From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 108082 invoked by alias); 29 Nov 2017 17:27:03 -0000 Mailing-List: contact newlib-cvs-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: newlib-cvs-owner@sourceware.org Received: (qmail 107965 invoked by uid 9642); 29 Nov 2017 17:26:57 -0000 Date: Wed, 29 Nov 2017 17:27:00 -0000 Message-ID: <20171129172657.107963.qmail@sourceware.org> Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Yaakov Selkowitz To: newlib-cvs@sourceware.org Subject: [newlib-cygwin] ssp: add Object Size Checking for stdio.h, part 1 X-Act-Checkin: newlib-cygwin X-Git-Author: Yaakov Selkowitz X-Git-Refname: refs/heads/master X-Git-Oldrev: a997f98b2a82c74e0ad809a6d0a6d6a9b8cb03c3 X-Git-Newrev: 576093d46b98100b5da9c606fe96f049f321bd90 X-SW-Source: 2017-q4/txt/msg00031.txt.bz2 https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=576093d46b98100b5da9c606fe96f049f321bd90 commit 576093d46b98100b5da9c606fe96f049f321bd90 Author: Yaakov Selkowitz Date: Mon Nov 27 23:24:16 2017 -0600 ssp: add Object Size Checking for stdio.h, part 1 The implementation is mostly from NetBSD, except for switching fgets to pure inline, and the addition of fgets_unlocked, fread, and fread_unlocked for parity with glibc. The following functions are also guarded in glibc: asprintf, dprintf, fprintf, printf, vasprintf, vdprintf, vfprintf, vprintf. Signed-off-by: Yaakov Selkowitz Diff: --- newlib/libc/include/ssp/stdio.h | 101 ++++++++++++++++++++++++++++++++++++++++ newlib/libc/include/stdio.h | 4 ++ newlib/libc/ssp/gets_chk.c | 78 +++++++++++++++++++++++++++++++ newlib/libc/ssp/snprintf_chk.c | 59 +++++++++++++++++++++++ newlib/libc/ssp/sprintf_chk.c | 63 +++++++++++++++++++++++++ newlib/libc/ssp/vsnprintf_chk.c | 51 ++++++++++++++++++++ newlib/libc/ssp/vsprintf_chk.c | 60 ++++++++++++++++++++++++ 7 files changed, 416 insertions(+) diff --git a/newlib/libc/include/ssp/stdio.h b/newlib/libc/include/ssp/stdio.h new file mode 100644 index 0000000..df2cd18 --- /dev/null +++ b/newlib/libc/include/ssp/stdio.h @@ -0,0 +1,101 @@ +/* $NetBSD: stdio.h,v 1.5 2011/07/17 20:54:34 joerg Exp $ */ + +/*- + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#ifndef _SSP_STDIO_H_ +#define _SSP_STDIO_H_ + +#include + +__BEGIN_DECLS +int __sprintf_chk(char *__restrict, int, size_t, const char *__restrict, ...) + __printflike(4, 5); +int __vsprintf_chk(char *__restrict, int, size_t, const char *__restrict, + __va_list) + __printflike(4, 0); +int __snprintf_chk(char *__restrict, size_t, int, size_t, + const char *__restrict, ...) + __printflike(5, 6); +int __vsnprintf_chk(char *__restrict, size_t, int, size_t, + const char *__restrict, __va_list) + __printflike(5, 0); +char *__gets_chk(char *, size_t); +__END_DECLS + +#if __SSP_FORTIFY_LEVEL > 0 + + +#define sprintf(str, ...) \ + __builtin___sprintf_chk(str, 0, __ssp_bos(str), __VA_ARGS__) + +#define vsprintf(str, fmt, ap) \ + __builtin___vsprintf_chk(str, 0, __ssp_bos(str), fmt, ap) + +#define snprintf(str, len, ...) \ + __builtin___snprintf_chk(str, len, 0, __ssp_bos(str), __VA_ARGS__) + +#define vsnprintf(str, len, fmt, ap) \ + __builtin___vsnprintf_chk(str, len, 0, __ssp_bos(str), fmt, ap) + +#define gets(str) \ + __gets_chk(str, __ssp_bos(str)) + +__ssp_decl(char *, fgets, (char *__restrict __buf, int __len, FILE *__fp)) +{ + if (__len > 0) + __ssp_check(__buf, (size_t)__len, __ssp_bos); + return __ssp_real_fgets(__buf, __len, __fp); +} + +#if __GNU_VISIBLE +__ssp_decl(char *, fgets_unlocked, (char *__restrict __buf, int __len, FILE *__fp)) +{ + if (__len > 0) + __ssp_check(__buf, (size_t)__len, __ssp_bos); + return __ssp_real_fgets_unlocked(__buf, __len, __fp); +} +#endif /* __GNU_VISIBLE */ + +__ssp_decl(size_t, fread, (void *__restrict __ptr, size_t __size, size_t __n, FILE *__restrict __fp)) +{ + __ssp_check(__ptr, __size * __n, __ssp_bos0); + return __ssp_real_fread(__ptr, __size, __n, __fp); +} + +#if __MISC_VISIBLE +__ssp_decl(size_t, fread_unlocked, (void *__restrict __ptr, size_t __size, size_t __n, FILE *__restrict __fp)) +{ + __ssp_check(__ptr, __size * __n, __ssp_bos0); + return __ssp_real_fread_unlocked(__ptr, __size, __n, __fp); +} +#endif /* __MISC_VISIBLE */ + +#endif /* __SSP_FORTIFY_LEVEL > 0 */ + +#endif /* _SSP_STDIO_H_ */ diff --git a/newlib/libc/include/stdio.h b/newlib/libc/include/stdio.h index ee0f612..b648e62 100644 --- a/newlib/libc/include/stdio.h +++ b/newlib/libc/include/stdio.h @@ -796,4 +796,8 @@ _putchar_unlocked(int _c) _END_STD_C +#if __SSP_FORTIFY_LEVEL > 0 +#include +#endif + #endif /* _STDIO_H_ */ diff --git a/newlib/libc/ssp/gets_chk.c b/newlib/libc/ssp/gets_chk.c new file mode 100644 index 0000000..b4f7015 --- /dev/null +++ b/newlib/libc/ssp/gets_chk.c @@ -0,0 +1,78 @@ +/* $NetBSD: gets_chk.c,v 1.7 2013/10/04 20:49:16 christos Exp $ */ + +/*- + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include +__RCSID("$NetBSD: gets_chk.c,v 1.7 2013/10/04 20:49:16 christos Exp $"); + +/*LINTLIBRARY*/ + +#include +#include +#include +#include +#include +#include + +extern char *__gets(char *); +#undef gets +#ifdef __NEWLIB__ +#define __gets gets +#endif + +char * +__gets_chk(char * __restrict buf, size_t slen) +{ + char *abuf; + size_t len; + + if (slen >= (size_t)INT_MAX) + return __gets(buf); + + if ((abuf = malloc(slen + 1)) == NULL) + return __gets(buf); + + if (fgets(abuf, (int)(slen + 1), stdin) == NULL) { + free(abuf); + return NULL; + } + + len = strlen(abuf); + if (len > 0 && abuf[len - 1] == '\n') + --len; + + if (len >= slen) + __chk_fail(); + + (void)memcpy(buf, abuf, len); + + buf[len] = '\0'; + free(abuf); + return buf; +} diff --git a/newlib/libc/ssp/snprintf_chk.c b/newlib/libc/ssp/snprintf_chk.c new file mode 100644 index 0000000..cede5a4 --- /dev/null +++ b/newlib/libc/ssp/snprintf_chk.c @@ -0,0 +1,59 @@ +/* $NetBSD: snprintf_chk.c,v 1.5 2008/04/28 20:23:00 