diff options
| -rw-r--r-- | libc/include/bits/fortify/string.h | 28 | ||||
| -rw-r--r-- | tests/Android.bp | 1 | ||||
| -rw-r--r-- | tests/clang_fortify_tests.cpp | 46 |
3 files changed, 45 insertions, 30 deletions
diff --git a/libc/include/bits/fortify/string.h b/libc/include/bits/fortify/string.h index 1e129868c..0e205d30a 100644 --- a/libc/include/bits/fortify/string.h +++ b/libc/include/bits/fortify/string.h @@ -94,12 +94,18 @@ char* strcpy(char* const dst __pass_object_size, const char* src) } __BIONIC_FORTIFY_INLINE -char* strcat(char* const dst __pass_object_size, const char* src) __overloadable { +char* strcat(char* const dst __pass_object_size, const char* src) + __overloadable + __clang_error_if(__bos_unevaluated_le(__bos(dst), __builtin_strlen(src)), + "'strcat' called with string bigger than buffer") { return __builtin___strcat_chk(dst, src, __bos(dst)); } __BIONIC_FORTIFY_INLINE -char* strncat(char* const dst __pass_object_size, const char* src, size_t n) __overloadable { +char* strncat(char* const dst __pass_object_size, const char* src, size_t n) + __overloadable + __clang_error_if(__bos_unevaluated_lt(__bos(dst), n), + "'strncat' called with size bigger than buffer") { return __builtin___strncat_chk(dst, src, n, __bos(dst)); } @@ -145,7 +151,9 @@ void* __memrchr_fortify(const void* const __pass_object_size s, int c, size_t n) #if __ANDROID_API__ >= __ANDROID_API_L__ __BIONIC_FORTIFY_INLINE char* stpncpy(char* const dst __pass_object_size, const char* const src __pass_object_size, size_t n) - __overloadable { + __overloadable + __clang_error_if(__bos_unevaluated_lt(__bos(dst), n), + "'stpncpy' called with size bigger than buffer") { size_t bos_dst = __bos(dst); size_t bos_src = __bos(src); @@ -159,7 +167,9 @@ char* stpncpy(char* const dst __pass_object_size, const char* const src __pass_o __BIONIC_FORTIFY_INLINE char* strncpy(char* const dst __pass_object_size, const char* const src __pass_object_size, size_t n) - __overloadable { + __overloadable + __clang_error_if(__bos_unevaluated_lt(__bos(dst), n), + "'strncpy' called with size bigger than buffer") { size_t bos_dst = __bos(dst); size_t bos_src = __bos(src); @@ -174,7 +184,10 @@ char* strncpy(char* const dst __pass_object_size, const char* const src __pass_o #if __ANDROID_API__ >= __ANDROID_API_J_MR1__ __BIONIC_FORTIFY_INLINE -size_t strlcpy(char* const dst __pass_object_size, const char* src, size_t size) __overloadable { +size_t strlcpy(char* const dst __pass_object_size, const char* src, size_t size) + __overloadable + __clang_error_if(__bos_unevaluated_lt(__bos(dst), size), + "'strlcpy' called with size bigger than buffer") { size_t bos = __bos(dst); if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) { @@ -185,7 +198,10 @@ size_t strlcpy(char* const dst __pass_object_size, const char* src, size_t size) } __BIONIC_FORTIFY_INLINE -size_t strlcat(char* const dst __pass_object_size, const char* src, size_t size) __overloadable { +size_t strlcat(char* const dst __pass_object_size, const char* src, size_t size) + __overloadable + __clang_error_if(__bos_unevaluated_lt(__bos(dst), size), + "'strlcat' called with size bigger than buffer") { size_t bos = __bos(dst); if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) { diff --git a/tests/Android.bp