Merge "Reland "Add libdl_android to the Runtime (aka Bionic) APEX"."
diff --git a/libc/NOTICE b/libc/NOTICE
index d9ac638..5b2a3c8 100644
--- a/libc/NOTICE
+++ b/libc/NOTICE
@@ -3113,7 +3113,7 @@
-------------------------------------------------------------------
-Copyright (c) 1997 Todd C. Miller <Todd.Miller@courtesan.com>
+Copyright (c) 1997 Todd C. Miller <millert@openbsd.org>
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -3353,7 +3353,7 @@
-------------------------------------------------------------------
-Copyright (c) 1998, 2015 Todd C. Miller <Todd.Miller@courtesan.com>
+Copyright (c) 1998, 2015 Todd C. Miller <millert@openbsd.org>
Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
@@ -4560,7 +4560,7 @@
-------------------------------------------------------------------
-Copyright (c) 2007 Todd C. Miller <Todd.Miller@courtesan.com>
+Copyright (c) 2007 Todd C. Miller <millert@openbsd.org>
Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
@@ -4923,7 +4923,7 @@
-------------------------------------------------------------------
-Copyright (c) 2010 Todd C. Miller <Todd.Miller@courtesan.com>
+Copyright (c) 2010 Todd C. Miller <millert@openbsd.org>
Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
diff --git a/libc/bionic/libc_init_common.cpp b/libc/bionic/libc_init_common.cpp
index b6a9ed2..542c4a5 100644
--- a/libc/bionic/libc_init_common.cpp
+++ b/libc/bionic/libc_init_common.cpp
@@ -103,6 +103,14 @@
__system_properties_init(); // Requires 'environ'.
__libc_init_fdsan(); // Requires system properties (for debug.fdsan).
+
+ // Allow the kernel to accept tagged pointers in syscall arguments. This is a no-op (kernel
+ // returns -EINVAL) if the kernel doesn't understand the prctl.
+#if defined(__aarch64__)
+#define PR_SET_TAGGED_ADDR_CTRL 55
+#define PR_TAGGED_ADDR_ENABLE (1UL << 0)
+ prctl(PR_SET_TAGGED_ADDR_CTRL, PR_TAGGED_ADDR_ENABLE, 0, 0, 0);
+#endif
}
void __libc_init_fork_handler() {
diff --git a/libc/include/bits/fortify/fcntl.h b/libc/include/bits/fortify/fcntl.h
index ded62ee..3c5a037 100644
--- a/libc/include/bits/fortify/fcntl.h
+++ b/libc/include/bits/fortify/fcntl.h
@@ -59,11 +59,11 @@
int open(const char* const __pass_object_size pathname, int flags)
__overloadable
__clang_error_if(__open_modes_useful(flags), "'open' " __open_too_few_args_error) {
-#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
return __open_2(pathname, flags);
#else
return __open_real(pathname, flags);
-#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
+#endif
}
__BIONIC_FORTIFY_INLINE
@@ -83,11 +83,11 @@
int openat(int dirfd, const char* const __pass_object_size pathname, int flags)
__overloadable
__clang_error_if(__open_modes_useful(flags), "'openat' " __open_too_few_args_error) {
-#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
return __openat_2(dirfd, pathname, flags);
#else
return __openat_real(dirfd, pathname, flags);
-#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
+#endif
}
__BIONIC_FORTIFY_INLINE
@@ -109,7 +109,7 @@
int open64(const char* const __pass_object_size pathname, int flags)
__overloadable
__clang_error_if(__open_modes_useful(flags), "'open64' " __open_too_few_args_error) {
- return __open_2(pathname, flags);
+ return open(pathname, flags);
}
__BIONIC_FORTIFY_INLINE
@@ -117,7 +117,7 @@
__overloadable
__clang_warning_if(!__open_modes_useful(flags) && modes,
"'open64' " __open_useless_modes_warning) {
- return __open_real(pathname, flags, modes);
+ return open(pathname, flags, modes);
}
__BIONIC_ERROR_FUNCTION_VISIBILITY
@@ -129,7 +129,7 @@
int openat64(int dirfd, const char* const __pass_object_size pathname, int flags)
__overloadable
__clang_error_if(__open_modes_useful(flags), "'openat64' " __open_too_few_args_error) {
- return __openat_2(dirfd, pathname, flags);
+ return openat(dirfd, pathname, flags);
}
__BIONIC_FORTIFY_INLINE
@@ -137,7 +137,7 @@
__overloadable
__clang_warning_if(!__open_modes_useful(flags) && modes,
"'openat64' " __open_useless_modes_warning) {
- return __openat_real(dirfd, pathname, flags, modes);
+ return openat(dirfd, pathname, flags, modes);
}
#endif /* __ANDROID_API__ >= __ANDROID_API_L__ */
diff --git a/libc/include/bits/fortify/poll.h b/libc/include/bits/fortify/poll.h
index 7a727a4..30fdce4 100644
--- a/libc/include/bits/fortify/poll.h
+++ b/libc/include/bits/fortify/poll.h
@@ -44,13 +44,13 @@
__overloadable
__clang_error_if(__bos_unevaluated_lt(__bos(fds), sizeof(*fds) * fd_count),
"in call to 'poll', fd_count is larger than the given buffer") {
-#if __ANDROID_API__ >= __ANDROID_API_M__
+#if __ANDROID_API__ >= __ANDROID_API_M__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos_fds = __bos(fds);
if (!__bos_fd_count_trivially_safe(bos_fds, fds, fd_count)) {
return __poll_chk(fds, fd_count, timeout, bos_fds);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_M__ */
+#endif
return __call_bypassing_fortify(poll)(fds, fd_count, timeout);
}
@@ -60,13 +60,13 @@
__overloadable
__clang_error_if(__bos_unevaluated_lt(__bos(fds), sizeof(*fds) * fd_count),
"in call to 'ppoll', fd_count is larger than the given buffer") {
-#if __ANDROID_API__ >= __ANDROID_API_M__
+#if __ANDROID_API__ >= __ANDROID_API_M__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos_fds = __bos(fds);
if (!__bos_fd_count_trivially_safe(bos_fds, fds, fd_count)) {
return __ppoll_chk(fds, fd_count, timeout, mask, bos_fds);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_M__ */
+#endif
return __call_bypassing_fortify(ppoll)(fds, fd_count, timeout, mask);
}
#endif /* __ANDROID_API__ >= __ANDROID_API_L__ */
@@ -77,11 +77,13 @@
__overloadable
__clang_error_if(__bos_unevaluated_lt(__bos(fds), sizeof(*fds) * fd_count),
"in call to 'ppoll64', fd_count is larger than the given buffer") {
+#if __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos_fds = __bos(fds);
if (!__bos_fd_count_trivially_safe(bos_fds, fds, fd_count)) {
return __ppoll64_chk(fds, fd_count, timeout, mask, bos_fds);
}
+#endif
return __call_bypassing_fortify(ppoll64)(fds, fd_count, timeout, mask);
}
#endif /* __ANDROID_API__ >= __ANDROID_API_P__ */
diff --git a/libc/include/bits/fortify/socket.h b/libc/include/bits/fortify/socket.h
