Merge changes Ic2d48c93,I981ac9bd
* changes: fortify: s/([gl])eq/\1e/g fortify: more use of __builtin_constant_p
This commit is contained in:
commit
cfede4fdd1
|
@ -70,10 +70,10 @@ void* memmove(void* const dst __pass_object_size0, const void* src, size_t len)
|
|||
__BIONIC_FORTIFY_INLINE
|
||||
char* stpcpy(char* const dst __pass_object_size, const char* src)
|
||||
__overloadable
|
||||
__clang_error_if(__bos_unevaluated_leq(__bos(dst), __builtin_strlen(src)),
|
||||
__clang_error_if(__bos_unevaluated_le(__bos(dst), __builtin_strlen(src)),
|
||||
"'stpcpy' called with string bigger than buffer") {
|
||||
size_t bos_dst = __bos(dst);
|
||||
if (__bos_trivially_not_leq(bos_dst, __builtin_strlen(src))) {
|
||||
if (__bos_trivially_not_le(bos_dst, __builtin_strlen(src))) {
|
||||
return __builtin_stpcpy(dst, src);
|
||||
}
|
||||
return __builtin___stpcpy_chk(dst, src, bos_dst);
|
||||
|
@ -84,10 +84,10 @@ char* stpcpy(char* const dst __pass_object_size, const char* src)
|
|||
__BIONIC_FORTIFY_INLINE
|
||||
char* strcpy(char* const dst __pass_object_size, const char* src)
|
||||
__overloadable
|
||||
__clang_error_if(__bos_unevaluated_leq(__bos(dst), __builtin_strlen(src)),
|
||||
__clang_error_if(__bos_unevaluated_le(__bos(dst), __builtin_strlen(src)),
|
||||
"'strcpy' called with string bigger than buffer") {
|
||||
size_t bos_dst = __bos(dst);
|
||||
if (__bos_trivially_not_leq(bos_dst, __builtin_strlen(src))) {
|
||||
if (__bos_trivially_not_le(bos_dst, __builtin_strlen(src))) {
|
||||
return __builtin_strcpy(dst, src);
|
||||
}
|
||||
return __builtin___strcpy_chk(dst, src, bos_dst);
|
||||
|
@ -123,7 +123,7 @@ __BIONIC_FORTIFY_INLINE
|
|||
void* memchr(const void* const s __pass_object_size, int c, size_t n) __overloadable {
|
||||
size_t bos = __bos(s);
|
||||
|
||||
if (__bos_trivially_geq(bos, n)) {
|
||||
if (__bos_trivially_ge(bos, n)) {
|
||||
return __builtin_memchr(s, c, n);
|
||||
}
|
||||
|
||||
|
@ -134,7 +134,7 @@ __BIONIC_FORTIFY_INLINE
|
|||
void* __memrchr_fortify(const void* const __pass_object_size s, int c, size_t n) __overloadable {
|
||||
size_t bos = __bos(s);
|
||||
|
||||
if (__bos_trivially_geq(bos, n)) {
|
||||
if (__bos_trivially_ge(bos, n)) {
|
||||
return __memrchr_real(s, c, n);
|
||||
}
|
||||
|
||||
|
|
|
@ -66,6 +66,9 @@ ssize_t __readlinkat_chk(int dirfd, const char*, char*, size_t, size_t) __INTROD
|
|||
__clang_error_if(__bos_unevaluated_lt((objsize), (what)), \
|
||||
"in call to '" #fn "', '" #what "' bytes overflows the given object")
|
||||
|
||||
#define __bos_trivially_not_lt_no_overflow(bos_val, index) \
|
||||
__bos_dynamic_check_impl_and((bos_val), >=, (index), (bos_val) <= SSIZE_MAX)
|
||||
|
||||
#if __ANDROID_API__ >= __ANDROID_API_N__
|
||||
__BIONIC_FORTIFY_INLINE
|
||||
char* getcwd(char* const __pass_object_size buf, size_t size)
|
||||
|
@ -73,7 +76,7 @@ char* getcwd(char* const __pass_object_size buf, size_t size)
|
|||
__error_if_overflows_objectsize(size, __bos(buf), getcwd) {
|
||||
size_t bos = __bos(buf);
|
||||
|
||||
if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
|
||||
if (__bos_trivially_not_lt(bos, size)) {
|
||||
return __call_bypassing_fortify(getcwd)(buf, size);
|
||||
}
|
||||
|
||||
|
@ -89,7 +92,7 @@ ssize_t pread(int fd, void* const __pass_object_size0 buf, size_t count, off_t o
|
|||
__error_if_overflows_objectsize(count, __bos0(buf), pread) {
|
||||
size_t bos = __bos0(buf);
|
||||
|
||||
if (count == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
|
||||
if (__bos_trivially_not_lt_no_overflow(bos, count)) {
|
||||
return __PREAD_PREFIX(real)(fd, buf, count, offset);
|
||||
}
|
||||
|
||||
|
@ -103,7 +106,7 @@ ssize_t pread64(int fd, void* const __pass_object_size0 buf, size_t count, off64
|
|||
__error_if_overflows_objectsize(count, __bos0(buf), pread64) {
|
||||
size_t bos = __bos0(buf);
|
||||
|
||||
if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
|
||||
if (__bos_trivially_not_lt_no_overflow(bos, count)) {
|
||||
return __pread64_real(fd, buf, count, offset);
|
||||
}
|
||||
|
||||
|
@ -119,7 +122,7 @@ ssize_t pwrite(int fd, const void* const __pass_object_size0 buf, size_t count,
