diff --git a/lib/libc/tests/secure/Makefile b/lib/libc/tests/secure/Makefile --- a/lib/libc/tests/secure/Makefile +++ b/lib/libc/tests/secure/Makefile @@ -4,6 +4,7 @@ # sys/ headers FORTIFY_TCATS+= random +FORTIFY_TCATS+= select FORTIFY_TCATS+= uio # non-sys/ headers diff --git a/lib/libc/tests/secure/fortify_poll_test.c b/lib/libc/tests/secure/fortify_poll_test.c --- a/lib/libc/tests/secure/fortify_poll_test.c +++ b/lib/libc/tests/secure/fortify_poll_test.c @@ -6,6 +6,7 @@ #include #include #include +#include #include #include #include diff --git a/lib/libc/tests/secure/fortify_random_test.c b/lib/libc/tests/secure/fortify_random_test.c --- a/lib/libc/tests/secure/fortify_random_test.c +++ b/lib/libc/tests/secure/fortify_random_test.c @@ -6,6 +6,7 @@ #include #include #include +#include #include #include #include diff --git a/lib/libc/tests/secure/fortify_uio_test.c b/lib/libc/tests/secure/fortify_select_test.c copy from lib/libc/tests/secure/fortify_uio_test.c copy to lib/libc/tests/secure/fortify_select_test.c --- a/lib/libc/tests/secure/fortify_uio_test.c +++ b/lib/libc/tests/secure/fortify_select_test.c @@ -1,4 +1,4 @@ -/* @generated by `generate-fortify-tests.lua "uio"` */ +/* @generated by `generate-fortify-tests.lua "select"` */ #define _FORTIFY_SOURCE 2 #define TMPFILE_SIZE (1024 * 32) @@ -6,6 +6,7 @@ #include #include #include +#include #include #include #include @@ -116,53 +117,53 @@ close(fd); } -ATF_TC_WITHOUT_HEAD(readv_before_end); -ATF_TC_BODY(readv_before_end, tc) +ATF_TC_WITHOUT_HEAD(FD_SET_before_end); +ATF_TC_BODY(FD_SET_before_end, tc) { #define BUF &__stack.__buf struct { uint8_t padding_l; - struct iovec __buf[2]; + fd_set __buf; uint8_t padding_r; } __stack; const size_t __bufsz __unused = sizeof(__stack.__buf); - const size_t __len = 2 - 1; + const size_t __len = FD_SETSIZE - 1; const size_t __idx __unused = __len - 1; - readv(STDIN_FILENO, __stack.__buf, __len); + FD_SET(__idx, &__stack.__buf); #undef BUF } -ATF_TC_WITHOUT_HEAD(readv_end); -ATF_TC_BODY(readv_end, tc) +ATF_TC_WITHOUT_HEAD(FD_SET_end); +ATF_TC_BODY(FD_SET_end, tc) { #define BUF &__stack.__buf struct { uint8_t padding_l; - struct iovec __buf[2]; + fd_set __buf; uint8_t padding_r; } __stack; const size_t __bufsz __unused = sizeof(__stack.__buf); - const size_t __len = 2; + const size_t __len = FD_SETSIZE; const size_t __idx __unused = __len - 1; - readv(STDIN_FILENO, __stack.__buf, __len); + FD_SET(__idx, &__stack.__buf); #undef BUF } -ATF_TC_WITHOUT_HEAD(readv_after_end); -ATF_TC_BODY(readv_after_end, tc) +ATF_TC_WITHOUT_HEAD(FD_SET_after_end); +ATF_TC_BODY(FD_SET_after_end, tc) { #define BUF &__stack.__buf struct { uint8_t padding_l; - struct iovec __buf[2]; + fd_set __buf; uint8_t padding_r; } __stack; const size_t __bufsz __unused = sizeof(__stack.