Commit Graph

12 Commits

Author SHA1 Message Date
Nick Kralevich b036b5ca36 FORTIFY_SOURCE: fortify read()
Change-Id: Ic7de163fe121db13e00560adb257331bc709814d
2013-10-09 20:17:03 -07:00
Nick Kralevich 8d25327639 Revert "FORTIFY_SOURCE: fortify read()"
This change reverts
* fb3f956d07.
* 65c99de2cb

Change-Id: Id5774eeede41130579115cf67a72ee914f2b47d5
2013-10-09 16:46:25 -07:00
Nick Kralevich 65c99de2cb FORTIFY_SOURCE: fortify read()
Change-Id: I3d7b4ec86d04efb865117ce7629a2e26917f3331
2013-10-09 13:44:38 -07:00
Nick Kralevich 7943df62f7 Check memory size on FD_* functions
Make sure the buffer we're dealing with has enough room.
Might as well check for memory issues while we're here,
even though I don't imagine they'll happen in practice.

Change-Id: I0ae1f0f06aca9ceb91e58c70183bb14e275b92b5
2013-10-03 15:45:10 -07:00
Elliott Hughes 5b9310e502 Fix 32-bit issues in tests, and add a trivial test for the FD_* macros.
Change-Id: Ia3f21ce1f0ed9236527fe44d36ccb7de6bf63113
2013-10-02 16:59:05 -07:00
Nick Kralevich 90201d5eca FORTIFY_SOURCE: Add __FD_* checks
Add FORTIFY_SOURCE checks for the following macros:

* FD_CLR
* FD_ISSET
* FD_SET

Bug: 11047121
Change-Id: I3c5952136aec9eff3288b91b1318677ff971525c
2013-10-02 16:11:30 -07:00
Nick Kralevich b91791d71c Use alloc_size attribute on *alloc functions
malloc and family were not declared with __attribute__((alloc_size)).
This was (sometimes) preventing FORTIFY_SOURCE related functions
from knowing the size of the buffer it's dealing with, inhibiting
FORTIFY_SOURCE protections.

Add __attribute__((alloc_size))

Information about the alloc_size attribute can be found
at http://gcc.gnu.org/onlinedocs/gcc/Function-Attributes.html

Change-Id: Ia2f0a445f0170a7325f69259b5e7fb35a9f14921
2013-10-02 14:14:40 -07:00
Nick Kralevich 60f4f9a5b9 libc: fortify recvfrom()
Fortify calls to recv() and recvfrom().

We use __bos0 to match glibc's behavior, and because I haven't
tested using __bos.

Change-Id: Iad6ae96551a89af17a9c347b80cdefcf2020c505
2013-09-24 16:45:01 -07:00
Christopher Ferris 16e185c908 __memcpy_chk: Fix signed cmp of unsigned values.
I accidentally did a signed comparison of the size_t values passed in
for three of the _chk functions. Changing them to unsigned compares.

Add three new tests to verify this failure is fixed.

Bug: 10691831

Merge from internal master.

(cherry-picked from 883ef2499c)

Change-Id: Id9a96b549435f5d9b61dc132cf1082e0e30889f5
2013-09-20 20:12:09 -07:00
Nick Kralevich 93501d3ab8 FORTIFY_SOURCE: introduce __strncpy_chk2
This change detects programs reading beyond the end of "src" when
calling strncpy.

Change-Id: Ie1b42de923385d62552b22c27b2d4713ab77ee03
2013-08-28 12:39:06 -07:00
Nick Kralevich a6cde39276 More FORTIFY_SOURCE functions under clang
* bzero
* umask
* strlcat

Change-Id: I65065208e0b8b37e10f6a266d5305de8fa9e59fc
2013-06-29 08:16:22 -07:00
Nick Kralevich 5bcf39842e Reorganize FORTIFY_SOURCE tests.
Get rid of a lot of the duplication in the various FORTIFY_SOURCE
tests. Instead, we build 4 separate static libraries, with
4 different compile time options, and link them into the final test
binary.

Change-Id: Idb0b7cccc8dd837adb037bf4ddfe8942ae138230
2013-06-28 11:54:29 -07:00