Merge "bionic: Report linker relocation address to gdb"
diff --git a/libc/Android.mk b/libc/Android.mk
index 0c4fa6a..4ceb12f 100644
--- a/libc/Android.mk
+++ b/libc/Android.mk
@@ -217,6 +217,7 @@
string/__strcpy_chk.c \
string/__strlcat_chk.c \
string/__strlcpy_chk.c \
+ string/__strlen_chk.c \
string/__strncat_chk.c \
string/__strncpy_chk.c \
wchar/wcpcpy.c \
diff --git a/libc/include/limits.h b/libc/include/limits.h
index 1de8ea6..d691a8f 100644
--- a/libc/include/limits.h
+++ b/libc/include/limits.h
@@ -90,6 +90,7 @@
#endif
#ifndef PAGESIZE
+#include <asm/page.h>
#define PAGESIZE PAGE_SIZE
#endif
diff --git a/libc/include/stdio.h b/libc/include/stdio.h
index c12ddb8..453cf0b 100644
--- a/libc/include/stdio.h
+++ b/libc/include/stdio.h
@@ -547,7 +547,7 @@
}
// Compiler doesn't know destination size. Don't call __fgets_chk
- if (bos == (size_t) -1) {
+ if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
return __fgets_real(dest, size, stream);
}
diff --git a/libc/include/string.h b/libc/include/string.h
index 32fd25f..8e472e7 100644
--- a/libc/include/string.h
+++ b/libc/include/string.h
@@ -87,9 +87,34 @@
#if defined(__BIONIC_FORTIFY_INLINE)
+extern void __memcpy_dest_size_error()
+ __attribute__((__error__("memcpy called with size bigger than destination")));
+extern void __memcpy_src_size_error()
+ __attribute__((__error__("memcpy called with size bigger than source")));
+extern void __memcpy_overlap_error()
+ __attribute__((__error__("memcpy called with overlapping regions")));
+
__BIONIC_FORTIFY_INLINE
-void *memcpy (void *dest, const void *src, size_t len) {
- return __builtin___memcpy_chk(dest, src, len, __builtin_object_size (dest, 0));
+void *memcpy (void *dest, const void *src, size_t copy_amount) {
+ char *d = (char *) dest;
+ const char *s = (const char *) src;
+ size_t s_len = __builtin_object_size(s, 0);
+ size_t d_len = __builtin_object_size(d, 0);
+
+ if (__builtin_constant_p(copy_amount) && (copy_amount > d_len)) {
+ __memcpy_dest_size_error();
+ }
+
+ if (__builtin_constant_p(copy_amount) && (copy_amount > s_len)) {
+ __memcpy_src_size_error();
+ }
+
+ if (__builtin_constant_p(d - s) && __builtin_constant_p(copy_amount)
+ && (((size_t)(d - s) < copy_amount) || ((size_t)(s - d) < copy_amount))) {
+ __memcpy_overlap_error();
+ }
+
+ return __builtin___memcpy_chk(dest, src, copy_amount, d_len);
}
__BIONIC_FORTIFY_INLINE
@@ -133,7 +158,7 @@
size_t bos = __builtin_object_size(dest, 0);
// Compiler doesn't know destination size. Don't call __strlcpy_chk
- if (bos == (size_t) -1) {
+ if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
return __strlcpy_real(dest, src, size);
}
@@ -164,7 +189,7 @@
size_t bos = __builtin_object_size(dest, 0);
// Compiler doesn't know destination size. Don't call __strlcat_chk
- if (bos == (size_t) -1) {
+ if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
return __strlcat_real(dest, src, size);
}
@@ -183,6 +208,22 @@
return __strlcat_chk(dest, src, size, bos);
}
+__purefunc extern size_t __strlen_real(const char *)
+ __asm__(__USER_LABEL_PREFIX__ "strlen");
+extern size_t __strlen_chk(const char *, size_t);
+
+__BIONIC_FORTIFY_INLINE
+size_t strlen(const char *s) {
+ size_t bos = __builtin_object_size(s, 0);
+
+ // Compiler doesn't know destination size. Don't call __strlen_chk
+ if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
+ return __strlen_real(s);
+ }
+
+ return __strlen_chk(s, bos);
+}
+
#endif /* defined(__BIONIC_FORTIFY_INLINE) */
diff --git a/libc/include/sys/cdefs.h b/libc/include/sys/cdefs.h
index 1ba9100..987a5e3 100644
--- a/libc/include/sys/cdefs.h
+++ b/libc/include/sys/cdefs.h
@@ -507,6 +507,7 @@
__attribute__ ((always_inline)) \
__attribute__ ((gnu_inline)) \
__attribute__ ((artificial))
+#define __BIONIC_FORTIFY_UNKNOWN_SIZE ((size_t) -1)
#endif
#endif /* !_SYS_CDEFS_H_ */
diff --git a/libc/string/__memcpy_chk.c b/libc/string/__memcpy_chk.c
index e79f6ac..10334ba 100644
--- a/libc/string/__memcpy_chk.c
+++ b/libc/string/__memcpy_chk.c
@@ -26,12 +26,13 @@
* SUCH DAMAGE.