__buf); - const size_t __len = 2 + 1; + const size_t __len = FD_SETSIZE + 1; const size_t __idx __unused = __len - 1; pid_t __child; int __status; @@ -174,7 +175,7 @@ /* Child */ disable_coredumps(); - readv(STDIN_FILENO, __stack.__buf, __len); + FD_SET(__idx, &__stack.__buf); _exit(EX_SOFTWARE); /* Should have aborted. */ monitor: @@ -201,57 +202,57 @@ } -ATF_TC_WITHOUT_HEAD(readv_heap_before_end); -ATF_TC_BODY(readv_heap_before_end, tc) +ATF_TC_WITHOUT_HEAD(FD_SET_heap_before_end); +ATF_TC_BODY(FD_SET_heap_before_end, tc) { #define BUF __stack.__buf struct { uint8_t padding_l; - struct iovec * __buf; + fd_set * __buf; uint8_t padding_r; } __stack; - const size_t __bufsz __unused = sizeof(*__stack.__buf) * (2); - const size_t __len = 2 - 1; + const size_t __bufsz __unused = sizeof(*__stack.__buf) * (1); + const size_t __len = FD_SETSIZE - 1; const size_t __idx __unused = __len - 1; __stack.__buf = malloc(__bufsz); - readv(STDIN_FILENO, __stack.__buf, __len); + FD_SET(__idx, __stack.__buf); #undef BUF } -ATF_TC_WITHOUT_HEAD(readv_heap_end); -ATF_TC_BODY(readv_heap_end, tc) +ATF_TC_WITHOUT_HEAD(FD_SET_heap_end); +ATF_TC_BODY(FD_SET_heap_end, tc) { #define BUF __stack.__buf struct { uint8_t padding_l; - struct iovec * __buf; + fd_set * __buf; uint8_t padding_r; } __stack; - const size_t __bufsz __unused = sizeof(*__stack.__buf) * (2); - const size_t __len = 2; + const size_t __bufsz __unused = sizeof(*__stack.__buf) * (1); + const size_t __len = FD_SETSIZE; const size_t __idx __unused = __len - 1; __stack.__buf = malloc(__bufsz); - readv(STDIN_FILENO, __stack.__buf, __len); + FD_SET(__idx, __stack.__buf); #undef BUF } -ATF_TC_WITHOUT_HEAD(readv_heap_after_end); -ATF_TC_BODY(readv_heap_after_end, tc) +ATF_TC_WITHOUT_HEAD(FD_SET_heap_after_end); +ATF_TC_BODY(FD_SET_heap_after_end, tc) { #define BUF __stack.__buf struct { uint8_t padding_l; - struct iovec * __buf; + fd_set * __buf; uint8_t padding_r; } __stack; - const size_t __bufsz __unused = sizeof(*__stack.__buf) * (2); - const size_t __len = 2 + 1; + const size_t __bufsz __unused = sizeof(*__stack.__buf) * (1); + const size_t __len = FD_SETSIZE + 1; const size_t __idx __unused = __len - 1; pid_t __child; int __status; @@ -265,7 +266,7 @@ disable_coredumps(); __stack.__buf = malloc(__bufsz); - readv(STDIN_FILENO, __stack.__buf, __len); + FD_SET(__idx, __stack.__buf); _exit(EX_SOFTWARE); /* Should have aborted. */ monitor: @@ -292,119 +293,56 @@ } -ATF_TC_WITHOUT_HEAD(readv_iov_before_end); -ATF_TC_BODY(readv_iov_before_end, tc) +ATF_TC_WITHOUT_HEAD(FD_CLR_before_end); +ATF_TC_BODY(FD_CLR_before_end, tc) { #define BUF &__stack.__buf struct { uint8_t padding_l; - unsigned char __buf[42]; + fd_set __buf; uint8_t padding_r; } __stack; const size_t __bufsz __unused = sizeof(__stack.