Merge "bionic: add missing memory barriers to system properties"
diff --git a/libc/bionic/libc_logging.cpp b/libc/bionic/libc_logging.cpp
index ffc5335..6bf7415 100644
--- a/libc/bionic/libc_logging.cpp
+++ b/libc/bionic/libc_logging.cpp
@@ -42,7 +42,6 @@
#include <unistd.h>
static pthread_mutex_t gAbortMsgLock = PTHREAD_MUTEX_INITIALIZER;
-static pthread_mutex_t gLogInitializationLock = PTHREAD_MUTEX_INITIALIZER;
__LIBC_HIDDEN__ abort_msg_t** __abort_message_ptr; // Accessible to __libc_init_common.
@@ -421,13 +420,9 @@
}
static int __libc_write_log(int priority, const char* tag, const char* msg) {
- static int main_log_fd = -1;
+ int main_log_fd = TEMP_FAILURE_RETRY(open("/dev/log/main", O_CLOEXEC | O_WRONLY));
if (main_log_fd == -1) {
- ScopedPthreadMutexLocker locker(&gLogInitializationLock);
- main_log_fd = TEMP_FAILURE_RETRY(open("/dev/log/main", O_CLOEXEC | O_WRONLY));
- if (main_log_fd == -1) {
- return -1;
- }
+ return -1;
}
iovec vec[3];
@@ -438,7 +433,9 @@
vec[2].iov_base = const_cast<char*>(msg);
vec[2].iov_len = strlen(msg) + 1;
- return TEMP_FAILURE_RETRY(writev(main_log_fd, vec, 3));
+ int result = TEMP_FAILURE_RETRY(writev(main_log_fd, vec, 3));
+ close(main_log_fd);
+ return result;
}
int __libc_format_log_va_list(int priority, const char* tag, const char* format, va_list args) {
@@ -465,12 +462,13 @@
vec[2].iov_base = const_cast<void*>(payload);
vec[2].iov_len = len;
- static int event_log_fd = -1;
+ int event_log_fd = TEMP_FAILURE_RETRY(open("/dev/log/events", O_CLOEXEC | O_WRONLY));
if (event_log_fd == -1) {
- ScopedPthreadMutexLocker locker(&gLogInitializationLock);
- event_log_fd = TEMP_FAILURE_RETRY(open("/dev/log/events", O_CLOEXEC | O_WRONLY));
+ return -1;
}
- return TEMP_FAILURE_RETRY(writev(event_log_fd, vec, 3));
+ int result = TEMP_FAILURE_RETRY(writev(event_log_fd, vec, 3));
+ close(event_log_fd);
+ return result;
}
void __libc_android_log_event_int(int32_t tag, int value) {
diff --git a/libc/include/string.h b/libc/include/string.h
index ac31f7d..2b7d47c 100644
--- a/libc/include/string.h
+++ b/libc/include/string.h
@@ -144,7 +144,6 @@
return __builtin___memset_chk(s, c, n, __builtin_object_size (s, 0));
}
-#if !defined(__clang__)
extern size_t __strlcpy_real(char* __restrict, const char* __restrict, size_t)
__asm__(__USER_LABEL_PREFIX__ "strlcpy");
__errordecl(__strlcpy_error, "strlcpy called with size bigger than buffer");
@@ -154,6 +153,7 @@
size_t strlcpy(char* __restrict dest, const char* __restrict src, size_t size) {
size_t bos = __bos(dest);
+#if !defined(__clang__)
// Compiler doesn't know destination size. Don't call __strlcpy_chk
if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
return __strlcpy_real(dest, src, size);
@@ -170,10 +170,10 @@
if (__builtin_constant_p(size) && (size > bos)) {
__strlcpy_error();
}
+#endif /* !defined(__clang__) */
return __strlcpy_chk(dest, src, size, bos);
}
-#endif /* !defined(__clang__) */
#if !defined(__clang__)
extern size_t __strlcat_real(char* __restrict, const char* __restrict, size_t)
diff --git a/linker/linker.cpp b/linker/linker.cpp
index c53d52f..9c35cfc 100644
--- a/linker/linker.cpp
+++ b/linker/linker.cpp
@@ -1533,6 +1533,8 @@
* phdr_table_protect_segments() after all of them are applied
* and all constructors are run.