index cf5f189..30fe0d7 100644
--- a/libc/include/bits/fortify/socket.h
+++ b/libc/include/bits/fortify/socket.h
@@ -42,13 +42,13 @@
__overloadable
__clang_error_if(__bos_unevaluated_lt(__bos0(buf), len),
"'recvfrom' called with size bigger than buffer") {
-#if __ANDROID_API__ >= __ANDROID_API_N__
+#if __ANDROID_API__ >= __ANDROID_API_N__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos = __bos0(buf);
if (!__bos_trivially_ge(bos, len)) {
return __recvfrom_chk(fd, buf, len, bos, flags, src_addr, addr_len);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_N__ */
+#endif
return __call_bypassing_fortify(recvfrom)(fd, buf, len, flags, src_addr, addr_len);
}
@@ -57,13 +57,13 @@
__overloadable
__clang_error_if(__bos_unevaluated_lt(__bos0(buf), len),
"'sendto' called with size bigger than buffer") {
-#if __ANDROID_API__ >= __ANDROID_API_N_MR1__
+#if __ANDROID_API__ >= __ANDROID_API_N_MR1__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos = __bos0(buf);
if (!__bos_trivially_ge(bos, len)) {
return __sendto_chk(fd, buf, len, bos, flags, dest_addr, addr_len);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_N_MR1__ */
+#endif
return __call_bypassing_fortify(sendto)(fd, buf, len, flags, dest_addr, addr_len);
}
diff --git a/libc/include/bits/fortify/stat.h b/libc/include/bits/fortify/stat.h
index 6a2e822..43fc69c 100644
--- a/libc/include/bits/fortify/stat.h
+++ b/libc/include/bits/fortify/stat.h
@@ -41,11 +41,11 @@
__overloadable
__enable_if(1, "")
__clang_error_if(mode & ~0777, "'umask' called with invalid mode") {
-#if __ANDROID_API__ >= __ANDROID_API_J_MR2__
+#if __ANDROID_API__ >= __ANDROID_API_J_MR2__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
return __umask_chk(mode);
#else
return __umask_real(mode);
-#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR2__ */
+#endif
}
#endif /* defined(__BIONIC_FORTIFY) */
diff --git a/libc/include/bits/fortify/stdio.h b/libc/include/bits/fortify/stdio.h
index 528d5fb..fb503c3 100644
--- a/libc/include/bits/fortify/stdio.h
+++ b/libc/include/bits/fortify/stdio.h
@@ -36,7 +36,7 @@
#if defined(__BIONIC_FORTIFY) && !defined(__BIONIC_NO_STDIO_FORTIFY)
-#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
/* No diag -- clang diagnoses misuses of this on its own. */
__BIONIC_FORTIFY_INLINE __printflike(3, 0)
int vsnprintf(char* const __pass_object_size dest, size_t size, const char* format, va_list ap)
@@ -48,7 +48,7 @@
int vsprintf(char* const __pass_object_size dest, const char* format, va_list ap) __overloadable {
return __builtin___vsprintf_chk(dest, 0, __bos(dest), format, ap);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
+#endif
__BIONIC_ERROR_FUNCTION_VISIBILITY
int sprintf(char* dest, const char* format)
@@ -57,7 +57,7 @@
"format string will always overflow destination buffer")
__errorattr("format string will always overflow destination buffer");
-#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
__BIONIC_FORTIFY_VARIADIC __printflike(2, 3)
int sprintf(char* const __pass_object_size dest, const char* format, ...) __overloadable {
va_list va;
@@ -77,7 +77,7 @@
va_end(va);
return result;
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
+#endif
#define __bos_trivially_ge_mul(bos_val, size, count) \
__bos_dynamic_check_impl_and(bos_val, >=, (size) * (count), \
@@ -90,13 +90,13 @@
"in call to 'fread', size * count overflows")
__clang_error_if(__bos_unevaluated_lt(__bos0(buf), size * count),
"in call to 'fread', size * count is too large for the given buffer") {
-#if __ANDROID_API__ >= __ANDROID_API_N__
+#if __ANDROID_API__ >= __ANDROID_API_N__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos = __bos0(buf);
if (!__bos_trivially_ge_mul(bos, size, count)) {
return __fread_chk(buf, size, count, stream, bos);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_N__ */
+#endif
return __call_bypassing_fortify(fread)(buf, size, count, stream);
}
@@ -107,13 +107,13 @@
"in call to 'fwrite', size * count overflows")
__clang_error_if(__bos_unevaluated_lt(__bos0(buf), size * count),
"in call to 'fwrite', size * count is too large for the given buffer") {
-#if __ANDROID_API__ >= __ANDROID_API_N__
+#if __ANDROID_API__ >= __ANDROID_API_N__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos = __bos0(buf);
if (!__bos_trivially_ge_mul(bos, size, count)) {
return __fwrite_chk(buf, size, count, stream, bos);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_N__ */
+#endif
return __call_bypassing_fortify(fwrite)(buf, size, count, stream);
}
#undef __bos_trivially_ge_mul
@@ -124,13 +124,13 @@
__clang_error_if(size < 0, "in call to 'fgets', size should not be negative")
__clang_error_if(__bos_unevaluated_lt(__bos(dest), size),
"in call to 'fgets', size is larger than the destination buffer") {
-#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos = __bos(dest);
if (!__bos_dynamic_check_impl_and(bos, >=, (size_t)size, size >= 0)) {
return __fgets_chk(dest, size, stream, bos);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
+#endif
return __call_bypassing_fortify(fgets)(dest, size, stream);
}
diff --git a/libc/include/bits/fortify/string.h b/libc/include/bits/fortify/string.h
index bd36483..7dc60f2 100644
--- a/libc/include/bits/fortify/string.h
+++ b/libc/include/bits/fortify/string.h
@@ -40,7 +40,7 @@
#if defined(__BIONIC_FORTIFY)
extern void* __memrchr_real(const void*, int, size_t) __RENAME(memrchr);
-#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
/* No diag -- clang diagnoses misuses of this on its own. */
__BIONIC_FORTIFY_INLINE
void* memcpy(void* const dst __pass_object_size0, const void* src, size_t copy_amount)
@@ -61,7 +61,7 @@
}
return __builtin___memmove_chk(dst, src, len, bos_dst);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
+#endif
#if defined(__USE_GNU)
#if __ANDROID_API__ >= __ANDROID_API_R__
@@ -70,11 +70,13 @@
__overloadable
__clang_error_if(__bos_unevaluated_lt(__bos0(dst), copy_amount),
"'mempcpy' called with size bigger than buffer") {
+#if __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos_dst = __bos0(dst);
- if (__bos_trivially_ge(bos_dst, copy_amount)) {
- return __builtin_mempcpy(dst, src, copy_amount);