|
|||
__error_if_overflows_objectsize(count, __bos0(buf), pwrite) {
|
||||
size_t bos = __bos0(buf);
|
||||
|
||||
if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
|
||||
if (__bos_trivially_not_lt_no_overflow(bos, count)) {
|
||||
return __PWRITE_PREFIX(real)(fd, buf, count, offset);
|
||||
}
|
||||
|
||||
|
@ -133,7 +136,7 @@ ssize_t pwrite64(int fd, const void* const __pass_object_size0 buf, size_t count
|
|||
__error_if_overflows_objectsize(count, __bos0(buf), pwrite64) {
|
||||
size_t bos = __bos0(buf);
|
||||
|
||||
if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
|
||||
if (__bos_trivially_not_lt_no_overflow(bos, count)) {
|
||||
return __pwrite64_real(fd, buf, count, offset);
|
||||
}
|
||||
|
||||
|
@ -149,7 +152,7 @@ ssize_t read(int fd, void* const __pass_object_size0 buf, size_t count)
|
|||
__error_if_overflows_objectsize(count, __bos0(buf), read) {
|
||||
size_t bos = __bos0(buf);
|
||||
|
||||
if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
|
||||
if (__bos_trivially_not_lt_no_overflow(bos, count)) {
|
||||
return __call_bypassing_fortify(read)(fd, buf, count);
|
||||
}
|
||||
|
||||
|
@ -165,7 +168,7 @@ ssize_t write(int fd, const void* const __pass_object_size0 buf, size_t count)
|
|||
__error_if_overflows_objectsize(count, __bos0(buf), write) {
|
||||
size_t bos = __bos0(buf);
|
||||
|
||||
if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
|
||||
if (__bos_trivially_not_lt_no_overflow(bos, count)) {
|
||||
return __call_bypassing_fortify(write)(fd, buf, count);
|
||||
}
|
||||
|
||||
|
@ -181,7 +184,7 @@ ssize_t readlink(const char* path, char* const __pass_object_size buf, size_t si
|
|||
__error_if_overflows_objectsize(size, __bos(buf), readlink) {
|
||||
size_t bos = __bos(buf);
|
||||
|
||||
if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
|
||||
if (__bos_trivially_not_lt_no_overflow(bos, size)) {
|
||||
return __call_bypassing_fortify(readlink)(path, buf, size);
|
||||
}
|
||||
|
||||
|
@ -195,7 +198,7 @@ ssize_t readlinkat(int dirfd, const char* path, char* const __pass_object_size b
|
|||
__error_if_overflows_objectsize(size, __bos(buf), readlinkat) {
|
||||
size_t bos = __bos(buf);
|
||||
|
||||
if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
|
||||
if (__bos_trivially_not_lt_no_overflow(bos, size)) {
|
||||
return __call_bypassing_fortify(readlinkat)(dirfd, path, buf, size);
|
||||
}
|
||||
|
||||
|
@ -203,6 +206,7 @@ ssize_t readlinkat(int dirfd, const char* path, char* const __pass_object_size b
|
|||
}
|
||||
#endif /* __ANDROID_API__ >= __ANDROID_API_M__ */
|
||||
|
||||
#undef __bos_trivially_not_lt_no_overflow
|
||||
#undef __enable_if_no_overflow_ssizet
|
||||
#undef __error_if_overflows_objectsize
|
||||
#undef __error_if_overflows_ssizet
|
||||
|
|
|
@ -293,7 +293,7 @@
|
|||
#define __bos_unevaluated_lt(bos_val, val) \
|
||||
((bos_val) != __BIONIC_FORTIFY_UNKNOWN_SIZE && (bos_val) < (val))
|
||||
|
||||
#define __bos_unevaluated_leq(bos_val, val) \
|
||||
#define __bos_unevaluated_le(bos_val, val) \
|
||||
((bos_val) != __BIONIC_FORTIFY_UNKNOWN_SIZE && (bos_val) <= (val))
|
||||
|
||||
/* Intended for use in evaluated contexts. */
|
||||
|
@ -304,13 +304,13 @@
|
|||
#define __bos_dynamic_check_impl(bos_val, op, index) \
|
||||
__bos_dynamic_check_impl_and(bos_val, op, index, 1)
|
||||
|
||||
#define __bos_trivially_geq(bos_val, index) __bos_dynamic_check_impl((bos_val), >=, (index))
|
||||
#define __bos_trivially_ge(bos_val, index) __bos_dynamic_check_impl((bos_val), >=, (index))
|
||||
|
||||
#define __bos_trivially_gt(bos_val, index) __bos_dynamic_check_impl((bos_val), >, (index))
|
||||
|
||||
/* The names here are meant to match nicely with the __bos_unevaluated macros above. */
|
||||
#define __bos_trivially_not_lt __bos_trivially_geq
|
||||
#define __bos_trivially_not_leq __bos_trivially_gt
|
||||
#define __bos_trivially_not_lt __bos_trivially_ge
|
||||
#define __bos_trivially_not_le __bos_trivially_gt
|
||||
|
||||
|
||||
#if defined(__BIONIC_FORTIFY) || defined(__BIONIC_DECLARE_FORTIFY_HELPERS)
|
||||
|
|
Loading…
Reference in New Issue