Merge "Improve FORTIFY failure diagnostics."
diff --git a/libc/Android.mk b/libc/Android.mk
index f2004e1..3983a77 100644
--- a/libc/Android.mk
+++ b/libc/Android.mk
@@ -62,39 +62,6 @@
stdlib/atexit.c \
stdlib/exit.c \
-# Fortify implementations of libc functions.
-libc_common_src_files += \
- bionic/__FD_chk.cpp \
- bionic/__fgets_chk.cpp \
- bionic/__fread_chk.cpp \
- bionic/__fwrite_chk.cpp \
- bionic/__getcwd_chk.cpp \
- bionic/__memchr_chk.cpp \
- bionic/__memmove_chk.cpp \
- bionic/__memrchr_chk.cpp \
- bionic/__poll_chk.cpp \
- bionic/__pread64_chk.cpp \
- bionic/__pread_chk.cpp \
- bionic/__pwrite64_chk.cpp \
- bionic/__pwrite_chk.cpp \
- bionic/__read_chk.cpp \
- bionic/__readlink_chk.cpp \
- bionic/__readlinkat_chk.cpp \
- bionic/__recvfrom_chk.cpp \
- bionic/__stpcpy_chk.cpp \
- bionic/__stpncpy_chk.cpp \
- bionic/__strchr_chk.cpp \
- bionic/__strlcat_chk.cpp \
- bionic/__strlcpy_chk.cpp \
- bionic/__strlen_chk.cpp \
- bionic/__strncat_chk.cpp \
- bionic/__strncpy_chk.cpp \
- bionic/__strrchr_chk.cpp \
- bionic/__umask_chk.cpp \
- bionic/__vsnprintf_chk.cpp \
- bionic/__vsprintf_chk.cpp \
- bionic/__write_chk.cpp
-
libc_bionic_ndk_src_files := \
bionic/abort.cpp \
bionic/accept.cpp \
@@ -136,6 +103,7 @@
bionic/fgetxattr.cpp \
bionic/flistxattr.cpp \
bionic/flockfile.cpp \
+ bionic/fortify.cpp \
bionic/fpclassify.cpp \
bionic/fsetxattr.cpp \
bionic/ftruncate.cpp \
diff --git a/libc/arch-arm/cortex-a15/bionic/__strcat_chk_common.S b/libc/arch-arm/cortex-a15/bionic/__strcat_chk_common.S
index de66967..020ce42 100644
--- a/libc/arch-arm/cortex-a15/bionic/__strcat_chk_common.S
+++ b/libc/arch-arm/cortex-a15/bionic/__strcat_chk_common.S
@@ -27,7 +27,6 @@
*/
#include <private/bionic_asm.h>
-#include <private/libc_events.h>
.syntax unified
@@ -197,12 +196,9 @@
.cfi_rel_offset r5, 4
.L_strcat_chk_failed:
ldr r0, error_message
- ldr r1, error_code
1:
add r0, pc
- bl __fortify_chk_fail
-error_code:
- .word BIONIC_EVENT_STRCAT_BUFFER_OVERFLOW
+ bl __fortify_fatal
error_message:
.word error_string-(1b+4)
END(__strcat_chk)
diff --git a/libc/arch-arm/cortex-a15/bionic/__strcpy_chk_common.S b/libc/arch-arm/cortex-a15/bionic/__strcpy_chk_common.S
index 69ebcb4..215e6c2 100644
--- a/libc/arch-arm/cortex-a15/bionic/__strcpy_chk_common.S
+++ b/libc/arch-arm/cortex-a15/bionic/__strcpy_chk_common.S
@@ -27,7 +27,6 @@
*/
#include <private/bionic_asm.h>
-#include <private/libc_events.h>
.syntax unified
@@ -158,12 +157,9 @@
.L_strcpy_chk_failed:
ldr r0, error_message
- ldr r1, error_code
1:
add r0, pc
- bl __fortify_chk_fail
-error_code:
- .word BIONIC_EVENT_STRCPY_BUFFER_OVERFLOW
+ bl __fortify_fatal
error_message:
.word error_string-(1b+4)
END(__strcpy_chk)
diff --git a/libc/arch-arm/cortex-a15/bionic/memcpy_common.S b/libc/arch-arm/cortex-a15/bionic/memcpy_common.S
index 464fb46..955ffb8 100644
--- a/libc/arch-arm/cortex-a15/bionic/memcpy_common.S
+++ b/libc/arch-arm/cortex-a15/bionic/memcpy_common.S
@@ -54,7 +54,6 @@
*/
#include <private/bionic_asm.h>
-#include <private/libc_events.h>
.text
.syntax unified
@@ -88,12 +87,9 @@
.cfi_rel_offset lr, 0
ldr r0, error_message
- ldr r1, error_code
1:
add r0, pc
- bl __fortify_chk_fail
-error_code:
- .word BIONIC_EVENT_MEMCPY_BUFFER_OVERFLOW
+ bl __fortify_fatal
error_message:
.word error_string-(1b+8)
END(memcpy)
diff --git a/libc/arch-arm/cortex-a15/bionic/memset.S b/libc/arch-arm/cortex-a15/bionic/memset.S
index e4a1ec8..6941150 100644
--- a/libc/arch-arm/cortex-a15/bionic/memset.S
+++ b/libc/arch-arm/cortex-a15/bionic/memset.S
@@ -28,7 +28,6 @@
#include <machine/cpu-features.h>
#include <private/bionic_asm.h>
-#include <private/libc_events.h>
/*
* Optimized memset() for ARM.
@@ -49,12 +48,9 @@
.cfi_rel_offset lr, 0
ldr r0, error_message
- ldr r1, error_code
1:
add r0, pc
- bl __fortify_chk_fail
-error_code:
- .word BIONIC_EVENT_MEMSET_BUFFER_OVERFLOW
+ bl __fortify_fatal
error_message:
.word error_string-(1b+8)
END(__memset_chk)
diff --git a/libc/arch-arm/cortex-a7/bionic/memset.S b/libc/arch-arm/cortex-a7/bionic/memset.S
index 6365b06..8e69bbc 100644
--- a/libc/arch-arm/cortex-a7/bionic/memset.S
+++ b/libc/arch-arm/cortex-a7/bionic/memset.S
@@ -28,7 +28,6 @@
#include <machine/cpu-features.h>
#include <private/bionic_asm.h>
-#include <private/libc_events.h>
/*
* Optimized memset() for ARM.
@@ -49,12 +48,9 @@
.cfi_rel_offset lr, 0
ldr r0, error_message
- ldr r1, error_code
1:
add r0, pc
- bl __fortify_chk_fail
-error_code:
- .word BIONIC_EVENT_MEMSET_BUFFER_OVERFLOW
+ bl __fortify_fatal
error_message:
.word error_string-(1b+8)
END(__memset_chk)
diff --git a/libc/arch-arm/cortex-a9/bionic/__strcat_chk.S b/libc/arch-arm/cortex-a9/bionic/__strcat_chk.S
index 45517f1..6245861 100644
--- a/libc/arch-arm/cortex-a9/bionic/__strcat_chk.S
+++ b/libc/arch-arm/cortex-a9/bionic/__strcat_chk.S
@@ -27,7 +27,6 @@
*/
#include <private/bionic_asm.h>
-#include <private/libc_events.h>
.syntax unified
.fpu neon
@@ -205,12 +204,9 @@
.cfi_rel_offset r5, 4
ldr r0, error_message
- ldr r1, error_code
1:
add r0, pc
- bl __fortify_chk_fail
-error_code:
- .word BIONIC_EVENT_STRCAT_BUFFER_OVERFLOW
+ bl __fortify_fatal
error_message:
.word error_string-(1b+4)
END(__strcat_chk_fail)
diff --git a/libc/arch-arm/cortex-a9/bionic/__strcpy_chk.S b/libc/arch-arm/cortex-a9/bionic/__strcpy_chk.S
index 67eca08..14741b6 100644
--- a/libc/arch-arm/cortex-a9/bionic/__strcpy_chk.S
+++ b/libc/arch-arm/cortex-a9/bionic/__strcpy_chk.S
@@ -27,7 +27,6 @@
*/
#include <private/bionic_asm.h>
-#include <private/libc_events.h>
.syntax unified
.fpu neon
@@ -169,13 +168,10 @@
.cfi_rel_offset lr, 4
ldr r0, error_message
- ldr r1, error_code
1:
add r0, pc
- bl __fortify_chk_fail
+ bl __fortify_fatal
-error_code:
- .word BIONIC_EVENT_STRCPY_BUFFER_OVERFLOW
error_message:
.word error_string-(1b+4)
END(__strcpy_chk_fail)
diff --git a/libc/arch-arm/cortex-a9/bionic/memcpy.S b/libc/arch-arm/cortex-a9/bionic/memcpy.S
index db3e26f..fc0bba1 100644
--- a/libc/arch-arm/cortex-a9/bionic/memcpy.S
+++ b/libc/arch-arm/cortex-a9/bionic/memcpy.S
@@ -27,7 +27,6 @@
*/
#include <private/bionic_asm.h>
-#include <private/libc_events.h>
/*
* This code assumes it is running on a processor that supports all arm v7
@@ -67,12 +66,9 @@
.cfi_rel_offset lr, 0
ldr r0, error_message
- ldr r1, error_code
1:
add r0, pc
- bl __fortify_chk_fail
-error_code:
- .word BIONIC_EVENT_MEMCPY_BUFFER_OVERFLOW
+ bl __fortify_fatal
error_message:
.word error_string-(1b+4)
END(__memcpy_chk_fail)
diff --git a/libc/arch-arm/cortex-a9/bionic/memset.S b/libc/arch-arm/cortex-a9/bionic/memset.S
index b39fcc4..918a4ad 100644
--- a/libc/arch-arm/cortex-a9/bionic/memset.S
+++ b/libc/arch-arm/cortex-a9/bionic/memset.S
@@ -27,7 +27,6 @@
*/
#include <private/bionic_asm.h>
-#include <private/libc_events.h>
/*
* This code assumes it is running on a processor that supports all arm v7
@@ -47,12 +46,9 @@
.cfi_rel_offset lr, 0
ldr r0, error_message
- ldr r1, error_code
1:
add r0, pc
- bl __fortify_chk_fail
-error_code:
- .word BIONIC_EVENT_MEMSET_BUFFER_OVERFLOW
+ bl __fortify_fatal
error_message:
.word error_string-(1b+8)
END(__memset_chk)
diff --git a/libc/arch-arm/denver/bionic/__strcat_chk.S b/libc/arch-arm/denver/bionic/__strcat_chk.S
index a2e9c22..2fbf5d6 100644
--- a/libc/arch-arm/denver/bionic/__strcat_chk.S
+++ b/libc/arch-arm/denver/bionic/__strcat_chk.S
@@ -27,7 +27,6 @@
*/
#include <private/bionic_asm.h>
-#include <private/libc_events.h>
.syntax unified
@@ -201,12 +200,9 @@
.cfi_rel_offset r5, 4
ldr r0, error_message
- ldr r1, error_code
1:
add r0, pc
- bl __fortify_chk_fail
-error_code:
- .word BIONIC_EVENT_STRCAT_BUFFER_OVERFLOW
+ bl __fortify_fatal
error_message:
.word error_string-(1b+4)
END(__strcat_chk_failed)
diff --git a/libc/arch-arm/denver/bionic/__strcpy_chk.S b/libc/arch-arm/denver/bionic/__strcpy_chk.S
index db76686..36188b0 100644
--- a/libc/arch-arm/denver/bionic/__strcpy_chk.S
+++ b/libc/arch-arm/denver/bionic/__strcpy_chk.S
@@ -27,7 +27,6 @@
*/
#include <private/bionic_asm.h>
-#include <private/libc_events.h>
.syntax unified
@@ -165,12 +164,9 @@
.cfi_rel_offset lr, 4
ldr r0, error_message
- ldr r1, error_code
1:
add r0, pc
- bl __fortify_chk_fail
-error_code:
- .word BIONIC_EVENT_STRCPY_BUFFER_OVERFLOW
+ bl __fortify_fatal
error_message:
.word error_string-(1b+4)
END(__strcpy_chk_failed)
diff --git a/libc/arch-arm/denver/bionic/memcpy.S b/libc/arch-arm/denver/bionic/memcpy.S
index 410b663..c1db06c 100644
--- a/libc/arch-arm/denver/bionic/memcpy.S
+++ b/libc/arch-arm/denver/bionic/memcpy.S
@@ -56,7 +56,6 @@
// Prototype: void *memcpy (void *dst, const void *src, size_t count).