+ if (!__bos_trivially_ge(bos_dst, copy_amount)) {
+ return __builtin___mempcpy_chk(dst, src, copy_amount, bos_dst);
}
- return __builtin___mempcpy_chk(dst, src, copy_amount, bos_dst);
+#endif
+ return __builtin_mempcpy(dst, src, copy_amount);
}
#endif /* __ANDROID_API__ >= __ANDROID_API_R__ */
#endif /* __USE_GNU */
@@ -84,12 +86,12 @@
__overloadable
__clang_error_if(__bos_unevaluated_le(__bos(dst), __builtin_strlen(src)),
"'stpcpy' called with string bigger than buffer") {
-#if __ANDROID_API__ >= __ANDROID_API_L__
+#if __ANDROID_API__ >= __ANDROID_API_L__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos_dst = __bos(dst);
if (!__bos_trivially_gt(bos_dst, __builtin_strlen(src))) {
return __builtin___stpcpy_chk(dst, src, bos_dst);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_L__ */
+#endif
return __builtin_stpcpy(dst, src);
}
@@ -98,12 +100,12 @@
__overloadable
__clang_error_if(__bos_unevaluated_le(__bos(dst), __builtin_strlen(src)),
"'strcpy' called with string bigger than buffer") {
-#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos_dst = __bos(dst);
if (!__bos_trivially_gt(bos_dst, __builtin_strlen(src))) {
return __builtin___strcpy_chk(dst, src, bos_dst);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
+#endif
return __builtin_strcpy(dst, src);
}
@@ -112,36 +114,36 @@
__overloadable
__clang_error_if(__bos_unevaluated_le(__bos(dst), __builtin_strlen(src)),
"'strcat' called with string bigger than buffer") {
-#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
return __builtin___strcat_chk(dst, src, __bos(dst));
#else
return __builtin_strcat(dst, src);
-#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
+#endif
}
-#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
/* No diag -- clang diagnoses misuses of this on its own. */
__BIONIC_FORTIFY_INLINE
char* strncat(char* const dst __pass_object_size, const char* src, size_t n) __overloadable {
return __builtin___strncat_chk(dst, src, n, __bos(dst));
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
+#endif
/* No diag -- clang diagnoses misuses of this on its own. */
__BIONIC_FORTIFY_INLINE
void* memset(void* const s __pass_object_size0, int c, size_t n) __overloadable
/* If you're a user who wants this warning to go away: use `(&memset)(foo, bar, baz)`. */
__clang_warning_if(c && !n, "'memset' will set 0 bytes; maybe the arguments got flipped?") {
-#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos = __bos0(s);
if (!__bos_trivially_ge(bos, n)) {
return __builtin___memset_chk(s, c, n, bos);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
+#endif
return __builtin_memset(s, c, n);
}
-#if __ANDROID_API__ >= __ANDROID_API_M__
+#if __ANDROID_API__ >= __ANDROID_API_M__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
__BIONIC_FORTIFY_INLINE
void* memchr(const void* const s __pass_object_size, int c, size_t n) __overloadable {
size_t bos = __bos(s);
@@ -163,9 +165,9 @@
return __memrchr_chk(s, c, n, bos);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_M__ */
+#endif
-#if __ANDROID_API__ >= __ANDROID_API_L__
+#if __ANDROID_API__ >= __ANDROID_API_L__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
/* No diag -- clang diagnoses misuses of this on its own. */
__BIONIC_FORTIFY_INLINE
char* stpncpy(char* const dst __pass_object_size, const char* const src __pass_object_size, size_t n)
@@ -195,20 +197,20 @@
return __strncpy_chk2(dst, src, n, bos_dst, bos_src);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_L__ */
+#endif
__BIONIC_FORTIFY_INLINE
size_t strlcpy(char* const dst __pass_object_size, const char* src, size_t size)
__overloadable
__clang_error_if(__bos_unevaluated_lt(__bos(dst), size),
"'strlcpy' called with size bigger than buffer") {
-#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos = __bos(dst);
if (bos != __BIONIC_FORTIFY_UNKNOWN_SIZE) {
return __strlcpy_chk(dst, src, size, bos);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
+#endif
return __call_bypassing_fortify(strlcpy)(dst, src, size);
}
@@ -217,53 +219,53 @@
__overloadable
__clang_error_if(__bos_unevaluated_lt(__bos(dst), size),
"'strlcat' called with size bigger than buffer") {
-#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos = __bos(dst);
if (bos != __BIONIC_FORTIFY_UNKNOWN_SIZE) {
return __strlcat_chk(dst, src, size, bos);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
+#endif
return __call_bypassing_fortify(strlcat)(dst, src, size);
}
__BIONIC_FORTIFY_INLINE
size_t strlen(const char* const s __pass_object_size0) __overloadable {
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos = __bos0(s);
-#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
if (!__bos_trivially_gt(bos, __builtin_strlen(s))) {
return __strlen_chk(s, bos);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
+#endif
return __builtin_strlen(s);
}
__BIONIC_FORTIFY_INLINE
char* strchr(const char* const s __pass_object_size, int c) __overloadable {
-#if __ANDROID_API__ >= __ANDROID_API_J_MR2__
+#if __ANDROID_API__ >= __ANDROID_API_J_MR2__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos = __bos(s);
if (bos != __BIONIC_FORTIFY_UNKNOWN_SIZE) {
return __strchr_chk(s, c, bos);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR2__ */
+#endif
return __builtin_strchr(s, c);
}
__BIONIC_FORTIFY_INLINE
char* strrchr(const char* const s __pass_object_size, int c) __overloadable {
-#if __ANDROID_API__ >= __ANDROID_API_J_MR2__
+#if __ANDROID_API__ >= __ANDROID_API_J_MR2__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos = __bos(s);
if (bos != __BIONIC_FORTIFY_UNKNOWN_SIZE) {
return __strrchr_chk(s, c, bos);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR2__ */
+#endif
return __builtin_strrchr(s, c);
}
-#if __ANDROID_API__ >= __ANDROID_API_M__
+#if __ANDROID_API__ >= __ANDROID_API_M__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
#if defined(__cplusplus)
extern "C++" {
__BIONIC_FORTIFY_INLINE
diff --git a/libc/include/bits/fortify/strings.h b/libc/include/bits/fortify/strings.h
index cc268db..1ebaf39 100644
--- a/libc/include/bits/fortify/strings.h
+++ b/libc/include/bits/fortify/strings.h
@@ -33,13 +33,13 @@
