D3453.diff
No OneTemporary
Actions

Size

6 KB

Referenced Files

None

Subscribers

None

D3453.diff
View Options

	Index: include/secure/Makefile
	===================================================================
	--- include/secure/Makefile
	+++ include/secure/Makefile
	@@ -1,6 +1,6 @@
	# $FreeBSD$

	-INCS= security.h _poll.h
	+INCS= security.h _poll.h _socket.h
	INCSDIR= ${INCLUDEDIR}/secure

	.include <bsd.prog.mk>
	Index: include/secure/_socket.h
	===================================================================
	--- /dev/null
	+++ include/secure/_socket.h
	@@ -0,0 +1,83 @@
	+/*
	+ * Copyright (C) 2008 The Android Open Source Project
	+ * All rights reserved.
	+ *
	+ * Redistribution and use in source and binary forms, with or without
	+ * modification, are permitted provided that the following conditions
	+ * are met:
	+ * * Redistributions of source code must retain the above copyright
	+ * notice, this list of conditions and the following disclaimer.
	+ * * Redistributions in binary form must reproduce the above copyright
	+ * notice, this list of conditions and the following disclaimer in
	+ * the documentation and/or other materials provided with the
	+ * distribution.
	+ *
	+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
	+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
	+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
	+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
	+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
	+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
	+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
	+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
	+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
	+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
	+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	+ * SUCH DAMAGE.
	+ *
	+ * bionic rev: a8993c994e45ec2dc00dcef15910560e22d67be9
	+ *
	+ * $FreeBSD$
	+ */
	+
	+
	+#ifndef _SYS_SOCKET_H_
	+#error "You should not use <secure/_socket.h> directly; include <sys/socket.h> instead."
	+#endif
	+
	+#ifndef _SECURE_SOCKET_H_
	+#define _SECURE_SOCKET_H_
	+
	+#include <sys/_null.h>
	+#include <secure/security.h>
	+
	+__BEGIN_DECLS
	+
	+extern ssize_t __recvfrom_chk(int, void , size_t, size_t, int, struct sockaddr __restrict, socklen_t * __restrict);
	+extern ssize_t __recvfrom_real(int, void , size_t, int, const struct sockaddr , socklen_t *) __RENAME(recvfrom);
	+__errordecl(__recvfrom_error, "recvfrom called with size bigger than buffer");
	+
	+#ifdef __BSD_FORTIFY
	+
	+__FORTIFY_INLINE ssize_t
	+recvfrom(int _s, void _buf, size_t _len, int _flags, struct sockaddr __restrict _from, socklen_t * __restrict _fromlen)
	+{
	+ size_t _bos = __bos0(_buf);
	+
	+#ifndef __clang__
	+ if (_bos == __FORTIFY_UNKNOWN_SIZE)
	+ return (__recvfrom_real(_s, _buf, _len, _flags, _from, _fromlen));
	+
	+ if (__builtin_constant_p(_len) && (_len <= _bos))
	+ return (__recvfrom_real(_s, _buf, _len, _flags, _from, _fromlen));
	+
	+ if (__builtin_constant_p(_len) && (_len > _bos))
	+ __recvfrom_error();
	+#endif
	+
	+ return (__recvfrom_chk(_s, _buf, _len, _bos, _flags, _from, _fromlen));
	+}
	+
	+
	+__FORTIFY_INLINE ssize_t
	+recv(int _s, void *_buf, size_t _len, int _flags)
	+{
	+
	+ return recvfrom(_s, _buf, _len, _flags, NULL, 0);
	+}
	+
	+#endif /* !__BSD_FORTIFY */
	+
	+__END_DECLS
	+
	+#endif /* !_SECURE_SOCKET_H */
	Index: lib/libc/secure/Makefile.inc
	===================================================================
	--- lib/libc/secure/Makefile.inc
	+++ lib/libc/secure/Makefile.inc
	@@ -17,6 +17,7 @@
	# Sources which contains FORTIFY_SOURCE functions,
	# but live in .h files under sys/sys
	SRCS+= \
	- __poll_chk.c
	+ __poll_chk.c \
	+ __recvfrom_chk.c

	SYM_MAPS+= ${LIBC_SRCTOP}/secure/Symbol.map
	Index: lib/libc/secure/Symbol.map
	===================================================================
	--- lib/libc/secure/Symbol.map
	+++ lib/libc/secure/Symbol.map
	@@ -21,6 +21,7 @@
	__fortify_chk_fail;
	__poll_chk;
	__ppoll_chk;
	+ __recvfrom_chk;
	__secure_fail;
	};

	Index: lib/libc/secure/__recvfrom_chk.c
	===================================================================
	--- /dev/null
	+++ lib/libc/secure/__recvfrom_chk.c
	@@ -0,0 +1,53 @@
	+/*-
	+ * Copyright (C) 2013 The Android Open Source Project
	+ * All rights reserved.
	+ *
	+ * Redistribution and use in source and binary forms, with or without
	+ * modification, are permitted provided that the following conditions
	+ * are met:
	+ * * Redistributions of source code must retain the above copyright
	+ * notice, this list of conditions and the following disclaimer.
	+ * * Redistributions in binary form must reproduce the above copyright
	+ * notice, this list of conditions and the following disclaimer in
	+ * the documentation and/or other materials provided with the
	+ * distribution.
	+ *
	+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
	+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
	+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
	+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
	+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
	+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
	+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
	+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
	+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
	+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
	+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	+ * SUCH DAMAGE.
	+ *
	+ * bionic rev: a8993c994e45ec2dc00dcef15910560e22d67be9
	+ *
	+ * $FreeBSD$
	+ */
	+
	+#undef _FORTIFY_SOURCE
	+
	+#include <sys/cdefs.h>
	+#include <sys/socket.h>
	+#include <secure/security.h>
	+#include "secure/_socket.h"
	+
	+ssize_t
	+__recvfrom_chk(int s, void *buf, size_t len, size_t bos,
	+ int flags, struct sockaddr * __restrict from,
	+ socklen_t * __restrict fromlen)
	+{
	+
	+ if (__predict_false(bos == __FORTIFY_UNKNOWN_SIZE))
	+ return (recvfrom(s, buf, len, flags, from, fromlen));
	+
	+ if (__predict_false(len > bos))
	+ __fortify_chk_fail("recvfrom: prevented write past end of buffer");
	+
	+ return (recvfrom(s, buf, len, flags, from, fromlen));
	+}
	Index: sys/sys/socket.h
	===================================================================
	--- sys/sys/socket.h
	+++ sys/sys/socket.h
	@@ -630,6 +630,10 @@
	int socketpair(int, int, int, int *);
	__END_DECLS

	+#ifdef __BSD_FORTIFY
	+#include <secure/_socket.h>
	+#endif
	+
	#endif /* !_KERNEL */

	#ifdef _KERNEL

File Metadata

Mime Type: text/plain
Expires: Fri, Nov 21, 12:23 AM (6 h, 7 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 25740047
Default Alt Text: D3453.diff (6 KB)

D3453.diffNo OneTemporaryActions

D3453.diffView Options

File Metadata

Event Timeline

D3453.diff
No OneTemporary
Actions

D3453.diff
View Options