c58b2ab5fdb5f7abb842175299
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <string.h>
+#include <stdlib.h>
+#include "secure/_string.h"
+
+void *
+__memset_chk(void *dest, int c, size_t n, size_t dest_len)
+{
+
+ if (__predict_false(n > dest_len))
+ __fortify_chk_fail(
+ "memset: prevented write past end of buffer");
+
+ return memset(dest, c, n);
+}
Index: lib/libc/secure/__poll_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__poll_chk.c
@@ -0,0 +1,57 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: eeb9f5e41662828989f3913d81ec23229a668434
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <sys/poll.h>
+#include "secure/_poll.h"
+
+int
+__poll_chk(struct pollfd *fds, nfds_t fd_count, int timeout, size_t fds_size)
+{
+
+ if (__predict_false(fds_size / sizeof(*fds) < fd_count))
+ __fortify_chk_fail("poll: pollfd array smaller than fd count");
+
+ return (poll(fds, fd_count, timeout));
+}
+
+int
+__ppoll_chk(struct pollfd *fds, nfds_t fd_count, const struct timespec *timeout, const sigset_t *mask, size_t fds_size)
+{
+ if (__predict_false(fds_size / sizeof(*fds) < fd_count))
+ __fortify_chk_fail("ppoll: pollfd array smaller than fd count");
+
+ return (ppoll(fds, fd_count, timeout, mask));
+}
Index: lib/libc/secure/__pread_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__pread_chk.c
@@ -0,0 +1,52 @@
+/*-
+ * Copyright (C) 2015 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: a8993c994e45ec2dc00dcef15910560e22d67be9
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <sys/limits.h>
+#include <secure/security.h>
+#include <unistd.h>
+#include "secure/_unistd.h"
+
+ssize_t
+__pread_chk(int fd, void *buf, size_t count, off_t offset, size_t buf_size)
+{
+
+ if (__predict_false(count > buf_size))
+ __fortify_chk_fail(
+ "pread: prevented write past end of buffer");
+ if (__predict_false(count > SSIZE_MAX))
+ __fortify_chk_fail("pread: count > SSIZE_MAX");
+
+ return (pread(fd, buf, count, offset));
+}
Index: lib/libc/secure/__read_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__read_chk.c
@@ -0,0 +1,52 @@
+/*-
+ * Copyright (C) 2013 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * rev: a8993c994e45ec2dc00dcef15910560e22d67be9
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <sys/limits.h>
+#include <secure/security.h>
+#include <unistd.h>
+#include "secure/_unistd.h"
+
+ssize_t
+__read_chk(int fd, void *buf, size_t count, size_t buf_size)
+{
+
+ if (__predict_false(count > buf_size))
+ __fortify_chk_fail(
+ "read: prevented write past end of buffer");
+ if (__predict_false(count > SSIZE_MAX))
+ __fortify_chk_fail("read: count > SSIZE_MAX");
+
+ return (read(fd, buf, count));
+}
Index: lib/libc/secure/__readlink_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__readlink_chk.c
@@ -0,0 +1,52 @@
+/*-
+ * Copyright (C) 2015 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: a8993c994e45ec2dc00dcef15910560e22d67be9
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <sys/limits.h>
+#include <secure/security.h>
+#include <unistd.h>
+#include "secure/_unistd.h"
+
+ssize_t
+__readlink_chk(const char *path, char *buf, size_t size, size_t buf_size)
+{
+
+ if (__predict_false(size > buf_size))
+ __fortify_chk_fail(
+ "readlink: prevented write past end of buffer");
+ if (__predict_false(size > SSIZE_MAX))
+ __fortify_chk_fail("readlink: size > SSIZE_MAX");
+
+ return (readlink(path, buf, size));
+}
Index: lib/libc/secure/__readlinkat_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__readlinkat_chk.c
@@ -0,0 +1,52 @@
+/*-
+ * Copyright (C) 2015 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: a8993c994e45ec2dc00dcef15910560e22d67be9
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <sys/limits.h>
+#include <secure/security.h>
+#include <unistd.h>
+#include "secure/_unistd.h"
+
+ssize_t
+__readlinkat_chk(int dirfd, const char *path, char *buf, size_t size, size_t buf_size)
+{
+
+ if (__predict_false(size > buf_size))
+ __fortify_chk_fail(
+ "readlinkat: prevented write past end of buffer");
+ if (__predict_false(size > SSIZE_MAX))
+ __fortify_chk_fail("readlinkat: size > SSIZE_MAX");
+
+ return (readlinkat(dirfd, path, buf, size));
+}
Index: lib/libc/secure/__recvfrom_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__recvfrom_chk.c
@@ -0,0 +1,51 @@
+/*-
+ * Copyright (C) 2013 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: a8993c994e45ec2dc00dcef15910560e22d67be9
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <sys/socket.h>
+#include <secure/security.h>
+#include "secure/_socket.h"
+
+ssize_t
+__recvfrom_chk(int socket, void *buf, size_t len, size_t buflen,
+ int flags, struct sockaddr * __restrict src_addr,
+ socklen_t * __restrict addrlen)
+{
+
+ if (__predict_false(len > buflen))
+ __fortify_chk_fail(
+ "recvfrom: prevented write past end of buffer");
+
+ return (recvfrom(socket, buf, len, flags, src_addr, addrlen));
+}
Index: lib/libc/secure/__stpcpy_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__stpcpy_chk.c
@@ -0,0 +1,59 @@
+/*-
+ * Copyright (C) 2014 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: d807b9a12d3e49132b095df3d883618452033b51
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <string.h>
+#include <stdlib.h>
+#include "secure/_string.h"
+
+char *
+__stpcpy_chk(char *dest, const char *src, size_t dest_len)
+{
+ /* TODO:optimize so we don't scan src twice. */
+ size_t src_len;
+
+ /*
+ * Compiler doesn 't know destination size.
+ * Fallback to the original function.
+ */
+ if (dest_len == __FORTIFY_UNKNOWN_SIZE)
+ return (stpcpy(dest, src));
+
+ src_len = strlen(src) + 1;
+ if (__predict_false(src_len > dest_len))
+ __fortify_chk_fail("stpcpy: prevented write past end of buffer");
+
+ return (stpcpy(dest, src));
+}
Index: lib/libc/secure/__stpncpy_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__stpncpy_chk.c
@@ -0,0 +1,94 @@
+/*-
+ * Copyright (C) 2014 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: d807b9a12d3e49132b095df3d883618452033b51
+ *
+ * $FreeBSD$
+ */
+
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <string.h>
+#include <stdlib.h>
+#include "secure/_string.h"
+
+char *
+__stpncpy_chk(char *__restrict dest, const char *__restrict src,
+ size_t len, size_t dest_len)
+{
+
+ if (__predict_false(len > dest_len))
+ __fortify_chk_fail(
+ "stpncpy: prevented write past end of buffer");
+
+ return stpncpy(dest, src, len);
+}
+
+/*
+ * __stpncpy_chk2
+ *
+ * This is a variant of __stpncpy_chk, but it also checks to make
+ * sure we don't read beyond the end of "src". The code for this is
+ * based on the original version of stpncpy, but modified to check
+ * how much we read from "src" at the end of the copy operation.