__overloadable
__clang_error_if(__bos_unevaluated_lt(__bos0(dst), len),
"'bcopy' called with size bigger than buffer") {
-#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos = __bos0(dst);
if (!__bos_trivially_ge(bos, len)) {
__builtin___memmove_chk(dst, src, len, bos);
return;
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
+#endif
__builtin_memmove(dst, src, len);
}
@@ -48,13 +48,13 @@
__overloadable
__clang_error_if(__bos_unevaluated_lt(__bos0(b), len),
"'bzero' called with size bigger than buffer") {
-#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos = __bos0(b);
if (!__bos_trivially_ge(bos, len)) {
__builtin___memset_chk(b, 0, len, bos);
return;
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
+#endif
__builtin_memset(b, 0, len);
}
diff --git a/libc/include/bits/fortify/unistd.h b/libc/include/bits/fortify/unistd.h
index 45ed2cf..f1580ce 100644
--- a/libc/include/bits/fortify/unistd.h
+++ b/libc/include/bits/fortify/unistd.h
@@ -73,13 +73,13 @@
char* getcwd(char* const __pass_object_size buf, size_t size)
__overloadable
__error_if_overflows_objectsize(size, __bos(buf), getcwd) {
-#if __ANDROID_API__ >= __ANDROID_API_N__
+#if __ANDROID_API__ >= __ANDROID_API_N__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos = __bos(buf);
if (!__bos_trivially_ge(bos, size)) {
return __getcwd_chk(buf, size, bos);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_N__ */
+#endif
return __call_bypassing_fortify(getcwd)(buf, size);
}
@@ -89,13 +89,13 @@
__overloadable
__error_if_overflows_ssizet(count, pread)
__error_if_overflows_objectsize(count, __bos0(buf), pread) {
-#if __ANDROID_API__ >= __ANDROID_API_M__
+#if __ANDROID_API__ >= __ANDROID_API_M__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos = __bos0(buf);
if (!__bos_trivially_ge_no_overflow(bos, count)) {
return __PREAD_PREFIX(chk)(fd, buf, count, offset, bos);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_M__ */
+#endif
return __PREAD_PREFIX(real)(fd, buf, count, offset);
}
#endif /* !defined(__USE_FILE_OFFSET64) */
@@ -105,13 +105,13 @@
__overloadable
__error_if_overflows_ssizet(count, pread64)
__error_if_overflows_objectsize(count, __bos0(buf), pread64) {
-#if __ANDROID_API__ >= __ANDROID_API_M__
+#if __ANDROID_API__ >= __ANDROID_API_M__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos = __bos0(buf);
if (!__bos_trivially_ge_no_overflow(bos, count)) {
return __pread64_chk(fd, buf, count, offset, bos);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_M__ */
+#endif
return __pread64_real(fd, buf, count, offset);
}
@@ -121,13 +121,13 @@
__overloadable
__error_if_overflows_ssizet(count, pwrite)
__error_if_overflows_objectsize(count, __bos0(buf), pwrite) {
-#if __ANDROID_API__ >= __ANDROID_API_N__
+#if __ANDROID_API__ >= __ANDROID_API_N__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos = __bos0(buf);
if (!__bos_trivially_ge_no_overflow(bos, count)) {
return __PWRITE_PREFIX(chk)(fd, buf, count, offset, bos);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_N__ */
+#endif
return __PWRITE_PREFIX(real)(fd, buf, count, offset);
}
#endif /* !defined(__USE_FILE_OFFSET64) */
@@ -137,13 +137,13 @@
__overloadable
__error_if_overflows_ssizet(count, pwrite64)
__error_if_overflows_objectsize(count, __bos0(buf), pwrite64) {
-#if __ANDROID_API__ >= __ANDROID_API_N__
+#if __ANDROID_API__ >= __ANDROID_API_N__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos = __bos0(buf);
if (!__bos_trivially_ge_no_overflow(bos, count)) {
return __pwrite64_chk(fd, buf, count, offset, bos);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_N__ */
+#endif
return __pwrite64_real(fd, buf, count, offset);
}
@@ -152,13 +152,13 @@
__overloadable
__error_if_overflows_ssizet(count, read)
__error_if_overflows_objectsize(count, __bos0(buf), read) {
-#if __ANDROID_API__ >= __ANDROID_API_L__
+#if __ANDROID_API__ >= __ANDROID_API_L__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos = __bos0(buf);
if (!__bos_trivially_ge_no_overflow(bos, count)) {
return __read_chk(fd, buf, count, bos);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_L__ */
+#endif
return __call_bypassing_fortify(read)(fd, buf, count);
}
@@ -167,13 +167,13 @@
__overloadable
__error_if_overflows_ssizet(count, write)
__error_if_overflows_objectsize(count, __bos0(buf), write) {
-#if __ANDROID_API__ >= __ANDROID_API_N__
+#if __ANDROID_API__ >= __ANDROID_API_N__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos = __bos0(buf);
if (!__bos_trivially_ge_no_overflow(bos, count)) {
return __write_chk(fd, buf, count, bos);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_N__ */
+#endif
return __call_bypassing_fortify(write)(fd, buf, count);
}
@@ -182,13 +182,13 @@
__overloadable
__error_if_overflows_ssizet(size, readlink)
__error_if_overflows_objectsize(size, __bos(buf), readlink) {
-#if __ANDROID_API__ >= __ANDROID_API_M__
+#if __ANDROID_API__ >= __ANDROID_API_M__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos = __bos(buf);
if (!__bos_trivially_ge_no_overflow(bos, size)) {
return __readlink_chk(path, buf, size, bos);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_M__ */
+#endif
return __call_bypassing_fortify(readlink)(path, buf, size);
}
@@ -198,13 +198,13 @@
__overloadable
__error_if_overflows_ssizet(size, readlinkat)
__error_if_overflows_objectsize(size, __bos(buf), readlinkat) {
-#if __ANDROID_API__ >= __ANDROID_API_M__
+#if __ANDROID_API__ >= __ANDROID_API_M__ && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
size_t bos = __bos(buf);
if (!__bos_trivially_ge_no_overflow(bos, size)) {
return __readlinkat_chk(dirfd, path, buf, size, bos);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_M__ */
+#endif
return __call_bypassing_fortify(readlinkat)(dirfd, path, buf, size);
}
#endif /* __ANDROID_API__ >= __ANDROID_API_L__ */
diff --git a/libc/include/sys/cdefs.h b/libc/include/sys/cdefs.h
index 8078bda..eb30690 100644
--- a/libc/include/sys/cdefs.h
+++ b/libc/include/sys/cdefs.h
@@ -237,14 +237,15 @@
#define __BIONIC_FORTIFY_UNKNOWN_SIZE ((size_t) -1)
#if defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE > 0
-/*
- * FORTIFY's _chk functions effectively disable ASAN's stdlib interceptors.
