Gitiles
Code Review Sign In
review.blissroms.org / platform_bionic / 60f4f9a5b99a0a66817f50edfc2194a49f8b5146^! / . / libc / bionic
commit60f4f9a5b99a0a66817f50edfc2194a49f8b5146[log] [tgz]
authorNick Kralevich <nnk@google.com>Tue Sep 24 16:32:07 2013 -0700
committerNick Kralevich <nnk@google.com>Tue Sep 24 16:45:01 2013 -0700
tree13900546cac13512fd4dfd37d3f9e98606c750d2
parent759111cadf84f337f98177259d9e3f9d39c9eea9 [diff]
libc: fortify recvfrom()

Fortify calls to recv() and recvfrom().

We use __bos0 to match glibc's behavior, and because I haven't
tested using __bos.

Change-Id: Iad6ae96551a89af17a9c347b80cdefcf2020c505

diff --git a/libc/bionic/__recvfrom_chk.cpp b/libc/bionic/__recvfrom_chk.cpp
new file mode 100644
index 0000000..10a4263
--- /dev/null
+++ b/libc/bionic/__recvfrom_chk.cpp

@@ -0,0 +1,44 @@
+/*
+ * Copyright (C) 2013 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *  * Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *  * Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <stddef.h>
+#include <sys/socket.h>
+#include "libc_logging.h"
+
+extern "C"
+ssize_t __recvfrom_chk(int socket, void* buf, size_t len, size_t buflen, unsigned int flags,
+        const struct sockaddr* src_addr, socklen_t* addrlen)
+{
+  if (__predict_false(len > buflen)) {
+    __fortify_chk_fail("recvfrom overflow", 0);
+  }
+
+  return recvfrom(socket, buf, len, flags, src_addr, addrlen);
+}