#include <private/bionic_asm.h>
-#include <private/libc_events.h>
.text
.syntax unified
@@ -88,12 +87,9 @@
.cfi_rel_offset lr, 0
ldr r0, error_message
- ldr r1, error_code
1:
add r0, pc
- bl __fortify_chk_fail
-error_code:
- .word BIONIC_EVENT_MEMCPY_BUFFER_OVERFLOW
+ bl __fortify_fatal
error_message:
.word error_string-(1b+8)
END(__memcpy_chk_fail)
diff --git a/libc/arch-arm/denver/bionic/memmove.S b/libc/arch-arm/denver/bionic/memmove.S
index 132190b..94302f3 100644
--- a/libc/arch-arm/denver/bionic/memmove.S
+++ b/libc/arch-arm/denver/bionic/memmove.S
@@ -28,7 +28,6 @@
*/
#include <private/bionic_asm.h>
-#include <private/libc_events.h>
.text
.syntax unified
diff --git a/libc/arch-arm/denver/bionic/memset.S b/libc/arch-arm/denver/bionic/memset.S
index d77c244..6fac194 100644
--- a/libc/arch-arm/denver/bionic/memset.S
+++ b/libc/arch-arm/denver/bionic/memset.S
@@ -29,7 +29,6 @@
#include <machine/cpu-features.h>
#include <private/bionic_asm.h>
-#include <private/libc_events.h>
/*
* Optimized memset() for ARM.
@@ -52,12 +51,9 @@
ldr r0, error_message
- ldr r1, error_code
1:
add r0, pc
- bl __fortify_chk_fail
-error_code:
- .word BIONIC_EVENT_MEMSET_BUFFER_OVERFLOW
+ bl __fortify_fatal
error_message:
.word error_string-(1b+8)
END(__memset_chk)
diff --git a/libc/arch-arm/generic/bionic/memcpy.S b/libc/arch-arm/generic/bionic/memcpy.S
index 65cba4c..54c3060 100644
--- a/libc/arch-arm/generic/bionic/memcpy.S
+++ b/libc/arch-arm/generic/bionic/memcpy.S
@@ -28,7 +28,6 @@
#include <machine/cpu-features.h>
#include <private/bionic_asm.h>
-#include <private/libc_events.h>
/*
* Optimized memcpy() for ARM.
@@ -395,12 +394,9 @@
.cfi_rel_offset lr, 0
ldr r0, error_message
- ldr r1, error_code
1:
add r0, pc
- bl __fortify_chk_fail
-error_code:
- .word BIONIC_EVENT_MEMCPY_BUFFER_OVERFLOW
+ bl __fortify_fatal
error_message:
.word error_string-(1b+8)
END(__memcpy_chk_fail)
diff --git a/libc/arch-arm/generic/bionic/memset.S b/libc/arch-arm/generic/bionic/memset.S
index b8eabbf..452b9d4 100644
--- a/libc/arch-arm/generic/bionic/memset.S
+++ b/libc/arch-arm/generic/bionic/memset.S
@@ -27,7 +27,6 @@
*/
#include <private/bionic_asm.h>
-#include <private/libc_events.h>
/*
* Optimized memset() for ARM.
@@ -42,12 +41,9 @@
bls done
ldr r0, error_message
- ldr r1, error_code
1:
add r0, pc
- bl __fortify_chk_fail
-error_code:
- .word BIONIC_EVENT_MEMSET_BUFFER_OVERFLOW
+ bl __fortify_fatal
error_message:
.word error_string-(1b+8)
diff --git a/libc/arch-arm/krait/bionic/__strcat_chk.S b/libc/arch-arm/krait/bionic/__strcat_chk.S
index 1a39c5b..fabca24 100644
--- a/libc/arch-arm/krait/bionic/__strcat_chk.S
+++ b/libc/arch-arm/krait/bionic/__strcat_chk.S
@@ -27,7 +27,6 @@
*/
#include <private/bionic_asm.h>
-#include <private/libc_events.h>
.syntax unified
@@ -197,12 +196,9 @@
.cfi_rel_offset r5, 4
.L_strcat_chk_failed:
ldr r0, error_message
- ldr r1, error_code
1:
add r0, pc
- bl __fortify_chk_fail
-error_code:
- .word BIONIC_EVENT_STRCAT_BUFFER_OVERFLOW
+ bl __fortify_fatal
error_message:
.word error_string-(1b+4)
END(__strcat_chk)
diff --git a/libc/arch-arm/krait/bionic/__strcpy_chk.S b/libc/arch-arm/krait/bionic/__strcpy_chk.S
index 00202f3..ef908e6 100644
--- a/libc/arch-arm/krait/bionic/__strcpy_chk.S
+++ b/libc/arch-arm/krait/bionic/__strcpy_chk.S
@@ -27,7 +27,6 @@
*/
#include <private/bionic_asm.h>
-#include <private/libc_events.h>
.syntax unified
@@ -158,12 +157,9 @@
.L_strcpy_chk_failed:
ldr r0, error_message
- ldr r1, error_code
1:
add r0, pc
- bl __fortify_chk_fail
-error_code:
- .word BIONIC_EVENT_STRCPY_BUFFER_OVERFLOW
+ bl __fortify_fatal
error_message:
.word error_string-(1b+4)
END(__strcpy_chk)
diff --git a/libc/arch-arm/krait/bionic/memcpy.S b/libc/arch-arm/krait/bionic/memcpy.S
index 5d27b57..189a097 100644
--- a/libc/arch-arm/krait/bionic/memcpy.S
+++ b/libc/arch-arm/krait/bionic/memcpy.S
@@ -29,7 +29,6 @@
/* Assumes neon instructions and a cache line size of 32 bytes. */
#include <private/bionic_asm.h>
-#include <private/libc_events.h>
/*
* This code assumes it is running on a processor that supports all arm v7
@@ -70,12 +69,9 @@
.cfi_rel_offset lr, 0
ldr r0, error_message
- ldr r1, error_code
1:
add r0, pc
- bl __fortify_chk_fail
-error_code:
- .word BIONIC_EVENT_MEMCPY_BUFFER_OVERFLOW
+ bl __fortify_fatal
error_message:
.word error_string-(1b+4)
END(memcpy)
diff --git a/libc/arch-arm/krait/bionic/memset.S b/libc/arch-arm/krait/bionic/memset.S
index ae05965..6b6d29c 100644
--- a/libc/arch-arm/krait/bionic/memset.S
+++ b/libc/arch-arm/krait/bionic/memset.S
@@ -28,7 +28,6 @@
#include <machine/cpu-features.h>
#include <private/bionic_asm.h>
-#include <private/libc_events.h>
/*
* This code assumes it is running on a processor that supports all arm v7
@@ -49,12 +48,9 @@
.cfi_rel_offset lr, 0
ldr r0, error_message
- ldr r1, error_code
1:
add r0, pc
- bl __fortify_chk_fail
-error_code:
- .word BIONIC_EVENT_MEMSET_BUFFER_OVERFLOW
+ bl __fortify_fatal
error_message:
.word error_string-(1b+8)
END(__memset_chk)
diff --git a/libc/arch-arm64/denver64/bionic/memcpy.S b/libc/arch-arm64/denver64/bionic/memcpy.S
index 85129fe..83ab5d1 100644
--- a/libc/arch-arm64/denver64/bionic/memcpy.S
+++ b/libc/arch-arm64/denver64/bionic/memcpy.S
@@ -29,7 +29,6 @@
// Prototype: void *memcpy (void *dst, const void *src, size_t count).
#include <private/bionic_asm.h>
-#include <private/libc_events.h>
ENTRY(__memcpy_chk)
cmp x2, x3
@@ -51,10 +50,7 @@
adrp x0, error_string
add x0, x0, :lo12:error_string
- ldr x1, error_code
- bl __fortify_chk_fail
-error_code:
- .word BIONIC_EVENT_MEMCPY_BUFFER_OVERFLOW
+ bl __fortify_fatal
END(__memcpy_chk_fail)
.data
diff --git a/libc/arch-arm64/generic/bionic/memcpy.S b/libc/arch-arm64/generic/bionic/memcpy.S
index 85129fe..83ab5d1 100644
--- a/libc/arch-arm64/generic/bionic/memcpy.S
+++ b/libc/arch-arm64/generic/bionic/memcpy.S
@@ -29,7 +29,6 @@
// Prototype: void *memcpy (void *dst, const void *src, size_t count).