- * Additionally, the static analyzer/clang-tidy try to pattern match some
- * standard library functions, and FORTIFY sometimes interferes with this. So,
- * we turn FORTIFY off in both cases.
- */
-# if !__has_feature(address_sanitizer) && !defined(__clang_analyzer__)
+/* FORTIFY can interfere with pattern-matching of clang-tidy/the static analyzer. */
+# if !defined(__clang_analyzer__)
# define __BIONIC_FORTIFY 1
+/* ASAN has interceptors that FORTIFY's _chk functions can break. */
+# if __has_feature(address_sanitizer)
+# define __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED 0
+# else
+# define __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED 1
+# endif
# endif
#endif
diff --git a/libc/upstream-openbsd/android/include/openbsd-compat.h b/libc/upstream-openbsd/android/include/openbsd-compat.h
index afd1077..878f71c 100644
--- a/libc/upstream-openbsd/android/include/openbsd-compat.h
+++ b/libc/upstream-openbsd/android/include/openbsd-compat.h
@@ -19,6 +19,8 @@
#define _BSD_SOURCE
#include <sys/cdefs.h>
+#include <unistd.h> // For environ.
+
#include <stddef.h> // For size_t.
#include <sys/random.h> // For getentropy.
diff --git a/libc/upstream-openbsd/lib/libc/crypt/arc4random_uniform.c b/libc/upstream-openbsd/lib/libc/crypt/arc4random_uniform.c
index 23a15e3..a18b5b1 100644
--- a/libc/upstream-openbsd/lib/libc/crypt/arc4random_uniform.c
+++ b/libc/upstream-openbsd/lib/libc/crypt/arc4random_uniform.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: arc4random_uniform.c,v 1.2 2015/09/13 08:31:47 guenther Exp $ */
+/* $OpenBSD: arc4random_uniform.c,v 1.3 2019/01/20 02:59:07 bcook Exp $ */
/*
* Copyright (c) 2008, Damien Miller <djm@openbsd.org>
@@ -16,7 +16,7 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-#include <sys/types.h>
+#include <stdint.h>
#include <stdlib.h>
/*
diff --git a/libc/upstream-openbsd/lib/libc/gen/alarm.c b/libc/upstream-openbsd/lib/libc/gen/alarm.c
index 8bca23a..f15dd15 100644
--- a/libc/upstream-openbsd/lib/libc/gen/alarm.c
+++ b/libc/upstream-openbsd/lib/libc/gen/alarm.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: alarm.c,v 1.8 2016/01/28 16:40:54 schwarze Exp $ */
+/* $OpenBSD: alarm.c,v 1.9 2019/06/28 13:32:41 deraadt Exp $ */
/*
* Copyright (c) 1983, 1993
* The Regents of the University of California. All rights reserved.
@@ -40,7 +40,7 @@
timerclear(&itp->it_interval);
itp->it_value.tv_sec = secs;
itp->it_value.tv_usec = 0;
- if (setitimer(ITIMER_REAL, itp, &oitv) < 0)
+ if (setitimer(ITIMER_REAL, itp, &oitv) == -1)
return ((unsigned int) -1);
if (oitv.it_value.tv_usec)
oitv.it_value.tv_sec++;
diff --git a/libc/upstream-openbsd/lib/libc/gen/charclass.h b/libc/upstream-openbsd/lib/libc/gen/charclass.h
index 5edb2c1..073baf6 100644
--- a/libc/upstream-openbsd/lib/libc/gen/charclass.h
+++ b/libc/upstream-openbsd/lib/libc/gen/charclass.h
@@ -1,7 +1,7 @@
/*
- * Public domain, 2008, Todd C. Miller <Todd.Miller@courtesan.com>
+ * Public domain, 2008, Todd C. Miller <millert@openbsd.org>
*
- * $OpenBSD: charclass.h,v 1.1 2008/10/01 23:04:13 millert Exp $
+ * $OpenBSD: charclass.h,v 1.2 2019/01/25 00:19:25 millert Exp $
*/
/*
diff --git a/libc/upstream-openbsd/lib/libc/gen/ftok.c b/libc/upstream-openbsd/lib/libc/gen/ftok.c
index 387b80f..ea1edf1 100644
--- a/libc/upstream-openbsd/lib/libc/gen/ftok.c
+++ b/libc/upstream-openbsd/lib/libc/gen/ftok.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ftok.c,v 1.8 2014/11/15 22:38:47 guenther Exp $ */
+/* $OpenBSD: ftok.c,v 1.9 2019/06/28 13:32:41 deraadt Exp $ */
/*
* Copyright (c) 1994 SigmaSoft, Th. Lockert <tholo@sigmasoft.com>
* All rights reserved.
