* [PATCH v7 0/4] _FORTIFY_SOURCE=3 @ 2020-12-30 6:43 Siddhesh Poyarekar 2020-12-30 6:43 ` [PATCH v7 1/4] Warn on unsupported fortification levels Siddhesh Poyarekar ` (3 more replies) 0 siblings, 4 replies; 10+ messages in thread From: Siddhesh Poyarekar @ 2020-12-30 6:43 UTC (permalink / raw) To: libc-alpha; +Cc: adhemerval.zanella, fweimer, jakub This patchset implements a new fortification level, _FORTIFY_SOURCE=3. This level allows size information to be dynamic, which may potentially have a noticeable performance impact. It uses the __builtin_dynamic_object_size builtin available in clang to expand coverage of fortifications at the expense of some performance. Patch 1/4 adds a warning on unsupported _FORTIFY_LEVEL values. This change can go in independently of the new fortification level. Patch 2/4 adds the macro scaffolding to allow the new _FORTIFY_SOURCE level and to select the __builtin_dynamic_object_size builtin when it is available. Patch 3/4 adds support for string functions; these functions have additional fortified builtins of the form __builtin___func_chk. Patch 4/4 adds support for non-string functions that are fortification-ready for levels 1 and 2. Testing: The glibc testsuite doesn't directly support clang at the moment, so having tests in the glibc source tree is pointless as long as gcc does not have support for __builtin_dynamic_object_size. There is a separate project on GitHub called fortify-test-suite[1] that houses fortification tests and is capable of testing multiple levels of fortification with multiple compilers. I have proposed a PR[2] to add support for _FORTIFY_SOURCE=3 and have verified my changes with those tests. Those tests run clean for clang when run with these changes and PR[2] and they fail at level 3 for gcc, as expected. [1] https://github.com/serge-sans-paille/fortify-test-suite [2] https://github.com/serge-sans-paille/fortify-test-suite/pull/9 Changes since last version of the patchset: - Split out patches as suggested during review - Renamed __objsize to __glibc_objsize Siddhesh Poyarekar (4): Warn on unsupported fortification levels Introduce _FORTIFY_SOURCE=3 string: Enable __FORTIFY_LEVEL=3 nonstring: Enable __FORTIFY_LEVEL=3 NEWS | 6 ++ include/features.h | 8 ++ include/string.h | 5 +- io/bits/poll2.h | 18 ++-- libio/bits/stdio.h | 2 +- libio/bits/stdio2.h | 62 ++++++++------ manual/creature.texi | 3 +- misc/sys/cdefs.h | 9 ++ posix/bits/unistd.h | 120 ++++++++++++++------------ socket/bits/socket2.h | 22 ++--- stdlib/bits/stdlib.h | 42 +++++---- string/bits/string_fortified.h | 29 ++++--- string/bits/strings_fortified.h | 6 +- wcsmbs/bits/wchar2.h | 146 ++++++++++++++++++-------------- 14 files changed, 279 insertions(+), 199 deletions(-) -- 2.29.2 ^ permalink raw reply [flat|nested] 10+ messages in thread
* [PATCH v7 1/4] Warn on unsupported fortification levels 2020-12-30 6:43 [PATCH v7 0/4] _FORTIFY_SOURCE=3 Siddhesh Poyarekar @ 2020-12-30 6:43 ` Siddhesh Poyarekar 2020-12-31 10:45 ` Adhemerval Zanella 2020-12-30 6:43 ` [PATCH v7 2/4] Introduce _FORTIFY_SOURCE=3 Siddhesh Poyarekar ` (2 subsequent siblings) 3 siblings, 1 reply; 10+ messages in thread From: Siddhesh Poyarekar @ 2020-12-30 6:43 UTC (permalink / raw) To: libc-alpha; +Cc: adhemerval.zanella, fweimer, jakub, Paul Eggert Make the _FORTIFY_SOURCE macro soup in features.h warn about unsupported fortification levels. For example, it will warn about _FORTIFY_SOURCE=3 and over with an indication of which level has been selected. Co-authored-by: Paul Eggert <eggert@cs.ucla.edu> --- NEWS | 6 ++++++ include/features.h | 3 +++ manual/creature.texi | 3 ++- 3 files changed, 11 insertions(+), 1 deletion(-) diff --git a/NEWS b/NEWS index 86e05fb023..8e02dbd0f7 100644 --- a/NEWS +++ b/NEWS @@ -28,6 +28,12 @@ Major new features: The 32-bit RISC-V port requires at least Linux 5.4, GCC 7.1 and binutils 2.28. +* A new fortification level _FORTIFY_SOURCE=3 is available. At this level, + glibc may use additional checks that may have an additional performance + overhead. At present these checks are available only on LLVM 9 and later. + The latest GCC available at this time (10.2) does not support this level of + fortification. + Deprecated and removed features, and other changes affecting compatibility: * The mallinfo function is marked deprecated. Callers should call diff --git a/include/features.h b/include/features.h index f3e62d3362..540230b90b 100644 --- a/include/features.h +++ b/include/features.h @@ -398,6 +398,9 @@ # elif !__GNUC_PREREQ (4, 1) # warning _FORTIFY_SOURCE requires GCC 4.1 or later # elif _FORTIFY_SOURCE > 1 +# if _FORTIFY_SOURCE > 2 +# warning _FORTIFY_SOURCE > 2 is treated like 2 on this platform +# endif # define __USE_FORTIFY_LEVEL 2 # else # define __USE_FORTIFY_LEVEL 1 diff --git a/manual/creature.texi b/manual/creature.texi index be5050468b..31208ccb2b 100644 --- a/manual/creature.texi +++ b/manual/creature.texi @@ -254,7 +254,8 @@ included. @standards{GNU, (none)} If this macro is defined to @math{1}, security hardening is added to various library functions. If defined to @math{2}, even stricter -checks are applied. +checks are applied. If defined to @math{3}, @theglibc{} may also use +checks that may have an additional performance overhead. @end defvr @defvr Macro _REENTRANT -- 2.29.2 ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH v7 1/4] Warn on unsupported fortification levels 2020-12-30 6:43 ` [PATCH v7 1/4] Warn on unsupported fortification levels Siddhesh Poyarekar @ 2020-12-31 10:45 ` Adhemerval Zanella 2020-12-31 11:28 ` Siddhesh Poyarekar 0 siblings, 1 reply; 10+ messages in thread From: Adhemerval Zanella @ 2020-12-31 10:45 UTC (permalink / raw) To: Siddhesh Poyarekar, libc-alpha; +Cc: fweimer, jakub, Paul Eggert On 30/12/2020 03:43, Siddhesh Poyarekar wrote: > Make the _FORTIFY_SOURCE macro soup in features.h warn about > unsupported fortification levels. For example, it will warn about > _FORTIFY_SOURCE=3 and over with an indication of which level has been > selected. > > Co-authored-by: Paul Eggert <eggert@cs.ucla.edu> LGTM, although I think the NEWS entry should move to the second patch. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org> > --- > NEWS | 6 ++++++ > include/features.h | 3 +++ > manual/creature.texi | 3 ++- > 3 files changed, 11 insertions(+), 1 deletion(-) > > diff --git a/NEWS b/NEWS > index 86e05fb023..8e02dbd0f7 100644 > --- a/NEWS > +++ b/NEWS > @@ -28,6 +28,12 @@ Major new features: > The 32-bit RISC-V port requires at least Linux 5.4, GCC 7.1 and binutils > 2.28. > > +* A new fortification level _FORTIFY_SOURCE=3 is available. At this level, > + glibc may use additional checks that may have an additional performance > + overhead. At present these checks are available only on LLVM 9 and later. > + The latest GCC available at this time (10.2) does not support this level of > + fortification. > + > Deprecated and removed features, and other changes affecting compatibility: > > * The mallinfo function is marked deprecated. Callers should call Maybe move this NEWS entry to second patch, where this is actually enabled? > diff --git a/include/features.h b/include/features.h > index f3e62d3362..540230b90b 100644 > --- a/include/features.h > +++ b/include/features.h > @@ -398,6 +398,9 @@ > # elif !__GNUC_PREREQ (4, 1) > # warning _FORTIFY_SOURCE requires GCC 4.1 or later > # elif _FORTIFY_SOURCE > 1 > +# if _FORTIFY_SOURCE > 2 > +# warning _FORTIFY_SOURCE > 2 is treated like 2 on this platform > +# endif > # define __USE_FORTIFY_LEVEL 2 > # else > # define __USE_FORTIFY_LEVEL 1 > diff --git a/manual/creature.texi b/manual/creature.texi > index be5050468b..31208ccb2b 100644 > --- a/manual/creature.texi > +++ b/manual/creature.texi > @@ -254,7 +254,8 @@ included. > @standards{GNU, (none)} > If this macro is defined to @math{1}, security hardening is added to > various library functions. If defined to @math{2}, even stricter > -checks are applied. > +checks are applied. If defined to @math{3}, @theglibc{} may also use > +checks that may have an additional performance overhead. > @end defvr > > @defvr Macro _REENTRANT > ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH v7 1/4] Warn on unsupported fortification levels 2020-12-31 10:45 ` Adhemerval Zanella @ 2020-12-31 11:28 ` Siddhesh Poyarekar 0 siblings, 0 replies; 10+ messages in thread From: Siddhesh Poyarekar @ 2020-12-31 11:28 UTC (permalink / raw) To: Adhemerval Zanella, libc-alpha; +Cc: fweimer, jakub, Paul Eggert On 12/31/20 4:15 PM, Adhemerval Zanella wrote: > > > On 30/12/2020 03:43, Siddhesh Poyarekar wrote: >> Make the _FORTIFY_SOURCE macro soup in features.h warn about >> unsupported fortification levels. For example, it will warn about >> _FORTIFY_SOURCE=3 and over with an indication of which level has been >> selected. >> >> Co-authored-by: Paul Eggert <eggert@cs.ucla.edu> > > LGTM, although I think the NEWS entry should move to the second patch. > Oops, yes. I've moved the creatures.texi as well as NEWS content to 2/4 before commit. Thanks, Siddhesh ^ permalink raw reply [flat|nested] 10+ messages in thread
* [PATCH v7 2/4] Introduce _FORTIFY_SOURCE=3 2020-12-30 6:43 [PATCH v7 0/4] _FORTIFY_SOURCE=3 Siddhesh Poyarekar 2020-12-30 6:43 ` [PATCH v7 1/4] Warn on unsupported fortification levels Siddhesh Poyarekar @ 2020-12-30 6:43 ` Siddhesh Poyarekar 2020-12-31 10:47 ` Adhemerval Zanella 2020-12-30 6:43 ` [PATCH v7 3/4] string: Enable __FORTIFY_LEVEL=3 Siddhesh Poyarekar 2020-12-30 6:43 ` [PATCH v7 4/4] nonstring: " Siddhesh Poyarekar 3 siblings, 1 reply; 10+ messages in thread From: Siddhesh Poyarekar @ 2020-12-30 6:43 UTC (permalink / raw) To: libc-alpha; +Cc: adhemerval.zanella, fweimer, jakub Introduce a new _FORTIFY_SOURCE level of 3 to enable additional fortifications that may have a noticeable performance impact, allowing more fortification coverage at the cost of some performance. With llvm 9.0 or later, this will replace the use of __builtin_object_size with __builtin_dynamic_object_size. __builtin_dynamic_object_size ----------------------------- __builtin_dynamic_object_size is an LLVM builtin that is similar to __builtin_object_size. In addition to what __builtin_object_size does, i.e. replace the builtin call with a constant object size, __builtin_dynamic_object_size will replace the call site with an expression that evaluates to the object size, thus expanding its applicability. In practice, __builtin_dynamic_object_size evaluates these expressions through malloc/calloc calls that it can associate with the object being evaluated. A simple motivating example is below; -D_FORTIFY_SOURCE=2 would miss this and emit memcpy, but -D_FORTIFY_SOURCE=3 with the help of __builtin_dynamic_object_size is able to emit __memcpy_chk with the allocation size expression passed into the function: void *copy_obj (const void *src, size_t alloc, size_t copysize) { void *obj = malloc (alloc); memcpy (obj, src, copysize); return obj; } Limitations ----------- If the object was allocated elsewhere that the compiler cannot see, or if it was allocated in the function with a function that the compiler does not recognize as an allocator then __builtin_dynamic_object_size also returns -1. Further, the expression used to compute object size may be non-trivial and may potentially incur a noticeable performance impact. These fortifications are hence enabled at a new _FORTIFY_SOURCE level to allow developers to make a choice on the tradeoff according to their environment. --- include/features.h | 5 +++++ misc/sys/cdefs.h | 9 +++++++++ 2 files changed, 14 insertions(+) diff --git a/include/features.h b/include/features.h index 540230b90b..066eb0eecd 100644 --- a/include/features.h +++ b/include/features.h @@ -397,6 +397,11 @@ # warning _FORTIFY_SOURCE requires compiling with optimization (-O) # elif !