martin Exp $ */ + +/*- + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include +__RCSID("$NetBSD: snprintf_chk.c,v 1.5 2008/04/28 20:23:00 martin Exp $"); + +/*LINTLIBRARY*/ + +#include +#include +#include +#include + +#undef vsnprintf + +/*ARGSUSED*/ +int +__snprintf_chk(char * __restrict buf, size_t len, int flags, size_t slen, + const char * __restrict fmt, ...) +{ + va_list ap; + int rv; + + if (len > slen) + __chk_fail(); + + va_start(ap, fmt); + rv = vsnprintf(buf, len, fmt, ap); + va_end(ap); + + return rv; +} diff --git a/newlib/libc/ssp/sprintf_chk.c b/newlib/libc/ssp/sprintf_chk.c new file mode 100644 index 0000000..1e92479 --- /dev/null +++ b/newlib/libc/ssp/sprintf_chk.c @@ -0,0 +1,63 @@ +/* $NetBSD: sprintf_chk.c,v 1.6 2009/02/05 05:40:36 lukem Exp $ */ + +/*- + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include +__RCSID("$NetBSD: sprintf_chk.c,v 1.6 2009/02/05 05:40:36 lukem Exp $"); + +/*LINTLIBRARY*/ + +#include +#include +#include +#include +#include + +#undef vsnprintf +#undef vsprintf + +int +/*ARGSUSED*/ +__sprintf_chk(char * __restrict buf, int flags, size_t slen, + const char * __restrict fmt, ...) +{ + va_list ap; + int rv; + + va_start(ap, fmt); + if (slen > (size_t)INT_MAX) + rv = vsprintf(buf, fmt, ap); + else { + if ((rv = vsnprintf(buf, slen, fmt, ap)) >= 0 && (size_t)rv >= slen) + __chk_fail(); + } + va_end(ap); + + return rv; +} diff --git a/newlib/libc/ssp/vsnprintf_chk.c b/newlib/libc/ssp/vsnprintf_chk.c new file mode 100644 index 0000000..2b88029 --- /dev/null +++ b/newlib/libc/ssp/vsnprintf_chk.c @@ -0,0 +1,51 @@ +/* $NetBSD: vsnprintf_chk.c,v 1.5 2008/04/28 20:23:00 martin Exp $ */ + +/*- + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include +__RCSID("$NetBSD: vsnprintf_chk.c,v 1.5 2008/04/28 20:23:00 martin Exp $"); + +/*LINTLIBRARY*/ + +#include +#include +#include +#include + +#undef vsnprintf + +int +__vsnprintf_chk(char * __restrict buf, size_t len, int flags, size_t slen, + const char * __restrict fmt, va_list ap) +{ + if (len > slen) + __chk_fail(); + + return vsnprintf(buf, len, fmt, ap); +} diff --git a/newlib/libc/ssp/vsprintf_chk.c b/newlib/libc/ssp/vsprintf_chk.c new file mode 100644 index 0000000..fec8a18 --- /dev/null +++ b/newlib/libc/ssp/vsprintf_chk.c @@ -0,0 +1,60 @@ +/* $NetBSD: vsprintf_chk.c,v 1.6 2009/02/05 05:39:38 lukem Exp $ */ + +/*- + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include +__RCSID("$NetBSD: vsprintf_chk.c,v 1.6 2009/02/05 05:39:38 lukem Exp $"); + +/*LINTLIBRARY*/ + +#include +#include +#include +#include +#include + +#undef vsprintf +#undef vsnprintf + +/*ARGSUSED*/ +int +__vsprintf_chk(char * __restrict buf, int flags, size_t slen, + const char * __restrict fmt, va_list ap) +{ + int rv; + + if (slen > (size_t)INT_MAX) + rv = vsprintf(buf, fmt, ap); + else { + if ((rv = vsnprintf(buf, slen, fmt, ap)) >= 0 && (size_t)rv >= slen) + __chk_fail(); + } + + return rv; +}