#include <private/bionic_asm.h>
-#include <private/libc_events.h>
ENTRY(__memcpy_chk)
cmp x2, x3
@@ -51,10 +50,7 @@
adrp x0, error_string
add x0, x0, :lo12:error_string
- ldr x1, error_code
- bl __fortify_chk_fail
-error_code:
- .word BIONIC_EVENT_MEMCPY_BUFFER_OVERFLOW
+ bl __fortify_fatal
END(__memcpy_chk_fail)
.data
diff --git a/libc/bionic/__FD_chk.cpp b/libc/bionic/__FD_chk.cpp
deleted file mode 100644
index af8427a..0000000
--- a/libc/bionic/__FD_chk.cpp
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * Copyright (C) 2013 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-#include <sys/select.h>
-#include "private/libc_logging.h"
-
-extern "C" int __FD_ISSET_chk(int fd, fd_set* set, size_t set_size) {
- if (__predict_false(fd < 0)) {
- __fortify_chk_fail("FD_ISSET: file descriptor < 0", 0);
- }
- if (__predict_false(fd >= FD_SETSIZE)) {
- __fortify_chk_fail("FD_ISSET: file descriptor >= FD_SETSIZE", 0);
- }
- if (__predict_false(set_size < sizeof(fd_set))) {
- __fortify_chk_fail("FD_ISSET: set is too small", 0);
- }
- return FD_ISSET(fd, set);
-}
-
-extern "C" void __FD_CLR_chk(int fd, fd_set* set, size_t set_size) {
- if (__predict_false(fd < 0)) {
- __fortify_chk_fail("FD_CLR: file descriptor < 0", 0);
- }
- if (__predict_false(fd >= FD_SETSIZE)) {
- __fortify_chk_fail("FD_CLR: file descriptor >= FD_SETSIZE", 0);
- }
- if (__predict_false(set_size < sizeof(fd_set))) {
- __fortify_chk_fail("FD_CLR: set is too small", 0);
- }
- FD_CLR(fd, set);
-}
-
-extern "C" void __FD_SET_chk(int fd, fd_set* set, size_t set_size) {
- if (__predict_false(fd < 0)) {
- __fortify_chk_fail("FD_SET: file descriptor < 0", 0);
- }
- if (__predict_false(fd >= FD_SETSIZE)) {
- __fortify_chk_fail("FD_SET: file descriptor >= FD_SETSIZE", 0);
- }
- if (__predict_false(set_size < sizeof(fd_set))) {
- __fortify_chk_fail("FD_SET: set is too small", 0);
- }
- FD_SET(fd, set);
-}
diff --git a/libc/bionic/__fgets_chk.cpp b/libc/bionic/__fgets_chk.cpp
deleted file mode 100644
index 75e4ca0..0000000
--- a/libc/bionic/__fgets_chk.cpp
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Copyright (C) 2012 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-
-#include <stdio.h>
-#include <stdlib.h>
-#include "private/libc_logging.h"
-
-/*
- * __fgets_chk. Called in place of fgets() when we know the
- * size of the buffer we're writing into.
- *
- * See
- * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
- * for details.
- *
- * This fgets check is called if _FORTIFY_SOURCE is defined and
- * greater than 0.
- */
-char* __fgets_chk(char* dest, int supplied_size, FILE* stream,
- size_t dest_len_from_compiler) {
- if (supplied_size < 0) {
- __fortify_chk_fail("fgets: buffer size < 0", 0);
- }
-
- if (((size_t) supplied_size) > dest_len_from_compiler) {
- __fortify_chk_fail("fgets: prevented write past end of buffer", 0);
- }
-
- return fgets(dest, supplied_size, stream);
-}
diff --git a/libc/bionic/__fread_chk.cpp b/libc/bionic/__fread_chk.cpp
deleted file mode 100644
index afc8d90..0000000
--- a/libc/bionic/__fread_chk.cpp
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * Copyright (C) 2015 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-#include <stdio.h>
-#include <sys/cdefs.h>
-#include "private/libc_logging.h"
-
-extern "C" size_t __fread_chk(void * __restrict buf, size_t size, size_t count,
- FILE * __restrict stream, size_t buf_size) {
- size_t total;
- if (__predict_false(__size_mul_overflow(size, count, &total))) {
- // overflow: trigger the error path in fread
- return fread(buf, size, count, stream);
- }
-
- if (__predict_false(total > buf_size)) {
- __fortify_chk_fail("fread: prevented write past end of buffer", 0);
- }
-
- return fread(buf, size, count, stream);
-}
diff --git a/libc/bionic/__fwrite_chk.cpp b/libc/bionic/__fwrite_chk.cpp
deleted file mode 100644
index 2af13d6..0000000
--- a/libc/bionic/__fwrite_chk.cpp
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * Copyright (C) 2015 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-#include <stdio.h>
-#include <sys/cdefs.h>
-#include "private/libc_logging.h"
-
-extern "C" size_t __fwrite_chk(const void * __restrict buf, size_t size, size_t count,
- FILE * __restrict stream, size_t buf_size) {
- size_t total;
- if (__predict_false(__size_mul_overflow(size, count, &total))) {
- // overflow: trigger the error path in fwrite
- return fwrite(buf, size, count, stream);
- }
-
- if (__predict_false(total > buf_size)) {
- __fortify_chk_fail("fwrite: prevented read past end of buffer", 0);
- }
-
- return fwrite(buf, size, count, stream);
-}
diff --git a/libc/bionic/__getcwd_chk.cpp b/libc/bionic/__getcwd_chk.cpp
deleted file mode 100644
index b53ab5c..0000000
--- a/libc/bionic/__getcwd_chk.cpp
+++ /dev/null
@@ -1,40 +0,0 @@
-/*
- * Copyright (C) 2015 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-
-#include <unistd.h>
-#include "private/libc_logging.h"
-
-extern char* __getcwd_chk(char* buf, size_t len, size_t buflen) {
- if (__predict_false(len > buflen)) {
- __fortify_chk_fail("getcwd: prevented write past end of buffer", 0);
- }
-
- return getcwd(buf, len);
-}
diff --git a/libc/bionic/__memchr_chk.cpp b/libc/bionic/__memchr_chk.cpp
deleted file mode 100644
index d141c04..0000000
--- a/libc/bionic/__memchr_chk.cpp
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Copyright (C) 2015 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-#include <string.h>
-#include "private/libc_logging.h"
-
-extern "C" void* __memchr_chk(const void* s, int c, size_t n, size_t buf_size) {
- if (__predict_false(n > buf_size)) {
- __fortify_chk_fail("memchr: prevented read past end of buffer", 0);
- }
-
- return memchr(s, c, n);
-}
diff --git a/libc/bionic/__memcpy_chk.cpp b/libc/bionic/__memcpy_chk.cpp
index 8a4f207..7b42d99 100644
--- a/libc/bionic/__memcpy_chk.cpp
+++ b/libc/bionic/__memcpy_chk.cpp
@@ -27,27 +27,14 @@
*/
#undef _FORTIFY_SOURCE
+
#include <string.h>
-#include <stdlib.h>
-#include "private/libc_logging.h"
-/*
- * Runtime implementation of __memcpy_chk.
- *
- * See
- * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
- * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
- * for details.
- *
- * This memcpy check is called if _FORTIFY_SOURCE is defined and
- * greater than 0.
- */
-extern "C" void* __memcpy_chk(void* dest, const void* src,
- size_t copy_amount, size_t dest_len) {
- if (__predict_false(copy_amount > dest_len)) {
- __fortify_chk_fail("memcpy: prevented write past end of buffer",
- BIONIC_EVENT_MEMCPY_BUFFER_OVERFLOW);
- }
+#include "private/bionic_fortify.h"
- return memcpy(dest, src, copy_amount);
+// Runtime implementation of __memcpy_chk (used directly by compiler, not in headers).
+extern "C" void* __memcpy_chk(void* dst, const void* src, size_t count, size_t dst_len) {
+ __check_count("memcpy", "count", count);
+ __check_buffer_access("memcpy", "write into", count, dst_len);
+ return memcpy(dst, src, count);
}
diff --git a/libc/bionic/__memmove_chk.cpp b/libc/bionic/__memmove_chk.cpp
deleted file mode 100644
index b88a94f..0000000
--- a/libc/bionic/__memmove_chk.cpp
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * Copyright (C) 2012 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-
-#include <string.h>
-#include <stdlib.h>
-#include "private/libc_logging.h"
-
-/*
- * Runtime implementation of __builtin____memmove_chk.
- *
- * See
- * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
- * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
- * for details.
- *
- * This memmove check is called if _FORTIFY_SOURCE is defined and
- * greater than 0.
- */
-extern "C" void* __memmove_chk (void* dest, const void* src,
- size_t len, size_t dest_len) {
- if (__predict_false(len > dest_len)) {
- __fortify_chk_fail("memmove: prevented write past end of buffer",
- BIONIC_EVENT_MEMMOVE_BUFFER_OVERFLOW);
- }
-
- return memmove(dest, src, len);
-}
diff --git a/libc/bionic/__memrchr_chk.cpp b/libc/bionic/__memrchr_chk.cpp
deleted file mode 100644
index 8529dfc..0000000
--- a/libc/bionic/__memrchr_chk.cpp
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Copyright (C) 2015 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-#include <string.h>
-#include "private/libc_logging.h"
-
-extern "C" void* __memrchr_chk(const void* s, int c, size_t n, size_t buf_size) {
- if (__predict_false(n > buf_size)) {
- __fortify_chk_fail("memrchr: prevented read past end of buffer", 0);
- }
-
- return memrchr(s, c, n);
-}
diff --git a/libc/bionic/__memset_chk.cpp b/libc/bionic/__memset_chk.cpp
index 5f20452..9e7b940 100644
--- a/libc/bionic/__memset_chk.cpp
+++ b/libc/bionic/__memset_chk.cpp
@@ -29,25 +29,12 @@
#undef _FORTIFY_SOURCE
#include <string.h>
-#include <stdlib.h>
-#include "private/libc_logging.h"
-/*
- * Runtime implementation of __builtin____memset_chk.
- *
- * See
- * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
- * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
- * for details.
- *
- * This memset check is called if _FORTIFY_SOURCE is defined and
- * greater than 0.
- */
-extern "C" void* __memset_chk (void* dest, int c, size_t n, size_t dest_len) {
- if (__predict_false(n > dest_len)) {
- __fortify_chk_fail("memset: prevented write past end of buffer",
- BIONIC_EVENT_MEMSET_BUFFER_OVERFLOW);
- }
+#include "private/bionic_fortify.h"
- return memset(dest, c, n);
+// Runtime implementation of __builtin___memset_chk (used directly by compiler, not in headers).