+ */
+char *
+__stpncpy_chk2(char *__restrict dst, const char *__restrict src,
+ size_t n, size_t dest_len, size_t src_len)
+{
+ char *d;
+ const char *s = src;
+ size_t s_copy_len ;
+
+ if (__predict_false(n > dest_len))
+ __fortify_chk_fail(
+ "stpncpy: prevented write past end of buffer");
+
+ if (n != 0) {
+ d = dst;
+
+ do {
+ if ((*d++ = *s++) == 0) {
+ /* NUL pad the remaining n-1 bytes */
+ while (--n != 0)
+ *d++ = 0;
+ break;
+ }
+ } while (--n != 0);
+
+ s_copy_len = (size_t)(s - src);
+
+ if (__predict_false(s_copy_len > src_len))
+ __fortify_chk_fail(
+ "stpncpy: prevented read past end of buffer");
+ }
+
+ return (dst);
+}
Index: lib/libc/secure/__strcat_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__strcat_chk.c
@@ -0,0 +1,68 @@
+/*-
+ * Copyright (C) 2012 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: d807b9a12d3e49132b095df3d883618452033b51
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <string.h>
+#include <stdlib.h>
+#include "secure/_string.h"
+
+char *
+__strcat_chk(char *__restrict dest, const char *__restrict src,
+ size_t dest_buf_size)
+{
+ char *save = dest;
+ size_t dest_len;
+
+ /*
+ * Compiler doesn 't know destination size.
+ * Fallback to the original function.
+ */
+ if (dest_buf_size == __FORTIFY_UNKNOWN_SIZE)
+ return (strcat(dest, src));
+
+ dest_len = __strlen_chk(dest, dest_buf_size);
+
+ dest += dest_len;
+ dest_buf_size -= dest_len;
+
+ while ((*dest++ = *src++) != '\0') {
+ dest_buf_size--;
+ if (__predict_false(dest_buf_size == 0))
+ __fortify_chk_fail(
+ "strcat: prevented write past end of buffer");
+ }
+
+ return (save);
+}
Index: lib/libc/secure/__strchr_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__strchr_chk.c
@@ -0,0 +1,55 @@
+/*-
+ * Copyright (c) 1990 The Regents of the University of California.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: d807b9a12d3e49132b095df3d883618452033b51
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <string.h>
+#include "secure/_string.h"
+
+char *
+__strchr_chk(const char *p, int ch, size_t s_len)
+{
+
+ for (;; ++p, s_len--) {
+ if (__predict_false(s_len == 0))
+ __fortify_chk_fail(
+ "strchr: prevented read past end of buffer");
+ if (*p == (char)(ch))
+ return ((char *)(p));
+ if (*p == '\0')
+ return (NULL);
+ }
+ /* NOTREACHED */
+}
Index: lib/libc/secure/__strchrnul_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__strchrnul_chk.c
@@ -0,0 +1,56 @@
+/*-
+ * Copyright (c) 2015 Pinter Oliver
+ * Copyright (c) 1990 The Regents of the University of California.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: d807b9a12d3e49132b095df3d883618452033b51
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <string.h>
+#include "secure/_string.h"
+
+char *
+__strchrnul_chk(const char *p, int ch, size_t s_len)
+{
+
+ for (;; ++p, s_len--) {
+ if (__predict_false(s_len == 0))
+ __fortify_chk_fail(
+ "strchrnul: prevented read past end of buffer");
+ if (*p == (char)(ch))
+ return ((char *)(p));
+ if (*p == '\0')
+ return ((char *)(p));
+ }
+ /* NOTREACHED */
+}
Index: lib/libc/secure/__strcpy_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__strcpy_chk.c
@@ -0,0 +1,60 @@
+/*-
+ * Copyright (C) 2012 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: d807b9a12d3e49132b095df3d883618452033b51
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <string.h>
+#include <stdlib.h>
+#include "secure/_string.h"
+
+char *
+__strcpy_chk(char *dest, const char *src, size_t dest_len)
+{
+ /* TODO: optimize so we don't scan src twice. */
+ size_t src_len;
+
+ /*
+ * Compiler doesn 't know destination size.
+ * Fallback to the original function.
+ */
+ if (dest_len == __FORTIFY_UNKNOWN_SIZE)
+ return (strcpy(dest, src));
+
+ src_len = strlen(src) + 1;
+ if (__predict_false(src_len > dest_len))
+ __fortify_chk_fail(
+ "strcpy: prevented write past end of buffer");
+
+ return (strcpy(dest, src));
+}
Index: lib/libc/secure/__strlcat_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__strlcat_chk.c
@@ -0,0 +1,51 @@
+/*-
+ * Copyright (C) 2012 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * rev: d807b9a12d3e49132b095df3d883618452033b51
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <string.h>
+#include <stdlib.h>
+#include "secure/_string.h"
+
+size_t
+__strlcat_chk(char *dest, const char *src,
+ size_t supplied_size, size_t dest_len_from_compiler)
+{
+
+ if (__predict_false(supplied_size > dest_len_from_compiler))
+ __fortify_chk_fail(
+ "strlcat: prevented write past end of buffer");
+
+ return (strlcat(dest, src, supplied_size));
+}
Index: lib/libc/secure/__strlcpy_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__strlcpy_chk.c
@@ -0,0 +1,51 @@
+/*-
+ * Copyright (C) 2012 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: d807b9a12d3e49132b095df3d883618452033b51
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <string.h>
+#include <stdlib.h>
+#include "secure/_string.h"
+
+size_t
+__strlcpy_chk(char *dest, const char *src,
+ size_t supplied_size, size_t dest_len_from_compiler)
+{
+
+ if (__predict_false(supplied_size > dest_len_from_compiler))
+ __fortify_chk_fail(
+ "strlcpy: prevented write past end of buffer");
+
+ return (strlcpy(dest, src, supplied_size));
+}
Index: lib/libc/secure/__strlen_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__strlen_chk.c
@@ -0,0 +1,64 @@
+/*-
+ * Copyright (C) 2012 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: d807b9a12d3e49132b095df3d883618452033b51
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <string.h>
+#include <stdlib.h>
+#include "secure/_string.h"
+
+/*
+ * This test is designed to detect code such as:
+ *
+ * int main() {
+ * char buf[10];
+ * memcpy(buf, "1234567890", sizeof(buf));
+ * size_t len = strlen(buf); // segfault here with _FORTIFY_SOURCE
+ * printf("%d\n", len);
+ * return 0;
+ * }
+ *
+ * or anytime strlen reads beyond an object boundary.
+ */
+size_t
+__strlen_chk(const char *s, size_t s_len)
+{
+ size_t ret;
+
+ ret = strlen(s);
+ if (__predict_false(ret >= s_len))
+ __fortify_chk_fail("strlen: prevented read past end of buffer");
+
+ return (ret);
+}
Index: lib/libc/secure/__strncat_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__strncat_chk.c
@@ -0,0 +1,69 @@
+/*-
+ * Copyright (C) 2012 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: d807b9a12d3e49132b095df3d883618452033b51
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <string.h>
+#include <stdlib.h>
+#include "secure/_string.h"
+
+char *
+__strncat_chk(char *__restrict dest, const char *__restrict src,
+ size_t len, size_t dest_buf_size)
+{
+ size_t dest_len;
+ char *d;
+
+ if (len == 0)
+ return (dest);
+
+ dest_len = __strlen_chk(dest, dest_buf_size);
+ d = dest + dest_len;
+ dest_buf_size -= dest_len;
+
+ while (*src != '\0') {
+ *d++ = *src++;
+ len--;
+ dest_buf_size--;
+
+ if (__predict_false(dest_buf_size == 0))
+ __fortify_chk_fail(
+ "strncat: prevented write past end of buffer");
+ if (len == 0)
+ break;
+ }
+ *d = '\0';
+
+ return (dest);
+}
Index: lib/libc/secure/__strncpy_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__strncpy_chk.c
@@ -0,0 +1,90 @@
+/*-
+ * Copyright (C) 2012 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: d807b9a12d3e49132b095df3d883618452033b51
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <string.h>
+#include <stdlib.h>
+#include "secure/_string.h"
+
+char *
+__strncpy_chk(char *__restrict dest, const char *__restrict src,
+ size_t len, size_t dest_len)
+{
+
+ if (__predict_false(len > dest_len))
+ __fortify_chk_fail(
+ "strncpy: prevented write past end of buffer");
+
+ return (strncpy(dest, src, len));
+}
+
+/*
+ * __strncpy_chk2
+ *
+ * This is a variant of __strncpy_chk, but it also checks to make
+ * sure we don't read beyond the end of "src". The code for this is
+ * based on the original version of strncpy, but modified to check
+ * how much we read from "src" at the end of the copy operation.
