diff options
| author | George Burgess IV <gbiv@google.com> | 2019-05-24 01:07:21 -0700 |
|---|---|---|
| committer | android-build-merger <android-build-merger@google.com> | 2019-05-24 01:07:21 -0700 |
| commit | c6e146fc895349eceb5e91cad4cdbe0df75a568c (patch) | |
| tree | ab5f55c3d23f73403495c63d23ff55c555a647bf /libc/include/bits/fortify/stdio.h | |
| parent | 175ae99caaff36eb2e94b91d9e4dfea02b45738c (diff) | |
| parent | 4e652b3b34fc95d8e86b45f016032de49cbe1bac (diff) | |
Merge "fortify: use __builtin_constant_p for more short-circuits" am: 30d4c6fb06 am: 576271755b
am: 4e652b3b34
Change-Id: Iae9080f81dbb02255ddd6cdf535ed724958a4191
Diffstat (limited to 'libc/include/bits/fortify/stdio.h')
| -rw-r--r-- | libc/include/bits/fortify/stdio.h | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/libc/include/bits/fortify/stdio.h b/libc/include/bits/fortify/stdio.h index fc7d35978..6e47dafee 100644 --- a/libc/include/bits/fortify/stdio.h +++ b/libc/include/bits/fortify/stdio.h @@ -89,6 +89,10 @@ int sprintf(char* const __pass_object_size dest, const char* format, ...) __over #endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */ #if __ANDROID_API__ >= __ANDROID_API_N__ +#define __bos_trivially_not_lt_mul(bos_val, size, count) \ + __bos_dynamic_check_impl_and(bos_val, >=, (size) * (count), \ + !__unsafe_check_mul_overflow(size, count)) + __BIONIC_FORTIFY_INLINE size_t fread(void* const __pass_object_size0 buf, size_t size, size_t count, FILE* stream) __overloadable @@ -98,7 +102,7 @@ size_t fread(void* const __pass_object_size0 buf, size_t size, size_t count, FIL "in call to 'fread', size * count is too large for the given buffer") { size_t bos = __bos0(buf); - if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) { + if (__bos_trivially_not_lt_mul(bos, size, count)) { return __call_bypassing_fortify(fread)(buf, size, count, stream); } return __fread_chk(buf, size, count, stream, bos); @@ -113,12 +117,13 @@ size_t fwrite(const void* const __pass_object_size0 buf, size_t size, size_t cou "in call to 'fwrite', size * count is too large for the given buffer") { size_t bos = __bos0(buf); - if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) { + if (__bos_trivially_not_lt_mul(bos, size, count)) { return __call_bypassing_fortify(fwrite)(buf, size, count, stream); } return __fwrite_chk(buf, size, count, stream, bos); } +#undef __bos_trivially_not_lt_mul #endif /* __ANDROID_API__ >= __ANDROID_API_N__ */ #if __ANDROID_API__ >= __ANDROID_API_J_MR1__ @@ -130,7 +135,7 @@ char* fgets(char* const __pass_object_size dest, int size, FILE* stream) "in call to 'fgets', size is larger than the destination buffer") { size_t bos = __bos(dest); - if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) { + if (__bos_dynamic_check_impl_and(bos, >=, (size_t)size, size >= 0)) { return __call_bypassing_fortify(fgets)(dest, size, stream); } |