+extern "C" void* __memset_chk(void* dst, int byte, size_t count, size_t dst_len) {
+ __check_count("memset", "count", count);
+ __check_buffer_access("memset", "write into", count, dst_len);
+ return memset(dst, byte, count);
}
diff --git a/libc/bionic/__poll_chk.cpp b/libc/bionic/__poll_chk.cpp
deleted file mode 100644
index a24ab8e..0000000
--- a/libc/bionic/__poll_chk.cpp
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright (C) 2015 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-#include <poll.h>
-#include "private/libc_logging.h"
-
-extern "C" int __poll_chk(struct pollfd* fds, nfds_t fd_count, int timeout, size_t fds_size) {
- if (__predict_false(fds_size / sizeof(*fds) < fd_count)) {
- __fortify_chk_fail("poll: pollfd array smaller than fd count", 0);
- }
- return poll(fds, fd_count, timeout);
-}
-
-extern "C" int __ppoll_chk(struct pollfd* fds, nfds_t fd_count, const struct timespec* timeout, const sigset_t* mask, size_t fds_size) {
- if (__predict_false(fds_size / sizeof(*fds) < fd_count)) {
- __fortify_chk_fail("ppoll: pollfd array smaller than fd count", 0);
- }
- return ppoll(fds, fd_count, timeout, mask);
-}
diff --git a/libc/bionic/__pread64_chk.cpp b/libc/bionic/__pread64_chk.cpp
deleted file mode 100644
index 5d6ad2d..0000000
--- a/libc/bionic/__pread64_chk.cpp
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * Copyright (C) 2015 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-#include <unistd.h>
-#include "private/libc_logging.h"
-
-extern "C" ssize_t __pread64_chk(int fd, void* buf, size_t count, off64_t offset, size_t buf_size) {
- if (__predict_false(count > buf_size)) {
- __fortify_chk_fail("pread64: prevented write past end of buffer", 0);
- }
-
- if (__predict_false(count > SSIZE_MAX)) {
- __fortify_chk_fail("pread64: count > SSIZE_MAX", 0);
- }
-
- return pread64(fd, buf, count, offset);
-}
diff --git a/libc/bionic/__pread_chk.cpp b/libc/bionic/__pread_chk.cpp
deleted file mode 100644
index 7109ce6..0000000
--- a/libc/bionic/__pread_chk.cpp
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * Copyright (C) 2015 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-#include <unistd.h>
-#include "private/libc_logging.h"
-
-extern "C" ssize_t __pread_chk(int fd, void* buf, size_t count, off_t offset, size_t buf_size) {
- if (__predict_false(count > buf_size)) {
- __fortify_chk_fail("pread: prevented write past end of buffer", 0);
- }
-
- if (__predict_false(count > SSIZE_MAX)) {
- __fortify_chk_fail("pread: count > SSIZE_MAX", 0);
- }
-
- return pread(fd, buf, count, offset);
-}
diff --git a/libc/bionic/__pwrite64_chk.cpp b/libc/bionic/__pwrite64_chk.cpp
deleted file mode 100644
index e488ca1..0000000
--- a/libc/bionic/__pwrite64_chk.cpp
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Copyright (C) 2015 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-#include <unistd.h>
-#include "private/libc_logging.h"
-
-extern "C" ssize_t __pwrite64_chk(int fd, const void* buf, size_t count, off64_t offset,
- size_t buf_size) {
- if (__predict_false(count > buf_size)) {
- __fortify_chk_fail("pwrite64: prevented read past end of buffer", 0);
- }
-
- if (__predict_false(count > SSIZE_MAX)) {
- __fortify_chk_fail("pwrite64: count > SSIZE_MAX", 0);
- }
-
- return pwrite64(fd, buf, count, offset);
-}
diff --git a/libc/bionic/__pwrite_chk.cpp b/libc/bionic/__pwrite_chk.cpp
deleted file mode 100644
index a889ef6..0000000
--- a/libc/bionic/__pwrite_chk.cpp
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Copyright (C) 2015 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-#include <unistd.h>
-#include "private/libc_logging.h"
-
-extern "C" ssize_t __pwrite_chk(int fd, const void* buf, size_t count, off_t offset,
- size_t buf_size) {
- if (__predict_false(count > buf_size)) {
- __fortify_chk_fail("pwrite: prevented read past end of buffer", 0);
- }
-
- if (__predict_false(count > SSIZE_MAX)) {
- __fortify_chk_fail("pwrite: count > SSIZE_MAX", 0);
- }
-
- return pwrite(fd, buf, count, offset);
-}
diff --git a/libc/bionic/__read_chk.cpp b/libc/bionic/__read_chk.cpp
deleted file mode 100644
index ff50983..0000000
--- a/libc/bionic/__read_chk.cpp
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * Copyright (C) 2013 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-#include <unistd.h>
-#include "private/libc_logging.h"
-
-extern "C" ssize_t __read_chk(int fd, void* buf, size_t count, size_t buf_size) {
- if (__predict_false(count > buf_size)) {
- __fortify_chk_fail("read: prevented write past end of buffer", 0);
- }
-
- if (__predict_false(count > SSIZE_MAX)) {
- __fortify_chk_fail("read: count > SSIZE_MAX", 0);
- }
-
- return read(fd, buf, count);
-}
diff --git a/libc/bionic/__readlink_chk.cpp b/libc/bionic/__readlink_chk.cpp
deleted file mode 100644
index f19f917..0000000
--- a/libc/bionic/__readlink_chk.cpp
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * Copyright (C) 2015 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-#include <unistd.h>
-#include "private/libc_logging.h"
-
-extern "C" ssize_t __readlink_chk(const char* path, char* buf, size_t size, size_t buf_size) {
- if (__predict_false(size > buf_size)) {
- __fortify_chk_fail("readlink: prevented write past end of buffer", 0);
- }
-
- if (__predict_false(size > SSIZE_MAX)) {
- __fortify_chk_fail("readlink: size > SSIZE_MAX", 0);
- }
-
- return readlink(path, buf, size);
-}
diff --git a/libc/bionic/__readlinkat_chk.cpp b/libc/bionic/__readlinkat_chk.cpp
deleted file mode 100644
index a11db8e..0000000
--- a/libc/bionic/__readlinkat_chk.cpp
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * Copyright (C) 2015 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-#include <unistd.h>
-#include "private/libc_logging.h"
-
-extern "C" ssize_t __readlinkat_chk(int dirfd, const char* path, char* buf, size_t size, size_t buf_size) {
- if (__predict_false(size > buf_size)) {
- __fortify_chk_fail("readlinkat: prevented write past end of buffer", 0);
- }
-
- if (__predict_false(size > SSIZE_MAX)) {
- __fortify_chk_fail("readlinkat: size > SSIZE_MAX", 0);
- }
-
- return readlinkat(dirfd, path, buf, size);
-}
diff --git a/libc/bionic/__recvfrom_chk.cpp b/libc/bionic/__recvfrom_chk.cpp
deleted file mode 100644
index 9c894b0..0000000
--- a/libc/bionic/__recvfrom_chk.cpp
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * Copyright (C) 2013 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-
-#include <stddef.h>
-#include <sys/socket.h>
-#include "private/libc_logging.h"
-
-ssize_t __recvfrom_chk(int socket, void* buf, size_t len, size_t buflen,
- int flags, const struct sockaddr* src_addr,
- socklen_t* addrlen) {
- if (__predict_false(len > buflen)) {
- __fortify_chk_fail("recvfrom: prevented write past end of buffer", 0);
- }
-
- return recvfrom(socket, buf, len, flags, src_addr, addrlen);
-}
diff --git a/libc/bionic/__stpcpy_chk.cpp b/libc/bionic/__stpcpy_chk.cpp
deleted file mode 100644
index 3ce81ee..0000000
--- a/libc/bionic/__stpcpy_chk.cpp
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Copyright (C) 2014 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-
-#include <string.h>
-#include <stdlib.h>
-#include "private/libc_logging.h"
-
-/*
- * Runtime implementation of __builtin____stpcpy_chk.
- *
- * See
- * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
- * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
- * for details.
- *
- * This stpcpy check is called if _FORTIFY_SOURCE is defined and
- * greater than 0.
- */
-extern "C" char* __stpcpy_chk(char* dest, const char* src, size_t dest_len) {
- // TODO: optimize so we don't scan src twice.
- size_t src_len = strlen(src) + 1;
- if (__predict_false(src_len > dest_len)) {
- __fortify_chk_fail("stpcpy: prevented write past end of buffer",
- BIONIC_EVENT_STPCPY_BUFFER_OVERFLOW);
- }
-
- return stpcpy(dest, src);
-}
diff --git a/libc/bionic/__stpncpy_chk.cpp b/libc/bionic/__stpncpy_chk.cpp
deleted file mode 100644
index 6c9215c..0000000
--- a/libc/bionic/__stpncpy_chk.cpp
+++ /dev/null
@@ -1,92 +0,0 @@
-/*
- * Copyright (C) 2014 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-
-#include <string.h>
-#include <stdlib.h>
-#include "private/libc_logging.h"
-
-/*
- * Runtime implementation of __builtin____stpncpy_chk.
- *
- * See
- * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
- * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
- * for details.
- *
- * This stpncpy check is called if _FORTIFY_SOURCE is defined and
- * greater than 0.
- */
-extern "C" char* __stpncpy_chk(char* __restrict dest, const char* __restrict src,
- size_t len, size_t dest_len) {
- if (__predict_false(len > dest_len)) {
- __fortify_chk_fail("stpncpy: prevented write past end of buffer",
- BIONIC_EVENT_STPNCPY_BUFFER_OVERFLOW);
- }
-
- return stpncpy(dest, src, len);
-}
-
-/*
- * __stpncpy_chk2
- *
- * This is a variant of __stpncpy_chk, but it also checks to make
- * sure we don't read beyond the end of "src". The code for this is
- * based on the original version of stpncpy, but modified to check
- * how much we read from "src" at the end of the copy operation.
