strncpy: implement _FORTIFY_SOURCE=2
Add support for fortify source level 2 to strncpy.
This will enable detection of more areas where strncpy
is used inappropriately. For example, this would have detected
bug 8727221.
Move the fortify_source tests out of string_test.cpp, and
put it into fortify1_test.cpp.
Create a new fortify2_test.cpp file, which copies all
the tests in fortify1_test.cpp, and adds fortify_source level
2 specific tests.
Change-Id: Ica0fba531cc7d0609e4f23b8176739b13f7f7a83
diff --git a/libc/include/string.h b/libc/include/string.h
index 56d89a4..02d8151 100644
--- a/libc/include/string.h
+++ b/libc/include/string.h
@@ -119,9 +119,16 @@
return __builtin___strcpy_chk(dest, src, __builtin_object_size (dest, 0));
}
+extern void __strncpy_error()
+ __attribute__((__error__("strncpy called with size bigger than buffer")));
+
__BIONIC_FORTIFY_INLINE
char *strncpy(char *dest, const char *src, size_t n) {
- return __builtin___strncpy_chk(dest, src, n, __builtin_object_size (dest, 0));
+ size_t bos = __bos(dest);
+ if (__builtin_constant_p(n) && (n > bos)) {
+ __strncpy_error();
+ }
+ return __builtin___strncpy_chk(dest, src, n, bos);
}
__BIONIC_FORTIFY_INLINE
diff --git a/libc/include/sys/cdefs.h b/libc/include/sys/cdefs.h
index 1976d6a..1288b28 100644
--- a/libc/include/sys/cdefs.h
+++ b/libc/include/sys/cdefs.h
@@ -517,6 +517,12 @@
#if defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE > 0 && defined(__OPTIMIZE__) && __OPTIMIZE__ > 0 && !defined(__clang__)
#define __BIONIC_FORTIFY 1
+#if _FORTIFY_SOURCE == 2
+#define __bos(s) __builtin_object_size((s), 1);
+#else
+#define __bos(s) __builtin_object_size((s), 0);
+#endif
+
#define __BIONIC_FORTIFY_INLINE \
extern inline \
__attribute__ ((always_inline)) \