__buf); - const size_t __len = 42 - 1; + const size_t __len = FD_SETSIZE - 1; const size_t __idx __unused = __len - 1; - struct iovec iov[1]; - iov[0].iov_base = __stack.__buf; - iov[0].iov_len = __len; - - replace_stdin(); - - readv(STDIN_FILENO, iov, nitems(iov)); + FD_CLR(__idx, &__stack.__buf); #undef BUF } -ATF_TC_WITHOUT_HEAD(readv_iov_end); -ATF_TC_BODY(readv_iov_end, tc) +ATF_TC_WITHOUT_HEAD(FD_CLR_end); +ATF_TC_BODY(FD_CLR_end, tc) { #define BUF &__stack.__buf struct { uint8_t padding_l; - unsigned char __buf[42]; + fd_set __buf; uint8_t padding_r; } __stack; const size_t __bufsz __unused = sizeof(__stack.__buf); - const size_t __len = 42; - const size_t __idx __unused = __len - 1; - struct iovec iov[1]; - - iov[0].iov_base = __stack.__buf; - iov[0].iov_len = __len; - - replace_stdin(); - - readv(STDIN_FILENO, iov, nitems(iov)); -#undef BUF - -} - -ATF_TC_WITHOUT_HEAD(readv_iov_heap_before_end); -ATF_TC_BODY(readv_iov_heap_before_end, tc) -{ -#define BUF __stack.__buf - struct { - uint8_t padding_l; - unsigned char * __buf; - uint8_t padding_r; - } __stack; - const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); - const size_t __len = 42 - 1; - const size_t __idx __unused = __len - 1; - struct iovec iov[1]; - - __stack.__buf = malloc(__bufsz); - iov[0].iov_base = __stack.__buf; - iov[0].iov_len = __len; - - replace_stdin(); - - readv(STDIN_FILENO, iov, nitems(iov)); -#undef BUF - -} - -ATF_TC_WITHOUT_HEAD(readv_iov_heap_end); -ATF_TC_BODY(readv_iov_heap_end, tc) -{ -#define BUF __stack.__buf - struct { - uint8_t padding_l; - unsigned char * __buf; - uint8_t padding_r; - } __stack; - const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); - const size_t __len = 42; + const size_t __len = FD_SETSIZE; const size_t __idx __unused = __len - 1; - struct iovec iov[1]; - - __stack.__buf = malloc(__bufsz); - iov[0].iov_base = __stack.__buf; - iov[0].iov_len = __len; - replace_stdin(); - - readv(STDIN_FILENO, iov, nitems(iov)); + FD_CLR(__idx, &__stack.__buf); #undef BUF } -ATF_TC_WITHOUT_HEAD(readv_iov_heap_after_end); -ATF_TC_BODY(readv_iov_heap_after_end, tc) +ATF_TC_WITHOUT_HEAD(FD_CLR_after_end); +ATF_TC_BODY(FD_CLR_after_end, tc) { -#define BUF __stack.__buf +#define BUF &__stack.__buf struct { uint8_t padding_l; - unsigned char * __buf; + fd_set __buf; uint8_t padding_r; } __stack; - const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); - const size_t __len = 42 + 1; + const size_t __bufsz __unused = sizeof(__stack.__buf); + const size_t __len = FD_SETSIZE + 1; const size_t __idx __unused = __len - 1; pid_t __child; int __status; - struct iovec iov[1]; __child = fork(); ATF_REQUIRE(__child >= 0); @@ -413,13 +351,7 @@ /* Child */ disable_coredumps(); - __stack.__buf = malloc(__bufsz); - iov[0].iov_base = __stack.