- */
-extern "C" char* __stpncpy_chk2(char* __restrict dst, const char* __restrict src,
- size_t n, size_t dest_len, size_t src_len)
-{
- if (__predict_false(n > dest_len)) {
- __fortify_chk_fail("stpncpy: prevented write past end of buffer",
- BIONIC_EVENT_STPNCPY_BUFFER_OVERFLOW);
- }
- if (n != 0) {
- char* d = dst;
- const char* s = src;
-
- do {
- if ((*d++ = *s++) == 0) {
- /* NUL pad the remaining n-1 bytes */
- while (--n != 0) {
- *d++ = 0;
- }
- break;
- }
- } while (--n != 0);
-
- size_t s_copy_len = static_cast<size_t>(s - src);
- if (__predict_false(s_copy_len > src_len)) {
- __fortify_chk_fail("stpncpy: prevented read past end of buffer", 0);
- }
- }
-
- return dst;
-}
diff --git a/libc/bionic/__strcat_chk.cpp b/libc/bionic/__strcat_chk.cpp
index a0ab09e..16b2327 100644
--- a/libc/bionic/__strcat_chk.cpp
+++ b/libc/bionic/__strcat_chk.cpp
@@ -27,33 +27,22 @@
*/
#include <string.h>
-#include <stdlib.h>
-#include "private/libc_logging.h"
-/*
- * Runtime implementation of __builtin____strcat_chk.
- *
- * See
- * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
- * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
- * for details.
- *
- * This strcat check is called if _FORTIFY_SOURCE is defined and
- * greater than 0.
- */
-extern "C" char* __strcat_chk(char* __restrict dest, const char* __restrict src,
- size_t dest_buf_size) {
- char* save = dest;
- size_t dest_len = __strlen_chk(dest, dest_buf_size);
+#include "private/bionic_fortify.h"
- dest += dest_len;
- dest_buf_size -= dest_len;
+// Runtime implementation of __builtin____strcat_chk (used directly by compiler, not in headers).
+extern "C" char* __strcat_chk(char* __restrict dst, const char* __restrict src,
+ size_t dst_buf_size) {
+ char* save = dst;
+ size_t dst_len = __strlen_chk(dst, dst_buf_size);
- while ((*dest++ = *src++) != '\0') {
- dest_buf_size--;
- if (__predict_false(dest_buf_size == 0)) {
- __fortify_chk_fail("strcat: prevented write past end of buffer",
- BIONIC_EVENT_STRCAT_BUFFER_OVERFLOW);
+ dst += dst_len;
+ dst_buf_size -= dst_len;
+
+ while ((*dst++ = *src++) != '\0') {
+ dst_buf_size--;
+ if (__predict_false(dst_buf_size == 0)) {
+ __fortify_fatal("strcat: prevented write past end of %zu-byte buffer", dst_buf_size);
}
}
diff --git a/libc/bionic/__strchr_chk.cpp b/libc/bionic/__strchr_chk.cpp
deleted file mode 100644
index 03b6b30..0000000
--- a/libc/bionic/__strchr_chk.cpp
+++ /dev/null
@@ -1,46 +0,0 @@
-/*-
- * Copyright (c) 1990 The Regents of the University of California.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include <string.h>
-#include "private/libc_logging.h"
-
-extern "C" char* __strchr_chk(const char* p, int ch, size_t s_len) {
- for (;; ++p, s_len--) {
- if (__predict_false(s_len == 0)) {
- __fortify_chk_fail("strchr: prevented read past end of buffer", 0);
- }
- if (*p == static_cast<char>(ch)) {
- return const_cast<char*>(p);
- }
- if (*p == '\0') {
- return NULL;
- }
- }
- /* NOTREACHED */
-}
diff --git a/libc/bionic/__strcpy_chk.cpp b/libc/bionic/__strcpy_chk.cpp
index ad3ef50..116fff4 100644
--- a/libc/bionic/__strcpy_chk.cpp
+++ b/libc/bionic/__strcpy_chk.cpp
@@ -29,27 +29,13 @@
#undef _FORTIFY_SOURCE
#include <string.h>
-#include <stdlib.h>
-#include "private/libc_logging.h"
-/*
- * Runtime implementation of __builtin____strcpy_chk.
- *
- * See
- * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
- * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
- * for details.
- *
- * This strcpy check is called if _FORTIFY_SOURCE is defined and
- * greater than 0.
- */
-extern "C" char* __strcpy_chk(char* dest, const char* src, size_t dest_len) {
+#include "private/bionic_fortify.h"
+
+// Runtime implementation of __builtin____strcpy_chk (used directly by compiler, not in headers).
+extern "C" char* __strcpy_chk(char* dst, const char* src, size_t dst_len) {
// TODO: optimize so we don't scan src twice.
size_t src_len = strlen(src) + 1;
- if (__predict_false(src_len > dest_len)) {
- __fortify_chk_fail("strcpy: prevented write past end of buffer",
- BIONIC_EVENT_STRCPY_BUFFER_OVERFLOW);
- }
-
- return strcpy(dest, src);
+ __check_buffer_access("strcpy", "write into", src_len, dst_len);
+ return strcpy(dst, src);
}
diff --git a/libc/bionic/__strlcat_chk.cpp b/libc/bionic/__strlcat_chk.cpp
deleted file mode 100644
index 2b7373b..0000000
--- a/libc/bionic/__strlcat_chk.cpp
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * Copyright (C) 2012 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-
-#include <string.h>
-#include <stdlib.h>
-#include "private/libc_logging.h"
-
-/*
- * __strlcat_chk. Called in place of strlcat() when we know the
- * size of the buffer we're writing into.
- *
- * See
- * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
- * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
- * for details.
- *
- * This strlcat check is called if _FORTIFY_SOURCE is defined and
- * greater than 0.
- */
-extern "C" size_t __strlcat_chk(char* dest, const char* src,
- size_t supplied_size, size_t dest_len_from_compiler) {
- if (__predict_false(supplied_size > dest_len_from_compiler)) {
- __fortify_chk_fail("strlcat: prevented write past end of buffer", 0);
- }
-
- return strlcat(dest, src, supplied_size);
-}
diff --git a/libc/bionic/__strlcpy_chk.cpp b/libc/bionic/__strlcpy_chk.cpp
deleted file mode 100644
index 6b21879..0000000
--- a/libc/bionic/__strlcpy_chk.cpp
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * Copyright (C) 2012 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-
-#include <string.h>
-#include <stdlib.h>
-#include "private/libc_logging.h"
-
-/*
- * __strlcpy_chk. Called in place of strlcpy() when we know the
- * size of the buffer we're writing into.
- *
- * See
- * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
- * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
- * for details.
- *
- * This strlcpy check is called if _FORTIFY_SOURCE is defined and
- * greater than 0.
- */
-extern "C" size_t __strlcpy_chk(char* dest, const char* src,
- size_t supplied_size, size_t dest_len_from_compiler) {
- if (__predict_false(supplied_size > dest_len_from_compiler)) {
- __fortify_chk_fail("strlcpy: prevented write past end of buffer", 0);
- }
-
- return strlcpy(dest, src, supplied_size);
-}
diff --git a/libc/bionic/__strlen_chk.cpp b/libc/bionic/__strlen_chk.cpp
deleted file mode 100644
index a67e15e..0000000
--- a/libc/bionic/__strlen_chk.cpp
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
- * Copyright (C) 2012 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-
-#include <string.h>
-#include <stdlib.h>
-#include "private/libc_logging.h"
-
-/*
- * Runtime implementation of __strlen_chk.
- *
- * See
- * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
- * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
- * for details.
- *
- * This strlen check is called if _FORTIFY_SOURCE is defined and
- * greater than 0.
- *
- * This test is designed to detect code such as:
- *
- * int main() {
- * char buf[10];
- * memcpy(buf, "1234567890", sizeof(buf));
- * size_t len = strlen(buf); // segfault here with _FORTIFY_SOURCE
- * printf("%d\n", len);
- * return 0;
- * }
- *
- * or anytime strlen reads beyond an object boundary.
- */
-extern "C" size_t __strlen_chk(const char* s, size_t s_len) {
- size_t ret = strlen(s);
-
- if (__predict_false(ret >= s_len)) {
- __fortify_chk_fail("strlen: prevented read past end of buffer", 0);
- }
-
- return ret;
-}
diff --git a/libc/bionic/__strncat_chk.cpp b/libc/bionic/__strncat_chk.cpp
deleted file mode 100644
index 21e5e39..0000000
--- a/libc/bionic/__strncat_chk.cpp
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * Copyright (C) 2012 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include <string.h>
-#include <stdlib.h>
-#include "private/libc_logging.h"
-
-/*
- * Runtime implementation of __builtin____strncat_chk.
- *
- * See
- * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
- * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
- * for details.
- *
- * This strncat check is called if _FORTIFY_SOURCE is defined and
- * greater than 0.
- */
-extern "C" char* __strncat_chk(char* __restrict dest, const char* __restrict src,
- size_t len, size_t dest_buf_size) {
- if (len == 0) {
- return dest;
- }
-
- size_t dest_len = __strlen_chk(dest, dest_buf_size);
- char *d = dest + dest_len;
- dest_buf_size -= dest_len;
-
- while (*src != '\0') {
- *d++ = *src++;
- len--; dest_buf_size--;
-
- if (__predict_false(dest_buf_size == 0)) {
- __fortify_chk_fail("strncat: prevented write past end of buffer",
- BIONIC_EVENT_STRNCAT_BUFFER_OVERFLOW);
- }
-
- if (len == 0) {
- break;
- }
- }
-
- *d = '\0';
- return dest;
-}
diff --git a/libc/bionic/__strncpy_chk.cpp b/libc/bionic/__strncpy_chk.cpp
deleted file mode 100644
index 9625929..0000000
--- a/libc/bionic/__strncpy_chk.cpp
+++ /dev/null
@@ -1,92 +0,0 @@
-/*
- * Copyright (C) 2012 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-
-#include <string.h>
-#include <stdlib.h>
-#include "private/libc_logging.h"
-
-/*
- * Runtime implementation of __builtin____strncpy_chk.
- *
- * See
- * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
- * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
- * for details.
- *
- * This strncpy check is called if _FORTIFY_SOURCE is defined and
- * greater than 0.
- */
-extern "C" char* __strncpy_chk(char* __restrict dest, const char* __restrict src,
- size_t len, size_t dest_len) {
- if (__predict_false(len > dest_len)) {
- __fortify_chk_fail("strncpy: prevented write past end of buffer",
- BIONIC_EVENT_STRNCPY_BUFFER_OVERFLOW);
- }
-
- return strncpy(dest, src, len);
-}
-
-/*
- * __strncpy_chk2
- *
- * This is a variant of __strncpy_chk, but it also checks to make
- * sure we don't read beyond the end of "src". The code for this is
- * based on the original version of strncpy, but modified to check
- * how much we read from "src" at the end of the copy operation.