*/
+#undef _FORTIFY_SOURCE
#include <string.h>
#include <stdlib.h>
#include <private/logd.h>
/*
- * Runtime implementation of __builtin____memcpy_chk.
+ * Runtime implementation of __memcpy_chk.
*
* See
* http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
@@ -41,15 +42,15 @@
* This memcpy check is called if _FORTIFY_SOURCE is defined and
* greater than 0.
*/
-void *__memcpy_chk (void *dest, const void *src,
- size_t len, size_t dest_len)
+void *__memcpy_chk(void *dest, const void *src,
+ size_t copy_amount, size_t dest_len)
{
- if (len > dest_len) {
+ if (__builtin_expect(copy_amount > dest_len, 0)) {
__libc_android_log_print(ANDROID_LOG_FATAL, "libc",
"*** memcpy buffer overflow detected ***\n");
__libc_android_log_event_uid(BIONIC_EVENT_MEMCPY_BUFFER_OVERFLOW);
abort();
}
- return memcpy(dest, src, len);
+ return memcpy(dest, src, copy_amount);
}
diff --git a/libc/string/__strlen_chk.c b/libc/string/__strlen_chk.c
new file mode 100644
index 0000000..43e7e80
--- /dev/null
+++ b/libc/string/__strlen_chk.c
@@ -0,0 +1,67 @@
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <string.h>
+#include <stdlib.h>
+#include <private/logd.h>
+
+/*
+ * Runtime implementation of __strlen_chk.
+ *
+ * See
+ * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
+ * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
+ * for details.
+ *
+ * This strlen check is called if _FORTIFY_SOURCE is defined and
+ * greater than 0.
+ *
+ * This test is designed to detect code such as:
+ *
+ * int main() {
+ * char buf[10];
+ * memcpy(buf, "1234567890", sizeof(buf));
+ * size_t len = strlen(buf); // segfault here with _FORTIFY_SOURCE
+ * printf("%d\n", len);
+ * return 0;
+ * }
+ *
+ * or anytime strlen reads beyond an object boundary.
+ */
+size_t __strlen_chk(const char *s, size_t s_len)
+{
+ size_t ret = strlen(s);
+
+ if (__builtin_expect(ret >= s_len, 0)) {
+ __libc_android_log_print(ANDROID_LOG_FATAL, "libc",
+ "*** strlen read overflow detected ***\n");
+ abort();
+ }
+
+ return ret;
+}
diff --git a/libc/string/memmove.c b/libc/string/memmove.c
index 072104b..a9fc1b5 100644
--- a/libc/string/memmove.c
+++ b/libc/string/memmove.c
@@ -25,6 +25,7 @@
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
+#undef _FORTIFY_SOURCE
#include <string.h>
#include <strings.h>
@@ -32,10 +33,11 @@
{
const char *p = src;
char *q = dst;
- /* We can use the optimized memcpy if the destination is below the
- * source (i.e. q < p), or if it is completely over it (i.e. q >= p+n).
+ /* We can use the optimized memcpy if the source and destination
+ * don't overlap.
*/
- if (__builtin_expect((q < p) || ((size_t)(q - p) >= n), 1)) {
+ if (__builtin_expect(((q < p) && ((size_t)(p - q) >= n))
+ || ((p < q) && ((size_t)(q - p) >= n)), 1)) {
return memcpy(dst, src, n);
} else {
bcopy(src, dst, n);
diff --git a/linker/Android.mk b/linker/Android.mk
index a739b4f..c9d053f 100644
--- a/linker/Android.mk
+++ b/linker/Android.mk
@@ -15,7 +15,8 @@
LOCAL_CFLAGS += -fno-stack-protector \
-Wstrict-overflow=5 \
- -fvisibility=hidden
+ -fvisibility=hidden \
+ -std=gnu99
# Set LINKER_DEBUG to either 1 or 0
#
diff --git a/linker/linker.c b/linker/linker.c
index c5a8127..753ee89 100644
--- a/linker/linker.c
+++ b/linker/linker.c
@@ -393,8 +393,8 @@
switch(ELF32_ST_BIND(s->st_info)){
case STB_GLOBAL:
case STB_WEAK:
- /* no section == undefined */
- if(s->st_shndx == 0) continue;
+ if(s->st_shndx == SHN_UNDEF)
+ continue;
TRACE_TYPE(LOOKUP, "%5d FOUND %s in %s (%08x) %d\n", pid,
name, si->name, s->st_value, s->st_size);
@@ -462,7 +462,7 @@
DEBUG("%5d %s: looking up %s in %s\n",
pid, si->name, name, lsi->name);
s = soinfo_elf_lookup(lsi, elf_hash, name);
- if ((s != NULL) && (s->st_shndx != SHN_UNDEF))
+ if (s != NULL)
goto done;
}
}