Changeset View
Changeset View
Standalone View
Standalone View
lib/libc/secure/fortify_source.c
- This file was added.
| /*- | |||||
| * Copyright (c) 2015 Olivér Pintér <op@FreeBSD.org> | |||||
| * All rights reserved. | |||||
| * | |||||
| * Redistribution and use in source and binary forms, with or without | |||||
| * modification, are permitted provided that the following conditions | |||||
| * are met: | |||||
| * 1. Redistributions of source code must retain the above copyright | |||||
| * notice, this list of conditions and the following disclaimer. | |||||
| * 2. Redistributions in binary form must reproduce the above copyright | |||||
| * notice, this list of conditions and the following disclaimer in the | |||||
| * documentation and/or other materials provided with the distribution. | |||||
| * | |||||
| * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND | |||||
| * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |||||
| * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |||||
| * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |||||
| * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |||||
| * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |||||
| * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |||||
| * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |||||
| * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |||||
| * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |||||
| * SUCH DAMAGE. | |||||
| * | |||||
| * $FreeBSD$ | |||||
| */ | |||||
| #include <sys/cdefs.h> | |||||
| #include <sys/param.h> | |||||
| #include <sys/sysctl.h> | |||||
| #include <sys/types.h> | |||||
| #include "secure/security.h" | |||||
| void | |||||
| __fortify_chk_fail(const char* msg) | |||||
| { | |||||
| __secure_fail(msg); | |||||
| } | |||||
kib: You do not need four comparisions, two are enough.
Look at sys/kern/kern_rangelock.c… | |||||
Done Inline ActionsAdditionally, casts to const char * should be added before adding len to avoid depending on a GCC extension, and casts to uintptr_t should be added before comparing to avoid undefined behaviour from comparing (</<=/>/>=) pointers from different arrays. Also, this should be an inline function. jilles: Additionally, casts to `const char *` should be added before adding `len` to avoid depending on… | |||||
Not Done Inline ActionsYes, I thinking about them too. I move then this function to include/secure/security.h file with the adjustments. op: Yes, I thinking about them too. I move then this function to include/secure/security.h file… | |||||
Not Done Inline Actionsjilles: casting of len to (const char *) does not work with clang: op@opn /tmp> make test
cc -O2 -pipe -pipe -DHARDENEDBSD test.c -o test
test.c:51:37: error: invalid operands to binary expression ('const char *' and 'const char *')
if ((uintptr_t)(a) < (uintptr_t)(b + (const char *)l) &&
~ ^ ~~~~~~~~~~~~~~~
test.c:52:20: error: invalid operands to binary expression ('const char *' and 'const char *')
(uintptr_t)(a + (const char *)l) > (uintptr_t)(b))
~ ^ ~~~~~~~~~~~~~~~
2 errors generated.
*** Error code 1op: jilles: casting of len to (const char *) does not work with clang:
```
op@opn /tmp> make test… | |||||
You do not need four comparisions, two are enough.
Look at sys/kern/kern_rangelock.c:ranges_overlap() to see how to do it.