+ */
+char *
+__strncpy_chk2(char *__restrict dst, const char *__restrict src,
+ size_t n, size_t dest_len, size_t src_len)
+{
+ size_t s_copy_len;
+
+ if (__predict_false(n > dest_len))
+ __fortify_chk_fail(
+ "strncpy: prevented write past end of buffer");
+ if (n != 0) {
+ char *d = dst;
+ const char *s = src;
+
+ do {
+ if ((*d++ = *s++) == 0) {
+ /* NUL pad the remaining n-1 bytes */
+ while (--n != 0)
+ *d++ = 0;
+ break;
+ }
+ } while (--n != 0);
+
+ s_copy_len = (size_t)(s - src);
+
+ if (__predict_false(s_copy_len > src_len))
+ __fortify_chk_fail("strncpy: prevented read past end of buffer");
+ }
+
+ return (dst);
+}
Index: lib/libc/secure/__strrchr_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__strrchr_chk.c
@@ -0,0 +1,58 @@
+/*-
+ * Copyright (c) 1988 Regents of the University of California.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: d807b9a12d3e49132b095df3d883618452033b51
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <string.h>
+#include "secure/_string.h"
+
+char *
+__strrchr_chk(const char *p, int ch, size_t s_len)
+{
+
+ for (char *save = NULL;; ++p, s_len--) {
+ if (s_len == 0)
+ __fortify_chk_fail(
+ "strrchr: prevented read past end of buffer");
+ if (*p == (char)ch)
+ save = (char *)p;
+ if (!*p)
+ return (save);
+ }
+ /* NOTREACHED */
+}
+
+__weak_reference(__strrchr_chk, __rindex_chk);
+
Index: lib/libc/secure/__umask_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__umask_chk.c
@@ -0,0 +1,53 @@
+/*-
+ * Copyright (C) 2012 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * rev: d807b9a12d3e49132b095df3d883618452033b51
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdlib.h>
+#include "secure/_stat.h"
+
+/*
+ * Validate that umask is called with sane mode.
+ */
+mode_t
+__umask_chk(mode_t mode)
+{
+
+ if (__predict_false((mode & 0777) != mode))
+ __fortify_chk_fail("umask: called with invalid mask");
+
+ return (umask(mode));
+}
Index: lib/libc/secure/__vsnprintf_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__vsnprintf_chk.c
@@ -0,0 +1,68 @@
+/*-
+ * Copyright (C) 2012 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: d807b9a12d3e49132b095df3d883618452033b51
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdarg.h>
+#include "secure/_stdio.h"
+
+int
+__vsnprintf_chk(char *dest, size_t supplied_size, int flags,
+ size_t dest_len_from_compiler, const char *format, va_list va)
+{
+
+ if (__predict_false(supplied_size > dest_len_from_compiler))
+ __fortify_chk_fail(
+ "vsnprintf: prevented write past end of buffer");
+
+ return (vsnprintf(dest, supplied_size, format, va));
+}
+
+
+int
+__snprintf_chk(char *dest, size_t supplied_size, int flags,
+ size_t dest_len_from_compiler, const char *format,...)
+{
+ va_list va;
+ int result;
+
+ va_start(va, format);
+ result = __vsnprintf_chk(dest, supplied_size, flags,
+ dest_len_from_compiler, format, va);
+ va_end(va);
+
+ return (result);
+}
Index: lib/libc/secure/__vsprintf_chk.c
===================================================================
--- /dev/null
+++ lib/libc/secure/__vsprintf_chk.c
@@ -0,0 +1,69 @@
+/*-
+ * Copyright (C) 2012 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * bionic rev: d807b9a12d3e49132b095df3d883618452033b51
+ *
+ * $FreeBSD$
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <sys/cdefs.h>
+#include <secure/security.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdarg.h>
+#include "secure/_stdio.h"
+
+int
+__vsprintf_chk(char *dest, int flags, size_t dest_len_from_compiler,
+ const char *format, va_list va)
+{
+ int result;
+
+ result = vsnprintf(dest, dest_len_from_compiler, format, va);
+ if ((size_t)result >= dest_len_from_compiler)
+ __fortify_chk_fail(
+ "vsprintf: prevented write past end of buffer");
+
+ return (result);
+}
+
+
+int
+__sprintf_chk(char *dest, int flags, size_t dest_len_from_compiler,
+ const char *format,...)