__GNUC_PREREQ (4, 1) # warning _FORTIFY_SOURCE requires GCC 4.1 or later +# elif _FORTIFY_SOURCE > 2 && __glibc_clang_prereq (9, 0) +# if _FORTIFY_SOURCE > 3 +# warning _FORTIFY_SOURCE > 3 is treated like 3 on this platform +# endif +# define __USE_FORTIFY_LEVEL 3 # elif _FORTIFY_SOURCE > 1 # if _FORTIFY_SOURCE > 2 # warning _FORTIFY_SOURCE > 2 is treated like 2 on this platform diff --git a/misc/sys/cdefs.h b/misc/sys/cdefs.h index a06f1cfd91..5fb6e309be 100644 --- a/misc/sys/cdefs.h +++ b/misc/sys/cdefs.h @@ -127,6 +127,15 @@ #define __bos(ptr) __builtin_object_size (ptr, __USE_FORTIFY_LEVEL > 1) #define __bos0(ptr) __builtin_object_size (ptr, 0) +/* Use __builtin_dynamic_object_size at _FORTIFY_SOURCE=3 when available. */ +#if __USE_FORTIFY_LEVEL == 3 && __glibc_clang_prereq (9, 0) +# define __glibc_objsize0(__o) __builtin_dynamic_object_size (__o, 0) +# define __glibc_objsize(__o) __builtin_dynamic_object_size (__o, 1) +#else +# define __glibc_objsize0(__o) __bos0 (__o) +# define __glibc_objsize(__o) __bos (__o) +#endif + #if __GNUC_PREREQ (4,3) # define __warnattr(msg) __attribute__((__warning__ (msg))) # define __errordecl(name, msg) \ -- 2.29.2 ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH v7 2/4] Introduce _FORTIFY_SOURCE=3 2020-12-30 6:43 ` [PATCH v7 2/4] Introduce _FORTIFY_SOURCE=3 Siddhesh Poyarekar @ 2020-12-31 10:47 ` Adhemerval Zanella 0 siblings, 0 replies; 10+ messages in thread From: Adhemerval Zanella @ 2020-12-31 10:47 UTC (permalink / raw) To: Siddhesh Poyarekar, libc-alpha; +Cc: fweimer, jakub On 30/12/2020 03:43, Siddhesh Poyarekar wrote: > Introduce a new _FORTIFY_SOURCE level of 3 to enable additional > fortifications that may have a noticeable performance impact, allowing > more fortification coverage at the cost of some performance. > > With llvm 9.0 or later, this will replace the use of > __builtin_object_size with __builtin_dynamic_object_size. > > __builtin_dynamic_object_size > ----------------------------- > > __builtin_dynamic_object_size is an LLVM builtin that is similar to > __builtin_object_size. In addition to what __builtin_object_size > does, i.e. replace the builtin call with a constant object size, > __builtin_dynamic_object_size will replace the call site with an > expression that evaluates to the object size, thus expanding its > applicability. In practice, __builtin_dynamic_object_size evaluates > these expressions through malloc/calloc calls that it can associate > with the object being evaluated. > > A simple motivating example is below; -D_FORTIFY_SOURCE=2 would miss > this and emit memcpy, but -D_FORTIFY_SOURCE=3 with the help of > __builtin_dynamic_object_size is able to emit __memcpy_chk with the > allocation size expression passed into the function: > > void *copy_obj (const void *src, size_t alloc, size_t copysize) > { > void *obj = malloc (alloc); > memcpy (obj, src, copysize); > return obj; > } > > Limitations > ----------- > > If the object was allocated elsewhere that the compiler cannot see, or > if it was allocated in the function with a function that the compiler > does not recognize as an allocator then __builtin_dynamic_object_size > also returns -1. > > Further, the expression used to compute object size may be non-trivial > and may potentially incur a noticeable performance impact. These > fortifications are hence enabled at a new _FORTIFY_SOURCE level to > allow developers to make a choice on the tradeoff according to their > environment. LGTM, thanks. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org> > --- > include/features.h | 5 +++++ > misc/sys/cdefs.h | 9 +++++++++ > 2 files changed, 14 insertions(+) > > diff --git a/include/features.h b/include/features.h > index 540230b90b..066eb0eecd 100644 > --- a/include/features.h > +++ b/include/features.h > @@ -397,6 +397,11 @@ > # warning _FORTIFY_SOURCE requires compiling with optimization (-O) > # elif !__GNUC_PREREQ (4, 1) > # warning _FORTIFY_SOURCE requires GCC 4.1 or later > +# elif _FORTIFY_SOURCE > 2 && __glibc_clang_prereq (9, 0) > +# if _FORTIFY_SOURCE > 3 > +# warning _FORTIFY_SOURCE > 3 is treated like 3 on this platform > +# endif > +# define __USE_FORTIFY_LEVEL 3 > # elif _FORTIFY_SOURCE > 1 > # if _FORTIFY_SOURCE > 2 > # warning _FORTIFY_SOURCE > 2 is treated like 2 on this platform > diff --git a/misc/sys/cdefs.h b/misc/sys/cdefs.h > index a06f1cfd91..5fb6e309be 100644 > --- a/misc/sys/cdefs.h > +++ b/misc/sys/cdefs.h > @@ -127,6 +127,15 @@ > #define __bos(ptr) __builtin_object_size (ptr, __USE_FORTIFY_LEVEL > 1) > #define __bos0(ptr) __builtin_object_size (ptr, 0) > > +/* Use __builtin_dynamic_object_size at _FORTIFY_SOURCE=3 when available. */ > +#if __USE_FORTIFY_LEVEL == 3 && __glibc_clang_prereq (9, 0) > +# define __glibc_objsize0(__o) __builtin_dynamic_object_size (__o, 0) > +# define __glibc_objsize(__o) __builtin_dynamic_object_size (__o, 1) > +#else > +# define __glibc_objsize0(__o) __bos0 (__o) > +# define __glibc_objsize(__o) __bos (__o) > +#endif > + > #if __GNUC_PREREQ (4,3) > # define __warnattr(msg) __attribute__((__warning__ (msg))) > # define __errordecl(name, msg) \ > ^ permalink raw reply [flat|nested] 10+ messages in thread
* [PATCH v7 3/4] string: Enable __FORTIFY_LEVEL=3 2020-12-30 6:43 [PATCH v7 0/4] _FORTIFY_SOURCE=3 Siddhesh Poyarekar 2020-12-30 6:43 ` [PATCH v7 1/4] Warn on unsupported fortification levels Siddhesh Poyarekar 2020-12-30 6:43 ` [PATCH v7 2/4] Introduce _FORTIFY_SOURCE=3 Siddhesh Poyarekar @ 2020-12-30 6:43 ` Siddhesh Poyarekar 2020-12-31 10:48 ` Adhemerval Zanella 2020-12-30 6:43 ` [PATCH v7 4/4] nonstring: " Siddhesh Poyarekar 3 siblings, 1 reply; 10+ messages in thread From: Siddhesh Poyarekar @ 2020-12-30 6:43 UTC (permalink / raw) To: libc-alpha; +Cc: adhemerval.zanella, fweimer, jakub This change enhances fortified string functions to use __builtin_dynamic_object_size under _FORTIFY_SOURCE=3 whenever the compiler supports it. --- include/string.h | 5 +++-- string/bits/string_fortified.h | 29 ++++++++++++++++++----------- string/bits/strings_fortified.h | 6 ++++-- 3 files changed, 25 insertions(+), 15 deletions(-) diff --git a/include/string.h b/include/string.h index 7d344d77d4..81dab39891 100644 --- a/include/string.h +++ b/include/string.h @@ -123,10 +123,11 @@ libc_hidden_proto (__strerror_l) void __explicit_bzero_chk_internal (void *, size_t, size_t) __THROW __nonnull ((1)) attribute_hidden; # define explicit_bzero(buf, len) \ - __explicit_bzero_chk_internal (buf, len, __bos0 (buf)) + __explicit_bzero_chk_internal (buf, len, __glibc_objsize0 (buf)) #elif !IS_IN (nonlib) void __explicit_bzero_chk (void *, size_t, size_t) __THROW __nonnull ((1)); -# define explicit_bzero(buf, len) __explicit_bzero_chk (buf, len, __bos0 (buf)) +# define explicit_bzero(buf, len) __explicit_bzero_chk (buf, len, \ + __glibc_objsize0 (buf)) #endif libc_hidden_builtin_proto (memchr) diff --git a/string/bits/string_fortified.h b/string/bits/string_fortified.h index 4c1aeb45f1..92d75f10fa 100644 --- a/string/bits/string_fortified.h +++ b/string/bits/string_fortified.h @@ -26,13 +26,15 @@ __fortify_function void * __NTH (memcpy (void *__restrict __dest, const void *__restrict __src, size_t __len)) { - return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest)); + return __builtin___memcpy_chk (__dest, __src, __len, + __glibc_objsize0 (__dest)); } __fortify_function void * __NTH (memmove (void *__dest, const void *__src, size_t __len)) { - return __builtin___memmove_chk (__dest, __src, __len, __bos0 (__dest)); + return __builtin___memmove_chk (__dest, __src, __len, + __glibc_objsize0 (__dest)); } #ifdef __USE_GNU @@ -40,7 +42,8 @@ __fortify_function void * __NTH (mempcpy (void *__restrict __dest, const void *__restrict __src, size_t __len)) { - return __builtin___mempcpy_chk (__dest, __src, __len, __bos0 (__dest)); + return __builtin___mempcpy_chk (__dest, __src, __len, + __glibc_objsize0 (__dest)); } #endif @@ -53,7 +56,8 @@ __NTH (mempcpy (void *__restrict __dest, const void *__restrict __src, __fortify_function void * __NTH (memset (void *__dest, int __ch, size_t __len)) { - return __builtin___memset_chk (__dest, __ch, __len, __bos0 (__dest)); + return __builtin___memset_chk (__dest, __ch, __len, + __glibc_objsize0 (__dest)); } #ifdef __USE_MISC @@ -65,21 +69,21 @@ void __explicit_bzero_chk (void *__dest, size_t __len, size_t __destlen) __fortify_function void __NTH (explicit_bzero (void *__dest, size_t __len)) { - __explicit_bzero_chk (__dest, __len, __bos0 (__dest)); + __explicit_bzero_chk (__dest, __len, __glibc_objsize0 (__dest)); } #endif __fortify_function char * __NTH (strcpy (char *__restrict __dest, const char *__restrict __src)) { - return __builtin___strcpy_chk (__dest, __src, __bos (__dest)); + return __builtin___strcpy_chk (__dest, __src, __glibc_objsize (__dest)); } #ifdef __USE_GNU __fortify_function char * __NTH (stpcpy (char *__restrict __dest, const char *__restrict __src)) { - return __builtin___stpcpy_chk (__dest, __src, __bos (__dest)); + return __builtin___stpcpy_chk (__dest, __src, __glibc_objsize (__dest)); } #endif @@ -88,14 +92,16 @@ __fortify_function char * __NTH (strncpy (char *__restrict __dest, const char *__restrict __src, size_t __len)) { - return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest)); + return __builtin___strncpy_chk (__dest, __src, __len, + __glibc_objsize (__dest)); } #if __GNUC_PREREQ (4, 7) || __glibc_clang_prereq (2, 6) __fortify_function char * __NTH (stpncpy (char *__dest, const char *__src, size_t __n)) { - return __builtin___stpncpy_chk (__dest, __src, __n, __bos (__dest)); + return __builtin___stpncpy_chk (__dest, __src, __n, + __glibc_objsize (__dest)); } #else extern char *__stpncpy_chk (char *__dest, const char *__src, size_t __n, @@ -118,7 +124,7 @@ __NTH (stpncpy (char *__dest, const char *__src, size_t __n)) __fortify_function char * __NTH (strcat (char *__restrict __dest, const char *__restrict __src)) { - return __builtin___strcat_chk (__dest, __src, __bos (__dest)); + return __builtin___strcat_chk (__dest, __src, __glibc_objsize (__dest)); } @@ -126,7 +132,8 @@ __fortify_function char * __NTH (strncat (char *__restrict __dest, const char *__restrict __src, size_t __len)) { - return __builtin___strncat_chk (__dest, __src, __len, __bos (__dest)); + return __builtin___strncat_chk (__dest, __src, __len, + __glibc_objsize (__dest)); } #endif /* bits/string_fortified.h */ diff --git a/string/bits/strings_fortified.h b/string/bits/strings_fortified.h index d4091f4f69..7752faf4e3 100644 --- a/string/bits/strings_fortified.h +++ b/string/bits/strings_fortified.h @@ -22,13 +22,15 @@ __fortify_function void __NTH (bcopy (const void *__src, void *__dest, size_t __len)) { - (void) __builtin___memmove_chk (__dest, __src, __len, __bos0 (__dest)); + (void) __builtin___memmove_chk (__dest, __src, __len, + __glibc_objsize0 (__dest)); } __fortify_function void __NTH (bzero (void *__dest, size_t __len)) { - (void) __builtin___memset_chk (__dest, '\0', __len, __bos0 (__dest)); + (void) __builtin___memset_chk (__dest, '\0', __len, + __glibc_objsize0 (__dest)); } #endif -- 2.29.2 ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH v7 3/4] string: Enable __FORTIFY_LEVEL=3 2020-12-30 6:43 ` [PATCH v7 3/4] string: Enable __FORTIFY_LEVEL=3 Siddhesh Poyarekar @ 2020-12-31 10:48 ` Adhemerval Zanella 0 siblings, 0 replies; 10+ messages in thread From: Adhemerval Zanella @ 2020-12-31 10:48 UTC (permalink / raw) To: Siddhesh Poyarekar, libc-alpha; +Cc: fweimer, jakub On 30/12/2020 03:43, Siddhesh Poyarekar wrote: > This change enhances fortified string functions to use > __builtin_dynamic_object_size under _FORTIFY_SOURCE=3 whenever the > compiler supports it. LGTM, thanks. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org> > --- > include/string.h | 5 +++-- > string/bits/string_fortified.h | 29 ++++++++++++++++++----------- > string/bits/strings_fortified.h | 6 ++++-- > 3 files changed, 25 insertions(+), 15 deletions(-) > > diff --git a/include/string.h b/include/string.h > index 7d344d77d4..81dab39891 100644 > --- a/include/string.h > +++ b/include/string.h > @@ -123,10 +123,11 @@ libc_hidden_proto (__strerror_l) > void __explicit_bzero_chk_internal (void *, size_t, size_t) > __THROW __nonnull ((1)) attribute_hidden; > # define explicit_bzero(buf, len) \ > - __explicit_bzero_chk_internal (buf, len, __bos0 (buf)) > + __explicit_bzero_chk_internal (buf, len, __glibc_objsize0 (buf)) > #elif !IS_IN (nonlib) > void __explicit_bzero_chk (void *, size_t, size_t) __THROW __nonnull ((1)); > -# define explicit_bzero(buf, len) __explicit_bzero_chk (buf, len, __bos0 (buf)) > +# define explicit_bzero(buf, len) __explicit_bzero_chk (buf, len, \ > + __glibc_objsize0 (buf)) > #endif > > libc_hidden_builtin_proto (memchr) > diff --git a/string/bits/string_fortified.h b/string/bits/string_fortified.h > index 4c1aeb45f1..92d75f10fa 100644 > --- a/string/bits/string_fortified.h > +++ b/string/bits/string_fortified.h > @@ -26,13 +26,15 @@ __fortify_function void * > __NTH (memcpy (void *__restrict __dest, const void *__restrict __src, > size_t __len)) > { > - return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest)); > + return __builtin___memcpy_chk (__dest, __src, __len, > + __glibc_objsize0 (__dest)); > } > > __fortify_function void * > __NTH (memmove (void *__dest, const void *__src, size_t __len)) > { > - return __builtin___memmove_chk (__dest, __src, __len, __bos0 (__dest)); > + return __builtin___memmove_chk (__dest, __src, __len, > + __glibc_objsize0 (__dest)); > } > > #ifdef __USE_GNU > @@ -40,7 +42,8 @@ __fortify_function void * > __NTH (mempcpy (void *__restrict __dest, const void *__restrict __src, > size_t __len)) > { > - return __builtin___mempcpy_chk (__dest, __src, __len, __bos0 (__dest)); > + return __builtin___mempcpy_chk (__dest, __src, __len, > + __glibc_objsize0 (__dest)); > } > #endif > > @@ -53,7 +56,8 @@ __NTH (mempcpy (void *__restrict __dest, const void *__restrict __src, > __fortify_function void * > __NTH (memset (void *__dest, int __ch, size_t __len)) > { > - return __builtin___memset_chk (__dest, __ch, __len, __bos0 (__dest)); > + return __builtin___memset_chk (__dest, __ch, __len, > + __glibc_objsize0 (__dest)); > } > > #ifdef __USE_MISC > @@ -65,21 +69,21 @@ void __explicit_bzero_chk (void *__dest, size_t __len, size_t __destlen) > __fortify_function void > __NTH (explicit_bzero (void *__dest, size_t __len)) > { > - __explicit_bzero_chk (__dest, __len, __bos0 (__dest)); > + __explicit_bzero_chk (__dest, __len, __glibc_objsize0 (__dest)); > } > #endif > > __fortify_function char * > __NTH (strcpy (char *__restrict __dest, const char *__restrict __src)) > { > - return __builtin___strcpy_chk (__dest, __src, __bos (__dest)); > + return __builtin___strcpy_chk (__dest, __src, __glibc_objsize (__dest)); > } > > #ifdef __USE_GNU > __fortify_function char * > __NTH (stpcpy (char *__restrict __dest, const char *__restrict __src)) > { > - return __builtin___stpcpy_chk (__dest, __src, __bos (__dest)); > + return __builtin___stpcpy_chk (__dest, __src, __glibc_objsize (__dest)); > } > #endif > > @@ -88,14 +92,16 @@ __fortify_function char * > __NTH (strncpy (char *__restrict __dest, const char *__restrict __src, > size_t __len)) > { > - return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest)); > + return __builtin___strncpy_chk (__dest, __src, __len, > + __glibc_objsize (__dest)); > } > > #if __GNUC_PREREQ (4, 7) || __glibc_clang_prereq (2, 6) > __fortify_function char * > __NTH (stpncpy (char *__dest, const char *__src, size_t __n)) > { > - return __builtin___stpncpy_chk (__dest, __src, __n, __bos (__dest)); > + return __builtin___stpncpy_chk (__dest, __src, __n, > + __glibc_objsize (__dest)); > } > #else > extern char *__stpncpy_chk (char *__dest, const char *__src, size_t __n, > @@ -118,7 +124,7 @@ __NTH (stpncpy (char *__dest, const char *__src, size_t __n)) > __fortify_function char * > __NTH (strcat (char *__restrict __dest, const char *__restrict __src)) > { > - return __builtin___strcat_chk (__dest, __src, __bos (__dest)); > + return __builtin___strcat_chk (__dest, __src, __glibc_objsize (__dest)); > } > > > @@ -126,7 +132,8 @@ __fortify_function char * > __NTH (strncat (char *__restrict __dest, const char *__restrict __src, > size_t __len)) > { > - return __builtin___strncat_chk (__dest, __src, __len, __bos (__dest)); > + return __builtin___strncat_chk (__dest, __src, __len, > + __glibc_objsize (__dest)); > } > > #endif /* bits/string_fortified.h */ > diff --git a/string/bits/strings_fortified.h b/string/bits/strings_fortified.h > index d4091f4f69..7752faf4e3 100644 > --- a/string/bits/strings_fortified.h > +++ b/string/bits/strings_fortified.h > @@ -22,13 +22,15 @@ > __fortify_function void > __NTH (bcopy (const void *__src, void *__dest, size_t __len)) > { > - (void) __builtin___memmove_chk (__dest, __src, __len, __bos0 (__dest)); > + (void) __builtin___memmove_chk (__dest, __src, __len, > + __glibc_objsize0 (__dest)); > } > > __fortify_function void > __NTH (bzero (void *__dest, size_t __len)) > { > - (void) __builtin___memset_chk (__dest, '\0', __len, __bos0 (__dest)); > + (void) __builtin___memset_chk (__dest, '\0', __len, > + __glibc_objsize0 (__dest)); > } > > #endif > ^ permalink raw reply [flat|nested] 10+ messages in thread
* [PATCH v7 4/4] nonstring: Enable __FORTIFY_LEVEL=3 2020-12-30 6:43 [PATCH v7 0/4] _FORTIFY_SOURCE=3 Siddhesh Poyarekar ` (2 preceding siblings ...) 2020-12-30 6:43 ` [PATCH v7 3/4] string: Enable __FORTIFY_LEVEL=3 Siddhesh Poyarekar @ 2020-12-30 6:43 ` Siddhesh Poyarekar 2020-12-31 10:50 ` Adhemerval Zanella 3 siblings, 1 reply; 10+ messages in thread From: Siddhesh Poyarekar @ 2020-12-30 6:43 UTC (permalink / raw) To: libc-alpha; +Cc: adhemerval.zanella, fweimer, jakub Use __builtin_dynamic_object_size in the remaining functions that don't have compiler builtins as is the case for string functions. --- io/bits/poll2.h | 18 +++--- libio/bits/stdio.h | 2 +- libio/bits/stdio2.h | 62 ++++++++++-------- posix/bits/unistd.h | 120 ++++++++++++++++++---------------- socket/bits/socket2.h | 22 ++++--- stdlib/bits/stdlib.h | 42 ++++++------ wcsmbs/bits/wchar2.h | 146 ++++++++++++++++++++++++------------------ 7 files changed, 229 insertions(+), 183 deletions(-) diff --git a/io/bits/poll2.h b/io/bits/poll2.h index dca49717db..d204351bd0 100644 --- a/io/bits/poll2.h +++ b/io/bits/poll2.h @@ -35,12 +35,13 @@ extern int __REDIRECT (__poll_chk_warn, (struct pollfd *__fds, nfds_t __nfds, __fortify_function int poll (struct pollfd *__fds, nfds_t __nfds, int __timeout) { - if (__bos (__fds) != (__SIZE_TYPE__) -1) + if (__glibc_objsize (__fds) != (__SIZE_TYPE__) -1) { if (! __builtin_constant_p (__nfds)) - return __poll_chk (__fds, __nfds, __timeout, __bos (__fds)); - else if (__bos (__fds) / sizeof (*__fds) < __nfds) - return __poll_chk_warn (__fds, __nfds, __timeout, __bos (__fds)); + return __poll_chk (__fds, __nfds, __timeout, __glibc_objsize (__fds)); + else if (__glibc_objsize (__fds) / sizeof (*__fds) < __nfds) + return __poll_chk_warn (__fds, __nfds, __timeout, + __glibc_objsize (__fds)); } return __poll_alias (__fds, __nfds, __timeout); @@ -65,13 +66,14 @@ __fortify_function int ppoll (struct pollfd *__fds, nfds_t __nfds, const struct timespec *__timeout, const __sigset_t *__ss) { - if (__bos (__fds) != (__SIZE_TYPE__) -1) + if (__glibc_objsize (__fds) != (__SIZE_TYPE__) -1) { if (! __builtin_constant_p (__nfds)) - return __ppoll_chk (__fds, __nfds, __timeout, __ss, __bos (__fds)); - else if (__bos (__fds) / sizeof (*__fds) < __nfds) + return __ppoll_chk (__fds, __nfds, __timeout, __ss, + __glibc_objsize (__fds)); + else if (__glibc_objsize (__fds) / sizeof (*__fds) < __nfds) return __ppoll_chk_warn (__fds, __nfds, __timeout, __ss, - __bos (__fds)); + __glibc_objsize (__fds)); } return __ppoll_alias (__fds, __nfds, __timeout, __ss); diff --git a/libio/bits/stdio.h b/libio/bits/stdio.h index 6745571ed5..6d1f0f9fc9 100644 --- a/libio/bits/stdio.h +++ b/libio/bits/stdio.h @@ -31,7 +31,7 @@ #ifdef __USE_EXTERN_INLINES -/* For -D_FORTIFY_SOURCE{,=2} bits/stdio2.h will define a different +/* For -D_FORTIFY_SOURCE{,=2,=3} bits/stdio2.h will define a different inline. */ # if !(__USE_FORTIFY_LEVEL > 0 && defined __fortify_function) /* Write formatted output to stdout from argument list ARG. */ diff --git a/libio/bits/stdio2.h b/libio/bits/stdio2.h index ff9202c2cb..365c25b7b0 100644 --- a/libio/bits/stdio2.h +++ b/libio/bits/stdio2.h @@ -36,12 +36,13 @@ __fortify_function int __NTH (sprintf (char *__restrict __s, const char *__restrict __fmt, ...)) { return __builtin___sprintf_chk (__s, __USE_FORTIFY_LEVEL - 1, - __bos (__s), __fmt, __va_arg_pack ()); + __glibc_objsize (__s), __fmt, + __va_arg_pack ()); } #elif !defined __cplusplus # define sprintf(str, ...) \ - __builtin___sprintf_chk (str, __USE_FORTIFY_LEVEL - 1, __bos (str), \ - __VA_ARGS__) + __builtin___sprintf_chk (str, __USE_FORTIFY_LEVEL - 1, \ + __glibc_objsize (str), __VA_ARGS__) #endif __fortify_function int @@ -49,7 +50,7 @@ __NTH (vsprintf (char *__restrict __s, const char *__restrict __fmt, __gnuc_va_list __ap)) { return __builtin___vsprintf_chk (__s, __USE_FORTIFY_LEVEL - 1, - __bos (__s), __fmt, __ap); + __glibc_objsize (__s), __fmt, __ap); } #if defined __USE_ISOC99 || defined __USE_UNIX98 @@ -68,12 +69,13 @@ __NTH (snprintf (char *__restrict __s, size_t __n, const char *__restrict __fmt, ...)) { return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, - __bos (__s), __fmt, __va_arg_pack ()); + __glibc_objsize (__s), __fmt, + __va_arg_pack ()); } # elif !defined __cplusplus # define snprintf(str, len, ...) \ - __builtin___snprintf_chk (str, len, __USE_FORTIFY_LEVEL - 1, __bos (str), \ - __VA_ARGS__) + __builtin___snprintf_chk (str, len, __USE_FORTIFY_LEVEL - 1, \ + __glibc_objsize (str), __VA_ARGS__) # endif __fortify_function int @@ -81,7 +83,7 @@ __NTH (vsnprintf (char *__restrict __s, size_t __n, const char *__restrict __fmt, __gnuc_va_list __ap)) { return __builtin___vsnprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, - __bos (__s), __fmt, __ap); + __glibc_objsize (__s), __fmt, __ap); } #endif @@ -237,8 +239,8 @@ extern char *__REDIRECT (__gets_warn, (char *__str), gets) __fortify_function __wur char * gets (char *__str) { - if (__bos (__str) != (size_t) -1) - return __gets_chk (__str, __bos (__str)); + if (__glibc_objsize (__str) != (size_t) -1) + return __gets_chk (__str, __glibc_objsize (__str)); return __gets_warn (__str); } #endif @@ -259,13 +261,13 @@ extern char *__REDIRECT (__fgets_chk_warn, __fortify_function __wur __attr_access ((__write_only__, 1, 2)) char * fgets (char *__restrict __s, int __n, FILE *__restrict __stream) { - if (__bos (__s) != (size_t) -1) + if (__glibc_objsize (__s) != (size_t) -1) { if (!__builtin_constant_p (__n) || __n <= 0) - return __fgets_chk (__s, __bos (__s), __n, __stream); + return __fgets_chk (__s, __glibc_objsize (__s), __n, __stream); - if ((size_t) __n > __bos (__s)) - return __fgets_chk_warn (__s, __bos (__s), __n, __stream); + if ((size_t) __n > __glibc_objsize (__s)) + return __fgets_chk_warn (__s, __glibc_objsize (__s), __n, __stream); } return __fgets_alias (__s, __n, __stream); } @@ -289,15 +291,17 @@ __fortify_function __wur size_t fread (void *__restrict __ptr, size_t __size, size_t __n, FILE *__restrict __stream) { - if (__bos0 (__ptr) != (size_t) -1) + if (__glibc_objsize0 (__ptr) != (size_t) -1) { if (!__builtin_constant_p (__size) || !__builtin_constant_p (__n) || (__size | __n) >= (((size_t) 1) << (8 * sizeof (size_t) / 2))) - return __fread_chk (__ptr, __bos0 (__ptr), __size, __n, __stream); + return __fread_chk (__ptr, __glibc_objsize0 (__ptr), __size, __n, + __stream); - if (__size * __n > __bos0 (__ptr)) - return __fread_chk_warn (__ptr, __bos0 (__ptr), __size, __n, __stream); + if (__size * __n > __glibc_objsize0 (__ptr)) + return __fread_chk_warn (__ptr, __glibc_objsize0 (__ptr), __size, __n, + __stream); } return __fread_alias (__ptr, __size, __n, __stream); } @@ -319,13 +323,15 @@ extern char *__REDIRECT (__fgets_unlocked_chk_warn, __fortify_function __wur __attr_access ((__write_only__, 1, 2)) char * fgets_unlocked (char *__restrict __s, int __n, FILE *__restrict __stream) { - if (__bos (__s) != (size_t) -1) + if (__glibc_objsize (__s) != (size_t) -1) { if (!__builtin_constant_p (__n) || __n <= 0) - return __fgets_unlocked_chk (__s, __bos (__s), __n, __stream); + return __fgets_unlocked_chk (__s, __glibc_objsize (__s), __n, + __stream); - if ((size_t) __n > __bos (__s)) - return __fgets_unlocked_chk_warn (__s, __bos (__s), __n, __stream); + if ((size_t) __n > __glibc_objsize (__s)) + return __fgets_unlocked_chk_warn (__s, __glibc_objsize (__s), __n, + __stream); } return __fgets_unlocked_alias (__s, __n, __stream); } @@ -352,17 +358,17 @@ __fortify_function __wur size_t fread_unlocked (void *__restrict __ptr, size_t __size, size_t __n, FILE *__restrict __stream) { - if (__bos0 (__ptr) != (size_t) -1) + if (__glibc_objsize0 (__ptr) != (size_t) -1) { if (!__builtin_constant_p (__size) || !__builtin_constant_p (__n) || (__size | __n) >= (((size_t) 1) << (8 * sizeof (size_t) / 2))) - return __fread_unlocked_chk (__ptr, __bos0 (__ptr), __size, __n, - __stream); + return __fread_unlocked_chk (__ptr, __glibc_objsize0 (__ptr), __size, + __n, __stream); - if (__size * __n > __bos0 (__ptr)) - return __fread_unlocked_chk_warn (__ptr, __bos0 (__ptr), __size, __n, - __stream); + if (__size * __n > __glibc_objsize0 (__ptr)) + return __fread_unlocked_chk_warn (__ptr, __glibc_objsize0 (__ptr), + __size, __n, __stream); } # ifdef __USE_EXTERN_INLINES diff --git a/posix/bits/unistd.h b/posix/bits/unistd.h index 725a83eb0d..6c5ed0c618 100644 --- a/posix/bits/unistd.h +++ b/posix/bits/unistd.h @@ -35,13 +35,14 @@ extern ssize_t __REDIRECT (__read_chk_warn, __fortify_function __wur ssize_t read (int __fd, void *__buf, size_t __nbytes) { - if (__bos0 (__buf) != (size_t) -1) + if (__glibc_objsize0 (__buf) != (size_t) -1) { if (!__builtin_constant_p (__nbytes)) - return __read_chk (__fd, __buf, __nbytes, __bos0 (__buf)); + return __read_chk (__fd, __buf, __nbytes, __glibc_objsize0 (__buf)); - if (__nbytes > __bos0 (__buf)) - return __read_chk_warn (__fd, __buf, __nbytes, __bos0 (__buf)); + if (__nbytes > __glibc_objsize0 (__buf)) + return __read_chk_warn (__fd, __buf, __nbytes, + __glibc_objsize0 (__buf)); } return __read_alias (__fd, __buf, __nbytes); } @@ -77,14 +78,15 @@ extern ssize_t __REDIRECT (__pread64_chk_warn, __fortify_function __wur ssize_t pread (int __fd, void *__buf, size_t __nbytes, __off_t __offset) { - if (__bos0 (__buf) != (size_t) -1) + if (__glibc_objsize0 (__buf) != (size_t) -1) { if (!