b/tests/Android.bp index a55d08bcd..97712d356 100644 --- a/tests/Android.bp +++ b/tests/Android.bp @@ -286,6 +286,7 @@ cc_defaults { "-Wno-builtin-memcpy-chk-size", "-Wno-format-zero-length", "-Wno-memset-transposed-args", + "-Wno-strlcpy-strlcat-size", "-Wno-strncat-size", ], } diff --git a/tests/clang_fortify_tests.cpp b/tests/clang_fortify_tests.cpp index 0c09d36ee..fa0797c80 100644 --- a/tests/clang_fortify_tests.cpp +++ b/tests/clang_fortify_tests.cpp @@ -177,22 +177,18 @@ FORTIFY_TEST(string) { EXPECT_FORTIFY_DEATH(strcpy(small_buffer, large_string)); // expected-error@+1{{string bigger than buffer}} EXPECT_FORTIFY_DEATH(stpcpy(small_buffer, large_string)); -#if 0 - // expected-error@+1{{called with bigger length than the destination}} -#endif + // expected-error@+1{{size bigger than buffer}} EXPECT_FORTIFY_DEATH(strncpy(small_buffer, large_string, sizeof(large_string))); -#if 0 - // expected-error@+1{{called with bigger length than the destination}} -#endif + // expected-error@+1{{size bigger than buffer}} EXPECT_FORTIFY_DEATH(stpncpy(small_buffer, large_string, sizeof(large_string))); -#if 0 - // expected-error@+1{{destination buffer will always be overflown}} -#endif + // expected-error@+1{{string bigger than buffer}} EXPECT_FORTIFY_DEATH(strcat(small_buffer, large_string)); -#if 0 - // expected-error@+1{{destination buffer will always be overflown}} -#endif + // expected-error@+1{{size bigger than buffer}} EXPECT_FORTIFY_DEATH(strncat(small_buffer, large_string, sizeof(large_string))); + // expected-error@+1{{size bigger than buffer}} + EXPECT_FORTIFY_DEATH(strlcpy(small_buffer, large_string, sizeof(large_string))); + // expected-error@+1{{size bigger than buffer}} + EXPECT_FORTIFY_DEATH(strlcat(small_buffer, large_string, sizeof(large_string))); } { @@ -224,32 +220,34 @@ FORTIFY_TEST(string) { EXPECT_FORTIFY_DEATH_STRUCT(stpcpy(split.tiny_buffer, small_string)); #if _FORTIFY_SOURCE > 1 -#if 0 - // expected-error@+2{{called with bigger length than the destination}} -#endif + // expected-error@+2{{size bigger than buffer}} #endif EXPECT_FORTIFY_DEATH_STRUCT(strncpy(split.tiny_buffer, small_string, sizeof(small_string))); #if _FORTIFY_SOURCE > 1 -#if 0 - // expected-error@+2{{called with bigger length than the destination}} -#endif + // expected-error@+2{{size bigger than buffer}} #endif EXPECT_FORTIFY_DEATH_STRUCT(stpncpy(split.tiny_buffer, small_string, sizeof(small_string))); #if _FORTIFY_SOURCE > 1 -#if 0 - // expected-error@+2{{destination buffer will always be overflown}} -#endif + // expected-error@+2{{string bigger than buffer}} #endif EXPECT_FORTIFY_DEATH_STRUCT(strcat(split.tiny_buffer, small_string)); #if _FORTIFY_SOURCE > 1 -#if 0 - // expected-error@+2{{destination buffer will always be overflown}} -#endif + // expected-error@+2{{size bigger than buffer}} #endif EXPECT_FORTIFY_DEATH_STRUCT(strncat(split.tiny_buffer, small_string, sizeof(small_string))); + +#if _FORTIFY_SOURCE > 1 + // expected-error@+2{{size bigger than buffer}} +#endif + EXPECT_FORTIFY_DEATH_STRUCT(strlcat(split.tiny_buffer, small_string, sizeof(small_string))); + +#if _FORTIFY_SOURCE > 1 + // expected-error@+2{{size bigger than buffer}} +#endif + EXPECT_FORTIFY_DEATH_STRUCT(strlcpy(split.tiny_buffer, small_string, sizeof(small_string))); } } |