+{
+ va_list va;
+ int result;
+
+ va_start(va, format);
+ result = __vsprintf_chk(dest, flags, dest_len_from_compiler, format, va);
+ va_end(va);
+
+ return (result);
+}
Index: lib/libc/secure/fortify_source.c
===================================================================
--- /dev/null
+++ lib/libc/secure/fortify_source.c
@@ -0,0 +1,47 @@
+/*-
+ * Copyright (c) 2015 Olivér Pintér <op@FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#include <sys/cdefs.h>
+#include <sys/param.h>
+#include <sys/sysctl.h>
+#include <sys/types.h>
+#include "secure/security.h"
+
+void
+__fortify_chk_fail(const char* msg)
+{
+
+ __secure_fail(msg);
+}
+
+int
+__fortify_chk_overlap(const void *a, const void *b, size_t len)
+{
+
+ return ((a <= b && b <= a + len) || (b <= a && a <= b + len));
+}
Index: lib/libc/secure/secure_common.c
===================================================================
--- /dev/null
+++ lib/libc/secure/secure_common.c
@@ -0,0 +1,75 @@
+/* $NetBSD: stack_protector.c,v 1.4 2006/11/22 17:23:25 christos Exp $ */
+/* $OpenBSD: stack_protector.c,v 1.10 2006/03/31 05:34:44 deraadt Exp $ */
+/*
+ * Copyright (c) 2002 Hiroaki Etoh, Federico G. Schwindt, and Miodrag Vallat.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+ * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include <sys/param.h>
+#include <sys/sysctl.h>
+#include <sys/types.h>
+#include <errno.h>
+#include <link.h>
+#include <signal.h>
+#include <string.h>
+#include <syslog.h>
+#include <unistd.h>
+#include "libc_private.h"
+
+static void __fail(const char *);
+
+/*ARGSUSED*/
+static void
+__fail(const char *msg)
+{
+ struct sigaction sa;
+ sigset_t mask;
+
+ /* Immediately block all signal handlers from running code */
+ (void)sigfillset(&mask);
+ (void)sigdelset(&mask, SIGABRT);
+ (void)sigprocmask(SIG_BLOCK, &mask, NULL);
+
+ /* This may fail on a chroot jail... */
+ syslog(LOG_CRIT, "%s", msg);
+
+ (void)memset(&sa, 0, sizeof(sa));
+ (void)sigemptyset(&sa.sa_mask);
+ sa.sa_flags = 0;
+ sa.sa_handler = SIG_DFL;
+ (void)sigaction(SIGABRT, &sa, NULL);
+ (void)kill(getpid(), SIGABRT);
+ _exit(127);
+}
+
+void
+__secure_fail(const char *msg)
+{
+
+ __fail(msg);
+}
Index: lib/libc/secure/stack_protector.c
===================================================================
--- /dev/null
+++ lib/libc/secure/stack_protector.c
@@ -0,0 +1,89 @@
+/* $NetBSD: stack_protector.c,v 1.4 2006/11/22 17:23:25 christos Exp $ */
+/* $OpenBSD: stack_protector.c,v 1.10 2006/03/31 05:34:44 deraadt Exp $ */
+/*
+ * Copyright (c) 2002 Hiroaki Etoh, Federico G. Schwindt, and Miodrag Vallat.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+ * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include <sys/param.h>
+#include <sys/sysctl.h>
+#include <sys/types.h>
+#include <secure/security.h>
+#include <link.h>
+#include "libc_private.h"
+
+extern int __sysctl(const int *name, u_int namelen, void *oldp,
+ size_t *oldlenp, void *newp, size_t newlen);
+
+long __stack_chk_guard[8] = {0, 0, 0, 0, 0, 0, 0, 0};
+static void __guard_setup(void) __attribute__((__constructor__, __used__));
+void __stack_chk_fail(void) __dead2;
+
+/*LINTED used*/
+static void
+__guard_setup(void)
+{
+ static const int mib[2] = { CTL_KERN, KERN_ARND };
+ size_t len;
+ int error;
+
+ if (__stack_chk_guard[0] != 0)
+ return;
+ error = _elf_aux_info(AT_CANARY, __stack_chk_guard,
+ sizeof(__stack_chk_guard));
+ if (error == 0 && __stack_chk_guard[0] != 0)
+ return;
+
+ len = sizeof(__stack_chk_guard);
+ if (__sysctl(mib, nitems(mib), __stack_chk_guard, &len, NULL, 0) ==
+ -1 || len != sizeof(__stack_chk_guard)) {
+ /* If sysctl was unsuccessful, use the "terminator canary". */
+ ((unsigned char *)(void *)__stack_chk_guard)[0] = 0;
+ ((unsigned char *)(void *)__stack_chk_guard)[1] = 0;
+ ((unsigned char *)(void *)__stack_chk_guard)[2] = '\n';
+ ((unsigned char *)(void *)__stack_chk_guard)[3] = 255;
+ }
+}
+
+void
+__stack_chk_fail(void)
+{
+
+ __secure_fail("stack overflow detected; terminated");
+}
+
+void
+__chk_fail(void)
+{
+
+ __secure_fail("buffer overflow detected; terminated");
+}
+
+#ifndef PIC
+__weak_reference(__stack_chk_fail, __stack_chk_fail_local);
+#endif
Index: lib/libc/secure/stack_protector_compat.c
===================================================================
--- /dev/null
+++ lib/libc/secure/stack_protector_compat.c
@@ -0,0 +1,20 @@
+/*
+ * Written by Alexander Kabaev <kan@FreeBSD.org>
+ * The file is in public domain.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+void __stack_chk_fail(void);
+
+#ifdef PIC
+void
+__stack_chk_fail_local_hidden(void)
+{
+
+ __stack_chk_fail();
+}
+
+__sym_compat(__stack_chk_fail_local, __stack_chk_fail_local_hidden, FBSD_1.0);
+#endif
Index: lib/libc/stdio/fgets.c
===================================================================
--- lib/libc/stdio/fgets.c
+++ lib/libc/stdio/fgets.c
@@ -33,6 +33,8 @@
#if defined(LIBC_SCCS) && !defined(lint)
static char sccsid[] = "@(#)fgets.c 8.2 (Berkeley) 12/22/93";
#endif /* LIBC_SCCS and not lint */
+
+#undef _FORTIFY_SOURCE
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
Index: lib/libc/stdio/gets.c
===================================================================
--- lib/libc/stdio/gets.c
+++ lib/libc/stdio/gets.c
@@ -33,6 +33,8 @@
#if defined(LIBC_SCCS) && !defined(lint)
static char sccsid[] = "@(#)gets.c 8.1 (Berkeley) 6/4/93";
#endif /* LIBC_SCCS and not lint */
+
+#undef _FORTIFY_SOURCE
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
Index: lib/libc/stdio/snprintf.c
===================================================================
--- lib/libc/stdio/snprintf.c
+++ lib/libc/stdio/snprintf.c
@@ -38,6 +38,8 @@
#if defined(LIBC_SCCS) && !defined(lint)
static char sccsid[] = "@(#)snprintf.c 8.1 (Berkeley) 6/4/93";
#endif /* LIBC_SCCS and not lint */
+
+#undef _FORTIFY_SOURCE
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
Index: lib/libc/stdio/vsnprintf.c
===================================================================
--- lib/libc/stdio/vsnprintf.c
+++ lib/libc/stdio/vsnprintf.c
@@ -38,6 +38,8 @@
#if defined(LIBC_SCCS) && !defined(lint)
static char sccsid[] = "@(#)vsnprintf.c 8.1 (Berkeley) 6/4/93";
#endif /* LIBC_SCCS and not lint */
+
+#undef _FORTIFY_SOURCE
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
Index: lib/libc/string/memccpy.c
===================================================================
--- lib/libc/string/memccpy.c
+++ lib/libc/string/memccpy.c
@@ -30,6 +30,8 @@
#if defined(LIBC_SCCS) && !defined(lint)
static char sccsid[] = "@(#)memccpy.c 8.1 (Berkeley) 6/4/93";
#endif /* LIBC_SCCS and not lint */
+
+#undef _FORTIFY_SOURCE
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
Index: lib/libc/string/memchr.c
===================================================================
--- lib/libc/string/memchr.c
+++ lib/libc/string/memchr.c
@@ -33,6 +33,8 @@
#if defined(LIBC_SCCS) && !defined(lint)
static char sccsid[] = "@(#)memchr.c 8.1 (Berkeley) 6/4/93";
#endif /* LIBC_SCCS and not lint */
+
+#undef _FORTIFY_SOURCE
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
Index: lib/libc/string/stpncpy.c
===================================================================
--- lib/libc/string/stpncpy.c
+++ lib/libc/string/stpncpy.c
@@ -24,6 +24,7 @@
* SUCH DAMAGE.
*/
+#undef _FORTIFY_SOURCE
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
Index: lib/libc/string/strchr.c
===================================================================
--- lib/libc/string/strchr.c
+++ lib/libc/string/strchr.c
@@ -30,6 +30,8 @@
#if defined(LIBC_SCCS) && !defined(lint)
static char sccsid[] = "@(#)index.c 8.1 (Berkeley) 6/4/93";
#endif /* LIBC_SCCS and not lint */
+
+#undef _FORTIFY_SOURCE
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
Index: lib/libc/string/strchrnul.c
===================================================================
--- lib/libc/string/strchrnul.c
+++ lib/libc/string/strchrnul.c
@@ -25,6 +25,7 @@
*
*/
+#undef _FORTIFY_SOURCE
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
Index: lib/libc/string/strlcat.c
===================================================================
--- lib/libc/string/strlcat.c
+++ lib/libc/string/strlcat.c
@@ -16,6 +16,7 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
+#undef _FORTIFY_SOURCE
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
Index: lib/libc/string/strlcpy.c
===================================================================
--- lib/libc/string/strlcpy.c
+++ lib/libc/string/strlcpy.c
@@ -16,6 +16,7 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
+#undef _FORTIFY_SOURCE
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
Index: lib/libc/string/strlen.c
===================================================================
--- lib/libc/string/strlen.c
+++ lib/libc/string/strlen.c
@@ -24,6 +24,7 @@
* SUCH DAMAGE.