- */
-extern "C" char* __strncpy_chk2(char* __restrict dst, const char* __restrict src,
- size_t n, size_t dest_len, size_t src_len)
-{
- if (__predict_false(n > dest_len)) {
- __fortify_chk_fail("strncpy: prevented write past end of buffer",
- BIONIC_EVENT_STRNCPY_BUFFER_OVERFLOW);
- }
- if (n != 0) {
- char* d = dst;
- const char* s = src;
-
- do {
- if ((*d++ = *s++) == 0) {
- /* NUL pad the remaining n-1 bytes */
- while (--n != 0) {
- *d++ = 0;
- }
- break;
- }
- } while (--n != 0);
-
- size_t s_copy_len = static_cast<size_t>(s - src);
- if (__predict_false(s_copy_len > src_len)) {
- __fortify_chk_fail("strncpy: prevented read past end of buffer", 0);
- }
- }
-
- return dst;
-}
diff --git a/libc/bionic/__strrchr_chk.cpp b/libc/bionic/__strrchr_chk.cpp
deleted file mode 100644
index 69198c0..0000000
--- a/libc/bionic/__strrchr_chk.cpp
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright (c) 1988 Regents of the University of California.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include <string.h>
-#include "private/libc_logging.h"
-
-extern "C" char* __strrchr_chk(const char *p, int ch, size_t s_len) {
- for (char* save = NULL;; ++p, s_len--) {
- if (s_len == 0) {
- __fortify_chk_fail("strrchr: prevented read past end of buffer", 0);
- }
- if (*p == (char) ch) {
- save = (char *)p;
- }
- if (!*p) {
- return(save);
- }
- }
- /* NOTREACHED */
-}
diff --git a/libc/bionic/__umask_chk.cpp b/libc/bionic/__umask_chk.cpp
deleted file mode 100644
index 33b7121..0000000
--- a/libc/bionic/__umask_chk.cpp
+++ /dev/null
@@ -1,51 +0,0 @@
-/*
- * Copyright (C) 2012 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <stdlib.h>
-
-#include "private/libc_logging.h"
-
-/*
- * Runtime implementation of __umask_chk.
- *
- * Validate that umask is called with sane mode.
- *
- * This umask check is called if _FORTIFY_SOURCE is defined and
- * greater than 0.
- */
-extern "C" mode_t __umask_chk(mode_t mode) {
- if (__predict_false((mode & 0777) != mode)) {
- __fortify_chk_fail("umask: called with invalid mask", 0);
- }
-
- return umask(mode);
-}
diff --git a/libc/bionic/__vsnprintf_chk.cpp b/libc/bionic/__vsnprintf_chk.cpp
deleted file mode 100644
index 8c09111..0000000
--- a/libc/bionic/__vsnprintf_chk.cpp
+++ /dev/null
@@ -1,74 +0,0 @@
-/*
- * Copyright (C) 2012 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <stdarg.h>
-#include "private/libc_logging.h"
-
-/*
- * Runtime implementation of __builtin____vsnprintf_chk.
- *
- * See
- * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
- * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
- * for details.
- *
- * This vsnprintf check is called if _FORTIFY_SOURCE is defined and
- * greater than 0.
- */
-extern "C" int __vsnprintf_chk(char* dest, size_t supplied_size, int /*flags*/,
- size_t dest_len_from_compiler, const char* format, va_list va) {
- if (__predict_false(supplied_size > dest_len_from_compiler)) {
- __fortify_chk_fail("vsnprintf: prevented write past end of buffer", 0);
- }
-
- return vsnprintf(dest, supplied_size, format, va);
-}
-
-/*
- * Runtime implementation of __builtin____snprintf_chk.
- *
- * See
- * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
- * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
- * for details.
- *
- * This snprintf check is called if _FORTIFY_SOURCE is defined and
- * greater than 0.
- */
-extern "C" int __snprintf_chk(char* dest, size_t supplied_size, int flags,
- size_t dest_len_from_compiler, const char* format, ...) {
- va_list va;
- va_start(va, format);
- int result = __vsnprintf_chk(dest, supplied_size, flags, dest_len_from_compiler, format, va);
- va_end(va);
- return result;
-}
diff --git a/libc/bionic/__vsprintf_chk.cpp b/libc/bionic/__vsprintf_chk.cpp
deleted file mode 100644
index 5914026..0000000
--- a/libc/bionic/__vsprintf_chk.cpp
+++ /dev/null
@@ -1,74 +0,0 @@
-/*
- * Copyright (C) 2012 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <stdarg.h>
-#include "private/libc_logging.h"
-
-/*
- * Runtime implementation of __builtin____vsprintf_chk.
- *
- * See
- * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
- * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
- * for details.
- *
- * This vsprintf check is called if _FORTIFY_SOURCE is defined and
- * greater than 0.
- */
-extern "C" int __vsprintf_chk(char* dest, int /*flags*/,
- size_t dest_len_from_compiler, const char* format, va_list va) {
- int result = vsnprintf(dest, dest_len_from_compiler, format, va);
- if ((size_t) result >= dest_len_from_compiler) {
- __fortify_chk_fail("vsprintf: prevented write past end of buffer", 0);
- }
- return result;
-}
-
-/*
- * Runtime implementation of __builtin____sprintf_chk.
- *
- * See
- * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
- * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
- * for details.
- *
- * This sprintf check is called if _FORTIFY_SOURCE is defined and
- * greater than 0.
- */
-extern "C" int __sprintf_chk(char* dest, int flags,
- size_t dest_len_from_compiler, const char* format, ...) {
- va_list va;
- va_start(va, format);
- int result = __vsprintf_chk(dest, flags, dest_len_from_compiler, format, va);
- va_end(va);
- return result;
-}
diff --git a/libc/bionic/__write_chk.cpp b/libc/bionic/__write_chk.cpp
deleted file mode 100644
index cbd247a..0000000
--- a/libc/bionic/__write_chk.cpp
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * Copyright (C) 2015 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#undef _FORTIFY_SOURCE
-#include <unistd.h>
-#include "private/libc_logging.h"
-
-extern "C" ssize_t __write_chk(int fd, const void* buf, size_t count, size_t buf_size) {
- if (__predict_false(count > buf_size)) {
- __fortify_chk_fail("write: prevented read past end of buffer", 0);
- }
-
- if (__predict_false(count > SSIZE_MAX)) {
- __fortify_chk_fail("write: count > SSIZE_MAX", 0);
- }
-
- return write(fd, buf, count);
-}
diff --git a/libc/bionic/fortify.cpp b/libc/bionic/fortify.cpp
new file mode 100644
index 0000000..f68efab
--- /dev/null
+++ b/libc/bionic/fortify.cpp
@@ -0,0 +1,418 @@
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/*
+ * Copyright (c) 1988 Regents of the University of California.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#undef _FORTIFY_SOURCE
+
+#include <poll.h>
+#include <stdarg.h>
+#include <stddef.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/cdefs.h>
+#include <sys/select.h>
+#include <sys/socket.h>
+#include <sys/stat.h>
+#include <unistd.h>
+
+#include "private/bionic_fortify.h"
+
+//
+// For more details see:
+// http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
+// http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
+//
+// TODO: add a link to similar clang documentation?
+//
+
+int __FD_ISSET_chk(int fd, fd_set* set, size_t set_size) {
+ __check_fd_set("FD_ISSET", fd, set_size);
+ return FD_ISSET(fd, set);
+}
+
+void __FD_CLR_chk(int fd, fd_set* set, size_t set_size) {
+ __check_fd_set("FD_CLR", fd, set_size);
+ FD_CLR(fd, set);
+}
+
+void __FD_SET_chk(int fd, fd_set* set, size_t set_size) {
+ __check_fd_set("FD_SET", fd, set_size);
+ FD_SET(fd, set);
+}
+
+char* __fgets_chk(char* dst, int supplied_size, FILE* stream, size_t dst_len_from_compiler) {
+ if (supplied_size < 0) {
+ __fortify_fatal("fgets: buffer size %d < 0", supplied_size);
+ }
+ __check_buffer_access("fgets", "write into", supplied_size, dst_len_from_compiler);
+ return fgets(dst, supplied_size, stream);
+}
+
+size_t __fread_chk(void* __restrict buf, size_t size, size_t count,
+ FILE* __restrict stream, size_t buf_size) {
+ size_t total;
+ if (__predict_false(__size_mul_overflow(size, count, &total))) {
+ // overflow: trigger the error path in fread
+ return fread(buf, size, count, stream);
+ }
+ __check_buffer_access("fread", "write into", total, buf_size);
+ return fread(buf, size, count, stream);
+}
+
+size_t __fwrite_chk(const void* __restrict buf, size_t size, size_t count,
+ FILE* __restrict stream, size_t buf_size) {
+ size_t total;
+ if (__predict_false(__size_mul_overflow(size, count, &total))) {
+ // overflow: trigger the error path in fwrite
+ return fwrite(buf, size, count, stream);
+ }
+ __check_buffer_access("fwrite", "read from", total, buf_size);
+ return fwrite(buf, size, count, stream);
+}
+
+extern char* __getcwd_chk(char* buf, size_t len, size_t actual_size) {
+ __check_buffer_access("getcwd", "write into", len, actual_size);
+ return getcwd(buf, len);
+}
+
+void* __memchr_chk(const void* s, int c, size_t n, size_t actual_size) {
+ __check_buffer_access("memchr", "read from", n, actual_size);
+ return memchr(s, c, n);
+}
+
+// Runtime implementation of __builtin____memmove_chk (used directly by compiler, not in headers).