__buf; - iov[0].iov_len = __len; - - replace_stdin(); - - readv(STDIN_FILENO, iov, nitems(iov)); + FD_CLR(__idx, &__stack.__buf); _exit(EX_SOFTWARE); /* Should have aborted. */ monitor: @@ -446,53 +378,57 @@ } -ATF_TC_WITHOUT_HEAD(preadv_before_end); -ATF_TC_BODY(preadv_before_end, tc) +ATF_TC_WITHOUT_HEAD(FD_CLR_heap_before_end); +ATF_TC_BODY(FD_CLR_heap_before_end, tc) { -#define BUF &__stack.__buf +#define BUF __stack.__buf struct { uint8_t padding_l; - struct iovec __buf[2]; + fd_set * __buf; uint8_t padding_r; } __stack; - const size_t __bufsz __unused = sizeof(__stack.__buf); - const size_t __len = 2 - 1; + const size_t __bufsz __unused = sizeof(*__stack.__buf) * (1); + const size_t __len = FD_SETSIZE - 1; const size_t __idx __unused = __len - 1; - preadv(STDIN_FILENO, __stack.__buf, __len, 0); + __stack.__buf = malloc(__bufsz); + + FD_CLR(__idx, __stack.__buf); #undef BUF } -ATF_TC_WITHOUT_HEAD(preadv_end); -ATF_TC_BODY(preadv_end, tc) +ATF_TC_WITHOUT_HEAD(FD_CLR_heap_end); +ATF_TC_BODY(FD_CLR_heap_end, tc) { -#define BUF &__stack.__buf +#define BUF __stack.__buf struct { uint8_t padding_l; - struct iovec __buf[2]; + fd_set * __buf; uint8_t padding_r; } __stack; - const size_t __bufsz __unused = sizeof(__stack.__buf); - const size_t __len = 2; + const size_t __bufsz __unused = sizeof(*__stack.__buf) * (1); + const size_t __len = FD_SETSIZE; const size_t __idx __unused = __len - 1; - preadv(STDIN_FILENO, __stack.__buf, __len, 0); + __stack.__buf = malloc(__bufsz); + + FD_CLR(__idx, __stack.__buf); #undef BUF } -ATF_TC_WITHOUT_HEAD(preadv_after_end); -ATF_TC_BODY(preadv_after_end, tc) +ATF_TC_WITHOUT_HEAD(FD_CLR_heap_after_end); +ATF_TC_BODY(FD_CLR_heap_after_end, tc) { -#define BUF &__stack.__buf +#define BUF __stack.__buf struct { uint8_t padding_l; - struct iovec __buf[2]; + fd_set * __buf; uint8_t padding_r; } __stack; - const size_t __bufsz __unused = sizeof(__stack.__buf); - const size_t __len = 2 + 1; + const size_t __bufsz __unused = sizeof(*__stack.__buf) * (1); + const size_t __len = FD_SETSIZE + 1; const size_t __idx __unused = __len - 1; pid_t __child; int __status; @@ -504,7 +440,9 @@ /* Child */ disable_coredumps(); - preadv(STDIN_FILENO, __stack.__buf, __len, 0); + __stack.__buf = malloc(__bufsz); + + FD_CLR(__idx, __stack.__buf); _exit(EX_SOFTWARE); /* Should have aborted. */ monitor: @@ -531,57 +469,53 @@ } -ATF_TC_WITHOUT_HEAD(preadv_heap_before_end); -ATF_TC_BODY(preadv_heap_before_end, tc) +ATF_TC_WITHOUT_HEAD(FD_ISSET_before_end); +ATF_TC_BODY(FD_ISSET_before_end, tc) { -#define BUF __stack.__buf +#define BUF &__stack.__buf struct { uint8_t padding_l; - struct iovec * __buf; + fd_set __buf; uint8_t padding_r; } __stack; - const size_t __bufsz __unused = sizeof(*__stack.__buf) * (2); - const size_t __len = 2 - 1; + const size_t __bufsz __unused = sizeof(__stack.