__builtin_constant_p (__nbytes)) - return __pread_chk (__fd, __buf, __nbytes, __offset, __bos0 (__buf)); + return __pread_chk (__fd, __buf, __nbytes, __offset, + __glibc_objsize0 (__buf)); - if ( __nbytes > __bos0 (__buf)) + if ( __nbytes > __glibc_objsize0 (__buf)) return __pread_chk_warn (__fd, __buf, __nbytes, __offset, - __bos0 (__buf)); + __glibc_objsize0 (__buf)); } return __pread_alias (__fd, __buf, __nbytes, __offset); } @@ -92,14 +94,15 @@ pread (int __fd, void *__buf, size_t __nbytes, __off_t __offset) __fortify_function __wur ssize_t pread (int __fd, void *__buf, size_t __nbytes, __off64_t __offset) { - if (__bos0 (__buf) != (size_t) -1) + if (__glibc_objsize0 (__buf) != (size_t) -1) { if (!__builtin_constant_p (__nbytes)) - return __pread64_chk (__fd, __buf, __nbytes, __offset, __bos0 (__buf)); + return __pread64_chk (__fd, __buf, __nbytes, __offset, + __glibc_objsize0 (__buf)); - if ( __nbytes > __bos0 (__buf)) + if ( __nbytes > __glibc_objsize0 (__buf)) return __pread64_chk_warn (__fd, __buf, __nbytes, __offset, - __bos0 (__buf)); + __glibc_objsize0 (__buf)); } return __pread64_alias (__fd, __buf, __nbytes, __offset); @@ -110,14 +113,15 @@ pread (int __fd, void *__buf, size_t __nbytes, __off64_t __offset) __fortify_function __wur ssize_t pread64 (int __fd, void *__buf, size_t __nbytes, __off64_t __offset) { - if (__bos0 (__buf) != (size_t) -1) + if (__glibc_objsize0 (__buf) != (size_t) -1) { if (!__builtin_constant_p (__nbytes)) - return __pread64_chk (__fd, __buf, __nbytes, __offset, __bos0 (__buf)); + return __pread64_chk (__fd, __buf, __nbytes, __offset, + __glibc_objsize0 (__buf)); - if ( __nbytes > __bos0 (__buf)) + if ( __nbytes > __glibc_objsize0 (__buf)) return __pread64_chk_warn (__fd, __buf, __nbytes, __offset, - __bos0 (__buf)); + __glibc_objsize0 (__buf)); } return __pread64_alias (__fd, __buf, __nbytes, __offset); @@ -145,13 +149,14 @@ __fortify_function __nonnull ((1, 2)) __wur ssize_t __NTH (readlink (const char *__restrict __path, char *__restrict __buf, size_t __len)) { - if (__bos (__buf) != (size_t) -1) + if (__glibc_objsize (__buf) != (size_t) -1) { if (!__builtin_constant_p (__len)) - return __readlink_chk (__path, __buf, __len, __bos (__buf)); + return __readlink_chk (__path, __buf, __len, __glibc_objsize (__buf)); - if ( __len > __bos (__buf)) - return __readlink_chk_warn (__path, __buf, __len, __bos (__buf)); + if ( __len > __glibc_objsize (__buf)) + return __readlink_chk_warn (__path, __buf, __len, + __glibc_objsize (__buf)); } return __readlink_alias (__path, __buf, __len); } @@ -179,14 +184,15 @@ __fortify_function __nonnull ((2, 3)) __wur ssize_t __NTH (readlinkat (int __fd, const char *__restrict __path, char *__restrict __buf, size_t __len)) { - if (__bos (__buf) != (size_t) -1) + if (__glibc_objsize (__buf) != (size_t) -1) { if (!__builtin_constant_p (__len)) - return __readlinkat_chk (__fd, __path, __buf, __len, __bos (__buf)); + return __readlinkat_chk (__fd, __path, __buf, __len, + __glibc_objsize (__buf)); - if (__len > __bos (__buf)) + if (__len > __glibc_objsize (__buf)) return __readlinkat_chk_warn (__fd, __path, __buf, __len, - __bos (__buf)); + __glibc_objsize (__buf)); } return __readlinkat_alias (__fd, __path, __buf, __len); } @@ -206,13 +212,13 @@ extern char *__REDIRECT_NTH (__getcwd_chk_warn, __fortify_function __wur char * __NTH (getcwd (char *__buf, size_t __size)) { - if (__bos (__buf) != (size_t) -1) + if (__glibc_objsize (__buf) != (size_t) -1) { if (!__builtin_constant_p (__size)) - return __getcwd_chk (__buf, __size, __bos (__buf)); + return __getcwd_chk (__buf, __size, __glibc_objsize (__buf)); - if (__size > __bos (__buf)) - return __getcwd_chk_warn (__buf, __size, __bos (__buf)); + if (__size > __glibc_objsize (__buf)) + return __getcwd_chk_warn (__buf, __size, __glibc_objsize (__buf)); } return __getcwd_alias (__buf, __size); } @@ -227,8 +233,8 @@ extern char *__REDIRECT_NTH (__getwd_warn, (char *__buf), getwd) __fortify_function __nonnull ((1)) __attribute_deprecated__ __wur char * __NTH (getwd (char *__buf)) { - if (__bos (__buf) != (size_t) -1) - return __getwd_chk (__buf, __bos (__buf)); + if (__glibc_objsize (__buf) != (size_t) -1) + return __getwd_chk (__buf, __glibc_objsize (__buf)); return __getwd_warn (__buf); } #endif @@ -248,13 +254,14 @@ extern size_t __REDIRECT_NTH (__confstr_chk_warn, __fortify_function size_t __NTH (confstr (int __name, char *__buf, size_t __len)) { - if (__bos (__buf) != (size_t) -1) + if (__glibc_objsize (__buf) != (size_t) -1) { if (!__builtin_constant_p (__len)) - return __confstr_chk (__name, __buf, __len, __bos (__buf)); + return __confstr_chk (__name, __buf, __len, __glibc_objsize (__buf)); - if (__bos (__buf) < __len) - return __confstr_chk_warn (__name, __buf, __len, __bos (__buf)); + if (__glibc_objsize (__buf) < __len) + return __confstr_chk_warn (__name, __buf, __len, + __glibc_objsize (__buf)); } return __confstr_alias (__name, __buf, __len); } @@ -273,13 +280,13 @@ extern int __REDIRECT_NTH (__getgroups_chk_warn, __fortify_function int __NTH (getgroups (int __size, __gid_t __list[])) { - if (__bos (__list) != (size_t) -1) + if (__glibc_objsize (__list) != (size_t) -1) { if (!__builtin_constant_p (__size) || __size < 0) - return __getgroups_chk (__size, __list, __bos (__list)); + return __getgroups_chk (__size, __list, __glibc_objsize (__list)); - if (__size * sizeof (__gid_t) > __bos (__list)) - return __getgroups_chk_warn (__size, __list, __bos (__list)); + if (__size * sizeof (__gid_t) > __glibc_objsize (__list)) + return __getgroups_chk_warn (__size, __list, __glibc_objsize (__list)); } return __getgroups_alias (__size, __list); } @@ -300,13 +307,15 @@ extern int __REDIRECT_NTH (__ttyname_r_chk_warn, __fortify_function int __NTH (ttyname_r (int __fd, char *__buf, size_t __buflen)) { - if (__bos (__buf) != (size_t) -1) + if (__glibc_objsize (__buf) != (size_t) -1) { if (!__builtin_constant_p (__buflen)) - return __ttyname_r_chk (__fd, __buf, __buflen, __bos (__buf)); + return __ttyname_r_chk (__fd, __buf, __buflen, + __glibc_objsize (__buf)); - if (__buflen > __bos (__buf)) - return __ttyname_r_chk_warn (__fd, __buf, __buflen, __bos (__buf)); + if (__buflen > __glibc_objsize (__buf)) + return __ttyname_r_chk_warn (__fd, __buf, __buflen, + __glibc_objsize (__buf)); } return __ttyname_r_alias (__fd, __buf, __buflen); } @@ -326,13 +335,14 @@ extern int __REDIRECT (__getlogin_r_chk_warn, __fortify_function int getlogin_r (char *__buf, size_t __buflen) { - if (__bos (__buf) != (size_t) -1) + if (__glibc_objsize (__buf) != (size_t) -1) { if (!__builtin_constant_p (__buflen)) - return __getlogin_r_chk (__buf, __buflen, __bos (__buf)); + return __getlogin_r_chk (__buf, __buflen, __glibc_objsize (__buf)); - if (__buflen > __bos (__buf)) - return __getlogin_r_chk_warn (__buf, __buflen, __bos (__buf)); + if (__buflen > __glibc_objsize (__buf)) + return __getlogin_r_chk_warn (__buf, __buflen, + __glibc_objsize (__buf)); } return __getlogin_r_alias (__buf, __buflen); } @@ -354,13 +364,14 @@ extern int __REDIRECT_NTH (__gethostname_chk_warn, __fortify_function int __NTH (gethostname (char *__buf, size_t __buflen)) { - if (__bos (__buf) != (size_t) -1) + if (__glibc_objsize (__buf) != (size_t) -1) { if (!__builtin_constant_p (__buflen)) - return __gethostname_chk (__buf, __buflen, __bos (__buf)); + return __gethostname_chk (__buf, __buflen, __glibc_objsize (__buf)); - if (__buflen > __bos (__buf)) - return __gethostname_chk_warn (__buf, __buflen, __bos (__buf)); + if (__buflen > __glibc_objsize (__buf)) + return __gethostname_chk_warn (__buf, __buflen, + __glibc_objsize (__buf)); } return __gethostname_alias (__buf, __buflen); } @@ -384,13 +395,14 @@ extern int __REDIRECT_NTH (__getdomainname_chk_warn, __fortify_function int __NTH (getdomainname (char *__buf, size_t __buflen)) { - if (__bos (__buf) != (size_t) -1) + if (__glibc_objsize (__buf) != (size_t) -1) { if (!__builtin_constant_p (__buflen)) - return __getdomainname_chk (__buf, __buflen, __bos (__buf)); + return __getdomainname_chk (__buf, __buflen, __glibc_objsize (__buf)); - if (__buflen > __bos (__buf)) - return __getdomainname_chk_warn (__buf, __buflen, __bos (__buf)); + if (__buflen > __glibc_objsize (__buf)) + return __getdomainname_chk_warn (__buf, __buflen, + __glibc_objsize (__buf)); } return __getdomainname_alias (__buf, __buflen); } diff --git a/socket/bits/socket2.h b/socket/bits/socket2.h index c0421ce244..05418ba9c3 100644 --- a/socket/bits/socket2.h +++ b/socket/bits/socket2.h @@ -33,13 +33,15 @@ extern ssize_t __REDIRECT (__recv_chk_warn, __fortify_function ssize_t recv (int __fd, void *__buf, size_t __n, int __flags) { - if (__bos0 (__buf) != (size_t) -1) + if (__glibc_objsize0 (__buf) != (size_t) -1) { if (!__builtin_constant_p (__n)) - return __recv_chk (__fd, __buf, __n, __bos0 (__buf), __flags); + return __recv_chk (__fd, __buf, __n, __glibc_objsize0 (__buf), + __flags); - if (__n > __bos0 (__buf)) - return __recv_chk_warn (__fd, __buf, __n, __bos0 (__buf), __flags); + if (__n > __glibc_objsize0 (__buf)) + return __recv_chk_warn (__fd, __buf, __n, __glibc_objsize0 (__buf), + __flags); } return __recv_alias (__fd, __buf, __n, __flags); } @@ -64,14 +66,14 @@ __fortify_function ssize_t recvfrom (int __fd, void *__restrict __buf, size_t __n, int __flags, __SOCKADDR_ARG __addr, socklen_t *__restrict __addr_len) { - if (__bos0 (__buf) != (size_t) -1) + if (__glibc_objsize0 (__buf) != (size_t) -1) { if (!__builtin_constant_p (__n)) - return __recvfrom_chk (__fd, __buf, __n, __bos0 (__buf), __flags, - __addr, __addr_len); - if (__n > __bos0 (__buf)) - return __recvfrom_chk_warn (__fd, __buf, __n, __bos0 (__buf), __flags, - __addr, __addr_len); + return __recvfrom_chk (__fd, __buf, __n, __glibc_objsize0 (__buf), + __flags, __addr, __addr_len); + if (__n > __glibc_objsize0 (__buf)) + return __recvfrom_chk_warn (__fd, __buf, __n, __glibc_objsize0 (__buf), + __flags, __addr, __addr_len); } return __recvfrom_alias (__fd, __buf, __n, __flags, __addr, __addr_len); } diff --git a/stdlib/bits/stdlib.h b/stdlib/bits/stdlib.h index 9134d3f36b..b495cd6929 100644 --- a/stdlib/bits/stdlib.h +++ b/stdlib/bits/stdlib.h @@ -36,13 +36,14 @@ extern char *__REDIRECT_NTH (__realpath_chk_warn, __fortify_function __wur char * __NTH (realpath (const char *__restrict __name, char *__restrict __resolved)) { - if (__bos (__resolved) != (size_t) -1) + if (__glibc_objsize (__resolved) != (size_t) -1) { #if defined _LIBC_LIMITS_H_ && defined PATH_MAX - if (__bos (__resolved) < PATH_MAX) - return __realpath_chk_warn (__name, __resolved, __bos (__resolved)); + if (__glibc_objsize (__resolved) < PATH_MAX) + return __realpath_chk_warn (__name, __resolved, + __glibc_objsize (__resolved)); #endif - return __realpath_chk (__name, __resolved, __bos (__resolved)); + return __realpath_chk (__name, __resolved, __glibc_objsize (__resolved)); } return __realpath_alias (__name, __resolved); @@ -64,12 +65,14 @@ extern int __REDIRECT_NTH (__ptsname_r_chk_warn, __fortify_function int __NTH (ptsname_r (int __fd, char *__buf, size_t __buflen)) { - if (__bos (__buf) != (size_t) -1) + if (__glibc_objsize (__buf) != (size_t) -1) { if (!__builtin_constant_p (__buflen)) - return __ptsname_r_chk (__fd, __buf, __buflen, __bos (__buf)); - if (__buflen > __bos (__buf)) - return __ptsname_r_chk_warn (__fd, __buf, __buflen, __bos (__buf)); + return __ptsname_r_chk (__fd, __buf, __buflen, + __glibc_objsize (__buf)); + if (__buflen > __glibc_objsize (__buf)) + return __ptsname_r_chk_warn (__fd, __buf, __buflen, + __glibc_objsize (__buf)); } return __ptsname_r_alias (__fd, __buf, __buflen); } @@ -90,8 +93,9 @@ __NTH (wctomb (char *__s, wchar_t __wchar)) #if defined MB_LEN_MAX && MB_LEN_MAX != __STDLIB_MB_LEN_MAX # error "Assumed value of MB_LEN_MAX wrong" #endif - if (__bos (__s) != (size_t) -1 && __STDLIB_MB_LEN_MAX > __bos (__s)) - return __wctomb_chk (__s, __wchar, __bos (__s)); + if (__glibc_objsize (__s) != (size_t) -1 + && __STDLIB_MB_LEN_MAX > __glibc_objsize (__s)) + return __wctomb_chk (__s, __wchar, __glibc_objsize (__s)); return __wctomb_alias (__s, __wchar); } @@ -116,15 +120,16 @@ __fortify_function size_t __NTH (mbstowcs (wchar_t *__restrict __dst, const char *__restrict __src, size_t __len)) { - if (__bos (__dst) != (size_t) -1) + if (__glibc_objsize (__dst) != (size_t) -1) { if (!__builtin_constant_p (__len)) return __mbstowcs_chk (__dst, __src, __len, - __bos (__dst) / sizeof (wchar_t)); + __glibc_objsize (__dst) / sizeof (wchar_t)); - if (__len > __bos (__dst) / sizeof (wchar_t)) + if (__len > __glibc_objsize (__dst) / sizeof (wchar_t)) return __mbstowcs_chk_warn (__dst, __src, __len, - __bos (__dst) / sizeof (wchar_t)); + (__glibc_objsize (__dst) + / sizeof (wchar_t))); } return __mbstowcs_alias (__dst, __src, __len); } @@ -149,12 +154,13 @@ __fortify_function size_t __NTH (wcstombs (char *__restrict __dst, const wchar_t *__restrict __src, size_t __len)) { - if (__bos (__dst) != (size_t) -1) + if (__glibc_objsize (__dst) != (size_t) -1) { if (!