*/
+#undef _FORTIFY_SOURCE
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
Index: lib/libc/string/strrchr.c
===================================================================
--- lib/libc/string/strrchr.c
+++ lib/libc/string/strrchr.c
@@ -30,6 +30,8 @@
#if defined(LIBC_SCCS) && !defined(lint)
static char sccsid[] = "@(#)rindex.c 8.1 (Berkeley) 6/4/93";
#endif /* LIBC_SCCS and not lint */
+
+#undef _FORTIFY_SOURCE
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
Index: lib/libc/sys/Makefile.inc
===================================================================
--- lib/libc/sys/Makefile.inc
+++ lib/libc/sys/Makefile.inc
@@ -21,8 +21,6 @@
# Sources common to both syscall interfaces:
SRCS+= \
- stack_protector.c \
- stack_protector_compat.c \
__error.c \
interposing_table.c
Index: lib/libc/sys/Symbol.map
===================================================================
--- lib/libc/sys/Symbol.map
+++ lib/libc/sys/Symbol.map
@@ -56,7 +56,6 @@
bind;
chdir;
chflags;
- __chk_fail;
chmod;
chown;
chroot;
@@ -281,8 +280,6 @@
sigwaitinfo;
socket;
socketpair;
- __stack_chk_fail;
- __stack_chk_guard;
stat;
statfs;
swapoff;
Index: lib/libc/sys/read.c
===================================================================
--- lib/libc/sys/read.c
+++ lib/libc/sys/read.c
@@ -30,6 +30,7 @@
* EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
+#undef _FORTIFY_SOURCE
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
Index: lib/libc/sys/readv.c
===================================================================
--- lib/libc/sys/readv.c
+++ lib/libc/sys/readv.c
@@ -30,6 +30,7 @@
* EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
+#undef _FORTIFY_SOURCE
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
Index: lib/libc/sys/stack_protector.c
===================================================================
--- lib/libc/sys/stack_protector.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* $NetBSD: stack_protector.c,v 1.4 2006/11/22 17:23:25 christos Exp $ */
-/* $OpenBSD: stack_protector.c,v 1.10 2006/03/31 05:34:44 deraadt Exp $ */
-/*
- * Copyright (c) 2002 Hiroaki Etoh, Federico G. Schwindt, and Miodrag Vallat.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
- * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include <sys/cdefs.h>
-__FBSDID("$FreeBSD$");
-
-#include <sys/param.h>
-#include <sys/sysctl.h>
-#include <sys/types.h>
-#include <errno.h>
-#include <link.h>
-#include <signal.h>
-#include <string.h>
-#include <syslog.h>
-#include <unistd.h>
-#include "libc_private.h"
-
-extern int __sysctl(const int *name, u_int namelen, void *oldp,
- size_t *oldlenp, void *newp, size_t newlen);
-
-long __stack_chk_guard[8] = {0, 0, 0, 0, 0, 0, 0, 0};
-static void __guard_setup(void) __attribute__((__constructor__, __used__));
-static void __fail(const char *);
-void __stack_chk_fail(void);
-void __chk_fail(void);
-
-/*LINTED used*/
-static void
-__guard_setup(void)
-{
- static const int mib[2] = { CTL_KERN, KERN_ARND };
- size_t len;
- int error;
-
- if (__stack_chk_guard[0] != 0)
- return;
- error = _elf_aux_info(AT_CANARY, __stack_chk_guard,
- sizeof(__stack_chk_guard));
- if (error == 0 && __stack_chk_guard[0] != 0)
- return;
-
- len = sizeof(__stack_chk_guard);
- if (__sysctl(mib, nitems(mib), __stack_chk_guard, &len, NULL, 0) ==
- -1 || len != sizeof(__stack_chk_guard)) {
- /* If sysctl was unsuccessful, use the "terminator canary". */
- ((unsigned char *)(void *)__stack_chk_guard)[0] = 0;
- ((unsigned char *)(void *)__stack_chk_guard)[1] = 0;
- ((unsigned char *)(void *)__stack_chk_guard)[2] = '\n';
- ((unsigned char *)(void *)__stack_chk_guard)[3] = 255;
- }
-}
-
-/*ARGSUSED*/
-static void
-__fail(const char *msg)
-{
- struct sigaction sa;
- sigset_t mask;
-
- /* Immediately block all signal handlers from running code */
- (void)sigfillset(&mask);
- (void)sigdelset(&mask, SIGABRT);
- (void)sigprocmask(SIG_BLOCK, &mask, NULL);
-
- /* This may fail on a chroot jail... */
- syslog(LOG_CRIT, "%s", msg);
-
- (void)memset(&sa, 0, sizeof(sa));
- (void)sigemptyset(&sa.sa_mask);
- sa.sa_flags = 0;
- sa.sa_handler = SIG_DFL;
- (void)sigaction(SIGABRT, &sa, NULL);
- (void)kill(getpid(), SIGABRT);
- _exit(127);
-}
-
-void
-__stack_chk_fail(void)
-{
- __fail("stack overflow detected; terminated");
-}
-
-void
-__chk_fail(void)
-{
- __fail("buffer overflow detected; terminated");
-}
-
-#ifndef PIC
-__weak_reference(__stack_chk_fail, __stack_chk_fail_local);
-#endif
Index: lib/libc/sys/stack_protector_compat.c
===================================================================
--- lib/libc/sys/stack_protector_compat.c
+++ /dev/null
@@ -1,20 +0,0 @@
-/*
- * Written by Alexander Kabaev <kan@FreeBSD.org>
- * The file is in public domain.
