From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <newlib-cvs-return-3688-listarch-newlib-cvs=sources.redhat.com@sourceware.org>
Received: (qmail 106836 invoked by alias); 29 Nov 2017 17:26:37 -0000
Mailing-List: contact newlib-cvs-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <newlib-cvs.sourceware.org>
List-Subscribe: <mailto:newlib-cvs-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/newlib-cvs/>
List-Post: <mailto:newlib-cvs@sourceware.org>
List-Help: <mailto:newlib-cvs-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: newlib-cvs-owner@sourceware.org
Received: (qmail 106789 invoked by uid 9642); 29 Nov 2017 17:26:37 -0000
Date: Wed, 29 Nov 2017 17:26:00 -0000
Message-ID: <20171129172637.106786.qmail@sourceware.org>
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Yaakov Selkowitz <yselkowitz@sourceware.org>
To: newlib-cvs@sourceware.org
Subject: [newlib-cygwin] ssp: add APIs for Stack Smashing Protection
X-Act-Checkin: newlib-cygwin
X-Git-Author: Yaakov Selkowitz <yselkowi@redhat.com>
X-Git-Refname: refs/heads/master
X-Git-Oldrev: 1bbdb3c9533684282695e147d0480b771fd13687
X-Git-Newrev: 0a5dfdbd1ba3663a54fa1a7de1a6c4a0a3316a6e
X-SW-Source: 2017-q4/txt/msg00027.txt.bz2

https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=0a5dfdbd1ba3663a54fa1a7de1a6c4a0a3316a6e

commit 0a5dfdbd1ba3663a54fa1a7de1a6c4a0a3316a6e
Author: Yaakov Selkowitz <yselkowi@redhat.com>
Date:   Mon Nov 27 23:04:09 2017 -0600

    ssp: add APIs for Stack Smashing Protection
    
    Compiling with any of the -fstack-protector* flags requires the
    __stack_chk_guard data import (which needs to be initialized) and the
    __stack_chk_fail{,_local} functions.  While GCC's own libssp can provide
    these, it is better that we provide these ourselves.  The implementation
    is custom due to being OS-specific.
    
    Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>

Diff:
---
 newlib/libc/ssp/stack_protector.c | 45 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)

diff --git a/newlib/libc/ssp/stack_protector.c b/newlib/libc/ssp/stack_protector.c
new file mode 100644
index 0000000..ee014b6
--- /dev/null
+++ b/newlib/libc/ssp/stack_protector.c
@@ -0,0 +1,45 @@
+#include <sys/cdefs.h>
+#include <sys/param.h>
+#include <signal.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+uintptr_t __stack_chk_guard = 0;
+
+void
+__attribute__((__constructor__))
+__stack_chk_init (void)
+{
+  if (__stack_chk_guard != 0)
+    return;
+
+#if defined(__CYGWIN__) || defined(__rtems__)
+  arc4random_buf(&__stack_chk_guard, sizeof(__stack_chk_guard));
+#else
+  /* If getentropy is not available, use the "terminator canary". */
+  ((unsigned char *)&__stack_chk_guard)[0] = 0;
+  ((unsigned char *)&__stack_chk_guard)[1] = 0;
+  ((unsigned char *)&__stack_chk_guard)[2] = '\n';
+  ((unsigned char *)&__stack_chk_guard)[3] = 255;
+#endif
+}
+
+void
+__attribute__((__noreturn__))
+__stack_chk_fail (void)
+{
+  char msg[] = "*** stack smashing detected ***: terminated\n";
+  write (2, msg, strlen (msg));
+  raise (SIGABRT);
+  _exit (127);
+}
+
+#ifdef __ELF__
+void
+__attribute__((visibility ("hidden")))
+__stack_chk_fail_local (void)
+{
+	__stack_chk_fail();
+}
+#endif