__builtin_constant_p (__len)) - return __wcstombs_chk (__dst, __src, __len, __bos (__dst)); - if (__len > __bos (__dst)) - return __wcstombs_chk_warn (__dst, __src, __len, __bos (__dst)); + return __wcstombs_chk (__dst, __src, __len, __glibc_objsize (__dst)); + if (__len > __glibc_objsize (__dst)) + return __wcstombs_chk_warn (__dst, __src, __len, + __glibc_objsize (__dst)); } return __wcstombs_alias (__dst, __src, __len); } diff --git a/wcsmbs/bits/wchar2.h b/wcsmbs/bits/wchar2.h index 86e8e23e76..6631d6f76d 100644 --- a/wcsmbs/bits/wchar2.h +++ b/wcsmbs/bits/wchar2.h @@ -39,15 +39,15 @@ __fortify_function wchar_t * __NTH (wmemcpy (wchar_t *__restrict __s1, const wchar_t *__restrict __s2, size_t __n)) { - if (__bos0 (__s1) != (size_t) -1) + if (__glibc_objsize0 (__s1) != (size_t) -1) { if (!__builtin_constant_p (__n)) return __wmemcpy_chk (__s1, __s2, __n, - __bos0 (__s1) / sizeof (wchar_t)); + __glibc_objsize0 (__s1) / sizeof (wchar_t)); - if (__n > __bos0 (__s1) / sizeof (wchar_t)) + if (__n > __glibc_objsize0 (__s1) / sizeof (wchar_t)) return __wmemcpy_chk_warn (__s1, __s2, __n, - __bos0 (__s1) / sizeof (wchar_t)); + __glibc_objsize0 (__s1) / sizeof (wchar_t)); } return __wmemcpy_alias (__s1, __s2, __n); } @@ -67,15 +67,16 @@ extern wchar_t *__REDIRECT_NTH (__wmemmove_chk_warn, __fortify_function wchar_t * __NTH (wmemmove (wchar_t *__s1, const wchar_t *__s2, size_t __n)) { - if (__bos0 (__s1) != (size_t) -1) + if (__glibc_objsize0 (__s1) != (size_t) -1) { if (!__builtin_constant_p (__n)) return __wmemmove_chk (__s1, __s2, __n, - __bos0 (__s1) / sizeof (wchar_t)); + __glibc_objsize0 (__s1) / sizeof (wchar_t)); - if (__n > __bos0 (__s1) / sizeof (wchar_t)) + if (__n > __glibc_objsize0 (__s1) / sizeof (wchar_t)) return __wmemmove_chk_warn (__s1, __s2, __n, - __bos0 (__s1) / sizeof (wchar_t)); + (__glibc_objsize0 (__s1) + / sizeof (wchar_t))); } return __wmemmove_alias (__s1, __s2, __n); } @@ -100,15 +101,16 @@ __fortify_function wchar_t * __NTH (wmempcpy (wchar_t *__restrict __s1, const wchar_t *__restrict __s2, size_t __n)) { - if (__bos0 (__s1) != (size_t) -1) + if (__glibc_objsize0 (__s1) != (size_t) -1) { if (!__builtin_constant_p (__n)) return __wmempcpy_chk (__s1, __s2, __n, - __bos0 (__s1) / sizeof (wchar_t)); + __glibc_objsize0 (__s1) / sizeof (wchar_t)); - if (__n > __bos0 (__s1) / sizeof (wchar_t)) + if (__n > __glibc_objsize0 (__s1) / sizeof (wchar_t)) return __wmempcpy_chk_warn (__s1, __s2, __n, - __bos0 (__s1) / sizeof (wchar_t)); + (__glibc_objsize0 (__s1) + / sizeof (wchar_t))); } return __wmempcpy_alias (__s1, __s2, __n); } @@ -128,14 +130,15 @@ extern wchar_t *__REDIRECT_NTH (__wmemset_chk_warn, __fortify_function wchar_t * __NTH (wmemset (wchar_t *__s, wchar_t __c, size_t __n)) { - if (__bos0 (__s) != (size_t) -1) + if (__glibc_objsize0 (__s) != (size_t) -1) { if (!__builtin_constant_p (__n)) - return __wmemset_chk (__s, __c, __n, __bos0 (__s) / sizeof (wchar_t)); + return __wmemset_chk (__s, __c, __n, + __glibc_objsize0 (__s) / sizeof (wchar_t)); - if (__n > __bos0 (__s) / sizeof (wchar_t)) + if (__n > __glibc_objsize0 (__s) / sizeof (wchar_t)) return __wmemset_chk_warn (__s, __c, __n, - __bos0 (__s) / sizeof (wchar_t)); + __glibc_objsize0 (__s) / sizeof (wchar_t)); } return __wmemset_alias (__s, __c, __n); } @@ -151,8 +154,9 @@ extern wchar_t *__REDIRECT_NTH (__wcscpy_alias, __fortify_function wchar_t * __NTH (wcscpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src)) { - if (__bos (__dest) != (size_t) -1) - return __wcscpy_chk (__dest, __src, __bos (__dest) / sizeof (wchar_t)); + if (__glibc_objsize (__dest) != (size_t) -1) + return __wcscpy_chk (__dest, __src, + __glibc_objsize (__dest) / sizeof (wchar_t)); return __wcscpy_alias (__dest, __src); } @@ -167,8 +171,9 @@ extern wchar_t *__REDIRECT_NTH (__wcpcpy_alias, __fortify_function wchar_t * __NTH (wcpcpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src)) { - if (__bos (__dest) != (size_t) -1) - return __wcpcpy_chk (__dest, __src, __bos (__dest) / sizeof (wchar_t)); + if (__glibc_objsize (__dest) != (size_t) -1) + return __wcpcpy_chk (__dest, __src, + __glibc_objsize (__dest) / sizeof (wchar_t)); return __wcpcpy_alias (__dest, __src); } @@ -191,14 +196,15 @@ __fortify_function wchar_t * __NTH (wcsncpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src, size_t __n)) { - if (__bos (__dest) != (size_t) -1) + if (__glibc_objsize (__dest) != (size_t) -1) { if (!__builtin_constant_p (__n)) return __wcsncpy_chk (__dest, __src, __n, - __bos (__dest) / sizeof (wchar_t)); - if (__n > __bos (__dest) / sizeof (wchar_t)) + __glibc_objsize (__dest) / sizeof (wchar_t)); + if (__n > __glibc_objsize (__dest) / sizeof (wchar_t)) return __wcsncpy_chk_warn (__dest, __src, __n, - __bos (__dest) / sizeof (wchar_t)); + (__glibc_objsize (__dest) + / sizeof (wchar_t))); } return __wcsncpy_alias (__dest, __src, __n); } @@ -222,14 +228,15 @@ __fortify_function wchar_t * __NTH (wcpncpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src, size_t __n)) { - if (__bos (__dest) != (size_t) -1) + if (__glibc_objsize (__dest) != (size_t) -1) { if (!__builtin_constant_p (__n)) return __wcpncpy_chk (__dest, __src, __n, - __bos (__dest) / sizeof (wchar_t)); - if (__n > __bos (__dest) / sizeof (wchar_t)) + __glibc_objsize (__dest) / sizeof (wchar_t)); + if (__n > __glibc_objsize (__dest) / sizeof (wchar_t)) return __wcpncpy_chk_warn (__dest, __src, __n, - __bos (__dest) / sizeof (wchar_t)); + (__glibc_objsize (__dest) + / sizeof (wchar_t))); } return __wcpncpy_alias (__dest, __src, __n); } @@ -245,8 +252,9 @@ extern wchar_t *__REDIRECT_NTH (__wcscat_alias, __fortify_function wchar_t * __NTH (wcscat (wchar_t *__restrict __dest, const wchar_t *__restrict __src)) { - if (__bos (__dest) != (size_t) -1) - return __wcscat_chk (__dest, __src, __bos (__dest) / sizeof (wchar_t)); + if (__glibc_objsize (__dest) != (size_t) -1) + return __wcscat_chk (__dest, __src, + __glibc_objsize (__dest) / sizeof (wchar_t)); return __wcscat_alias (__dest, __src); } @@ -263,9 +271,9 @@ __fortify_function wchar_t * __NTH (wcsncat (wchar_t *__restrict __dest, const wchar_t *__restrict __src, size_t __n)) { - if (__bos (__dest) != (size_t) -1) + if (__glibc_objsize (__dest) != (size_t) -1) return __wcsncat_chk (__dest, __src, __n, - __bos (__dest) / sizeof (wchar_t)); + __glibc_objsize (__dest) / sizeof (wchar_t)); return __wcsncat_alias (__dest, __src, __n); } @@ -285,18 +293,18 @@ __fortify_function int __NTH (swprintf (wchar_t *__restrict __s, size_t __n, const wchar_t *__restrict __fmt, ...)) { - if (__bos (__s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1) + if (__glibc_objsize (__s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1) return __swprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, - __bos (__s) / sizeof (wchar_t), + __glibc_objsize (__s) / sizeof (wchar_t), __fmt, __va_arg_pack ()); return __swprintf_alias (__s, __n, __fmt, __va_arg_pack ()); } #elif !defined __cplusplus /* XXX We might want to have support in gcc for swprintf. */ # define swprintf(s, n, ...) \ - (__bos (s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1 \ + (__glibc_objsize (s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1 \ ? __swprintf_chk (s, n, __USE_FORTIFY_LEVEL - 1, \ - __bos (s) / sizeof (wchar_t), __VA_ARGS__) \ + __glibc_objsize (s) / sizeof (wchar_t), __VA_ARGS__) \ : swprintf (s, n, __VA_ARGS__)) #endif @@ -315,9 +323,10 @@ __fortify_function int __NTH (vswprintf (wchar_t *__restrict __s, size_t __n, const wchar_t *__restrict __fmt, __gnuc_va_list __ap)) { - if (__bos (__s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1) + if (__glibc_objsize (__s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1) return __vswprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, - __bos (__s) / sizeof (wchar_t), __fmt, __ap); + __glibc_objsize (__s) / sizeof (wchar_t), __fmt, + __ap); return __vswprintf_alias (__s, __n, __fmt, __ap); } @@ -383,14 +392,15 @@ extern wchar_t *__REDIRECT (__fgetws_chk_warn, __fortify_function __wur wchar_t * fgetws (wchar_t *__restrict __s, int __n, __FILE *__restrict __stream) { - if (__bos (__s) != (size_t) -1) + if (__glibc_objsize (__s) != (size_t) -1) { if (!__builtin_constant_p (__n) || __n <= 0) - return __fgetws_chk (__s, __bos (__s) / sizeof (wchar_t), + return __fgetws_chk (__s, __glibc_objsize (__s) / sizeof (wchar_t), __n, __stream); - if ((size_t) __n > __bos (__s) / sizeof (wchar_t)) - return __fgetws_chk_warn (__s, __bos (__s) / sizeof (wchar_t), + if ((size_t) __n > __glibc_objsize (__s) / sizeof (wchar_t)) + return __fgetws_chk_warn (__s, + __glibc_objsize (__s) / sizeof (wchar_t), __n, __stream); } return __fgetws_alias (__s, __n, __stream); @@ -414,14 +424,17 @@ extern wchar_t *__REDIRECT (__fgetws_unlocked_chk_warn, __fortify_function __wur wchar_t * fgetws_unlocked (wchar_t *__restrict __s, int __n, __FILE *__restrict __stream) { - if (__bos (__s) != (size_t) -1) + if (__glibc_objsize (__s) != (size_t) -1) { if (!__builtin_constant_p (__n) || __n <= 0) - return __fgetws_unlocked_chk (__s, __bos (__s) / sizeof (wchar_t), + return __fgetws_unlocked_chk (__s, + __glibc_objsize (__s) / sizeof (wchar_t), __n, __stream); - if ((size_t) __n > __bos (__s) / sizeof (wchar_t)) - return __fgetws_unlocked_chk_warn (__s, __bos (__s) / sizeof (wchar_t), + if ((size_t) __n > __glibc_objsize (__s) / sizeof (wchar_t)) + return __fgetws_unlocked_chk_warn (__s, + (__glibc_objsize (__s) + / sizeof (wchar_t)), __n, __stream); } return __fgetws_unlocked_alias (__s, __n, __stream); @@ -447,8 +460,9 @@ __NTH (wcrtomb (char *__restrict __s, wchar_t __wchar, #if defined MB_LEN_MAX && MB_LEN_MAX != __WCHAR_MB_LEN_MAX # error "Assumed value of MB_LEN_MAX wrong" #endif - if (__bos (__s) != (size_t) -1 && __WCHAR_MB_LEN_MAX > __bos (__s)) - return __wcrtomb_chk (__s, __wchar, __ps, __bos (__s)); + if (__glibc_objsize (__s) != (size_t) -1 + && __WCHAR_MB_LEN_MAX > __glibc_objsize (__s)) + return __wcrtomb_chk (__s, __wchar, __ps, __glibc_objsize (__s)); return __wcrtomb_alias (__s, __wchar, __ps); } @@ -474,15 +488,16 @@ __fortify_function size_t __NTH (mbsrtowcs (wchar_t *__restrict __dst, const char **__restrict __src, size_t __len, mbstate_t *__restrict __ps)) { - if (__bos (__dst) != (size_t) -1) + if (__glibc_objsize (__dst) != (size_t) -1) { if (!__builtin_constant_p (__len)) return __mbsrtowcs_chk (__dst, __src, __len, __ps, - __bos (__dst) / sizeof (wchar_t)); + __glibc_objsize (__dst) / sizeof (wchar_t)); - if (__len > __bos (__dst) / sizeof (wchar_t)) + if (__len > __glibc_objsize (__dst) / sizeof (wchar_t)) return __mbsrtowcs_chk_warn (__dst, __src, __len, __ps, - __bos (__dst) / sizeof (wchar_t)); + (__glibc_objsize (__dst) + / sizeof (wchar_t))); } return __mbsrtowcs_alias (__dst, __src, __len, __ps); } @@ -508,13 +523,15 @@ __fortify_function size_t __NTH (wcsrtombs (char *__restrict __dst, const wchar_t **__restrict __src, size_t __len, mbstate_t *__restrict __ps)) { - if (__bos (__dst) != (size_t) -1) + if (__glibc_objsize (__dst) != (size_t) -1) { if (!__builtin_constant_p (__len)) - return __wcsrtombs_chk (__dst, __src, __len, __ps, __bos (__dst)); + return __wcsrtombs_chk (__dst, __src, __len, __ps, + __glibc_objsize (__dst)); - if (__len > __bos (__dst)) - return __wcsrtombs_chk_warn (__dst, __src, __len, __ps, __bos (__dst)); + if (__len > __glibc_objsize (__dst)) + return __wcsrtombs_chk_warn (__dst, __src, __len, __ps, + __glibc_objsize (__dst)); } return __wcsrtombs_alias (__dst, __src, __len, __ps); } @@ -542,15 +559,16 @@ __fortify_function size_t __NTH (mbsnrtowcs (wchar_t *__restrict __dst, const char **__restrict __src, size_t __nmc, size_t __len, mbstate_t *__restrict __ps)) { - if (__bos (__dst) != (size_t) -1) + if (__glibc_objsize (__dst) != (size_t) -1) { if (!__builtin_constant_p (__len)) return __mbsnrtowcs_chk (__dst, __src, __nmc, __len, __ps, - __bos (__dst) / sizeof (wchar_t)); + __glibc_objsize (__dst) / sizeof (wchar_t)); - if (__len > __bos (__dst) / sizeof (wchar_t)) + if (__len > __glibc_objsize (__dst) / sizeof (wchar_t)) return __mbsnrtowcs_chk_warn (__dst, __src, __nmc, __len, __ps, - __bos (__dst) / sizeof (wchar_t)); + (__glibc_objsize (__dst) + / sizeof (wchar_t))); } return __mbsnrtowcs_alias (__dst, __src, __nmc, __len, __ps); } @@ -578,15 +596,15 @@ __fortify_function size_t __NTH (wcsnrtombs (char *__restrict __dst, const wchar_t **__restrict __src, size_t __nwc, size_t __len, mbstate_t *__restrict __ps)) { - if (__bos (__dst) != (size_t) -1) + if (__glibc_objsize (__dst) != (size_t) -1) { if (!