+extern "C" void* __memmove_chk(void* dst, const void* src, size_t len, size_t dst_len) {
+ __check_buffer_access("memmove", "write into", len, dst_len);
+ return memmove(dst, src, len);
+}
+
+void* __memrchr_chk(const void* s, int c, size_t n, size_t actual_size) {
+ __check_buffer_access("memrchr", "read from", n, actual_size);
+ return memrchr(s, c, n);
+}
+
+int __poll_chk(pollfd* fds, nfds_t fd_count, int timeout, size_t fds_size) {
+ __check_pollfd_array("poll", fds_size, fd_count);
+ return poll(fds, fd_count, timeout);
+}
+
+int __ppoll_chk(pollfd* fds, nfds_t fd_count, const timespec* timeout,
+ const sigset_t* mask, size_t fds_size) {
+ __check_pollfd_array("ppoll", fds_size, fd_count);
+ return ppoll(fds, fd_count, timeout, mask);
+}
+
+ssize_t __pread64_chk(int fd, void* buf, size_t count, off64_t offset, size_t buf_size) {
+ __check_count("pread64", "count", count);
+ __check_buffer_access("pread64", "write into", count, buf_size);
+ return pread64(fd, buf, count, offset);
+}
+
+ssize_t __pread_chk(int fd, void* buf, size_t count, off_t offset, size_t buf_size) {
+ __check_count("pread", "count", count);
+ __check_buffer_access("pread", "write into", count, buf_size);
+ return pread(fd, buf, count, offset);
+}
+
+ssize_t __pwrite64_chk(int fd, const void* buf, size_t count, off64_t offset,
+ size_t buf_size) {
+ __check_count("pwrite64", "count", count);
+ __check_buffer_access("pwrite64", "read from", count, buf_size);
+ return pwrite64(fd, buf, count, offset);
+}
+
+ssize_t __pwrite_chk(int fd, const void* buf, size_t count, off_t offset,
+ size_t buf_size) {
+ __check_count("pwrite", "count", count);
+ __check_buffer_access("pwrite", "read from", count, buf_size);
+ return pwrite(fd, buf, count, offset);
+}
+
+ssize_t __read_chk(int fd, void* buf, size_t count, size_t buf_size) {
+ __check_count("read", "count", count);
+ __check_buffer_access("read", "write into", count, buf_size);
+ return read(fd, buf, count);
+}
+
+ssize_t __readlinkat_chk(int dirfd, const char* path, char* buf, size_t size, size_t buf_size) {
+ __check_count("readlinkat", "size", size);
+ __check_buffer_access("readlinkat", "write into", size, buf_size);
+ return readlinkat(dirfd, path, buf, size);
+}
+
+ssize_t __readlink_chk(const char* path, char* buf, size_t size, size_t buf_size) {
+ __check_count("readlink", "size", size);
+ __check_buffer_access("readlink", "write into", size, buf_size);
+ return readlink(path, buf, size);
+}
+
+ssize_t __recvfrom_chk(int socket, void* buf, size_t len, size_t buf_size,
+ int flags, const sockaddr* src_addr,
+ socklen_t* addrlen) {
+ __check_buffer_access("recvfrom", "write into", len, buf_size);
+ return recvfrom(socket, buf, len, flags, src_addr, addrlen);
+}
+
+// Runtime implementation of __builtin____stpcpy_chk (used directly by compiler, not in headers)..
+extern "C" char* __stpcpy_chk(char* dst, const char* src, size_t dst_len) {
+ // TODO: optimize so we don't scan src twice.
+ size_t src_len = strlen(src) + 1;
+ __check_buffer_access("stpcpy", "write into", src_len, dst_len);
+ return stpcpy(dst, src);
+}
+
+// Runtime implementation of __builtin____stpncpy_chk (used directly by compiler, not in headers).
+extern "C" char* __stpncpy_chk(char* __restrict dst, const char* __restrict src,
+ size_t len, size_t dst_len) {
+ __check_buffer_access("stpncpy", "write into", len, dst_len);
+ return stpncpy(dst, src, len);
+}
+
+// This is a variant of __stpncpy_chk, but it also checks to make
+// sure we don't read beyond the end of "src". The code for this is
+// based on the original version of stpncpy, but modified to check
+// how much we read from "src" at the end of the copy operation.
+char* __stpncpy_chk2(char* __restrict dst, const char* __restrict src,
+ size_t n, size_t dst_len, size_t src_len) {
+ __check_buffer_access("stpncpy", "write into", n, dst_len);
+ if (n != 0) {
+ char* d = dst;
+ const char* s = src;
+
+ do {
+ if ((*d++ = *s++) == 0) {
+ // NUL pad the remaining n-1 bytes.
+ while (--n != 0) {
+ *d++ = 0;
+ }
+ break;
+ }
+ } while (--n != 0);
+
+ size_t s_copy_len = static_cast<size_t>(s - src);
+ if (__predict_false(s_copy_len > src_len)) {
+ __fortify_fatal("stpncpy: detected read past end of %zu-byte buffer", src_len);
+ }
+ }
+
+ return dst;
+}
+
+char* __strchr_chk(const char* p, int ch, size_t s_len) {
+ for (;; ++p, s_len--) {
+ if (__predict_false(s_len == 0)) {
+ __fortify_fatal("strchr: prevented read past end of buffer");
+ }
+ if (*p == static_cast<char>(ch)) {
+ return const_cast<char*>(p);
+ }
+ if (*p == '\0') {
+ return NULL;
+ }
+ }
+}
+
+size_t __strlcat_chk(char* dst, const char* src,
+ size_t supplied_size, size_t dst_len_from_compiler) {
+ __check_buffer_access("strlcat", "write into", supplied_size, dst_len_from_compiler);
+ return strlcat(dst, src, supplied_size);
+}
+
+size_t __strlcpy_chk(char* dst, const char* src,
+ size_t supplied_size, size_t dst_len_from_compiler) {
+ __check_buffer_access("strlcpy", "write into", supplied_size, dst_len_from_compiler);
+ return strlcpy(dst, src, supplied_size);
+}
+
+size_t __strlen_chk(const char* s, size_t s_len) {
+ // TODO: "prevented" here would be a lie because this strlen can run off the end.
+ // strlen is too important to be expensive, so we wanted to be able to call the optimized
+ // implementation, but I think we need to implement optimized assembler __strlen_chk routines.
+ size_t ret = strlen(s);
+ if (__predict_false(ret >= s_len)) {
+ __fortify_fatal("strlen: detected read past end of buffer");
+ }
+ return ret;
+}
+
+// Runtime implementation of __builtin____strncat_chk (used directly by compiler, not in headers).
+extern "C" char* __strncat_chk(char* __restrict dst, const char* __restrict src,
+ size_t len, size_t dst_buf_size) {
+ if (len == 0) {
+ return dst;
+ }
+
+ size_t dst_len = __strlen_chk(dst, dst_buf_size);
+ char* d = dst + dst_len;
+ dst_buf_size -= dst_len;
+
+ while (*src != '\0') {
+ *d++ = *src++;
+ len--; dst_buf_size--;
+
+ if (__predict_false(dst_buf_size == 0)) {
+ __fortify_fatal("strncat: prevented write past end of buffer");
+ }
+
+ if (len == 0) {
+ break;
+ }
+ }
+
+ *d = '\0';
+ return dst;
+}
+
+// Runtime implementation of __builtin____strncpy_chk (used directly by compiler, not in headers).
+extern "C" char* __strncpy_chk(char* __restrict dst, const char* __restrict src,
+ size_t len, size_t dst_len) {
+ __check_buffer_access("strncpy", "write into", len, dst_len);
+ return strncpy(dst, src, len);
+}
+
+// This is a variant of __strncpy_chk, but it also checks to make
+// sure we don't read beyond the end of "src". The code for this is
+// based on the original version of strncpy, but modified to check
+// how much we read from "src" at the end of the copy operation.
+char* __strncpy_chk2(char* __restrict dst, const char* __restrict src,
+ size_t n, size_t dst_len, size_t src_len) {
+ __check_buffer_access("strncpy", "write into", n, dst_len);
+ if (n != 0) {
+ char* d = dst;
+ const char* s = src;
+
+ do {
+ if ((*d++ = *s++) == 0) {
+ // NUL pad the remaining n-1 bytes.
+ while (--n != 0) {
+ *d++ = 0;
+ }
+ break;
+ }
+ } while (--n != 0);
+
+ size_t s_copy_len = static_cast<size_t>(s - src);
+ if (__predict_false(s_copy_len > src_len)) {
+ __fortify_fatal("strncpy: detected read past end of %zu-byte buffer", src_len);
+ }
+ }
+
+ return dst;
+}
+
+char* __strrchr_chk(const char* p, int ch, size_t s_len) {
+ for (const char* save = NULL;; ++p, s_len--) {
+ if (s_len == 0) {
+ __fortify_fatal("strrchr: prevented read past end of buffer");
+ }
+ if (*p == static_cast<char>(ch)) {
+ save = p;
+ }
+ if (!*p) {
+ return const_cast<char*>(save);
+ }
+ }
+}
+
+mode_t __umask_chk(mode_t mode) {
+ if (__predict_false((mode & 0777) != mode)) {
+ __fortify_fatal("umask: called with invalid mask %o", mode);
+ }
+
+ return umask(mode);
+}
+
+// Runtime implementation of __builtin____vsnprintf_chk (used directly by compiler, not in headers).
+extern "C" int __vsnprintf_chk(char* dst, size_t supplied_size, int /*flags*/,
+ size_t dst_len_from_compiler, const char* format, va_list va) {
+ __check_buffer_access("vsnprintf", "write into", supplied_size, dst_len_from_compiler);
+ return vsnprintf(dst, supplied_size, format, va);
+}
+
+// Runtime implementation of __builtin____snprintf_chk (used directly by compiler, not in headers).
+extern "C" int __snprintf_chk(char* dst, size_t supplied_size, int flags,
+ size_t dst_len_from_compiler, const char* format, ...) {
+ va_list va;
+ va_start(va, format);
+ int result = __vsnprintf_chk(dst, supplied_size, flags, dst_len_from_compiler, format, va);
+ va_end(va);
+ return result;
+}
+
+// Runtime implementation of __builtin____vsprintf_chk (used directly by compiler, not in headers).
+extern "C" int __vsprintf_chk(char* dst, int /*flags*/,
+ size_t dst_len_from_compiler, const char* format, va_list va) {
+ int result = vsnprintf(dst, dst_len_from_compiler, format, va);
+ __check_buffer_access("vsprintf", "write into", result + 1, dst_len_from_compiler);
+ return result;
+}
+
+// Runtime implementation of __builtin____sprintf_chk (used directly by compiler, not in headers).
