[newlib-cygwin/main] ssp: add support for _FORTIFY

public inbox for newlib-cvs@sourceware.org
help / color / mirror / Atom feed

* [newlib-cygwin/main] ssp: add support for _FORTIFY_SOURCE=3
@ 2024-01-29 15:29 Corinna Vinschen
  0 siblings, 0 replies; only message in thread
From: Corinna Vinschen @ 2024-01-29 15:29 UTC (permalink / raw)
  To: newlib-cvs

https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=497e6eb2c0fadd0d4cb4ed418642832b020b19d4

commit 497e6eb2c0fadd0d4cb4ed418642832b020b19d4
Author:     Christian Franke <christian.franke@t-online.de>
AuthorDate: Fri Jan 26 17:20:37 2024 +0100
Commit:     Corinna Vinschen <corinna@vinschen.de>
CommitDate: Mon Jan 29 14:03:37 2024 +0100

    ssp: add support for _FORTIFY_SOURCE=3
    
    If specified, use __builtin_dynamic_object_size() instead of
    __builtin_object_size() if supported (GCC 12.0 or later).
    This enables buffer overflow checks if the buffer size is non-const
    but known during runtime.
    Use new macro __ssp_bos_known() instead of the (bos(p) != (size_t)-1)
    checks.  The latter is no longer a compile time constant in all cases.
    This avoids the generation of unused code.
    
    Signed-off-by: Christian Franke <christian.franke@t-online.de>

Diff:
---
 newlib/libc/include/ssp/ssp.h      | 11 ++++++++++-
 newlib/libc/include/ssp/string.h   |  4 ++--
 newlib/libc/include/ssp/strings.h  |  4 ++--
 newlib/libc/include/sys/features.h | 12 +++++++++---
 4 files changed, 23 insertions(+), 8 deletions(-)

diff --git a/newlib/libc/include/ssp/ssp.h b/newlib/libc/include/ssp/ssp.h
index 9229086599e9..49ea5f2dd8a4 100644
--- a/newlib/libc/include/ssp/ssp.h
+++ b/newlib/libc/include/ssp/ssp.h
@@ -43,11 +43,20 @@
 
 #define __ssp_inline extern __inline__ __attribute__((__always_inline__, __gnu_inline__))
 
+#if __SSP_FORTIFY_LEVEL > 2
+#define __ssp_bos(ptr) __builtin_dynamic_object_size(ptr, 1)
+#define __ssp_bos0(ptr) __builtin_dynamic_object_size(ptr, 0)
+#define __ssp_bos_known(ptr) \
+       (__builtin_object_size(ptr, 0) != (size_t)-1 \
+       || !__builtin_constant_p(__ssp_bos(ptr)))
+#else
 #define __ssp_bos(ptr) __builtin_object_size(ptr, __SSP_FORTIFY_LEVEL > 1)
 #define __ssp_bos0(ptr) __builtin_object_size(ptr, 0)
+#define __ssp_bos_known(ptr) (__ssp_bos0(ptr) != (size_t)-1)
+#endif
 
 #define __ssp_check(buf, len, bos) \
-	if (bos(buf) != (size_t)-1 && len > bos(buf)) \
+	if (__ssp_bos_known(buf) && len > bos(buf)) \
 		__chk_fail()
 #define __ssp_decl(rtype, fun, args) \
 rtype __ssp_real_(fun) args __asm__(__ASMNAME(#fun)); \
diff --git a/newlib/libc/include/ssp/string.h b/newlib/libc/include/ssp/string.h
index 85c4512acfd3..22b52097cb9b 100644
--- a/newlib/libc/include/ssp/string.h
+++ b/newlib/libc/include/ssp/string.h
@@ -49,12 +49,12 @@ __END_DECLS
 #if __SSP_FORTIFY_LEVEL > 0
 
 #define __ssp_bos_check3(fun, dst, src, len) \
-    ((__ssp_bos0(dst) != (size_t)-1) ? \
+    (__ssp_bos_known(dst) ? \
     __builtin___ ## fun ## _chk(dst, src, len, __ssp_bos0(dst)) : \
     __ ## fun ## _ichk(dst, src, len))
 
 #define __ssp_bos_check2(fun, dst, src) \
-    ((__ssp_bos0(dst) != (size_t)-1) ? \
+    (__ssp_bos_known(dst) ? \
     __builtin___ ## fun ## _chk(dst, src, __ssp_bos0(dst)) : \
     __ ## fun ## _ichk(dst, src))
 
diff --git a/newlib/libc/include/ssp/strings.h b/newlib/libc/include/ssp/strings.h
index 13adba175276..be59882ebc0b 100644
--- a/newlib/libc/include/ssp/strings.h
+++ b/newlib/libc/include/ssp/strings.h
@@ -37,11 +37,11 @@
 
 #if __BSD_VISIBLE || __POSIX_VISIBLE <= 200112
 #define bcopy(src, dst, len) \
-    ((__ssp_bos0(dst) != (size_t)-1) ? \
+    (__ssp_bos_known(dst) ? \
     __builtin___memmove_chk(dst, src, len, __ssp_bos0(dst)) : \
     __memmove_ichk(dst, src, len))
 #define bzero(dst, len) \
-    ((__ssp_bos0(dst) != (size_t)-1) ? \
+    (__ssp_bos_known(dst) ? \
     __builtin___memset_chk(dst, 0, len, __ssp_bos0(dst)) : \
     __memset_ichk(dst, 0, len))
 #endif
diff --git a/newlib/libc/include/sys/features.h b/newlib/libc/include/sys/features.h
index a7d4bc52d18f..6a925c87e9ec 100644
--- a/newlib/libc/include/sys/features.h
+++ b/newlib/libc/include/sys/features.h
@@ -104,7 +104,7 @@ extern "C" {
  * _DEFAULT_SOURCE (or none of the above)
  * 	POSIX-1.2008 with BSD and SVr4 extensions
  *
- * _FORTIFY_SOURCE = 1 or 2
+ * _FORTIFY_SOURCE = 1, 2 or 3
  * 	Object Size Checking function wrappers
  */
 
@@ -247,7 +247,7 @@ extern "C" {
  * 	GNU extensions; enabled with _GNU_SOURCE.
  *
  * __SSP_FORTIFY_LEVEL
- * 	Object Size Checking; defined to 0 (off), 1, or 2.
+ * 	Object Size Checking; defined to 0 (off), 1, 2 or 3.
  *
  * In all cases above, "enabled by default" means either by defining
  * _DEFAULT_SOURCE, or by not defining any of the public feature test macros.
@@ -335,7 +335,13 @@ extern "C" {
 #if _FORTIFY_SOURCE > 0 && !defined(__cplusplus) && !defined(__lint__) && \
    (__OPTIMIZE__ > 0 || defined(__clang__)) && __GNUC_PREREQ__(4, 1) && \
    !defined(_LIBC)
-#  if _FORTIFY_SOURCE > 1
+#  if _FORTIFY_SOURCE > 2 && defined(__has_builtin)
+#    if __has_builtin(__builtin_dynamic_object_size)
+#      define __SSP_FORTIFY_LEVEL 3
+#    else
+#      define __SSP_FORTIFY_LEVEL 2
+#    endif
+#  elif _FORTIFY_SOURCE > 1
 #    define __SSP_FORTIFY_LEVEL 2
 #  else
 #    define __SSP_FORTIFY_LEVEL 1

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2024-01-29 15:29 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-01-29 15:29 [newlib-cygwin/main] ssp: add support for _FORTIFY_SOURCE=3 Corinna Vinschen

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).