__builtin_constant_p (__len)) return __wcsnrtombs_chk (__dst, __src, __nwc, __len, __ps, - __bos (__dst)); + __glibc_objsize (__dst)); - if (__len > __bos (__dst)) + if (__len > __glibc_objsize (__dst)) return __wcsnrtombs_chk_warn (__dst, __src, __nwc, __len, __ps, - __bos (__dst)); + __glibc_objsize (__dst)); } return __wcsnrtombs_alias (__dst, __src, __nwc, __len, __ps); } -- 2.29.2 ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH v7 4/4] nonstring: Enable __FORTIFY_LEVEL=3 2020-12-30 6:43 ` [PATCH v7 4/4] nonstring: " Siddhesh Poyarekar @ 2020-12-31 10:50 ` Adhemerval Zanella 0 siblings, 0 replies; 10+ messages in thread From: Adhemerval Zanella @ 2020-12-31 10:50 UTC (permalink / raw) To: Siddhesh Poyarekar, libc-alpha; +Cc: fweimer, jakub On 30/12/2020 03:43, Siddhesh Poyarekar wrote: > Use __builtin_dynamic_object_size in the remaining functions that > don't have compiler builtins as is the case for string functions. LGTM, thanks. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org> > --- > io/bits/poll2.h | 18 +++--- > libio/bits/stdio.h | 2 +- > libio/bits/stdio2.h | 62 ++++++++++-------- > posix/bits/unistd.h | 120 ++++++++++++++++++---------------- > socket/bits/socket2.h | 22 ++++--- > stdlib/bits/stdlib.h | 42 ++++++------ > wcsmbs/bits/wchar2.h | 146 ++++++++++++++++++++++++------------------ > 7 files changed, 229 insertions(+), 183 deletions(-) > > diff --git a/io/bits/poll2.h b/io/bits/poll2.h > index dca49717db..d204351bd0 100644 > --- a/io/bits/poll2.h > +++ b/io/bits/poll2.h > @@ -35,12 +35,13 @@ extern int __REDIRECT (__poll_chk_warn, (struct pollfd *__fds, nfds_t __nfds, > __fortify_function int > poll (struct pollfd *__fds, nfds_t __nfds, int __timeout) > { > - if (__bos (__fds) != (__SIZE_TYPE__) -1) > + if (__glibc_objsize (__fds) != (__SIZE_TYPE__) -1) > { > if (! __builtin_constant_p (__nfds)) > - return __poll_chk (__fds, __nfds, __timeout, __bos (__fds)); > - else if (__bos (__fds) / sizeof (*__fds) < __nfds) > - return __poll_chk_warn (__fds, __nfds, __timeout, __bos (__fds)); > + return __poll_chk (__fds, __nfds, __timeout, __glibc_objsize (__fds)); > + else if (__glibc_objsize (__fds) / sizeof (*__fds) < __nfds) > + return __poll_chk_warn (__fds, __nfds, __timeout, > + __glibc_objsize (__fds)); > } > > return __poll_alias (__fds, __nfds, __timeout); > @@ -65,13 +66,14 @@ __fortify_function int > ppoll (struct pollfd *__fds, nfds_t __nfds, const struct timespec *__timeout, > const __sigset_t *__ss) > { > - if (__bos (__fds) != (__SIZE_TYPE__) -1) > + if (__glibc_objsize (__fds) != (__SIZE_TYPE__) -1) > { > if (! __builtin_constant_p (__nfds)) > - return __ppoll_chk (__fds, __nfds, __timeout, __ss, __bos (__fds)); > - else if (__bos (__fds) / sizeof (*__fds) < __nfds) > + return __ppoll_chk (__fds, __nfds, __timeout, __ss, > + __glibc_objsize (__fds)); > + else if (__glibc_objsize (__fds) / sizeof (*__fds) < __nfds) > return __ppoll_chk_warn (__fds, __nfds, __timeout, __ss, > - __bos (__fds)); > + __glibc_objsize (__fds)); > } > > return __ppoll_alias (__fds, __nfds, __timeout, __ss); > diff --git a/libio/bits/stdio.h b/libio/bits/stdio.h > index 6745571ed5..6d1f0f9fc9 100644 > --- a/libio/bits/stdio.h > +++ b/libio/bits/stdio.h > @@ -31,7 +31,7 @@ > > > #ifdef __USE_EXTERN_INLINES > -/* For -D_FORTIFY_SOURCE{,=2} bits/stdio2.h will define a different > +/* For -D_FORTIFY_SOURCE{,=2,=3} bits/stdio2.h will define a different > inline. */ > # if !(__USE_FORTIFY_LEVEL > 0 && defined __fortify_function) > /* Write formatted output to stdout from argument list ARG. */ > diff --git a/libio/bits/stdio2.h b/libio/bits/stdio2.h > index ff9202c2cb..365c25b7b0 100644 > --- a/libio/bits/stdio2.h > +++ b/libio/bits/stdio2.h > @@ -36,12 +36,13 @@ __fortify_function int > __NTH (sprintf (char *__restrict __s, const char *__restrict __fmt, ...)) > { > return __builtin___sprintf_chk (__s, __USE_FORTIFY_LEVEL - 1, > - __bos (__s), __fmt, __va_arg_pack ()); > + __glibc_objsize (__s), __fmt, > + __va_arg_pack ()); > } > #elif !defined __cplusplus > # define sprintf(str, ...) \ > - __builtin___sprintf_chk (str, __USE_FORTIFY_LEVEL - 1, __bos (str), \ > - __VA_ARGS__) > + __builtin___sprintf_chk (str, __USE_FORTIFY_LEVEL - 1, \ > + __glibc_objsize (str), __VA_ARGS__) > #endif > > __fortify_function int > @@ -49,7 +50,7 @@ __NTH (vsprintf (char *__restrict __s, const char *__restrict __fmt, > __gnuc_va_list __ap)) > { > return __builtin___vsprintf_chk (__s, __USE_FORTIFY_LEVEL - 1, > - __bos (__s), __fmt, __ap); > + __glibc_objsize (__s), __fmt, __ap); > } > > #if defined __USE_ISOC99 || defined __USE_UNIX98 > @@ -68,12 +69,13 @@ __NTH (snprintf (char *__restrict __s, size_t __n, > const char *__restrict __fmt, ...)) > { > return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, > - __bos (__s), __fmt, __va_arg_pack ()); > + __glibc_objsize (__s), __fmt, > + __va_arg_pack ()); > } > # elif !defined __cplusplus > # define snprintf(str, len, ...) \ > - __builtin___snprintf_chk (str, len, __USE_FORTIFY_LEVEL - 1, __bos (str), \ > - __VA_ARGS__) > + __builtin___snprintf_chk (str, len, __USE_FORTIFY_LEVEL - 1, \ > + __glibc_objsize (str), __VA_ARGS__) > # endif > > __fortify_function int > @@ -81,7 +83,7 @@ __NTH (vsnprintf (char *__restrict __s, size_t __n, > const char *__restrict __fmt, __gnuc_va_list __ap)) > { > return __builtin___vsnprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, > - __bos (__s), __fmt, __ap); > + __glibc_objsize (__s), __fmt, __ap); > } > > #endif > @@ -237,8 +239,8 @@ extern char *__REDIRECT (__gets_warn, (char *__str), gets) > __fortify_function __wur char * > gets (char *__str) > { > - if (__bos (__str) != (size_t) -1) > - return __gets_chk (__str, __bos (__str)); > + if (__glibc_objsize (__str) != (size_t) -1) > + return __gets_chk (__str, __glibc_objsize (__str)); > return __gets_warn (__str); > } > #endif > @@ -259,13 +261,13 @@ extern char *__REDIRECT (__fgets_chk_warn, > __fortify_function __wur __attr_access ((__write_only__, 1, 2)) char * > fgets (char *__restrict __s, int __n, FILE *__restrict __stream) > { > - if (__bos (__s) != (size_t) -1) > + if (__glibc_objsize (__s) != (size_t) -1) > { > if (!__builtin_constant_p (__n) || __n <= 0) > - return __fgets_chk (__s, __bos (__s), __n, __stream); > + return __fgets_chk (__s, __glibc_objsize (__s), __n, __stream); > > - if ((size_t) __n > __bos (__s)) > - return __fgets_chk_warn (__s, __bos (__s), __n, __stream); > + if ((size_t) __n > __glibc_objsize (__s)) > + return __fgets_chk_warn (__s, __glibc_objsize (__s), __n, __stream); > } > return __fgets_alias (__s, __n, __stream); > } > @@ -289,15 +291,17 @@ __fortify_function __wur size_t > fread (void *__restrict __ptr, size_t __size, size_t __n, > FILE *__restrict __stream) > { > - if (__bos0 (__ptr) != (size_t) -1) > + if (__glibc_objsize0 (__ptr) != (size_t) -1) > { > if (!__builtin_constant_p (__size) > || !__builtin_constant_p (__n) > || (__size | __n) >= (((size_t) 1) << (8 * sizeof (size_t) / 2))) > - return __fread_chk (__ptr, __bos0 (__ptr), __size, __n, __stream); > + return __fread_chk (__ptr, __glibc_objsize0 (__ptr), __size, __n, > + __stream); > > - if (__size * __n > __bos0 (__ptr)) > - return __fread_chk_warn (__ptr, __bos0 (__ptr), __size, __n, __stream); > + if (__size * __n > __glibc_objsize0 (__ptr)) > + return __fread_chk_warn (__ptr, __glibc_objsize0 (__ptr), __size, __n, > + __stream); > } > return __fread_alias (__ptr, __size, __n, __stream); > } > @@ -319,13 +323,15 @@ extern char *__REDIRECT (__fgets_unlocked_chk_warn, > __fortify_function __wur __attr_access ((__write_only__, 1, 2)) char * > fgets_unlocked (char *__restrict __s, int __n, FILE *__restrict __stream) > { > - if (__bos (__s) != (size_t) -1) > + if (__glibc_objsize (__s) != (size_t) -1) > { > if (!__builtin_constant_p (__n) || __n <= 0) > - return __fgets_unlocked_chk (__s, __bos (__s), __n, __stream); > + return __fgets_unlocked_chk (__s, __glibc_objsize (__s), __n, > + __stream); > > - if ((size_t) __n > __bos (__s)) > - return __fgets_unlocked_chk_warn (__s, __bos (__s), __n, __stream); > + if ((size_t) __n > __glibc_objsize (__s)) > + return __fgets_unlocked_chk_warn (__s, __glibc_objsize (__s), __n, > + __stream); > } > return __fgets_unlocked_alias (__s, __n, __stream); > } > @@ -352,17 +358,17 @@ __fortify_function __wur size_t > fread_unlocked (void *__restrict __ptr, size_t __size, size_t __n, > FILE *__restrict __stream) > { > - if (__bos0 (__ptr) != (size_t) -1) > + if (__glibc_objsize0 (__ptr) != (size_t) -1) > { > if (!__builtin_constant_p (__size) > || !__builtin_constant_p (__n) > || (__size | __n) >= (((size_t) 1) << (8 * sizeof (size_t) / 2))) > - return __fread_unlocked_chk (__ptr, __bos0 (__ptr), __size, __n, > - __stream); > + return __fread_unlocked_chk (__ptr, __glibc_objsize0 (__ptr), __size, > + __n, __stream); > > - if (__size * __n > __bos0 (__ptr)) > - return __fread_unlocked_chk_warn (__ptr, __bos0 (__ptr), __size, __n, > - __stream); > + if (__size * __n > __glibc_objsize0 (__ptr)) > + return __fread_unlocked_chk_warn (__ptr, __glibc_objsize0 (__ptr), > + __size, __n, __stream); > } > > # ifdef __USE_EXTERN_INLINES > diff --git a/posix/bits/unistd.h b/posix/bits/unistd.h > index 725a83eb0d..6c5ed0c618 100644 > --- a/posix/bits/unistd.h > +++ b/posix/bits/unistd.h > @@ -35,13 +35,14 @@ extern ssize_t __REDIRECT (__read_chk_warn, > __fortify_function __wur ssize_t > read (int __fd, void *__buf, size_t __nbytes) > { > - if (__bos0 (__buf) != (size_t) -1) > + if (__glibc_objsize0 (__buf) != (size_t) -1) > { > if (!__builtin_constant_p (__nbytes)) > - return __read_chk (__fd, __buf, __nbytes, __bos0 (__buf)); > + return __read_chk (__fd, __buf, __nbytes, __glibc_objsize0 (__buf)); > > - if (__nbytes > __bos0 (__buf)) > - return __read_chk_warn (__fd, __buf, __nbytes, __bos0 (__buf)); > + if (__nbytes > __glibc_objsize0 (__buf)) > + return __read_chk_warn (__fd, __buf, __nbytes, > + __glibc_objsize0 (__buf)); > } > return __read_alias (__fd, __buf, __nbytes); > } > @@ -77,14 +78,15 @@ extern ssize_t __REDIRECT (__pread64_chk_warn, > __fortify_function __wur ssize_t > pread (int __fd, void *__buf, size_t __nbytes, __off_t __offset) > { > - if (__bos0 (__buf) != (size_t) -1) > + if (__glibc_objsize0 (__buf) != (size_t) -1) > { > if (!__builtin_constant_p (__nbytes)) > - return __pread_chk (__fd, __buf, __nbytes, __offset, __bos0 (__buf)); > + return __pread_chk (__fd, __buf, __nbytes, __offset, > + __glibc_objsize0 (__buf)); > > - if ( __nbytes > __bos0 (__buf)) > + if ( __nbytes > __glibc_objsize0 (__buf)) > return __pread_chk_warn (__fd, __buf, __nbytes, __offset, > - __bos0 (__buf)); > + __glibc_objsize0 (__buf)); > } > return __pread_alias (__fd, __buf, __nbytes, __offset); > } > @@ -92,14 +94,15 @@ pread (int __fd, void *__buf, size_t __nbytes, __off_t __offset) > __fortify_function __wur ssize_t > pread (int __fd, void *__buf, size_t __nbytes, __off64_t __offset) > { > - if (__bos0 (__buf) != (size_t) -1) > + if (__glibc_objsize0 (__buf) != (size_t) -1) > { > if (!__builtin_constant_p (__nbytes)) > - return __pread64_chk (__fd, __buf, __nbytes, __offset, __bos0 (__buf)); > + return __pread64_chk (__fd, __buf, __nbytes, __offset, > + __glibc_objsize0 (__buf)); > > - if ( __nbytes > __bos0 (__buf)) > + if ( __nbytes > __glibc_objsize0 (__buf)) > return __pread64_chk_warn (__fd, __buf, __nbytes, __offset, > - __bos0 (__buf)); > + __glibc_objsize0 (__buf)); > } > > return __pread64_alias (__fd, __buf, __nbytes, __offset); > @@ -110,14 +113,15 @@ pread (int __fd, void *__buf, size_t __nbytes, __off64_t __offset) > __fortify_function __wur ssize_t > pread64 (int __fd, void *__buf, size_t __nbytes, __off64_t __offset) > { > - if (__bos0 (__buf) != (size_t) -1) > + if (__glibc_objsize0 (__buf) != (size_t) -1) > { > if (!__builtin_constant_p (__nbytes)) > - return __pread64_chk (__fd, __buf, __nbytes, __offset, __bos0 (__buf)); > + return __pread64_chk (__fd, __buf, __nbytes, __offset, > + __glibc_objsize0 (__buf)); > > - if ( __nbytes > __bos0 (__buf)) > + if ( __nbytes > __glibc_objsize0 (__buf)) > return __pread64_chk_warn (__fd, __buf, __nbytes, __offset, > - __bos0 (__buf)); > + __glibc_objsize0 (__buf)); > } > > return __pread64_alias (__fd, __buf, __nbytes, __offset); > @@ -145,13 +149,14 @@ __fortify_function __nonnull ((1, 2)) __wur ssize_t > __NTH (readlink (const char *__restrict __path, char *__restrict __buf, > size_t __len)) > { > - if (__bos (__buf) != (size_t) -1) > + if (__glibc_objsize (__buf) != (size_t) -1) > { > if (!