- */
-
-#include <sys/cdefs.h>
-__FBSDID("$FreeBSD$");
-
-void __stack_chk_fail(void);
-
-#ifdef PIC
-void
-__stack_chk_fail_local_hidden(void)
-{
-
- __stack_chk_fail();
-}
-
-__sym_compat(__stack_chk_fail_local, __stack_chk_fail_local_hidden, FBSD_1.0);
-#endif
Index: sys/sys/cdefs.h
===================================================================
--- sys/sys/cdefs.h
+++ sys/sys/cdefs.h
@@ -554,6 +554,26 @@
#define __gnu_inline
#endif
+#if __has_attribute(error) || __GNUC_PREREQ__(4, 3)
+#define __error_attr(msg) __attribute__((__error__(msg)))
+#else
+#define __error_attr(msg)
+#endif
+
+/* FORTIFY_SOURCE related defines. */
+#if __GNUC_PREREQ__(4, 1) && defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE > 0 && \
+ defined(__OPTIMIZE__) && __OPTIMIZE__ > 0
+#define __BSD_FORTIFY 1
+#if _FORTIFY_SOURCE >= 2
+#define __bos(s) __builtin_object_size((s), 1)
+#else
+#define __bos(s) __builtin_object_size((s), 0)
+#endif
+#define __bos0(s) __builtin_object_size((s), 0)
+#define __FORTIFY_INLINE extern __inline __always_inline __gnu_inline
+#endif /* !_FORTIFY_SOURCE */
+#define __FORTIFY_UNKNOWN_SIZE ((size_t) -1)
+
/* Compiler-dependent macros that rely on FreeBSD-specific extensions. */
#if defined(__FreeBSD_cc_version) && __FreeBSD_cc_version >= 300001 && \
defined(__GNUC__) && !defined(__INTEL_COMPILER)
Index: sys/sys/poll.h
===================================================================
--- sys/sys/poll.h
+++ sys/sys/poll.h
@@ -117,6 +117,10 @@
#endif
__END_DECLS
+#ifdef __BSD_FORTIFY
+#include <secure/_poll.h>
+#endif
+
#endif /* !_KERNEL */
#endif /* !_SYS_POLL_H_ */
Index: sys/sys/select.h
===================================================================
--- sys/sys/select.h
+++ sys/sys/select.h
@@ -103,6 +103,11 @@
int select(int, fd_set *, fd_set *, fd_set *, struct timeval *);
#endif
__END_DECLS
+
+#ifdef __BSD_FORTIFY
+#include <secure/_select.h>
+#endif
+
#endif /* !_KERNEL */
#endif /* _SYS_SELECT_H_ */
Index: sys/sys/socket.h
===================================================================
--- sys/sys/socket.h
+++ sys/sys/socket.h
@@ -630,6 +630,10 @@
int socketpair(int, int, int, int *);
__END_DECLS
+#if defined(__BSD_FORTIFY)
+#include <secure/_socket.h>
+#endif
+
#endif /* !_KERNEL */
#ifdef _KERNEL
Index: sys/sys/stat.h
===================================================================
--- sys/sys/stat.h
+++ sys/sys/stat.h
@@ -356,6 +356,11 @@
int mknodat(int, const char *, mode_t, dev_t);
#endif
__END_DECLS
+
+#if defined(__BSD_FORTIFY)
+#include <secure/_stat.h>
+#endif
+
#endif /* !_KERNEL */
#endif /* !_SYS_STAT_H_ */
Index: tools/hbsd/build_hbsd_kernel.csh
===================================================================
--- /dev/null
+++ tools/hbsd/build_hbsd_kernel.csh
@@ -0,0 +1,47 @@
+#!/bin/csh
+
+setenv TARGET amd64
+setenv MAKEOBJDIRPREFIX /var/tmp/${TARGET}-objdir
+setenv __MAKE_CONF /dev/null
+setenv SRCCONF /dev/null
+setenv DESTDIR /tmp/${TARGET}-kernel
+@ __freebsd_mk_jobs = `sysctl -n kern.smp.cpus` + 1
+set current_dir = `pwd`
+set _current_dir = `echo ${current_dir} | sed -e 's|\(.*/\)\(.*\.git\)\(/.*\)*|\2|g'`
+set _current_realdir = `echo ${current_dir} | sed -e 's|\(.*/\)\(.*\.git\)\(/.*\)*|\1/\2|g'`
+set _check_toolchain = "${MAKEOBJDIRPREFIX}/___kernel-toolchain_DONE"
+set _date=`date "+%Y%m%d%H%M%S"`
+set _log="/tmp/${TARGET}-cc-log-${_current_dir}-${_date}"
+set _log_last="/tmp/${TARGET}-cc-log-${_current_dir}.last"
+set __MAKE_CONF = "/dev/null"
+set SRCCONF = "/dev/null"
+
+if ( "`sysctl -n security.bsd.hardlink_check_uid`" == "1" ) then
+ echo "build will fail, due to hard security checks"
+ echo "sysctl security.bsd.hardlink_check_uid=0"
+ exit
+endif
+
+if ( "`sysctl -n security.bsd.hardlink_check_gid`" == "1" ) then
+ echo "build will fail, due to hard security checks"
+ echo "sysctl security.bsd.hardlink_check_gid=0"
+ exit
+endif
+
+if ( (${_current_dir} != "hardenedBSD.git")) then
+ if ((${_current_dir} != "opBSD.git")) then
+ set _current_dir = "hardenedBSD.git"
+ endif
+endif
+
+echo "build source dir: ${_current_dir}"
+sleep 1
+
+if ( ! -d $MAKEOBJDIRPREFIX ) then
+ mkdir $MAKEOBJDIRPREFIX
+endif
+
+ln -sf ${_log} ${_log_last}
+
+(cd /usr/data/source/git/opBSD/${_current_dir}; make -j$__freebsd_mk_jobs -DNO_ROOT KERNCONF=GENERIC buildkernel) |& tee -a ${_log}
+touch ${_check_toolchain}
Index: tools/hbsd/build_hbsd_kernel_nc.csh
===================================================================
--- /dev/null
+++ tools/hbsd/build_hbsd_kernel_nc.csh
@@ -0,0 +1,47 @@
+#!/bin/csh
+
+setenv TARGET amd64
+setenv MAKEOBJDIRPREFIX /var/tmp/${TARGET}-objdir
+setenv __MAKE_CONF /dev/null
+setenv SRCCONF /dev/null
+setenv DESTDIR /tmp/${TARGET}-kernel
+@ __freebsd_mk_jobs = `sysctl -n kern.smp.cpus` + 1
+set current_dir = `pwd`
+set _current_dir = `echo ${current_dir} | sed -e 's|\(.*/\)\(.*\.git\)\(/.*\)*|\2|g'`
+set _current_realdir = `echo ${current_dir} | sed -e 's|\(.*/\)\(.*\.git\)\(/.*\)*|\1/\2|g'`
+set _check_toolchain = "${MAKEOBJDIRPREFIX}/___kernel-toolchain_DONE"
+set _date=`date "+%Y%m%d%H%M%S"`
+set _log="/tmp/${TARGET}-cc-log-${_current_dir}-${_date}"
+set _log_last="/tmp/${TARGET}-cc-log-${_current_dir}.last"
+set __MAKE_CONF = "/dev/null"
+set SRCCONF = "/dev/null"
+
+if ( "`sysctl -n security.bsd.hardlink_check_uid`" == "1" ) then
+ echo "build will fail, due to hard security checks"
+ echo "sysctl security.bsd.hardlink_check_uid=0"
+ exit
+endif
+
+if ( "`sysctl -n security.bsd.hardlink_check_gid`" == "1" ) then
+ echo "build will fail, due to hard security checks"
