Changeset View
Changeset View
Standalone View
Standalone View
lib/libssp/ssp.3
- This file was added.
.\" $NetBSD: ssp.3,v 1.9 2015/12/03 13:11:45 christos Exp $ | |||||
.\" | |||||
.\" Copyright (c) 2007 The NetBSD Foundation, Inc. | |||||
.\" All rights reserved. | |||||
.\" | |||||
.\" This code is derived from software contributed to The NetBSD Foundation | |||||
.\" by Christos Zoulas. | |||||
.\" | |||||
.\" Redistribution and use in source and binary forms, with or without | |||||
.\" modification, are permitted provided that the following conditions | |||||
.\" are met: | |||||
.\" 1. Redistributions of source code must retain the above copyright | |||||
.\" notice, this list of conditions and the following disclaimer. | |||||
.\" 2. Redistributions in binary form must reproduce the above copyright | |||||
.\" notice, this list of conditions and the following disclaimer in the | |||||
.\" documentation and/or other materials provided with the distribution. | |||||
.\" | |||||
.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS | |||||
.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED | |||||
.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |||||
.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS | |||||
.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR | |||||
.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF | |||||
.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS | |||||
.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN | |||||
.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |||||
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | |||||
.\" POSSIBILITY OF SUCH DAMAGE. | |||||
.\" | |||||
.\" | |||||
.Dd December 3, 2015 | |||||
.Dt SSP 3 | |||||
.Os | |||||
.Sh NAME | |||||
.Nm ssp | |||||
.Nd bounds checked libc functions | |||||
.Sh LIBRARY | |||||
.Lb libssp | |||||
.Sh SYNOPSIS | |||||
.In ssp/stdio.h | |||||
.Ft int | |||||
.Fn sprintf "char *str" "const char *fmt" "..." | |||||
.Ft int | |||||
.Fn vsprintf "char *str" "const char *fmt" "va_list ap" | |||||
.Ft int | |||||
.Fn snprintf "char *str" "size_t len" "const char *fmt" "..." | |||||
.Ft int | |||||
.Fn vsnprintf "char *str" "size_t len" "const char *fmt" "va_list ap" | |||||
.Ft char * | |||||
.Fn gets "char *str" | |||||
.Ft char * | |||||
.Fn fgets "char *str" "int len" "FILE *fp" | |||||
.In ssp/string.h | |||||
.Ft void * | |||||
.Fn memcpy "void *str" "const void *ptr" "size_t len" | |||||
.Ft void * | |||||
.Fn memmove "void *str" "const void *ptr" "size_t len" | |||||
.Ft void * | |||||
.Fn memset "void *str" "int val" "size_t len" | |||||
.Ft char * | |||||
.Fn stpcpy "char *str" "const char *ptr" | |||||
.Ft char * | |||||
.Fn strcpy "char *str" "const char *ptr" | |||||
.Ft char * | |||||
.Fn strcat "char *str" "const char *ptr" | |||||
.Ft char * | |||||
.Fn strncpy "char *str" "const char *ptr" "size_t len" | |||||
.Ft char * | |||||
.Fn strncat "char *str" "const char *ptr" "size_t len" | |||||
.In ssp/strings.h | |||||
.Ft void * | |||||
.Fn bcopy "const void *ptr" "void *str" "size_t len" | |||||
.Ft void * | |||||
.Fn bzero "void *str" "size_t len" | |||||
.In ssp/unistd.h | |||||
.Ft ssize_t | |||||
.Fn read "int fd" "void *str" "size_t len" | |||||
.Ft int | |||||
.Fn readlink "const char * restrict path" "char * restrict str" "size_t len" | |||||
.Ft int | |||||
.Fn getcwd "char *str" "size_t len" | |||||
.Sh DESCRIPTION | |||||
When | |||||
.Dv _FORTIFY_SOURCE | |||||
bounds checking is enabled as described below, the above functions get | |||||
overwritten to use the | |||||
.Xr __builtin_object_size 3 | |||||
function to compute the size of | |||||
.Fa str , | |||||
if known at compile time, | |||||
and perform bounds check on it in order | |||||
to avoid data buffer or stack buffer overflows. | |||||
If an overflow is detected, the routines will call | |||||
.Xr abort 3 . | |||||
.Pp | |||||
To enable these function overrides the following should be added to the | |||||
.Xr gcc 1 | |||||
command line: | |||||
.Dq \-D_FORTIFY_SOURCE=1 | |||||
or | |||||
pauamma_gundo.com: Does this apply to clang as well? If so, I'd mention both. | |||||
.Dq \-D_FORTIFY_SOURCE=2 . | |||||
.Pp | |||||
If | |||||
.Dv _FORTIFY_SOURCE is set to | |||||
.Dv 1 | |||||
the code will compute the maximum possible buffer size for | |||||
.Fa str , | |||||
and if set to | |||||
.Dv 2 | |||||
it will compute the minimum buffer size. | |||||
.Sh SEE ALSO | |||||
.Xr gcc 1 , | |||||
.Xr __builtin_object_size 3 , | |||||
.Xr stdio 3 , | |||||
.Xr string 3 , | |||||
Done Inline ActionsAdd clang here if added above. pauamma_gundo.com: Add clang here if added above. | |||||
.Xr security 7 | |||||
.Sh HISTORY | |||||
The | |||||
.Nm ssp | |||||
library appeared | |||||
pauamma_gundo.comUnsubmitted Done Inline Actions"in" missing unless .Nx does more than what I remember .Fx doing. (Maybe let upstream know as well?) pauamma_gundo.com: "in" missing unless .Nx does more than what I remember .Fx doing. (Maybe let upstream know as… | |||||
.Nx 4.0 . | |||||
gbeUnsubmitted Done Inline ActionsWould be good if you could also mention FreeBSD here. gbe: Would be good if you could also mention FreeBSD here. | |||||
Not Done Inline ActionsDid it? kib: Did it? | |||||
Done Inline ActionsThis is referring to https://svnweb.freebsd.org/base/?view=revision&revision=r356356, it just didn't get a man page back then and these symbols aborted. kevans: This is referring to https://svnweb.freebsd.org/base/?view=revision&revision=r356356, it just… |
Does this apply to clang as well? If so, I'd mention both.