__buf); + const size_t __len = FD_SETSIZE - 1; const size_t __idx __unused = __len - 1; - __stack.__buf = malloc(__bufsz); - - preadv(STDIN_FILENO, __stack.__buf, __len, 0); + FD_ISSET(__idx, &__stack.__buf); #undef BUF } -ATF_TC_WITHOUT_HEAD(preadv_heap_end); -ATF_TC_BODY(preadv_heap_end, tc) +ATF_TC_WITHOUT_HEAD(FD_ISSET_end); +ATF_TC_BODY(FD_ISSET_end, tc) { -#define BUF __stack.__buf +#define BUF &__stack.__buf struct { uint8_t padding_l; - struct iovec * __buf; + fd_set __buf; uint8_t padding_r; } __stack; - const size_t __bufsz __unused = sizeof(*__stack.__buf) * (2); - const size_t __len = 2; + const size_t __bufsz __unused = sizeof(__stack.__buf); + const size_t __len = FD_SETSIZE; const size_t __idx __unused = __len - 1; - __stack.__buf = malloc(__bufsz); - - preadv(STDIN_FILENO, __stack.__buf, __len, 0); + FD_ISSET(__idx, &__stack.__buf); #undef BUF } -ATF_TC_WITHOUT_HEAD(preadv_heap_after_end); -ATF_TC_BODY(preadv_heap_after_end, tc) +ATF_TC_WITHOUT_HEAD(FD_ISSET_after_end); +ATF_TC_BODY(FD_ISSET_after_end, tc) { -#define BUF __stack.__buf +#define BUF &__stack.__buf struct { uint8_t padding_l; - struct iovec * __buf; + fd_set __buf; uint8_t padding_r; } __stack; - const size_t __bufsz __unused = sizeof(*__stack.__buf) * (2); - const size_t __len = 2 + 1; + const size_t __bufsz __unused = sizeof(__stack.__buf); + const size_t __len = FD_SETSIZE + 1; const size_t __idx __unused = __len - 1; pid_t __child; int __status; @@ -593,9 +527,7 @@ /* Child */ disable_coredumps(); - __stack.__buf = malloc(__bufsz); - - preadv(STDIN_FILENO, __stack.__buf, __len, 0); + FD_ISSET(__idx, &__stack.__buf); _exit(EX_SOFTWARE); /* Should have aborted. */ monitor: @@ -622,119 +554,60 @@ } -ATF_TC_WITHOUT_HEAD(preadv_iov_before_end); -ATF_TC_BODY(preadv_iov_before_end, tc) -{ -#define BUF &__stack.__buf - struct { - uint8_t padding_l; - unsigned char __buf[42]; - uint8_t padding_r; - } __stack; - const size_t __bufsz __unused = sizeof(__stack.__buf); - const size_t __len = 42 - 1; - const size_t __idx __unused = __len - 1; - struct iovec iov[1]; - - iov[0].iov_base = __stack.__buf; - iov[0].iov_len = __len; - - replace_stdin(); - - preadv(STDIN_FILENO, iov, nitems(iov), 0); -#undef BUF - -} - -ATF_TC_WITHOUT_HEAD(preadv_iov_end); -ATF_TC_BODY(preadv_iov_end, tc) -{ -#define BUF &__stack.__buf - struct { - uint8_t padding_l; - unsigned char __buf[42]; - uint8_t padding_r; - } __stack; - const size_t __bufsz __unused = sizeof(__stack.__buf); - const size_t __len = 42; - const size_t __idx __unused = __len - 1; - struct iovec iov[1]; - - iov[0].iov_base = __stack.__buf; - iov[0].iov_len = __len; - - replace_stdin(); - - preadv(STDIN_FILENO, iov, nitems(iov), 0); -#undef BUF - -} - -ATF_TC_WITHOUT_HEAD(preadv_iov_heap_before_end); -ATF_TC_BODY(preadv_iov_heap_before_end, tc) +ATF_TC_WITHOUT_HEAD(FD_ISSET_heap_before_end); +ATF_TC_BODY(FD_ISSET_heap_before_end, tc) { #define BUF __stack.