__builtin_constant_p (__len)) > - return __readlink_chk (__path, __buf, __len, __bos (__buf)); > + return __readlink_chk (__path, __buf, __len, __glibc_objsize (__buf)); > > - if ( __len > __bos (__buf)) > - return __readlink_chk_warn (__path, __buf, __len, __bos (__buf)); > + if ( __len > __glibc_objsize (__buf)) > + return __readlink_chk_warn (__path, __buf, __len, > + __glibc_objsize (__buf)); > } > return __readlink_alias (__path, __buf, __len); > } > @@ -179,14 +184,15 @@ __fortify_function __nonnull ((2, 3)) __wur ssize_t > __NTH (readlinkat (int __fd, const char *__restrict __path, > char *__restrict __buf, size_t __len)) > { > - if (__bos (__buf) != (size_t) -1) > + if (__glibc_objsize (__buf) != (size_t) -1) > { > if (!__builtin_constant_p (__len)) > - return __readlinkat_chk (__fd, __path, __buf, __len, __bos (__buf)); > + return __readlinkat_chk (__fd, __path, __buf, __len, > + __glibc_objsize (__buf)); > > - if (__len > __bos (__buf)) > + if (__len > __glibc_objsize (__buf)) > return __readlinkat_chk_warn (__fd, __path, __buf, __len, > - __bos (__buf)); > + __glibc_objsize (__buf)); > } > return __readlinkat_alias (__fd, __path, __buf, __len); > } > @@ -206,13 +212,13 @@ extern char *__REDIRECT_NTH (__getcwd_chk_warn, > __fortify_function __wur char * > __NTH (getcwd (char *__buf, size_t __size)) > { > - if (__bos (__buf) != (size_t) -1) > + if (__glibc_objsize (__buf) != (size_t) -1) > { > if (!__builtin_constant_p (__size)) > - return __getcwd_chk (__buf, __size, __bos (__buf)); > + return __getcwd_chk (__buf, __size, __glibc_objsize (__buf)); > > - if (__size > __bos (__buf)) > - return __getcwd_chk_warn (__buf, __size, __bos (__buf)); > + if (__size > __glibc_objsize (__buf)) > + return __getcwd_chk_warn (__buf, __size, __glibc_objsize (__buf)); > } > return __getcwd_alias (__buf, __size); > } > @@ -227,8 +233,8 @@ extern char *__REDIRECT_NTH (__getwd_warn, (char *__buf), getwd) > __fortify_function __nonnull ((1)) __attribute_deprecated__ __wur char * > __NTH (getwd (char *__buf)) > { > - if (__bos (__buf) != (size_t) -1) > - return __getwd_chk (__buf, __bos (__buf)); > + if (__glibc_objsize (__buf) != (size_t) -1) > + return __getwd_chk (__buf, __glibc_objsize (__buf)); > return __getwd_warn (__buf); > } > #endif > @@ -248,13 +254,14 @@ extern size_t __REDIRECT_NTH (__confstr_chk_warn, > __fortify_function size_t > __NTH (confstr (int __name, char *__buf, size_t __len)) > { > - if (__bos (__buf) != (size_t) -1) > + if (__glibc_objsize (__buf) != (size_t) -1) > { > if (!__builtin_constant_p (__len)) > - return __confstr_chk (__name, __buf, __len, __bos (__buf)); > + return __confstr_chk (__name, __buf, __len, __glibc_objsize (__buf)); > > - if (__bos (__buf) < __len) > - return __confstr_chk_warn (__name, __buf, __len, __bos (__buf)); > + if (__glibc_objsize (__buf) < __len) > + return __confstr_chk_warn (__name, __buf, __len, > + __glibc_objsize (__buf)); > } > return __confstr_alias (__name, __buf, __len); > } > @@ -273,13 +280,13 @@ extern int __REDIRECT_NTH (__getgroups_chk_warn, > __fortify_function int > __NTH (getgroups (int __size, __gid_t __list[])) > { > - if (__bos (__list) != (size_t) -1) > + if (__glibc_objsize (__list) != (size_t) -1) > { > if (!__builtin_constant_p (__size) || __size < 0) > - return __getgroups_chk (__size, __list, __bos (__list)); > + return __getgroups_chk (__size, __list, __glibc_objsize (__list)); > > - if (__size * sizeof (__gid_t) > __bos (__list)) > - return __getgroups_chk_warn (__size, __list, __bos (__list)); > + if (__size * sizeof (__gid_t) > __glibc_objsize (__list)) > + return __getgroups_chk_warn (__size, __list, __glibc_objsize (__list)); > } > return __getgroups_alias (__size, __list); > } > @@ -300,13 +307,15 @@ extern int __REDIRECT_NTH (__ttyname_r_chk_warn, > __fortify_function int > __NTH (ttyname_r (int __fd, char *__buf, size_t __buflen)) > { > - if (__bos (__buf) != (size_t) -1) > + if (__glibc_objsize (__buf) != (size_t) -1) > { > if (!__builtin_constant_p (__buflen)) > - return __ttyname_r_chk (__fd, __buf, __buflen, __bos (__buf)); > + return __ttyname_r_chk (__fd, __buf, __buflen, > + __glibc_objsize (__buf)); > > - if (__buflen > __bos (__buf)) > - return __ttyname_r_chk_warn (__fd, __buf, __buflen, __bos (__buf)); > + if (__buflen > __glibc_objsize (__buf)) > + return __ttyname_r_chk_warn (__fd, __buf, __buflen, > + __glibc_objsize (__buf)); > } > return __ttyname_r_alias (__fd, __buf, __buflen); > } > @@ -326,13 +335,14 @@ extern int __REDIRECT (__getlogin_r_chk_warn, > __fortify_function int > getlogin_r (char *__buf, size_t __buflen) > { > - if (__bos (__buf) != (size_t) -1) > + if (__glibc_objsize (__buf) != (size_t) -1) > { > if (!__builtin_constant_p (__buflen)) > - return __getlogin_r_chk (__buf, __buflen, __bos (__buf)); > + return __getlogin_r_chk (__buf, __buflen, __glibc_objsize (__buf)); > > - if (__buflen > __bos (__buf)) > - return __getlogin_r_chk_warn (__buf, __buflen, __bos (__buf)); > + if (__buflen > __glibc_objsize (__buf)) > + return __getlogin_r_chk_warn (__buf, __buflen, > + __glibc_objsize (__buf)); > } > return __getlogin_r_alias (__buf, __buflen); > } > @@ -354,13 +364,14 @@ extern int __REDIRECT_NTH (__gethostname_chk_warn, > __fortify_function int > __NTH (gethostname (char *__buf, size_t __buflen)) > { > - if (__bos (__buf) != (size_t) -1) > + if (__glibc_objsize (__buf) != (size_t) -1) > { > if (!__builtin_constant_p (__buflen)) > - return __gethostname_chk (__buf, __buflen, __bos (__buf)); > + return __gethostname_chk (__buf, __buflen, __glibc_objsize (__buf)); > > - if (__buflen > __bos (__buf)) > - return __gethostname_chk_warn (__buf, __buflen, __bos (__buf)); > + if (__buflen > __glibc_objsize (__buf)) > + return __gethostname_chk_warn (__buf, __buflen, > + __glibc_objsize (__buf)); > } > return __gethostname_alias (__buf, __buflen); > } > @@ -384,13 +395,14 @@ extern int __REDIRECT_NTH (__getdomainname_chk_warn, > __fortify_function int > __NTH (getdomainname (char *__buf, size_t __buflen)) > { > - if (__bos (__buf) != (size_t) -1) > + if (__glibc_objsize (__buf) != (size_t) -1) > { > if (!__builtin_constant_p (__buflen)) > - return __getdomainname_chk (__buf, __buflen, __bos (__buf)); > + return __getdomainname_chk (__buf, __buflen, __glibc_objsize (__buf)); > > - if (__buflen > __bos (__buf)) > - return __getdomainname_chk_warn (__buf, __buflen, __bos (__buf)); > + if (__buflen > __glibc_objsize (__buf)) > + return __getdomainname_chk_warn (__buf, __buflen, > + __glibc_objsize (__buf)); > } > return __getdomainname_alias (__buf, __buflen); > } > diff --git a/socket/bits/socket2.h b/socket/bits/socket2.h > index c0421ce244..05418ba9c3 100644 > --- a/socket/bits/socket2.h > +++ b/socket/bits/socket2.h > @@ -33,13 +33,15 @@ extern ssize_t __REDIRECT (__recv_chk_warn, > __fortify_function ssize_t > recv (int __fd, void *__buf, size_t __n, int __flags) > { > - if (__bos0 (__buf) != (size_t) -1) > + if (__glibc_objsize0 (__buf) != (size_t) -1) > { > if (!__builtin_constant_p (__n)) > - return __recv_chk (__fd, __buf, __n, __bos0 (__buf), __flags); > + return __recv_chk (__fd, __buf, __n, __glibc_objsize0 (__buf), > + __flags); > > - if (__n > __bos0 (__buf)) > - return __recv_chk_warn (__fd, __buf, __n, __bos0 (__buf), __flags); > + if (__n > __glibc_objsize0 (__buf)) > + return __recv_chk_warn (__fd, __buf, __n, __glibc_objsize0 (__buf), > + __flags); > } > return __recv_alias (__fd, __buf, __n, __flags); > } > @@ -64,14 +66,14 @@ __fortify_function ssize_t > recvfrom (int __fd, void *__restrict __buf, size_t __n, int __flags, > __SOCKADDR_ARG __addr, socklen_t *__restrict __addr_len) > { > - if (__bos0 (__buf) != (size_t) -1) > + if (__glibc_objsize0 (__buf) != (size_t) -1) > { > if (!__builtin_constant_p (__n)) > - return __recvfrom_chk (__fd, __buf, __n, __bos0 (__buf), __flags, > - __addr, __addr_len); > - if (__n > __bos0 (__buf)) > - return __recvfrom_chk_warn (__fd, __buf, __n, __bos0 (__buf), __flags, > - __addr, __addr_len); > + return __recvfrom_chk (__fd, __buf, __n, __glibc_objsize0 (__buf), > + __flags, __addr, __addr_len); > + if (__n > __glibc_objsize0 (__buf)) > + return __recvfrom_chk_warn (__fd, __buf, __n, __glibc_objsize0 (__buf), > + __flags, __addr, __addr_len); > } > return __recvfrom_alias (__fd, __buf, __n, __flags, __addr, __addr_len); > } > diff --git a/stdlib/bits/stdlib.h b/stdlib/bits/stdlib.h > index 9134d3f36b..b495cd6929 100644 > --- a/stdlib/bits/stdlib.h > +++ b/stdlib/bits/stdlib.h > @@ -36,13 +36,14 @@ extern char *__REDIRECT_NTH (__realpath_chk_warn, > __fortify_function __wur char * > __NTH (realpath (const char *__restrict __name, char *__restrict __resolved)) > { > - if (__bos (__resolved) != (size_t) -1) > + if (__glibc_objsize (__resolved) != (size_t) -1) > { > #if defined _LIBC_LIMITS_H_ && defined PATH_MAX > - if (__bos (__resolved) < PATH_MAX) > - return __realpath_chk_warn (__name, __resolved, __bos (__resolved)); > + if (__glibc_objsize (__resolved) < PATH_MAX) > + return __realpath_chk_warn (__name, __resolved, > + __glibc_objsize (__resolved)); > #endif > - return __realpath_chk (__name, __resolved, __bos (__resolved)); > + return __realpath_chk (__name, __resolved, __glibc_objsize (__resolved)); > } > > return __realpath_alias (__name, __resolved); > @@ -64,12 +65,14 @@ extern int __REDIRECT_NTH (__ptsname_r_chk_warn, > __fortify_function int > __NTH (ptsname_r (int __fd, char *__buf, size_t __buflen)) > { > - if (__bos (__buf) != (size_t) -1) > + if (__glibc_objsize (__buf) != (size_t) -1) > { > if (!__builtin_constant_p (__buflen)) > - return __ptsname_r_chk (__fd, __buf, __buflen, __bos (__buf)); > - if (__buflen > __bos (__buf)) > - return __ptsname_r_chk_warn (__fd, __buf, __buflen, __bos (__buf)); > + return __ptsname_r_chk (__fd, __buf, __buflen, > + __glibc_objsize (__buf)); > + if (__buflen > __glibc_objsize (__buf)) > + return __ptsname_r_chk_warn (__fd, __buf, __buflen, > + __glibc_objsize (__buf)); > } > return __ptsname_r_alias (__fd, __buf, __buflen); > } > @@ -90,8 +93,9 @@ __NTH (wctomb (char *__s, wchar_t __wchar)) > #if defined MB_LEN_MAX && MB_LEN_MAX != __STDLIB_MB_LEN_MAX > # error "Assumed value of MB_LEN_MAX wrong" > #endif > - if (__bos (__s) != (size_t) -1 && __STDLIB_MB_LEN_MAX > __bos (__s)) > - return __wctomb_chk (__s, __wchar, __bos (__s)); > + if (__glibc_objsize (__s) != (size_t) -1 > + && __STDLIB_MB_LEN_MAX > __glibc_objsize (__s)) > + return __wctomb_chk (__s, __wchar, __glibc_objsize (__s)); > return __wctomb_alias (__s, __wchar); > } > > @@ -116,15 +120,16 @@ __fortify_function size_t > __NTH (mbstowcs (wchar_t *__restrict __dst, const char *__restrict __src, > size_t __len)) > { > - if (__bos (__dst) != (size_t) -1) > + if (__glibc_objsize (__dst) != (size_t) -1) > { > if (!__builtin_constant_p (__len)) > return __mbstowcs_chk (__dst, __src, __len, > - __bos (__dst) / sizeof (wchar_t)); > + __glibc_objsize (__dst) / sizeof (wchar_t)); > > - if (__len > __bos (__dst) / sizeof (wchar_t)) > + if (__len > __glibc_objsize (__dst) / sizeof (wchar_t)) > return __mbstowcs_chk_warn (__dst, __src, __len, > - __bos (__dst) / sizeof (wchar_t)); > + (__glibc_objsize (__dst) > + / sizeof (wchar_t))); > } > return __mbstowcs_alias (__dst, __src, __len); > } > @@ -149,12 +154,13 @@ __fortify_function size_t > __NTH (wcstombs (char *__restrict __dst, const wchar_t *__restrict __src, > size_t __len)) > { > - if (__bos (__dst) != (size_t) -1) > + if (__glibc_objsize (__dst) != (size_t) -1) > { > if (!__builtin_constant_p (__len)) > - return __wcstombs_chk (__dst, __src, __len, __bos (__dst)); > - if (__len > __bos (__dst)) > - return __wcstombs_chk_warn (__dst, __src, __len, __bos (__dst)); > + return __wcstombs_chk (__dst, __src, __len, __glibc_objsize (__dst)); > + if (__len > __glibc_objsize (__dst)) > + return __wcstombs_chk_warn (__dst, __src, __len, > + __glibc_objsize (__dst)); > } > return __wcstombs_alias (__dst, __src, __len); > } > diff --git a/wcsmbs/bits/wchar2.h b/wcsmbs/bits/wchar2.h > index 86e8e23e76..6631d6f76d 100644 > --- a/wcsmbs/bits/wchar2.h > +++ b/wcsmbs/bits/wchar2.h > @@ -39,15 +39,15 @@ __fortify_function wchar_t * > __NTH (wmemcpy (wchar_t *__restrict __s1, const wchar_t *__restrict __s2, > size_t __n)) > { > - if (__bos0 (__s1) != (size_t) -1) > + if (__glibc_objsize0 (__s1) != (size_t) -1) > { > if (!__builtin_constant_p (__n)) > return __wmemcpy_chk (__s1, __s2, __n, > - __bos0 (__s1) / sizeof (wchar_t)); > + __glibc_objsize0 (__s1) / sizeof (wchar_t)); > > - if (__n > __bos0 (__s1) / sizeof (wchar_t)) > + if (__n > __glibc_objsize0 (__s1) / sizeof (wchar_t)) > return __wmemcpy_chk_warn (__s1, __s2, __n, > - __bos0 (__s1) / sizeof (wchar_t)); > + __glibc_objsize0 (__s1) / sizeof (wchar_t)); > } > return __wmemcpy_alias (__s1, __s2, __n); > } > @@ -67,15 +67,16 @@ extern wchar_t *__REDIRECT_NTH (__wmemmove_chk_warn, > __fortify_function wchar_t * > __NTH (wmemmove (wchar_t *__s1, const wchar_t *__s2, size_t __n)) > { > - if (__bos0 (__s1) != (size_t) -1) > + if (__glibc_objsize0 (__s1) != (size_t) -1) > { > if (!