From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pf1-x431.google.com (mail-pf1-x431.google.com [IPv6:2607:f8b0:4864:20::431]) by sourceware.org (Postfix) with ESMTPS id 0207C3858C2C for ; Mon, 8 Jan 2024 20:22:00 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 0207C3858C2C Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 0207C3858C2C Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::431 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1704745324; cv=none; b=anRU6/kwTzSbvCFQoQ0evz2Ic1EpM+sk10cZcqHiaqr7MOo2q4S12ZhhGXLnGvANxvyXhY6sjbR7B8vCxY36F7+5eiq+xy2QSEoCTsuNOFcD+CLD2TlPlX9rd2YgfropyfegytLwsBy74zOo1oHoXC24Gieg+W7h5QeNDEGo0zU= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1704745324; c=relaxed/simple; bh=Y92yiU0VNaIJHdyTradk6VcH0pN+frH5YWjwm3UveQc=; h=DKIM-Signature:From:To:Subject:Date:Message-Id:MIME-Version; b=r3R55R/Qh8GkEuFM2eTAqe2N7R3pL44Y8ArJ4nQekd0fGw5NdAV2pXL0Ni7Q2UBqWSCjqkb1CH13Dr24xHV7BNjChZVQKR8MOatJQJqRcjogJn+FHkS+ziljzqXd8fPpQ+QV1C+Lk1xl0GS+UGMvq8wXfIgpeuBuXwbiUf71Tp4= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pf1-x431.google.com with SMTP id d2e1a72fcca58-6d9bee259c5so1145071b3a.1 for ; Mon, 08 Jan 2024 12:22:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1704745319; x=1705350119; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=DAbnqmVvxJ2qaueylYzIa9RxY26OjdD8tznagCXqGC4=; b=CUmeb3LaRNRs5gtzrZbp4rwavp3zkhBxbvXPSXgMsWA96VsF+itNAbaCo1KzWTukGy cGuC5bsEFg7YUvWfp/BMQcJJJPp+T4E+ixYaxa0ugcOMw5LzR6Qzi8X97oMBpKSEd1s6 6lADRTfJmqJ4DMk30kdpQRTzfchE72QtgQ1imXRi7cyzd+O0k9xbTxBH9cWPU+G39sd0 MuNNxaMYZYhzYeot2Clk9l2dNwJlW0HIiAQY6vEXlIHjeTVcMNHzttZvhls/efBW4z99 2zIeb1XwI1kjwcO1h8tQ2HNIQQMHoX3QXCC16tzld1YuI7PPhnkcFqtkbeNbyF/qoW1l LpQA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1704745319; x=1705350119; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=DAbnqmVvxJ2qaueylYzIa9RxY26OjdD8tznagCXqGC4=; b=fZ0F68YVDOABRjIQxx8FCu7YEyGtidrhgadXpN89jjA/OPyEMDw4CiICWEM3cdE3Ny MdauolrQx7cdjEjYlql4Qb1czQKO1/OVcu8f6kN5JYQBwCm/TwBCruvfDf7LtCpAzt3L VEKlR5xHkdFso0uonZuo8Lv1fVnANhY2uW88RwmVALKAR5UI8G7GXqh+BHZZE55sxmFu Ei4cjL02a5WNbVY96qDj97isHn5TTInRt8sHZpVkj+vS26SDkkDZfi7dShHLwsLdQU/t SiU4CmwaPhi+O2fRZUCHG90O8Lfe8TYvXhT+EIWghMJ0Vm9klIlG3KGP1s0paVseLHng ZiXQ== X-Gm-Message-State: AOJu0YyMXV/g4fItUuZqhvh1p7amTwsxskWomeMAdQflCFOvfsMCjL5h t7PcU5wUXi1RcML5Zi9mEV//vhF25ihOpYuRYShP45ndAYM= X-Google-Smtp-Source: AGHT+IG7AxCYUltrksi4P7dARvjgWdjtDPJWFptTpj10wqokIRssCUji0Kf8REAisEnc4KxcQa8/4A== X-Received: by 2002:aa7:8887:0:b0:6d9:bc39:e5ac with SMTP id z7-20020aa78887000000b006d9bc39e5acmr2103041pfe.6.1704745319545; Mon, 08 Jan 2024 12:21:59 -0800 (PST) Received: from mandiga.. ([2804:1b3:a7c1:9dd2:7f25:c108:2fff:5f8e]) by smtp.gmail.com with ESMTPSA id z13-20020a62d10d000000b006d9bdc0f765sm287936pfg.53.2024.01.08.12.21.58 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 08 Jan 2024 12:21:58 -0800 (PST) From: Adhemerval Zanella To: libc-alpha@sourceware.org Subject: [PATCH v2 03/10] string: Improve fortify with clang Date: Mon, 8 Jan 2024 17:21:42 -0300 Message-Id: <20240108202149.335305-4-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240108202149.335305-1-adhemerval.zanella@linaro.org> References: <20240108202149.335305-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-12.4 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: It improve fortify checks for strcpy, stpcpy, strncpy, stpncpy, strcat, strncat, strlcpy, and strlcat. The runtime and compile checks have similar coverage as with GCC. Checked on aarch64, armhf, x86_64, and i686. --- string/bits/string_fortified.h | 57 +++++++++++++++++++++------------- 1 file changed, 35 insertions(+), 22 deletions(-) diff --git a/string/bits/string_fortified.h b/string/bits/string_fortified.h index e0714f794c..83b80184a8 100644 --- a/string/bits/string_fortified.h +++ b/string/bits/string_fortified.h @@ -73,24 +73,29 @@ __NTH (explicit_bzero (void *__dest, size_t __len)) } #endif -__fortify_function char * -__NTH (strcpy (char *__restrict __dest, const char *__restrict __src)) +__fortify_function __attribute_overloadable__ char * +__NTH (strcpy (__fortify_clang_overload_arg (char *, __restrict, __dest), + const