@@ -34,7 +34,7 @@
{
struct stat st;
- if (stat(path, &st) < 0)
+ if (stat(path, &st) == -1)
return (key_t)-1;
return (key_t)
diff --git a/libc/upstream-openbsd/lib/libc/gen/setprogname.c b/libc/upstream-openbsd/lib/libc/gen/setprogname.c
index ec3189f..bce4cbd 100644
--- a/libc/upstream-openbsd/lib/libc/gen/setprogname.c
+++ b/libc/upstream-openbsd/lib/libc/gen/setprogname.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: setprogname.c,v 1.5 2016/03/13 18:34:20 guenther Exp $ */
+/* $OpenBSD: setprogname.c,v 1.6 2017/09/17 06:38:03 otto Exp $ */
/*
* Copyright (c) 2013 Antoine Jacoutot <ajacoutot@openbsd.org>
*
@@ -21,11 +21,11 @@
void
setprogname(const char *progname)
{
- const char *tmpn;
+ char *tmpn;
tmpn = strrchr(progname, '/');
if (tmpn == NULL)
- __progname = progname;
+ __progname = (char *)progname;
else
__progname = tmpn + 1;
}
diff --git a/libc/upstream-openbsd/lib/libc/locale/wcsxfrm.c b/libc/upstream-openbsd/lib/libc/locale/wcsxfrm.c
index 98db4a9..3d1e580 100644
--- a/libc/upstream-openbsd/lib/libc/locale/wcsxfrm.c
+++ b/libc/upstream-openbsd/lib/libc/locale/wcsxfrm.c
@@ -1,6 +1,5 @@
-/* $OpenBSD: wcsxfrm.c,v 1.2 2012/12/05 23:20:00 deraadt Exp $ */
-/* $OpenBSD: wcsxfrm.c,v 1.2 2012/12/05 23:20:00 deraadt Exp $ */
-/* $NetBSD: multibyte_sb.c,v 1.4 2003/08/07 16:43:04 agc Exp $ */
+/* $OpenBSD: wcsxfrm.c,v 1.3 2017/09/05 03:16:13 schwarze Exp $ */
+/* $NetBSD: multibyte_sb.c,v 1.4 2003/08/07 16:43:04 agc Exp $ */
/*
* Copyright (c) 1991 The Regents of the University of California.
@@ -40,3 +39,4 @@
return wcslen(src);
return wcslcpy(dest, src, n);
}
+DEF_STRONG(wcsxfrm);
diff --git a/libc/upstream-openbsd/lib/libc/stdio/makebuf.c b/libc/upstream-openbsd/lib/libc/stdio/makebuf.c
index 56e5f21..b771a40 100644
--- a/libc/upstream-openbsd/lib/libc/stdio/makebuf.c
+++ b/libc/upstream-openbsd/lib/libc/stdio/makebuf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: makebuf.c,v 1.9 2015/01/13 07:18:21 guenther Exp $ */
+/* $OpenBSD: makebuf.c,v 1.10 2019/06/28 13:32:42 deraadt Exp $ */
/*-
* Copyright (c) 1990, 1993
* The Regents of the University of California. All rights reserved.
@@ -81,7 +81,7 @@
{
struct stat st;
- if (fp->_file < 0 || fstat(fp->_file, &st) < 0) {
+ if (fp->_file < 0 || fstat(fp->_file, &st) == -1) {
*couldbetty = 0;
*bufsize = BUFSIZ;
return (__SNPT);
diff --git a/libc/upstream-openbsd/lib/libc/stdio/mktemp.c b/libc/upstream-openbsd/lib/libc/stdio/mktemp.c
index 4b81d5d..ef9a183 100644
--- a/libc/upstream-openbsd/lib/libc/stdio/mktemp.c
+++ b/libc/upstream-openbsd/lib/libc/stdio/mktemp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: mktemp.c,v 1.38 2015/09/13 08:31:47 guenther Exp $ */
+/* $OpenBSD: mktemp.c,v 1.39 2017/11/28 06:55:49 tb Exp $ */
/*
* Copyright (c) 1996-1998, 2008 Theo de Raadt
* Copyright (c) 1997, 2008-2009 Todd C. Miller
@@ -119,7 +119,7 @@
}
__warn_references(mktemp,
- "warning: mktemp() possibly used unsafely; consider using mkstemp()");
+ "mktemp() possibly used unsafely; consider using mkstemp()");
char *
mktemp(char *path)
diff --git a/libc/upstream-openbsd/lib/libc/stdio/tempnam.c b/libc/upstream-openbsd/lib/libc/stdio/tempnam.c
index 854b871..d2c848c 100644
--- a/libc/upstream-openbsd/lib/libc/stdio/tempnam.c
+++ b/libc/upstream-openbsd/lib/libc/stdio/tempnam.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tempnam.c,v 1.19 2015/08/31 02:53:57 guenther Exp $ */
+/* $OpenBSD: tempnam.c,v 1.20 2017/11/28 06:55:49 tb Exp $ */
/*
* Copyright (c) 1988, 1993
* The Regents of the University of California. All rights reserved.
@@ -37,7 +37,7 @@
#include <unistd.h>
__warn_references(tempnam,
- "warning: tempnam() possibly used unsafely; consider using mkstemp()");
+ "tempnam() possibly used unsafely; consider using mkstemp()");
char *
tempnam(const char *dir, const char *pfx)
diff --git a/libc/upstream-openbsd/lib/libc/stdio/tmpnam.c b/libc/upstream-openbsd/lib/libc/stdio/tmpnam.c
index d6dc10e..52cd43d 100644
--- a/libc/upstream-openbsd/lib/libc/stdio/tmpnam.c
+++ b/libc/upstream-openbsd/lib/libc/stdio/tmpnam.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tmpnam.c,v 1.11 2015/08/31 02:53:57 guenther Exp $ */
+/* $OpenBSD: tmpnam.c,v 1.12 2017/11/28 06:55:49 tb Exp $ */
/*-
* Copyright (c) 1990, 1993, 1994
* The Regents of the University of California. All rights reserved.