*/
+ DL_WARN("%s has text relocations. This is wasting memory and is "
+ "a security risk. Please fix.", si->name);
if (phdr_table_unprotect_segments(si->phdr, si->phnum, si->load_bias) < 0) {
DL_ERR("can't unprotect loadable segments for \"%s\": %s",
si->name, strerror(errno));
diff --git a/tests/fortify1_test.cpp b/tests/fortify1_test.cpp
index be59a18..b8751bb 100644
--- a/tests/fortify1_test.cpp
+++ b/tests/fortify1_test.cpp
@@ -80,6 +80,16 @@
memcpy(buf, "0123456789", sizeof(buf));
ASSERT_EXIT(printf("%s", strrchr(buf, 'a')), testing::KilledBySignal(SIGABRT), "");
}
+
+TEST(Fortify1_DeathTest, strlcpy_fortified) {
+ ::testing::FLAGS_gtest_death_test_style = "threadsafe";
+ char bufa[15];
+ char bufb[10];
+ strcpy(bufa, "01234567890123");
+ size_t n = strlen(bufa);
+ ASSERT_EXIT(strlcpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), "");
+}
+
#endif
TEST(Fortify1_DeathTest, sprintf_fortified) {
diff --git a/tests/fortify1_test_clang.cpp b/tests/fortify1_test_clang.cpp
index 0c0fb2b..fed9f13 100644
--- a/tests/fortify1_test_clang.cpp
+++ b/tests/fortify1_test_clang.cpp
@@ -80,6 +80,16 @@
memcpy(buf, "0123456789", sizeof(buf));
ASSERT_EXIT(printf("%s", strrchr(buf, 'a')), testing::KilledBySignal(SIGABRT), "");
}
+
+TEST(Fortify1_Clang_DeathTest, strlcpy_fortified) {
+ ::testing::FLAGS_gtest_death_test_style = "threadsafe";
+ char bufa[15];
+ char bufb[10];
+ strcpy(bufa, "01234567890123");
+ size_t n = strlen(bufa);
+ ASSERT_EXIT(strlcpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), "");
+}
+
#endif
TEST(Fortify1_Clang_DeathTest, strncat_fortified) {
diff --git a/tests/fortify2_test.cpp b/tests/fortify2_test.cpp
index b48a077..b6f6661 100644
--- a/tests/fortify2_test.cpp
+++ b/tests/fortify2_test.cpp
@@ -94,6 +94,16 @@
ASSERT_EXIT(printf("%s", strrchr(myfoo.a, 'a')),
testing::KilledBySignal(SIGABRT), "");
}
+
+TEST(Fortify2_DeathTest, strlcpy_fortified2) {
+ ::testing::FLAGS_gtest_death_test_style = "threadsafe";
+ foo myfoo;
+ strcpy(myfoo.a, "01");
+ size_t n = strlen(myfoo.a);
+ ASSERT_EXIT(strlcpy(myfoo.one, myfoo.a, n),
+ testing::KilledBySignal(SIGABRT), "");
+}
+
#endif
TEST(Fortify2_DeathTest, strncat_fortified2) {
@@ -199,6 +209,16 @@
memcpy(buf, "0123456789", sizeof(buf));
ASSERT_EXIT(printf("%s", strrchr(buf, 'a')), testing::KilledBySignal(SIGABRT), "");
}
+
+TEST(Fortify2_DeathTest, strlcpy_fortified) {
+ ::testing::FLAGS_gtest_death_test_style = "threadsafe";
+ char bufa[15];
+ char bufb[10];
+ strcpy(bufa, "01234567890123");
+ size_t n = strlen(bufa);
+ ASSERT_EXIT(strlcpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), "");
+}
+
#endif
TEST(Fortify2_DeathTest, sprintf_fortified) {