Merge changes Ic2d48c93,I981ac9bd am: cfede4fdd1 am: 8ff7289157 Change-Id: I3adef3a15551f03b81e800b06e3a4ec2809909a4

commit: 11d3fdd8d6cc051ef0b54b211dba1e93af0906a4 [log] [tgz]
author: George Burgess IV <gbiv@google.com> Fri May 24 00:03:36 2019 -0700
committer: android-build-merger <android-build-merger@google.com> Fri May 24 00:03:36 2019 -0700
tree: 03c1b6a86306f0c5624ebee660f19389484df699
parent: b7bf3abf7d89cdc695c2cc97560f4b55550fc343 [diff]
parent: 8ff72891577a459105aa5cd27fc2fa3785e8b05e [diff]
diff --git a/libc/include/bits/fortify/string.h b/libc/include/bits/fortify/string.h
index af93b91..1e12986 100644
--- a/libc/include/bits/fortify/string.h
+++ b/libc/include/bits/fortify/string.h

@@ -70,10 +70,10 @@
 __BIONIC_FORTIFY_INLINE
 char* stpcpy(char* const dst __pass_object_size, const char* src)
         __overloadable
-        __clang_error_if(__bos_unevaluated_leq(__bos(dst), __builtin_strlen(src)),
+        __clang_error_if(__bos_unevaluated_le(__bos(dst), __builtin_strlen(src)),
                          "'stpcpy' called with string bigger than buffer") {
     size_t bos_dst = __bos(dst);
-    if (__bos_trivially_not_leq(bos_dst, __builtin_strlen(src))) {
+    if (__bos_trivially_not_le(bos_dst, __builtin_strlen(src))) {
         return __builtin_stpcpy(dst, src);
     }
     return __builtin___stpcpy_chk(dst, src, bos_dst);
@@ -84,10 +84,10 @@
 __BIONIC_FORTIFY_INLINE
 char* strcpy(char* const dst __pass_object_size, const char* src)
         __overloadable
-        __clang_error_if(__bos_unevaluated_leq(__bos(dst), __builtin_strlen(src)),
+        __clang_error_if(__bos_unevaluated_le(__bos(dst), __builtin_strlen(src)),
                          "'strcpy' called with string bigger than buffer") {
     size_t bos_dst = __bos(dst);
-    if (__bos_trivially_not_leq(bos_dst, __builtin_strlen(src))) {
+    if (__bos_trivially_not_le(bos_dst, __builtin_strlen(src))) {
         return __builtin_strcpy(dst, src);
     }
     return __builtin___strcpy_chk(dst, src, bos_dst);
@@ -123,7 +123,7 @@
 void* memchr(const void* const s __pass_object_size, int c, size_t n) __overloadable {
     size_t bos = __bos(s);
 
-    if (__bos_trivially_geq(bos, n)) {
+    if (__bos_trivially_ge(bos, n)) {
         return __builtin_memchr(s, c, n);
     }
 
@@ -134,7 +134,7 @@
 void* __memrchr_fortify(const void* const __pass_object_size s, int c, size_t n) __overloadable {
     size_t bos = __bos(s);
 
-    if (__bos_trivially_geq(bos, n)) {
+    if (__bos_trivially_ge(bos, n)) {
         return __memrchr_real(s, c, n);
     }
 

diff --git a/libc/include/bits/fortify/unistd.h b/libc/include/bits/fortify/unistd.h
index 04c7495..543c3c7 100644
--- a/libc/include/bits/fortify/unistd.h
+++ b/libc/include/bits/fortify/unistd.h

@@ -66,6 +66,9 @@
     __clang_error_if(__bos_unevaluated_lt((objsize), (what)), \
                      "in call to '" #fn "', '" #what "' bytes overflows the given object")
 
+#define __bos_trivially_not_lt_no_overflow(bos_val, index)  \
+      __bos_dynamic_check_impl_and((bos_val), >=, (index), (bos_val) <= SSIZE_MAX)
+
 #if __ANDROID_API__ >= __ANDROID_API_N__
 __BIONIC_FORTIFY_INLINE
 char* getcwd(char* const __pass_object_size buf, size_t size)
@@ -73,7 +76,7 @@
         __error_if_overflows_objectsize(size, __bos(buf), getcwd) {
     size_t bos = __bos(buf);
 
-    if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
+    if (__bos_trivially_not_lt(bos, size)) {
         return __call_bypassing_fortify(getcwd)(buf, size);
     }
 
@@ -89,7 +92,7 @@
         __error_if_overflows_objectsize(count, __bos0(buf), pread) {
     size_t bos = __bos0(buf);
 
-    if (count == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
+    if (__bos_trivially_not_lt_no_overflow(bos, count)) {
         return __PREAD_PREFIX(real)(fd, buf, count, offset);
     }
 
@@ -103,7 +106,7 @@
         __error_if_overflows_objectsize(count, __bos0(buf), pread64) {
     size_t bos = __bos0(buf);
 