+ echo "sysctl security.bsd.hardlink_check_gid=0"
+ exit
+endif
+
+if ( (${_current_dir} != "hardenedBSD.git")) then
+ if ((${_current_dir} != "opBSD.git")) then
+ set _current_dir = "hardenedBSD.git"
+ endif
+endif
+
+echo "build source dir: ${_current_dir}"
+sleep 1
+
+if ( ! -d $MAKEOBJDIRPREFIX ) then
+ mkdir $MAKEOBJDIRPREFIX
+endif
+
+ln -sf ${_log} ${_log_last}
+
+(cd /usr/data/source/git/opBSD/${_current_dir}; make -j$__freebsd_mk_jobs -DNO_ROOT -DNO_CLEAN KERNCONF=GENERIC buildkernel) |& tee -a ${_log}
+touch ${_check_toolchain}
Index: tools/hbsd/build_hbsd_libc.csh
===================================================================
--- /dev/null
+++ tools/hbsd/build_hbsd_libc.csh
@@ -0,0 +1,47 @@
+#!/bin/csh
+
+setenv TARGET amd64
+setenv MAKEOBJDIRPREFIX /var/tmp/${TARGET}-objdir
+setenv __MAKE_CONF /dev/null
+setenv SRCCONF /dev/null
+setenv DESTDIR /tmp/${TARGET}-kernel
+@ __freebsd_mk_jobs = `sysctl -n kern.smp.cpus` + 1
+set current_dir = `pwd`
+set _current_dir = `echo ${current_dir} | sed -e 's|\(.*/\)\(.*\.git\)\(/.*\)*|\2|g'`
+set _current_realdir = `echo ${current_dir} | sed -e 's|\(.*/\)\(.*\.git\)\(/.*\)*|\1/\2|g'`
+set _check_toolchain = "${MAKEOBJDIRPREFIX}/___kernel-toolchain_DONE"
+set _date=`date "+%Y%m%d%H%M%S"`
+set _log="/tmp/${TARGET}-libc-cc-log-${_current_dir}-${_date}"
+set _log_last="/tmp/${TARGET}-libc-cc-log-${_current_dir}.last"
+set __MAKE_CONF = "/dev/null"
+set SRCCONF = "/dev/null"
+
+if ( "`sysctl -n security.bsd.hardlink_check_uid`" == "1" ) then
+ echo "build will fail, due to hard security checks"
+ echo "sysctl security.bsd.hardlink_check_uid=0"
+ exit
+endif
+
+if ( "`sysctl -n security.bsd.hardlink_check_gid`" == "1" ) then
+ echo "build will fail, due to hard security checks"
+ echo "sysctl security.bsd.hardlink_check_gid=0"
+ exit
+endif
+
+if ( (${_current_dir} != "hardenedBSD.git")) then
+ if ((${_current_dir} != "opBSD.git")) then
+ set _current_dir = "hardenedBSD.git"
+ endif
+endif
+
+echo "build source dir: ${_current_dir}"
+sleep 1
+
+if ( ! -d $MAKEOBJDIRPREFIX ) then
+ mkdir $MAKEOBJDIRPREFIX
+endif
+
+ln -sf ${_log} ${_log_last}
+
+(cd /usr/data/source/git/opBSD/${_current_dir}/lib/libc; make -j$__freebsd_mk_jobs -DNO_ROOT KERNCONF=GENERIC) |& tee -a ${_log}
+touch ${_check_toolchain}
Index: tools/hbsd/build_hbsd_libc_nc.csh
===================================================================
--- /dev/null
+++ tools/hbsd/build_hbsd_libc_nc.csh
@@ -0,0 +1,47 @@
+#!/bin/csh
+
+setenv TARGET amd64
+setenv MAKEOBJDIRPREFIX /var/tmp/${TARGET}-objdir
+setenv __MAKE_CONF /dev/null
+setenv SRCCONF /dev/null
+setenv DESTDIR /tmp/${TARGET}-kernel
+@ __freebsd_mk_jobs = `sysctl -n kern.smp.cpus` + 1
+set current_dir = `pwd`
+set _current_dir = `echo ${current_dir} | sed -e 's|\(.*/\)\(.*\.git\)\(/.*\)*|\2|g'`
+set _current_realdir = `echo ${current_dir} | sed -e 's|\(.*/\)\(.*\.git\)\(/.*\)*|\1/\2|g'`
+set _check_toolchain = "${MAKEOBJDIRPREFIX}/___kernel-toolchain_DONE"
+set _date=`date "+%Y%m%d%H%M%S"`
+set _log="/tmp/${TARGET}-libc-cc-log-${_current_dir}-${_date}"
+set _log_last="/tmp/${TARGET}-libc-cc-log-${_current_dir}.last"
+set __MAKE_CONF = "/dev/null"
+set SRCCONF = "/dev/null"
+
+if ( "`sysctl -n security.bsd.hardlink_check_uid`" == "1" ) then
+ echo "build will fail, due to hard security checks"
+ echo "sysctl security.bsd.hardlink_check_uid=0"
+ exit
+endif
+
+if ( "`sysctl -n security.bsd.hardlink_check_gid`" == "1" ) then
+ echo "build will fail, due to hard security checks"
+ echo "sysctl security.bsd.hardlink_check_gid=0"
+ exit
+endif
+
+if ( (${_current_dir} != "hardenedBSD.git")) then
+ if ((${_current_dir} != "opBSD.git")) then
+ set _current_dir = "hardenedBSD.git"
+ endif
+endif
+
+echo "build source dir: ${_current_dir}"
+sleep 1
+
+if ( ! -d $MAKEOBJDIRPREFIX ) then
+ mkdir $MAKEOBJDIRPREFIX
+endif
+
+ln -sf ${_log} ${_log_last}
+
+(cd /usr/data/source/git/opBSD/${_current_dir}/lib/libc; make -j$__freebsd_mk_jobs -DNO_CLEAN -DNO_ROOT KERNCONF=GENERIC) |& tee -a ${_log}
+touch ${_check_toolchain}
Index: tools/hbsd/build_hbsd_world.csh
===================================================================
--- /dev/null
+++ tools/hbsd/build_hbsd_world.csh
@@ -0,0 +1,47 @@
+#!/bin/csh
+
+setenv TARGET amd64
+setenv MAKEOBJDIRPREFIX /var/tmp/${TARGET}-objdir
+setenv __MAKE_CONF /dev/null
+setenv SRCCONF /dev/null
+setenv DESTDIR /tmp/${TARGET}-kernel
+@ __freebsd_mk_jobs = `sysctl -n kern.smp.cpus` + 1
+set current_dir = `pwd`
+set _current_dir = `echo ${current_dir} | sed -e 's|\(.*/\)\(.*\.git\)\(/.*\)*|\2|g'`
+set _current_realdir = `echo ${current_dir} | sed -e 's|\(.*/\)\(.*\.git\)\(/.*\)*|\1/\2|g'`
+set _check_toolchain = "${MAKEOBJDIRPREFIX}/___kernel-toolchain_DONE"
+set _date=`date "+%Y%m%d%H%M%S"`
+set _log="/tmp/${TARGET}-cc-log-${_current_dir}-${_date}"
+set _log_last="/tmp/${TARGET}-cc-log-${_current_dir}.last"
+set __MAKE_CONF = "/dev/null"
+set SRCCONF = "/dev/null"
+
+if ( "`sysctl -n security.bsd.hardlink_check_uid`" == "1" ) then
+ echo "build will fail, due to hard security checks"
+ echo "sysctl security.bsd.hardlink_check_uid=0"
+ exit
+endif
+
+if ( "`sysctl -n security.bsd.hardlink_check_gid`" == "1" ) then
+ echo "build will fail, due to hard security checks"
+ echo "sysctl security.bsd.hardlink_check_gid=0"
+ exit
+endif
+
+if ( (${_current_dir} != "hardenedBSD.git")) then
+ if ((${_current_dir} != "opBSD.git")) then
+ set _current_dir = "hardenedBSD.git"
+ endif
+endif
+
+echo "build source dir: ${_current_dir}"
+sleep 1
+
+if ( ! -d $MAKEOBJDIRPREFIX ) then