+extern "C" int __sprintf_chk(char* dst, int flags, size_t dst_len_from_compiler,
+ const char* format, ...) {
+ va_list va;
+ va_start(va, format);
+ int result = __vsprintf_chk(dst, flags, dst_len_from_compiler, format, va);
+ va_end(va);
+ return result;
+}
+
+ssize_t __write_chk(int fd, const void* buf, size_t count, size_t buf_size) {
+ __check_count("write", "count", count);
+ __check_buffer_access("write", "read from", count, buf_size);
+ return write(fd, buf, count);
+}
diff --git a/libc/bionic/libc_logging.cpp b/libc/bionic/libc_logging.cpp
index fffaea8..c6e1c20 100644
--- a/libc/bionic/libc_logging.cpp
+++ b/libc/bionic/libc_logging.cpp
@@ -597,57 +597,15 @@
return result;
}
-static int __libc_android_log_event(int32_t tag, char type, const void* payload, size_t len) {
- iovec vec[6];
- char log_id = LOG_ID_EVENTS;
- vec[0].iov_base = &log_id;
- vec[0].iov_len = sizeof(log_id);
- uint16_t tid = gettid();
- vec[1].iov_base = &tid;
- vec[1].iov_len = sizeof(tid);
- timespec ts;
- clock_gettime(__android_log_clockid(), &ts);
- log_time realtime_ts;
- realtime_ts.tv_sec = ts.tv_sec;
- realtime_ts.tv_nsec = ts.tv_nsec;
- vec[2].iov_base = &realtime_ts;
- vec[2].iov_len = sizeof(realtime_ts);
-
- vec[3].iov_base = &tag;
- vec[3].iov_len = sizeof(tag);
- vec[4].iov_base = &type;
- vec[4].iov_len = sizeof(type);
- vec[5].iov_base = const_cast<void*>(payload);
- vec[5].iov_len = len;
-
- int event_log_fd = __libc_open_log_socket();
-
- if (event_log_fd == -1) {
- return -1;
- }
- int result = TEMP_FAILURE_RETRY(writev(event_log_fd, vec, sizeof(vec) / sizeof(vec[0])));
- close(event_log_fd);
- return result;
-}
-
-void __libc_android_log_event_int(int32_t tag, int value) {
- __libc_android_log_event(tag, EVENT_TYPE_INT, &value, sizeof(value));
-}
-
-void __libc_android_log_event_uid(int32_t tag) {
- __libc_android_log_event_int(tag, getuid());
-}
-
-void __fortify_chk_fail(const char* msg, uint32_t tag) {
- if (tag != 0) {
- __libc_android_log_event_uid(tag);
- }
- __libc_fatal("FORTIFY: %s", msg);
-}
-
-static void __libc_fatal(const char* format, va_list args) {
+static void __libc_fatal_va_list(const char* prefix, const char* format, va_list args) {
char msg[1024];
BufferOutputStream os(msg, sizeof(msg));
+
+ if (prefix) {
+ os.Send(prefix, strlen(prefix));
+ os.Send(": ", 2);
+ }
+
out_vformat(os, format, args);
// Log to stderr for the benefit of "adb shell" users.
@@ -663,17 +621,18 @@
android_set_abort_message(msg);
}
-void __libc_fatal_no_abort(const char* format, ...) {
+void __libc_fatal(const char* fmt, ...) {
va_list args;
- va_start(args, format);
- __libc_fatal(format, args);
+ va_start(args, fmt);
+ __libc_fatal_va_list(nullptr, fmt, args);
va_end(args);
+ abort();
}
-void __libc_fatal(const char* format, ...) {
+void __fortify_fatal(const char* fmt, ...) {
va_list args;
- va_start(args, format);
- __libc_fatal(format, args);
+ va_start(args, fmt);
+ __libc_fatal_va_list("FORTIFY", fmt, args);
va_end(args);
abort();
}
diff --git a/libc/bionic/open.cpp b/libc/bionic/open.cpp
index a6d8086..41dce43 100644
--- a/libc/bionic/open.cpp
+++ b/libc/bionic/open.cpp
@@ -64,7 +64,7 @@
int __open_2(const char* pathname, int flags) {
if (__predict_false((flags & O_CREAT) != 0)) {
- __fortify_chk_fail("open(O_CREAT): called without specifying a mode", 0);
+ __fortify_fatal("open(O_CREAT): called without specifying a mode");
}
return __openat(AT_FDCWD, pathname, force_O_LARGEFILE(flags), 0);
@@ -86,7 +86,7 @@
int __openat_2(int fd, const char* pathname, int flags) {
if ((flags & O_CREAT) != 0) {
- __fortify_chk_fail("openat(O_CREAT): called without specifying a mode", 0);
+ __fortify_fatal("openat(O_CREAT): called without specifying a mode");
}
return __openat(fd, pathname, force_O_LARGEFILE(flags), 0);
diff --git a/libc/dns/resolv/res_send.c b/libc/dns/resolv/res_send.c
index a8da3ac..3458e48 100644
--- a/libc/dns/resolv/res_send.c
+++ b/libc/dns/resolv/res_send.c
@@ -1181,9 +1181,6 @@
* XXX - potential security hazard could
* be detected here.
*/
-#ifdef ANDROID_CHANGES
- __libc_android_log_event_uid(BIONIC_EVENT_RESOLVER_OLD_RESPONSE);
-#endif
DprintQ((statp->options & RES_DEBUG) ||
(statp->pfcode & RES_PRF_REPLY),
(stdout, ";; old answer:\n"),
@@ -1197,9 +1194,6 @@
* XXX - potential security hazard could
* be detected here.
*/
-#ifdef ANDROID_CHANGES
- __libc_android_log_event_uid(BIONIC_EVENT_RESOLVER_WRONG_SERVER);
-#endif
DprintQ((statp->options & RES_DEBUG) ||
(statp->pfcode & RES_PRF_REPLY),
(stdout, ";; not our server:\n"),
@@ -1230,9 +1224,6 @@
* XXX - potential security hazard could
* be detected here.
*/
-#ifdef ANDROID_CHANGES
- __libc_android_log_event_uid(BIONIC_EVENT_RESOLVER_WRONG_QUERY);
-#endif
DprintQ((statp->options & RES_DEBUG) ||
(statp->pfcode & RES_PRF_REPLY),
(stdout, ";; wrong query name:\n"),
diff --git a/libc/private/bionic_fortify.h b/libc/private/bionic_fortify.h
new file mode 100644
index 0000000..df810ca
--- /dev/null
+++ b/libc/private/bionic_fortify.h
@@ -0,0 +1,69 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "private/libc_logging.h"
+
+#include <poll.h> // For struct pollfd.
+#include <sys/select.h> // For struct fd_set.
+
+//
+// Common helpers.
+//
+
+static inline void __check_fd_set(const char* fn, int fd, size_t set_size) {
+ if (__predict_false(fd < 0)) {
+ __fortify_fatal("%s: file descriptor %d < 0", fn, fd);
+ }
+ if (__predict_false(fd >= FD_SETSIZE)) {
+ __fortify_fatal("%s: file descriptor %d >= FD_SETSIZE %zu", fn, fd, set_size);
+ }
+ if (__predict_false(set_size < sizeof(fd_set))) {
+ __fortify_fatal("%s: set size %zu is too small to be an fd_set", fn, set_size);
+ }
+}
+
+static inline void __check_pollfd_array(const char* fn, size_t fds_size, nfds_t fd_count) {
+ size_t pollfd_array_length = fds_size / sizeof(pollfd);
+ if (__predict_false(pollfd_array_length < fd_count)) {
+ __fortify_fatal("%s: %zu-element pollfd array too small for %u fds",
+ fn, pollfd_array_length, fd_count);
+ }
+}
+
+static inline void __check_count(const char* fn, const char* identifier, size_t value) {
+ if (__predict_false(value > SSIZE_MAX)) {
+ __fortify_fatal("%s: %s %zu > SSIZE_MAX", fn, identifier, value);
+ }
+}
+
+static inline void __check_buffer_access(const char* fn, const char* action,
+ size_t claim, size_t actual) {
+ if (__predict_false(claim > actual)) {
+ __fortify_fatal("%s: prevented %zu-byte %s %zu-byte buffer", fn, claim, action, actual);
+ }
+}
diff --git a/libc/private/libc_events.h b/libc/private/libc_events.h
deleted file mode 100644
index f2b973d..0000000
--- a/libc/private/libc_events.h
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright (C) 2013 The Android Open Source Project
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef _LIBC_EVENTS_H
-#define _LIBC_EVENTS_H
-
-
-// This is going to be included in assembler code so only allow #define
-// values instead of defining an enum.
-
-#define BIONIC_EVENT_MEMCPY_BUFFER_OVERFLOW 80100
-#define BIONIC_EVENT_STRCAT_BUFFER_OVERFLOW 80105
-#define BIONIC_EVENT_MEMMOVE_BUFFER_OVERFLOW 80110
-#define BIONIC_EVENT_STRNCAT_BUFFER_OVERFLOW 80115
-#define BIONIC_EVENT_STRNCPY_BUFFER_OVERFLOW 80120
-#define BIONIC_EVENT_MEMSET_BUFFER_OVERFLOW 80125
-#define BIONIC_EVENT_STRCPY_BUFFER_OVERFLOW 80130
-#define BIONIC_EVENT_STPCPY_BUFFER_OVERFLOW 80135
-#define BIONIC_EVENT_STPNCPY_BUFFER_OVERFLOW 80140
-
-#define BIONIC_EVENT_RESOLVER_OLD_RESPONSE 80300
-#define BIONIC_EVENT_RESOLVER_WRONG_SERVER 80305
-#define BIONIC_EVENT_RESOLVER_WRONG_QUERY 80310
-
-#endif // _LIBC_EVENTS_H
diff --git a/libc/private/libc_logging.h b/libc/private/libc_logging.h
index e389565..4aa3ece 100644
--- a/libc/private/libc_logging.h
+++ b/libc/private/libc_logging.h
@@ -36,8 +36,6 @@
__BEGIN_DECLS
-#include "libc_events.h"
-
enum {
ANDROID_LOG_UNKNOWN = 0,
ANDROID_LOG_DEFAULT, /* only for SetMinPriority() */
@@ -69,20 +67,11 @@
char msg[0];
};
-//
// Formats a message to the log (priority 'fatal'), then aborts.
-//
+__LIBC_HIDDEN__ __noreturn void __libc_fatal(const char* fmt, ...) __printflike(1, 2);
-__LIBC_HIDDEN__ __noreturn void __libc_fatal(const char* format, ...) __printflike(1, 2);
-
-//
-// Formats a message to the log (priority 'fatal'), but doesn't abort.
-// Used by the malloc implementation to ensure that debuggerd dumps memory
-// around the bad address.
-//
-
-__LIBC_HIDDEN__ void __libc_fatal_no_abort(const char* format, ...)
- __printflike(1, 2);
+// Formats a message to the log (priority 'fatal'), prefixed by "FORTIFY: ", then aborts.
+__LIBC_HIDDEN__ __noreturn void __fortify_fatal(const char* fmt, ...) __printflike(1, 2);
//
// Formatting routines for the C library's internal debugging.
@@ -103,15 +92,6 @@
__LIBC_HIDDEN__ int __libc_write_log(int priority, const char* tag, const char* msg);
-//
-// Event logging.
-//
-
-__LIBC_HIDDEN__ void __libc_android_log_event_int(int32_t tag, int value);
-__LIBC_HIDDEN__ void __libc_android_log_event_uid(int32_t tag);
-
-__LIBC_HIDDEN__ __noreturn void __fortify_chk_fail(const char* msg, uint32_t event_tag);
-
__END_DECLS
#endif