Revert "_FORTIFY_SOURCE: simplify memset() fortification."
This reverts commit e12357bcfc5a9b03cd35c49fe88d1407bb749f2f.
Reason for revert: Droidmonitor created revert due to b/399907832. Will be verifying through ABTD before submission
Change-Id: I03855951ee226a40691db68c0b7372b56546d4af
diff --git a/libc/include/bits/fortify/string.h b/libc/include/bits/fortify/string.h
index d5ae46e..0b4b70b 100644
--- a/libc/include/bits/fortify/string.h
+++ b/libc/include/bits/fortify/string.h
@@ -59,14 +59,6 @@
__overloadable {
return __builtin___memmove_chk(dst, src, len, __bos0(dst));
}
-
-/* No diag -- clang diagnoses misuses of this on its own. */
-__BIONIC_FORTIFY_INLINE
-void* _Nonnull memset(void* _Nonnull const s __pass_object_size0, int c, size_t n)
- __diagnose_as_builtin(__builtin_memset, 1, 2, 3)
- __overloadable {
- return __builtin___memset_chk(s, c, n, __bos0(s));
-}
#endif
#if defined(__USE_GNU)
@@ -135,6 +127,19 @@
}
#endif
+/* No diag -- clang diagnoses misuses of this on its own. */
+__BIONIC_FORTIFY_INLINE
+void* _Nonnull memset(void* _Nonnull const s __pass_object_size0, int c, size_t n) __overloadable
+ __diagnose_as_builtin(__builtin_memset, 1, 2, 3)
+ /* If you're a user who wants this warning to go away: use `(&memset)(foo, bar, baz)`. */
+ __clang_warning_if(c && !n, "'memset' will set 0 bytes; maybe the arguments got flipped?") {
+#if __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
+ return __builtin___memset_chk(s, c, n, __bos0(s));
+#else
+ return __builtin_memset(s, c, n);
+#endif
+}
+
#if __ANDROID_API__ >= 23 && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
__BIONIC_FORTIFY_INLINE
void* _Nullable memchr(const void* _Nonnull const s __pass_object_size, int c, size_t n) __overloadable {
diff --git a/tests/Android.bp b/tests/Android.bp
index 804884a..51afa55 100644
--- a/tests/Android.bp
+++ b/tests/Android.bp
@@ -636,6 +636,7 @@
"-Wno-format-security",
"-Wno-format-zero-length",
"-Wno-fortify-source",
+ "-Wno-memset-transposed-args",
"-Wno-strlcpy-strlcat-size",
"-Wno-strncat-size",
],
diff --git a/tests/clang_fortify_tests.cpp b/tests/clang_fortify_tests.cpp
index 0b2985d..da7926d 100644
--- a/tests/clang_fortify_tests.cpp
+++ b/tests/clang_fortify_tests.cpp
@@ -170,10 +170,8 @@
EXPECT_FORTIFY_DEATH(mempcpy(small_buffer, large_buffer, sizeof(large_buffer)));
// expected-error@+1{{will always overflow}}
EXPECT_FORTIFY_DEATH(memset(small_buffer, 0, sizeof(large_buffer)));
-#ifdef COMPILATION_TESTS
- // expected-error@+1{{did you mean to transpose the last two arguments?}}
- memset(small_buffer, sizeof(small_buffer), 0);
-#endif
+ // expected-warning@+1{{arguments got flipped?}}
+ EXPECT_NO_DEATH(memset(small_buffer, sizeof(small_buffer), 0));
// expected-error@+1{{size bigger than buffer}}
EXPECT_FORTIFY_DEATH(bcopy(large_buffer, small_buffer, sizeof(large_buffer)));
// expected-error@+1{{size bigger than buffer}}