+ mkdir $MAKEOBJDIRPREFIX
+endif
+
+ln -sf ${_log} ${_log_last}
+
+(cd /usr/data/source/git/opBSD/${_current_dir}; make -j$__freebsd_mk_jobs -DNO_ROOT KERNCONF=GENERIC buildworld buildkernel) |& tee -a ${_log}
+touch ${_check_toolchain}
Index: tools/hbsd/build_hbsd_world_nc.csh
===================================================================
--- /dev/null
+++ tools/hbsd/build_hbsd_world_nc.csh
@@ -0,0 +1,47 @@
+#!/bin/csh
+
+setenv TARGET amd64
+setenv MAKEOBJDIRPREFIX /var/tmp/${TARGET}-objdir
+setenv __MAKE_CONF /dev/null
+setenv SRCCONF /dev/null
+setenv DESTDIR /tmp/${TARGET}-kernel
+@ __freebsd_mk_jobs = `sysctl -n kern.smp.cpus` + 1
+set current_dir = `pwd`
+set _current_dir = `echo ${current_dir} | sed -e 's|\(.*/\)\(.*\.git\)\(/.*\)*|\2|g'`
+set _current_realdir = `echo ${current_dir} | sed -e 's|\(.*/\)\(.*\.git\)\(/.*\)*|\1/\2|g'`
+set _check_toolchain = "${MAKEOBJDIRPREFIX}/___kernel-toolchain_DONE"
+set _date=`date "+%Y%m%d%H%M%S"`
+set _log="/tmp/${TARGET}-cc-log-${_current_dir}-${_date}"
+set _log_last="/tmp/${TARGET}-cc-log-${_current_dir}.last"
+set __MAKE_CONF = "/dev/null"
+set SRCCONF = "/dev/null"
+
+if ( "`sysctl -n security.bsd.hardlink_check_uid`" == "1" ) then
+ echo "build will fail, due to hard security checks"
+ echo "sysctl security.bsd.hardlink_check_uid=0"
+ exit
+endif
+
+if ( "`sysctl -n security.bsd.hardlink_check_gid`" == "1" ) then
+ echo "build will fail, due to hard security checks"
+ echo "sysctl security.bsd.hardlink_check_gid=0"
+ exit
+endif
+
+if ( (${_current_dir} != "hardenedBSD.git")) then
+ if ((${_current_dir} != "opBSD.git")) then
+ set _current_dir = "hardenedBSD.git"
+ endif
+endif
+
+echo "build source dir: ${_current_dir}"
+sleep 1
+
+if ( ! -d $MAKEOBJDIRPREFIX ) then
+ mkdir $MAKEOBJDIRPREFIX
+endif
+
+ln -sf ${_log} ${_log_last}
+
+(cd /usr/data/source/git/opBSD/${_current_dir}; make -j$__freebsd_mk_jobs -DNO_CLEAN -DNO_ROOT KERNCONF=GENERIC buildworld buildkernel) |& tee -a ${_log}
+touch ${_check_toolchain}
Index: tools/hbsd/install_hbsd_world.csh
===================================================================
--- /dev/null
+++ tools/hbsd/install_hbsd_world.csh
@@ -0,0 +1,44 @@
+#!/bin/csh
+
+setenv TARGET amd64
+setenv MAKEOBJDIRPREFIX /var/tmp/${TARGET}-objdir
+setenv __MAKE_CONF /dev/null
+setenv DESTDIR /tmp/${TARGET}-kernel
+@ __freebsd_mk_jobs = `sysctl -n kern.smp.cpus` + 1
+set current_dir = `pwd`
+set _current_dir = `echo ${current_dir} | sed -e 's|\(.*/\)\(.*\.git\)\(/.*\)*|\2|g'`
+set _current_realdir = `echo ${current_dir} | sed -e 's|\(.*/\)\(.*\.git\)\(/.*\)*|\1/\2|g'`
+set _check_toolchain = "${MAKEOBJDIRPREFIX}/___kernel-toolchain_DONE"
+set _date=`date "+%Y%m%d%H%M%S"`
+set _log="/tmp/${TARGET}-cc-log-${_current_dir}-${_date}"
+set _log_last="/tmp/${TARGET}-cc-log-${_current_dir}.last"
+
+if ( "`sysctl -n security.bsd.hardlink_check_uid`" == "1" ) then
+ echo "build will fail, due to hard security checks"
+ echo "sysctl security.bsd.hardlink_check_uid=0"
+ exit
+endif
+
+if ( "`sysctl -n security.bsd.hardlink_check_gid`" == "1" ) then
+ echo "build will fail, due to hard security checks"
+ echo "sysctl security.bsd.hardlink_check_gid=0"
+ exit
+endif
+
+if ( (${_current_dir} != "hardenedBSD.git")) then
+ if ((${_current_dir} != "opBSD.git")) then
+ set _current_dir = "hardenedBSD.git"
+ endif
+endif
+
+echo "build source dir: ${_current_dir}"
+sleep 1
+
+if ( ! -d $MAKEOBJDIRPREFIX ) then
+ mkdir $MAKEOBJDIRPREFIX
+endif
+
+ln -sf ${_log} ${_log_last}
+
+(cd /usr/data/source/git/opBSD/${_current_dir}; make -j$__freebsd_mk_jobs -DNO_ROOT KERNCONF=GENERIC installworld installkernel) |& tee -a ${_log}
+touch ${_check_toolchain}
Index: tools/hbsd/install_hbsd_world_nc.csh
===================================================================
--- /dev/null
+++ tools/hbsd/install_hbsd_world_nc.csh
@@ -0,0 +1,44 @@
+#!/bin/csh
+
+setenv TARGET amd64
+setenv MAKEOBJDIRPREFIX /var/tmp/${TARGET}-objdir
+setenv __MAKE_CONF /dev/null
+setenv DESTDIR /tmp/${TARGET}-kernel
+@ __freebsd_mk_jobs = `sysctl -n kern.smp.cpus` + 1
+set current_dir = `pwd`
+set _current_dir = `echo ${current_dir} | sed -e 's|\(.*/\)\(.*\.git\)\(/.*\)*|\2|g'`
+set _current_realdir = `echo ${current_dir} | sed -e 's|\(.*/\)\(.*\.git\)\(/.*\)*|\1/\2|g'`
+set _check_toolchain = "${MAKEOBJDIRPREFIX}/___kernel-toolchain_DONE"
+set _date=`date "+%Y%m%d%H%M%S"`
+set _log="/tmp/${TARGET}-cc-log-${_current_dir}-${_date}"
+set _log_last="/tmp/${TARGET}-cc-log-${_current_dir}.last"
+
+if ( "`sysctl -n security.bsd.hardlink_check_uid`" == "1" ) then
+ echo "build will fail, due to hard security checks"
+ echo "sysctl security.bsd.hardlink_check_uid=0"
+ exit
+endif
+
+if ( "`sysctl -n security.bsd.hardlink_check_gid`" == "1" ) then
+ echo "build will fail, due to hard security checks"
+ echo "sysctl security.bsd.hardlink_check_gid=0"
+ exit
+endif
+
+if ( (${_current_dir} != "hardenedBSD.git")) then
+ if ((${_current_dir} != "opBSD.git")) then
+ set _current_dir = "hardenedBSD.git"
+ endif
+endif
+
+echo "build source dir: ${_current_dir}"
+sleep 1
+
+if ( ! -d $MAKEOBJDIRPREFIX ) then
+ mkdir $MAKEOBJDIRPREFIX
+endif
+
+ln -sf ${_log} ${_log_last}
+
+(cd /usr/data/source/git/opBSD/${_current_dir}; make -j$__freebsd_mk_jobs -DNO_CLEAN -DNO_ROOT KERNCONF=GENERIC installworld installkernel) |& tee -a ${_log}
+touch ${_check_toolchain}

File Metadata

Mime Type
text/plain
Expires
Sat, Oct 25, 5:59 PM (10 h, 56 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
24183444
Default Alt Text
D3043.id6861.diff (153 KB)

Event Timeline