-    if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
+    if (__bos_trivially_not_lt_no_overflow(bos, count)) {
         return __pread64_real(fd, buf, count, offset);
     }
 
@@ -119,7 +122,7 @@
         __error_if_overflows_objectsize(count, __bos0(buf), pwrite) {
     size_t bos = __bos0(buf);
 
-    if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
+    if (__bos_trivially_not_lt_no_overflow(bos, count)) {
         return __PWRITE_PREFIX(real)(fd, buf, count, offset);
     }
 
@@ -133,7 +136,7 @@
         __error_if_overflows_objectsize(count, __bos0(buf), pwrite64) {
     size_t bos = __bos0(buf);
 
-    if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
+    if (__bos_trivially_not_lt_no_overflow(bos, count)) {
         return __pwrite64_real(fd, buf, count, offset);
     }
 
@@ -149,7 +152,7 @@
         __error_if_overflows_objectsize(count, __bos0(buf), read) {
     size_t bos = __bos0(buf);
 
-    if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
+    if (__bos_trivially_not_lt_no_overflow(bos, count)) {
         return __call_bypassing_fortify(read)(fd, buf, count);
     }
 
@@ -165,7 +168,7 @@
         __error_if_overflows_objectsize(count, __bos0(buf), write) {
     size_t bos = __bos0(buf);
 
-    if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
+    if (__bos_trivially_not_lt_no_overflow(bos, count)) {
         return __call_bypassing_fortify(write)(fd, buf, count);
     }
 
@@ -181,7 +184,7 @@
         __error_if_overflows_objectsize(size, __bos(buf), readlink) {
     size_t bos = __bos(buf);
 
-    if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
+    if (__bos_trivially_not_lt_no_overflow(bos, size)) {
         return __call_bypassing_fortify(readlink)(path, buf, size);
     }
 
@@ -195,7 +198,7 @@
         __error_if_overflows_objectsize(size, __bos(buf), readlinkat) {
     size_t bos = __bos(buf);
 
-    if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
+    if (__bos_trivially_not_lt_no_overflow(bos, size)) {
         return __call_bypassing_fortify(readlinkat)(dirfd, path, buf, size);
     }
 
@@ -203,6 +206,7 @@
 }
 #endif /* __ANDROID_API__ >= __ANDROID_API_M__ */
 
+#undef __bos_trivially_not_lt_no_overflow
 #undef __enable_if_no_overflow_ssizet
 #undef __error_if_overflows_objectsize
 #undef __error_if_overflows_ssizet

diff --git a/libc/include/sys/cdefs.h b/libc/include/sys/cdefs.h
index 42bf451..dceb116 100644
--- a/libc/include/sys/cdefs.h
+++ b/libc/include/sys/cdefs.h

@@ -293,7 +293,7 @@
 #define __bos_unevaluated_lt(bos_val, val) \
   ((bos_val) != __BIONIC_FORTIFY_UNKNOWN_SIZE && (bos_val) < (val))
 
-#define __bos_unevaluated_leq(bos_val, val) \
+#define __bos_unevaluated_le(bos_val, val) \
   ((bos_val) != __BIONIC_FORTIFY_UNKNOWN_SIZE && (bos_val) <= (val))
 
 /* Intended for use in evaluated contexts. */
@@ -304,13 +304,13 @@
 #define __bos_dynamic_check_impl(bos_val, op, index) \
   __bos_dynamic_check_impl_and(bos_val, op, index, 1)
 
-#define __bos_trivially_geq(bos_val, index) __bos_dynamic_check_impl((bos_val), >=, (index))
+#define __bos_trivially_ge(bos_val, index) __bos_dynamic_check_impl((bos_val), >=, (index))
 
 #define __bos_trivially_gt(bos_val, index) __bos_dynamic_check_impl((bos_val), >, (index))
 
 /* The names here are meant to match nicely with the __bos_unevaluated macros above. */
-#define __bos_trivially_not_lt __bos_trivially_geq
-#define __bos_trivially_not_leq __bos_trivially_gt
+#define __bos_trivially_not_lt __bos_trivially_ge
+#define __bos_trivially_not_le __bos_trivially_gt
 
 
 #if defined(__BIONIC_FORTIFY) || defined(__BIONIC_DECLARE_FORTIFY_HELPERS)
commit	11d3fdd8d6cc051ef0b54b211dba1e93af0906a4	[log] [tgz]
author	George Burgess IV <gbiv@google.com>	Fri May 24 00:03:36 2019 -0700
committer	android-build-merger <android-build-merger@google.com>	Fri May 24 00:03:36 2019 -0700
tree	03c1b6a86306f0c5624ebee660f19389484df699
parent	b7bf3abf7d89cdc695c2cc97560f4b55550fc343 [diff]
parent	8ff72891577a459105aa5cd27fc2fa3785e8b05e [diff]