__builtin_constant_p (__n)) > return __wmemmove_chk (__s1, __s2, __n, > - __bos0 (__s1) / sizeof (wchar_t)); > + __glibc_objsize0 (__s1) / sizeof (wchar_t)); > > - if (__n > __bos0 (__s1) / sizeof (wchar_t)) > + if (__n > __glibc_objsize0 (__s1) / sizeof (wchar_t)) > return __wmemmove_chk_warn (__s1, __s2, __n, > - __bos0 (__s1) / sizeof (wchar_t)); > + (__glibc_objsize0 (__s1) > + / sizeof (wchar_t))); > } > return __wmemmove_alias (__s1, __s2, __n); > } > @@ -100,15 +101,16 @@ __fortify_function wchar_t * > __NTH (wmempcpy (wchar_t *__restrict __s1, const wchar_t *__restrict __s2, > size_t __n)) > { > - if (__bos0 (__s1) != (size_t) -1) > + if (__glibc_objsize0 (__s1) != (size_t) -1) > { > if (!__builtin_constant_p (__n)) > return __wmempcpy_chk (__s1, __s2, __n, > - __bos0 (__s1) / sizeof (wchar_t)); > + __glibc_objsize0 (__s1) / sizeof (wchar_t)); > > - if (__n > __bos0 (__s1) / sizeof (wchar_t)) > + if (__n > __glibc_objsize0 (__s1) / sizeof (wchar_t)) > return __wmempcpy_chk_warn (__s1, __s2, __n, > - __bos0 (__s1) / sizeof (wchar_t)); > + (__glibc_objsize0 (__s1) > + / sizeof (wchar_t))); > } > return __wmempcpy_alias (__s1, __s2, __n); > } > @@ -128,14 +130,15 @@ extern wchar_t *__REDIRECT_NTH (__wmemset_chk_warn, > __fortify_function wchar_t * > __NTH (wmemset (wchar_t *__s, wchar_t __c, size_t __n)) > { > - if (__bos0 (__s) != (size_t) -1) > + if (__glibc_objsize0 (__s) != (size_t) -1) > { > if (!__builtin_constant_p (__n)) > - return __wmemset_chk (__s, __c, __n, __bos0 (__s) / sizeof (wchar_t)); > + return __wmemset_chk (__s, __c, __n, > + __glibc_objsize0 (__s) / sizeof (wchar_t)); > > - if (__n > __bos0 (__s) / sizeof (wchar_t)) > + if (__n > __glibc_objsize0 (__s) / sizeof (wchar_t)) > return __wmemset_chk_warn (__s, __c, __n, > - __bos0 (__s) / sizeof (wchar_t)); > + __glibc_objsize0 (__s) / sizeof (wchar_t)); > } > return __wmemset_alias (__s, __c, __n); > } > @@ -151,8 +154,9 @@ extern wchar_t *__REDIRECT_NTH (__wcscpy_alias, > __fortify_function wchar_t * > __NTH (wcscpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src)) > { > - if (__bos (__dest) != (size_t) -1) > - return __wcscpy_chk (__dest, __src, __bos (__dest) / sizeof (wchar_t)); > + if (__glibc_objsize (__dest) != (size_t) -1) > + return __wcscpy_chk (__dest, __src, > + __glibc_objsize (__dest) / sizeof (wchar_t)); > return __wcscpy_alias (__dest, __src); > } > > @@ -167,8 +171,9 @@ extern wchar_t *__REDIRECT_NTH (__wcpcpy_alias, > __fortify_function wchar_t * > __NTH (wcpcpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src)) > { > - if (__bos (__dest) != (size_t) -1) > - return __wcpcpy_chk (__dest, __src, __bos (__dest) / sizeof (wchar_t)); > + if (__glibc_objsize (__dest) != (size_t) -1) > + return __wcpcpy_chk (__dest, __src, > + __glibc_objsize (__dest) / sizeof (wchar_t)); > return __wcpcpy_alias (__dest, __src); > } > > @@ -191,14 +196,15 @@ __fortify_function wchar_t * > __NTH (wcsncpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src, > size_t __n)) > { > - if (__bos (__dest) != (size_t) -1) > + if (__glibc_objsize (__dest) != (size_t) -1) > { > if (!__builtin_constant_p (__n)) > return __wcsncpy_chk (__dest, __src, __n, > - __bos (__dest) / sizeof (wchar_t)); > - if (__n > __bos (__dest) / sizeof (wchar_t)) > + __glibc_objsize (__dest) / sizeof (wchar_t)); > + if (__n > __glibc_objsize (__dest) / sizeof (wchar_t)) > return __wcsncpy_chk_warn (__dest, __src, __n, > - __bos (__dest) / sizeof (wchar_t)); > + (__glibc_objsize (__dest) > + / sizeof (wchar_t))); > } > return __wcsncpy_alias (__dest, __src, __n); > } > @@ -222,14 +228,15 @@ __fortify_function wchar_t * > __NTH (wcpncpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src, > size_t __n)) > { > - if (__bos (__dest) != (size_t) -1) > + if (__glibc_objsize (__dest) != (size_t) -1) > { > if (!__builtin_constant_p (__n)) > return __wcpncpy_chk (__dest, __src, __n, > - __bos (__dest) / sizeof (wchar_t)); > - if (__n > __bos (__dest) / sizeof (wchar_t)) > + __glibc_objsize (__dest) / sizeof (wchar_t)); > + if (__n > __glibc_objsize (__dest) / sizeof (wchar_t)) > return __wcpncpy_chk_warn (__dest, __src, __n, > - __bos (__dest) / sizeof (wchar_t)); > + (__glibc_objsize (__dest) > + / sizeof (wchar_t))); > } > return __wcpncpy_alias (__dest, __src, __n); > } > @@ -245,8 +252,9 @@ extern wchar_t *__REDIRECT_NTH (__wcscat_alias, > __fortify_function wchar_t * > __NTH (wcscat (wchar_t *__restrict __dest, const wchar_t *__restrict __src)) > { > - if (__bos (__dest) != (size_t) -1) > - return __wcscat_chk (__dest, __src, __bos (__dest) / sizeof (wchar_t)); > + if (__glibc_objsize (__dest) != (size_t) -1) > + return __wcscat_chk (__dest, __src, > + __glibc_objsize (__dest) / sizeof (wchar_t)); > return __wcscat_alias (__dest, __src); > } > > @@ -263,9 +271,9 @@ __fortify_function wchar_t * > __NTH (wcsncat (wchar_t *__restrict __dest, const wchar_t *__restrict __src, > size_t __n)) > { > - if (__bos (__dest) != (size_t) -1) > + if (__glibc_objsize (__dest) != (size_t) -1) > return __wcsncat_chk (__dest, __src, __n, > - __bos (__dest) / sizeof (wchar_t)); > + __glibc_objsize (__dest) / sizeof (wchar_t)); > return __wcsncat_alias (__dest, __src, __n); > } > > @@ -285,18 +293,18 @@ __fortify_function int > __NTH (swprintf (wchar_t *__restrict __s, size_t __n, > const wchar_t *__restrict __fmt, ...)) > { > - if (__bos (__s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1) > + if (__glibc_objsize (__s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1) > return __swprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, > - __bos (__s) / sizeof (wchar_t), > + __glibc_objsize (__s) / sizeof (wchar_t), > __fmt, __va_arg_pack ()); > return __swprintf_alias (__s, __n, __fmt, __va_arg_pack ()); > } > #elif !defined __cplusplus > /* XXX We might want to have support in gcc for swprintf. */ > # define swprintf(s, n, ...) \ > - (__bos (s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1 \ > + (__glibc_objsize (s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1 \ > ? __swprintf_chk (s, n, __USE_FORTIFY_LEVEL - 1, \ > - __bos (s) / sizeof (wchar_t), __VA_ARGS__) \ > + __glibc_objsize (s) / sizeof (wchar_t), __VA_ARGS__) \ > : swprintf (s, n, __VA_ARGS__)) > #endif > > @@ -315,9 +323,10 @@ __fortify_function int > __NTH (vswprintf (wchar_t *__restrict __s, size_t __n, > const wchar_t *__restrict __fmt, __gnuc_va_list __ap)) > { > - if (__bos (__s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1) > + if (__glibc_objsize (__s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1) > return __vswprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, > - __bos (__s) / sizeof (wchar_t), __fmt, __ap); > + __glibc_objsize (__s) / sizeof (wchar_t), __fmt, > + __ap); > return __vswprintf_alias (__s, __n, __fmt, __ap); > } > > @@ -383,14 +392,15 @@ extern wchar_t *__REDIRECT (__fgetws_chk_warn, > __fortify_function __wur wchar_t * > fgetws (wchar_t *__restrict __s, int __n, __FILE *__restrict __stream) > { > - if (__bos (__s) != (size_t) -1) > + if (__glibc_objsize (__s) != (size_t) -1) > { > if (!__builtin_constant_p (__n) || __n <= 0) > - return __fgetws_chk (__s, __bos (__s) / sizeof (wchar_t), > + return __fgetws_chk (__s, __glibc_objsize (__s) / sizeof (wchar_t), > __n, __stream); > > - if ((size_t) __n > __bos (__s) / sizeof (wchar_t)) > - return __fgetws_chk_warn (__s, __bos (__s) / sizeof (wchar_t), > + if ((size_t) __n > __glibc_objsize (__s) / sizeof (wchar_t)) > + return __fgetws_chk_warn (__s, > + __glibc_objsize (__s) / sizeof (wchar_t), > __n, __stream); > } > return __fgetws_alias (__s, __n, __stream); > @@ -414,14 +424,17 @@ extern wchar_t *__REDIRECT (__fgetws_unlocked_chk_warn, > __fortify_function __wur wchar_t * > fgetws_unlocked (wchar_t *__restrict __s, int __n, __FILE *__restrict __stream) > { > - if (__bos (__s) != (size_t) -1) > + if (__glibc_objsize (__s) != (size_t) -1) > { > if (!__builtin_constant_p (__n) || __n <= 0) > - return __fgetws_unlocked_chk (__s, __bos (__s) / sizeof (wchar_t), > + return __fgetws_unlocked_chk (__s, > + __glibc_objsize (__s) / sizeof (wchar_t), > __n, __stream); > > - if ((size_t) __n > __bos (__s) / sizeof (wchar_t)) > - return __fgetws_unlocked_chk_warn (__s, __bos (__s) / sizeof (wchar_t), > + if ((size_t) __n > __glibc_objsize (__s) / sizeof (wchar_t)) > + return __fgetws_unlocked_chk_warn (__s, > + (__glibc_objsize (__s) > + / sizeof (wchar_t)), > __n, __stream); > } > return __fgetws_unlocked_alias (__s, __n, __stream); > @@ -447,8 +460,9 @@ __NTH (wcrtomb (char *__restrict __s, wchar_t __wchar, > #if defined MB_LEN_MAX && MB_LEN_MAX != __WCHAR_MB_LEN_MAX > # error "Assumed value of MB_LEN_MAX wrong" > #endif > - if (__bos (__s) != (size_t) -1 && __WCHAR_MB_LEN_MAX > __bos (__s)) > - return __wcrtomb_chk (__s, __wchar, __ps, __bos (__s)); > + if (__glibc_objsize (__s) != (size_t) -1 > + && __WCHAR_MB_LEN_MAX > __glibc_objsize (__s)) > + return __wcrtomb_chk (__s, __wchar, __ps, __glibc_objsize (__s)); > return __wcrtomb_alias (__s, __wchar, __ps); > } > > @@ -474,15 +488,16 @@ __fortify_function size_t > __NTH (mbsrtowcs (wchar_t *__restrict __dst, const char **__restrict __src, > size_t __len, mbstate_t *__restrict __ps)) > { > - if (__bos (__dst) != (size_t) -1) > + if (__glibc_objsize (__dst) != (size_t) -1) > { > if (!__builtin_constant_p (__len)) > return __mbsrtowcs_chk (__dst, __src, __len, __ps, > - __bos (__dst) / sizeof (wchar_t)); > + __glibc_objsize (__dst) / sizeof (wchar_t)); > > - if (__len > __bos (__dst) / sizeof (wchar_t)) > + if (__len > __glibc_objsize (__dst) / sizeof (wchar_t)) > return __mbsrtowcs_chk_warn (__dst, __src, __len, __ps, > - __bos (__dst) / sizeof (wchar_t)); > + (__glibc_objsize (__dst) > + / sizeof (wchar_t))); > } > return __mbsrtowcs_alias (__dst, __src, __len, __ps); > } > @@ -508,13 +523,15 @@ __fortify_function size_t > __NTH (wcsrtombs (char *__restrict __dst, const wchar_t **__restrict __src, > size_t __len, mbstate_t *__restrict __ps)) > { > - if (__bos (__dst) != (size_t) -1) > + if (__glibc_objsize (__dst) != (size_t) -1) > { > if (!__builtin_constant_p (__len)) > - return __wcsrtombs_chk (__dst, __src, __len, __ps, __bos (__dst)); > + return __wcsrtombs_chk (__dst, __src, __len, __ps, > + __glibc_objsize (__dst)); > > - if (__len > __bos (__dst)) > - return __wcsrtombs_chk_warn (__dst, __src, __len, __ps, __bos (__dst)); > + if (__len > __glibc_objsize (__dst)) > + return __wcsrtombs_chk_warn (__dst, __src, __len, __ps, > + __glibc_objsize (__dst)); > } > return __wcsrtombs_alias (__dst, __src, __len, __ps); > } > @@ -542,15 +559,16 @@ __fortify_function size_t > __NTH (mbsnrtowcs (wchar_t *__restrict __dst, const char **__restrict __src, > size_t __nmc, size_t __len, mbstate_t *__restrict __ps)) > { > - if (__bos (__dst) != (size_t) -1) > + if (__glibc_objsize (__dst) != (size_t) -1) > { > if (!__builtin_constant_p (__len)) > return __mbsnrtowcs_chk (__dst, __src, __nmc, __len, __ps, > - __bos (__dst) / sizeof (wchar_t)); > + __glibc_objsize (__dst) / sizeof (wchar_t)); > > - if (__len > __bos (__dst) / sizeof (wchar_t)) > + if (__len > __glibc_objsize (__dst) / sizeof (wchar_t)) > return __mbsnrtowcs_chk_warn (__dst, __src, __nmc, __len, __ps, > - __bos (__dst) / sizeof (wchar_t)); > + (__glibc_objsize (__dst) > + / sizeof (wchar_t))); > } > return __mbsnrtowcs_alias (__dst, __src, __nmc, __len, __ps); > } > @@ -578,15 +596,15 @@ __fortify_function size_t > __NTH (wcsnrtombs (char *__restrict __dst, const wchar_t **__restrict __src, > size_t __nwc, size_t __len, mbstate_t *__restrict __ps)) > { > - if (__bos (__dst) != (size_t) -1) > + if (__glibc_objsize (__dst) != (size_t) -1) > { > if (!__builtin_constant_p (__len)) > return __wcsnrtombs_chk (__dst, __src, __nwc, __len, __ps, > - __bos (__dst)); > + __glibc_objsize (__dst)); > > - if (__len > __bos (__dst)) > + if (__len > __glibc_objsize (__dst)) > return __wcsnrtombs_chk_warn (__dst, __src, __nwc, __len, __ps, > - __bos (__dst)); > + __glibc_objsize (__dst)); > } > return __wcsnrtombs_alias (__dst, __src, __nwc, __len, __ps); > } > ^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2020-12-31 11:28 UTC | newest] Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2020-12-30 6:43 [PATCH v7 0/4] _FORTIFY_SOURCE=3 Siddhesh Poyarekar 2020-12-30 6:43 ` [PATCH v7 1/4] Warn on unsupported fortification levels Siddhesh Poyarekar 2020-12-31 10:45 ` Adhemerval Zanella 2020-12-31 11:28 ` Siddhesh Poyarekar 2020-12-30 6:43 ` [PATCH v7 2/4] Introduce _FORTIFY_SOURCE=3 Siddhesh Poyarekar 2020-12-31 10:47 ` Adhemerval Zanella 2020-12-30 6:43 ` [PATCH v7 3/4] string: Enable __FORTIFY_LEVEL=3 Siddhesh Poyarekar 2020-12-31 10:48 ` Adhemerval Zanella 2020-12-30 6:43 ` [PATCH v7 4/4] nonstring: " Siddhesh Poyarekar 2020-12-31 10:50 ` Adhemerval Zanella
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).