__buf struct { uint8_t padding_l; - unsigned char * __buf; + fd_set * __buf; uint8_t padding_r; } __stack; - const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); - const size_t __len = 42 - 1; + const size_t __bufsz __unused = sizeof(*__stack.__buf) * (1); + const size_t __len = FD_SETSIZE - 1; const size_t __idx __unused = __len - 1; - struct iovec iov[1]; __stack.__buf = malloc(__bufsz); - iov[0].iov_base = __stack.__buf; - iov[0].iov_len = __len; - replace_stdin(); - - preadv(STDIN_FILENO, iov, nitems(iov), 0); + FD_ISSET(__idx, __stack.__buf); #undef BUF } -ATF_TC_WITHOUT_HEAD(preadv_iov_heap_end); -ATF_TC_BODY(preadv_iov_heap_end, tc) +ATF_TC_WITHOUT_HEAD(FD_ISSET_heap_end); +ATF_TC_BODY(FD_ISSET_heap_end, tc) { #define BUF __stack.__buf struct { uint8_t padding_l; - unsigned char * __buf; + fd_set * __buf; uint8_t padding_r; } __stack; - const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); - const size_t __len = 42; + const size_t __bufsz __unused = sizeof(*__stack.__buf) * (1); + const size_t __len = FD_SETSIZE; const size_t __idx __unused = __len - 1; - struct iovec iov[1]; __stack.__buf = malloc(__bufsz); - iov[0].iov_base = __stack.__buf; - iov[0].iov_len = __len; - - replace_stdin(); - preadv(STDIN_FILENO, iov, nitems(iov), 0); + FD_ISSET(__idx, __stack.__buf); #undef BUF } -ATF_TC_WITHOUT_HEAD(preadv_iov_heap_after_end); -ATF_TC_BODY(preadv_iov_heap_after_end, tc) +ATF_TC_WITHOUT_HEAD(FD_ISSET_heap_after_end); +ATF_TC_BODY(FD_ISSET_heap_after_end, tc) { #define BUF __stack.__buf struct { uint8_t padding_l; - unsigned char * __buf; + fd_set * __buf; uint8_t padding_r; } __stack; - const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); - const size_t __len = 42 + 1; + const size_t __bufsz __unused = sizeof(*__stack.__buf) * (1); + const size_t __len = FD_SETSIZE + 1; const size_t __idx __unused = __len - 1; pid_t __child; int __status; - struct iovec iov[1]; __child = fork(); ATF_REQUIRE(__child >= 0); @@ -744,12 +617,8 @@ /* Child */ disable_coredumps(); __stack.__buf = malloc(__bufsz); - iov[0].iov_base = __stack.__buf; - iov[0].iov_len = __len; - - replace_stdin(); - preadv(STDIN_FILENO, iov, nitems(iov), 0); + FD_ISSET(__idx, __stack.__buf); _exit(EX_SOFTWARE); /* Should have aborted. */ monitor: @@ -778,27 +647,23 @@ ATF_TP_ADD_TCS(tp) { - ATF_TP_ADD_TC(tp, readv_before_end); - ATF_TP_ADD_TC(tp, readv_end); - ATF_TP_ADD_TC(tp, readv_after_end); - ATF_TP_ADD_TC(tp, readv_heap_before_end); - ATF_TP_ADD_TC(tp, readv_heap_end); - ATF_TP_ADD_TC(tp, readv_heap_after_end); - ATF_TP_ADD_TC(tp, readv_iov_before_end); - ATF_TP_ADD_TC(tp, readv_iov_end); - ATF_TP_ADD_TC(tp, readv_iov_heap_before_end); - ATF_TP_ADD_TC(tp, readv_iov_heap_end); - ATF_TP_ADD_TC(tp, readv_iov_heap_after_end); - ATF_TP_ADD_TC(tp, preadv_before_end); - ATF_TP_ADD_TC(tp, preadv_end); - ATF_TP_ADD_TC(tp, preadv_after_end); - ATF_TP_ADD_TC(tp, preadv_heap_before_end); - ATF_TP_ADD_TC(tp, preadv_heap_end); - ATF_TP_ADD_TC(tp, preadv_heap_after_end); - ATF_TP_ADD_TC(tp, preadv_iov_before_end); - ATF_TP_ADD_TC(tp, preadv_iov_end); - ATF_TP_ADD_TC(tp, preadv_iov_heap_before_end); - ATF_TP_ADD_TC(tp, preadv_iov_heap_end); - ATF_TP_ADD_TC(tp, preadv_iov_heap_after_end); + ATF_TP_ADD_TC(tp, FD_SET_before_end); + ATF_TP_ADD_TC(tp, FD_SET_end); + ATF_TP_ADD_TC(tp, FD_SET_after_end); + ATF_TP_ADD_TC(tp, FD_SET_heap_before_end); + ATF_TP_ADD_TC(tp, FD_SET_heap_end); + ATF_TP_ADD_TC(tp, FD_SET_heap_after_end); + ATF_TP_ADD_TC(tp, FD_CLR_before_end); + ATF_TP_ADD_TC(tp, FD_CLR_end); + ATF_TP_ADD_TC(tp, FD_CLR_after_end); + ATF_TP_ADD_TC(tp, FD_CLR_heap_before_end); + ATF_TP_ADD_TC(tp, FD_CLR_heap_end); + ATF_TP_ADD_TC(tp, FD_CLR_heap_after_end); + ATF_TP_ADD_TC(tp, FD_ISSET_before_end); + ATF_TP_ADD_TC(tp, FD_ISSET_end); + ATF_TP_ADD_TC(tp, FD_ISSET_after_end); + ATF_TP_ADD_TC(tp, FD_ISSET_heap_before_end); + ATF_TP_ADD_TC(tp, FD_ISSET_heap_end); + ATF_TP_ADD_TC(tp, FD_ISSET_heap_after_end); return (atf_no_error()); } diff --git a/lib/libc/tests/secure/fortify_stdio_test.c b/lib/libc/tests/secure/fortify_stdio_test.c --- a/lib/libc/tests/secure/fortify_stdio_test.c +++ b/lib/libc/tests/secure/fortify_stdio_test.c @@ -6,6 +6,7 @@ #include #include #include +#include #include #include #include diff --git a/lib/libc/tests/secure/fortify_stdlib_test.c b/lib/libc/tests/secure/fortify_stdlib_test.c --- a/lib/libc/tests/secure/fortify_stdlib_test.c +++ b/lib/libc/tests/secure/fortify_stdlib_test.c @@ -6,6 +6,7 @@ #include #include #include +#include #include #include #include diff --git a/lib/libc/tests/secure/fortify_string_test.c b/lib/libc/tests/secure/fortify_string_test.c --- a/lib/libc/tests/secure/fortify_string_test.c +++ b/lib/libc/tests/secure/fortify_string_test.c @@ -6,6 +6,7 @@ #include #include #include +#include #include #include #include diff --git a/lib/libc/tests/secure/fortify_strings_test.c b/lib/libc/tests/secure/fortify_strings_test.c --- a/lib/libc/tests/secure/fortify_strings_test.c +++ b/lib/libc/tests/secure/fortify_strings_test.c @@ -6,6 +6,7 @@ #include #include #include +#include #include #include #include diff --git a/lib/libc/tests/secure/fortify_uio_test.c b/lib/libc/tests/secure/fortify_uio_test.c --- a/lib/libc/tests/secure/fortify_uio_test.c +++ b/lib/libc/tests/secure/fortify_uio_test.c @@ -6,6 +6,7 @@ #include #include #include +#include #include #include #include diff --git a/lib/libc/tests/secure/fortify_unistd_test.c b/lib/libc/tests/secure/fortify_unistd_test.c --- a/lib/libc/tests/secure/fortify_unistd_test.c +++ b/lib/libc/tests/secure/fortify_unistd_test.c @@ -6,6 +6,7 @@ #include #include #include +#include #include #include #include diff --git a/lib/libc/tests/secure/fortify_wchar_test.c b/lib/libc/tests/secure/fortify_wchar_test.c --- a/lib/libc/tests/secure/fortify_wchar_test.c +++ b/lib/libc/tests/secure/fortify_wchar_test.c @@ -6,6 +6,7 @@ #include #include #include +#include #include #include #include diff --git a/lib/libc/tests/secure/generate-fortify-tests.lua b/lib/libc/tests/secure/generate-fortify-tests.lua --- a/lib/libc/tests/secure/generate-fortify-tests.lua +++ b/lib/libc/tests/secure/generate-fortify-tests.lua @@ -64,6 +64,7 @@ "sys/param.h", "sys/random.h", "sys/resource.h", + "sys/select.h", "sys/time.h", "sys/uio.h", "sys/wait.h", @@ -169,6 +170,36 @@ exclude = excludes_stack_overflow, }, }, + select = { + -- + { + func = "FD_SET", + bufsize = "FD_SETSIZE", + buftype = "fd_set", + arguments = { + "__idx", + "__buf", + }, + }, + { + func = "FD_CLR", + bufsize = "FD_SETSIZE", + buftype = "fd_set", + arguments = { + "__idx", + "__buf", + }, + }, + { + func = "FD_ISSET", + bufsize = "FD_SETSIZE", + buftype = "fd_set", + arguments = { + "__idx", + "__buf", + }, + }, + }, uio = { -- { diff --git a/sys/sys/select.h b/sys/sys/select.h --- a/sys/sys/select.h +++ b/sys/sys/select.h @@ -49,6 +49,12 @@ typedef __sigset_t sigset_t; #endif +#if defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE > 0 +#include +#else +#define __SSP_FORTIFY_LEVEL 0 +#endif + /* * Select uses bit masks of file descriptors in longs. These macros * manipulate such bit fields (the filesystem macros use chars). @@ -75,13 +81,33 @@ #define fds_bits __fds_bits #endif +#define __fdset_idx_(p, n) ((n) / _NFDBITS) +#if __SSP_FORTIFY_LEVEL == 0 +#define __fdset_idx(p, n) __fdset_idx_(p, n) +#else +__ssp_inline unsigned long +__fdset_idx(fd_set *p, unsigned long idx) +{ + __size_t psz = __ssp_bos0(p); + unsigned long sidx = __fdset_idx_(p, idx); + + if (idx >= FD_SETSIZE) + __chk_fail(); + if (psz / sizeof(__fd_mask) < (sidx + 1)) + __chk_fail(); + + return (sidx); +} +#endif + #define __fdset_mask(n) ((__fd_mask)1 << ((n) % _NFDBITS)) -#define FD_CLR(n, p) ((p)->__fds_bits[(n)/_NFDBITS] &= ~__fdset_mask(n)) +#define FD_CLR(n, p) ((p)->__fds_bits[__fdset_idx(p, n)] &= ~__fdset_mask(n)) #if __BSD_VISIBLE #define FD_COPY(f, t) (void)(*(t) = *(f)) #endif -#define FD_ISSET(n, p) (((p)->__fds_bits[(n)/_NFDBITS] & __fdset_mask(n)) != 0) -#define FD_SET(n, p) ((p)->__fds_bits[(n)/_NFDBITS] |= __fdset_mask(n)) +#define FD_ISSET(n, p) \ + (((p)->__fds_bits[__fdset_idx(p, n)] & __fdset_mask(n)) != 0) +#define FD_SET(n, p) ((p)->__fds_bits[__fdset_idx(p, n)] |= __fdset_mask(n)) #define FD_ZERO(p) do { \ fd_set *_p; \ __size_t _n; \