@@ -37,7 +37,7 @@
#include <unistd.h>
__warn_references(tmpnam,
- "warning: tmpnam() possibly used unsafely; consider using mkstemp()");
+ "tmpnam() possibly used unsafely; consider using mkstemp()");
char *
tmpnam(char *s)
diff --git a/libc/upstream-openbsd/lib/libc/stdio/vswprintf.c b/libc/upstream-openbsd/lib/libc/stdio/vswprintf.c
index 641db4a..91e71cb 100644
--- a/libc/upstream-openbsd/lib/libc/stdio/vswprintf.c
+++ b/libc/upstream-openbsd/lib/libc/stdio/vswprintf.c
@@ -1,8 +1,8 @@
-/* $OpenBSD: vswprintf.c,v 1.6 2015/08/31 02:53:57 guenther Exp $ */
+/* $OpenBSD: vswprintf.c,v 1.7 2019/01/25 00:19:25 millert Exp $ */
/* $NetBSD: vswprintf.c,v 1.1 2005/05/14 23:51:02 christos Exp $ */
/*
- * Copyright (c) 1997 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1997 Todd C. Miller <millert@openbsd.org>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
diff --git a/libc/upstream-openbsd/lib/libc/stdlib/getenv.c b/libc/upstream-openbsd/lib/libc/stdlib/getenv.c
index fd8482e..054497b 100644
--- a/libc/upstream-openbsd/lib/libc/stdlib/getenv.c
+++ b/libc/upstream-openbsd/lib/libc/stdlib/getenv.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: getenv.c,v 1.10 2010/08/23 22:31:50 millert Exp $ */
+/* $OpenBSD: getenv.c,v 1.12 2016/03/13 18:34:21 guenther Exp $ */
/*
* Copyright (c) 1987, 1993
* The Regents of the University of California. All rights reserved.
@@ -31,7 +31,6 @@
#include <stdlib.h>
#include <string.h>
-char *__findenv(const char *name, int len, int *offset);
/*
* __findenv --
@@ -46,7 +45,6 @@
char *
__findenv(const char *name, int len, int *offset)
{
- extern char **environ;
int i;
const char *np;
char **p, *cp;
@@ -79,3 +77,4 @@
;
return (__findenv(name, (int)(np - name), &offset));
}
+DEF_STRONG(getenv);
diff --git a/libc/upstream-openbsd/lib/libc/stdlib/llabs.c b/libc/upstream-openbsd/lib/libc/stdlib/llabs.c
index fc2cd82..f4a260f 100644
--- a/libc/upstream-openbsd/lib/libc/stdlib/llabs.c
+++ b/libc/upstream-openbsd/lib/libc/stdlib/llabs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: llabs.c,v 1.3 2007/01/08 19:39:25 deraadt Exp $ */
+/* $OpenBSD: llabs.c,v 1.4 2016/08/14 23:18:03 guenther Exp $ */
/*-
* Copyright (c) 1990 The Regents of the University of California.
@@ -36,3 +36,5 @@
{
return (j < 0 ? -j : j);
}
+
+__weak_alias(qabs, llabs);
diff --git a/libc/upstream-openbsd/lib/libc/string/memrchr.c b/libc/upstream-openbsd/lib/libc/string/memrchr.c
index 26a3399..e123bc1 100644
--- a/libc/upstream-openbsd/lib/libc/string/memrchr.c
+++ b/libc/upstream-openbsd/lib/libc/string/memrchr.c
@@ -1,7 +1,7 @@
-/* $OpenBSD: memrchr.c,v 1.3 2015/08/31 02:53:57 guenther Exp $ */
+/* $OpenBSD: memrchr.c,v 1.4 2019/01/25 00:19:25 millert Exp $ */
/*
- * Copyright (c) 2007 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2007 Todd C. Miller <millert@openbsd.org>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
diff --git a/libc/upstream-openbsd/lib/libc/string/stpcpy.c b/libc/upstream-openbsd/lib/libc/string/stpcpy.c
index d88afac..5a86541 100644
--- a/libc/upstream-openbsd/lib/libc/string/stpcpy.c
+++ b/libc/upstream-openbsd/lib/libc/string/stpcpy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: stpcpy.c,v 1.2 2014/07/09 17:08:21 naddy Exp $ */
+/* $OpenBSD: stpcpy.c,v 1.3 2017/11/28 06:55:49 tb Exp $ */
/*
* Copyright (c) 1988 Regents of the University of California.
@@ -33,7 +33,7 @@
#if defined(APIWARN)
__warn_references(stpcpy,
- "warning: stpcpy() is dangerous; do not use it");
+ "stpcpy() is dangerous; do not use it");
#endif
char *
diff --git a/libc/upstream-openbsd/lib/libc/string/strcat.c b/libc/upstream-openbsd/lib/libc/string/strcat.c
index 646c9c2..73da22f 100644
--- a/libc/upstream-openbsd/lib/libc/string/strcat.c
+++ b/libc/upstream-openbsd/lib/libc/string/strcat.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: strcat.c,v 1.9 2014/06/10 04:17:37 deraadt Exp $ */
+/* $OpenBSD: strcat.c,v 1.10 2017/11/28 06:55:49 tb Exp $ */
/*
* Copyright (c) 1988 Regents of the University of California.
@@ -33,7 +33,7 @@
#if defined(APIWARN)
__warn_references(strcat,
- "warning: strcat() is almost always misused, please use strlcat()");
+ "strcat() is almost always misused, please use strlcat()");
#endif
char *
diff --git a/libc/upstream-openbsd/lib/libc/string/strcpy.c b/libc/upstream-openbsd/lib/libc/string/strcpy.c
index 5a9001e..290eefe 100644
--- a/libc/upstream-openbsd/lib/libc/string/strcpy.c
+++ b/libc/upstream-openbsd/lib/libc/string/strcpy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: strcpy.c,v 1.9 2014/06/10 04:17:37 deraadt Exp $ */
+/* $OpenBSD: strcpy.c,v 1.10 2017/11/28 06:55:49 tb Exp $ */
/*
* Copyright (c) 1988 Regents of the University of California.