char *__restrict __src)) + __fortify_clang_warn_if_src_too_large (__dest, __src) { return __builtin___strcpy_chk (__dest, __src, __glibc_objsize (__dest)); } #ifdef __USE_XOPEN2K8 -__fortify_function char * -__NTH (stpcpy (char *__restrict __dest, const char *__restrict __src)) +__fortify_function __attribute_overloadable__ char * +__NTH (stpcpy (__fortify_clang_overload_arg (char *, __restrict, __dest), + const char *__restrict __src)) + __fortify_clang_warn_if_src_too_large (__dest, __src) { return __builtin___stpcpy_chk (__dest, __src, __glibc_objsize (__dest)); } #endif -__fortify_function char * -__NTH (strncpy (char *__restrict __dest, const char *__restrict __src, - size_t __len)) +__fortify_function __attribute_overloadable__ char * +__NTH (strncpy (__fortify_clang_overload_arg (char *, __restrict, __dest), + const char *__restrict __src, size_t __len)) + __fortify_clang_warn_if_dest_too_small (__dest, __len) { return __builtin___strncpy_chk (__dest, __src, __len, __glibc_objsize (__dest)); @@ -98,8 +103,10 @@ __NTH (strncpy (char *__restrict __dest, const char *__restrict __src, #ifdef __USE_XOPEN2K8 # if __GNUC_PREREQ (4, 7) || __glibc_clang_prereq (2, 6) -__fortify_function char * -__NTH (stpncpy (char *__dest, const char *__src, size_t __n)) +__fortify_function __attribute_overloadable__ char * +__NTH (stpncpy (__fortify_clang_overload_arg (char *, ,__dest), + const char *__src, size_t __n)) + __fortify_clang_warn_if_dest_too_small (__dest, __n) { return __builtin___stpncpy_chk (__dest, __src, __n, __glibc_objsize (__dest)); @@ -112,8 +119,9 @@ extern char *__stpncpy_chk (char *__dest, const char *__src, size_t __n, extern char *__REDIRECT_NTH (__stpncpy_alias, (char *__dest, const char *__src, size_t __n), stpncpy); -__fortify_function char * -__NTH (stpncpy (char *__dest, const char *__src, size_t __n)) +__fortify_function __attribute_overloadable__ char * +__NTH (stpncpy (__fortify_clang_overload_arg (char *, ,__dest), + const char *__src, size_t __n)) { if (__bos (__dest) != (size_t) -1 && (!__builtin_constant_p (__n) || __n > __bos (__dest))) @@ -124,16 +132,19 @@ __NTH (stpncpy (char *__dest, const char *__src, size_t __n)) #endif -__fortify_function char * -__NTH (strcat (char *__restrict __dest, const char *__restrict __src)) +__fortify_function __attribute_overloadable__ char * +__NTH (strcat (__fortify_clang_overload_arg (char *, __restrict, __dest), + const char *__restrict __src)) + __fortify_clang_warn_if_src_too_large (__dest, __src) { return __builtin___strcat_chk (__dest, __src, __glibc_objsize (__dest)); } -__fortify_function char * -__NTH (strncat (char *__restrict __dest, const char *__restrict __src, - size_t __len)) +__fortify_function __attribute_overloadable__ char * +__NTH (strncat (__fortify_clang_overload_arg (char *, __restrict, __dest), + const char *__restrict __src, size_t __len)) + __fortify_clang_warn_if_src_too_large (__dest, __src) { return __builtin___strncat_chk (__dest, __src, __len, __glibc_objsize (__dest)); @@ -146,9 +157,10 @@ extern size_t __REDIRECT_NTH (__strlcpy_alias, (char *__dest, const char *__src, size_t __n), strlcpy); -__fortify_function size_t -__NTH (strlcpy (char *__restrict __dest, const char *__restrict __src, - size_t __n)) +__fortify_function __attribute_overloadable__ size_t +__NTH (strlcpy (__fortify_clang_overload_arg (char *, __restrict, __dest), + const char *__restrict __src, size_t __n)) + __fortify_clang_warn_if_dest_too_small (__dest, __n) { if (__glibc_objsize (__dest) != (size_t) -1 && (!__builtin_constant_p (__n > __glibc_objsize (__dest)) @@ -163,9 +175,10 @@ extern size_t __REDIRECT_NTH (__strlcat_alias, (char *__dest, const char *__src, size_t __n), strlcat); -__fortify_function size_t -__NTH (strlcat (char *__restrict __dest, const char *__restrict __src, - size_t __n)) +__fortify_function __attribute_overloadable__ size_t +__NTH (strlcat (__fortify_clang_overload_arg (char *, __restrict, __dest), + const char *__restrict __src, size_t __n)) + __fortify_clang_warn_if_src_too_large (__dest, __src) { if (__glibc_objsize (__dest) != (size_t) -1 && (!__builtin_constant_p (__n > __glibc_objsize (__dest)) -- 2.34.1