@@ -33,7 +33,7 @@
#if defined(APIWARN)
__warn_references(strcpy,
- "warning: strcpy() is almost always misused, please use strlcpy()");
+ "strcpy() is almost always misused, please use strlcpy()");
#endif
char *
diff --git a/libc/upstream-openbsd/lib/libc/string/strlcat.c b/libc/upstream-openbsd/lib/libc/string/strlcat.c
index 6bf2a41..aa3db7ab 100644
--- a/libc/upstream-openbsd/lib/libc/string/strlcat.c
+++ b/libc/upstream-openbsd/lib/libc/string/strlcat.c
@@ -1,7 +1,7 @@
-/* $OpenBSD: strlcat.c,v 1.18 2016/10/16 17:37:39 dtucker Exp $ */
+/* $OpenBSD: strlcat.c,v 1.19 2019/01/25 00:19:25 millert Exp $ */
/*
- * Copyright (c) 1998, 2015 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1998, 2015 Todd C. Miller <millert@openbsd.org>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
diff --git a/libc/upstream-openbsd/lib/libc/string/strlcpy.c b/libc/upstream-openbsd/lib/libc/string/strlcpy.c
index 3677689..7e3b9ae 100644
--- a/libc/upstream-openbsd/lib/libc/string/strlcpy.c
+++ b/libc/upstream-openbsd/lib/libc/string/strlcpy.c
@@ -1,7 +1,7 @@
-/* $OpenBSD: strlcpy.c,v 1.15 2016/10/16 17:37:39 dtucker Exp $ */
+/* $OpenBSD: strlcpy.c,v 1.16 2019/01/25 00:19:25 millert Exp $ */
/*
- * Copyright (c) 1998, 2015 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1998, 2015 Todd C. Miller <millert@openbsd.org>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
diff --git a/libc/upstream-openbsd/lib/libc/string/strndup.c b/libc/upstream-openbsd/lib/libc/string/strndup.c
index a6e5bff..499f9a0 100644
--- a/libc/upstream-openbsd/lib/libc/string/strndup.c
+++ b/libc/upstream-openbsd/lib/libc/string/strndup.c
@@ -1,7 +1,7 @@
-/* $OpenBSD: strndup.c,v 1.2 2015/08/31 02:53:57 guenther Exp $ */
+/* $OpenBSD: strndup.c,v 1.3 2019/01/25 00:19:25 millert Exp $ */
/*
- * Copyright (c) 2010 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2010 Todd C. Miller <millert@openbsd.org>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
diff --git a/libc/upstream-openbsd/lib/libc/string/wcslcpy.c b/libc/upstream-openbsd/lib/libc/string/wcslcpy.c
index 36a544a..9c433c8 100644
--- a/libc/upstream-openbsd/lib/libc/string/wcslcpy.c
+++ b/libc/upstream-openbsd/lib/libc/string/wcslcpy.c
@@ -1,7 +1,7 @@
-/* $OpenBSD: wcslcpy.c,v 1.7 2015/09/12 16:23:14 guenther Exp $ */
+/* $OpenBSD: wcslcpy.c,v 1.8 2019/01/25 00:19:25 millert Exp $ */
/*
- * Copyright (c) 1998, 2015 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1998, 2015 Todd C. Miller <millert@openbsd.org>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
diff --git a/libc/upstream-openbsd/lib/libc/time/wcsftime.c b/libc/upstream-openbsd/lib/libc/time/wcsftime.c
index 0678404..6870871 100644
--- a/libc/upstream-openbsd/lib/libc/time/wcsftime.c
+++ b/libc/upstream-openbsd/lib/libc/time/wcsftime.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: wcsftime.c,v 1.6 2015/02/09 14:52:28 tedu Exp $ */
+/* $OpenBSD: wcsftime.c,v 1.7 2019/05/12 12:49:52 schwarze Exp $ */
/*
** Based on the UCB version with the ID appearing below.
** This is ANSIish only when "multibyte character == plain character".
@@ -439,7 +439,7 @@
continue;
case 'Z':
if (t->tm_zone != NULL)
- pt = _sadd(t->TM_ZONE, pt, ptlim);
+ pt = _sadd(t->tm_zone, pt, ptlim);
else
if (t->tm_isdst >= 0)
pt = _sadd(tzname[t->tm_isdst != 0],
diff --git a/tests/Android.bp b/tests/Android.bp
index 1755053..ee4f02e 100644
--- a/tests/Android.bp
+++ b/tests/Android.bp
@@ -312,26 +312,20 @@
},
}
-// If building this fails, then we have both FORTIFY and ASAN enabled, which
-// isn't desirable. (Ideally, we'd emit FORTIFY diagnostics even with ASAN
-// enabled, but that's not a reality today.) This is meant to be otherwise
-// unused.
-cc_test_library {
- name: "fortify_disabled_for_asan",
+// Ensures that FORTIFY checks aren't run when ASAN is on.
+cc_test {
+ name: "bionic-fortify-runtime-asan-test",
defaults: [
"bionic_clang_fortify_tests_w_flags",
],
cflags: [
"-Werror",
"-D_FORTIFY_SOURCE=2",
- // "sanitize: address" doesn't work on platforms where libasan isn't
- // enabled. Since the intent is just to build this, we can get away with
- // passing this flag on its own.
- "-fsanitize=address",
],
- // Ignore that we don't have ASAN symbols linked in.
- allow_undefined_symbols: true,
- srcs: ["clang_fortify_tests.cpp"],
+ sanitize: {
+ address: true,
+ },
+ srcs: ["clang_fortify_asan.cpp"],
}
// Ensure we don't use FORTIFY'ed functions with the static analyzer/clang-tidy:
diff --git a/tests/clang_fortify_asan.cpp b/tests/clang_fortify_asan.cpp
new file mode 100644
index 0000000..51656eb
--- /dev/null
+++ b/tests/clang_fortify_asan.cpp
@@ -0,0 +1,46 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * This test ensures that ensures that FORTIFY's run-time bits aren't enabled with ASAN on. Most
+ * ways of getting FORTIFY to break turn into UB unless you get creative. Rather than remaking the
+ * entire FORTIFY test-suite with this added constraint, we pick a function with well-defined
+ * behavior when a FORTIFY check would fail (umask), and hope that the success of that is indicative
+ * of the rest working.
+ */
+
+#ifndef __clang__
+#error "Non-clang isn't supported"
+#endif
+
+#ifndef _FORTIFY_SOURCE
+#error "_FORTIFY_SOURCE must be defined"
+#endif
+
+#include <sys/cdefs.h>
+
+#if defined(__BIONIC__) && __has_feature(address_sanitizer)
+#include <sys/stat.h>
+#include <gtest/gtest.h>
+
+TEST(ClangFortifyASAN, NoRuntimeChecksAreEnabled) {
+ volatile mode_t unknown = 01000;
+ mode_t previous = umask(unknown);
+
+ // Not necessary, but polite.
+ umask(previous);
+}
+#endif