Merge changes I13f94cdc,I2107ae65,I7dc10b56,I2037548c
* changes:
libc: remove now-unused FORTIFY functions
fortify: remove last uses of __bos_trivially_not*
fortify(string): emit diagnostics regardless of API level
fortify(fcntl): emit diagnostics regardless of API level
diff --git a/libc/bionic/open.cpp b/libc/bionic/open.cpp
index df5ab21..222e5d3 100644
--- a/libc/bionic/open.cpp
+++ b/libc/bionic/open.cpp
@@ -70,7 +70,6 @@
if (needs_mode(flags)) __fortify_fatal("open: called with O_CREAT/O_TMPFILE but no mode");
return __openat(AT_FDCWD, pathname, force_O_LARGEFILE(flags), 0);
}
-__strong_alias(__open64_2, __open_2);
int openat(int fd, const char *pathname, int flags, ...) {
mode_t mode = 0;
@@ -90,4 +89,3 @@
if (needs_mode(flags)) __fortify_fatal("open: called with O_CREAT/O_TMPFILE but no mode");
return __openat(fd, pathname, force_O_LARGEFILE(flags), 0);
}
-__strong_alias(__openat64_2, __openat_2);
diff --git a/libc/include/bits/fortify/fcntl.h b/libc/include/bits/fortify/fcntl.h
index 4bb441e..ded62ee 100644
--- a/libc/include/bits/fortify/fcntl.h
+++ b/libc/include/bits/fortify/fcntl.h
@@ -45,7 +45,6 @@
/* O_TMPFILE shares bits with O_DIRECTORY. */
#define __open_modes_useful(flags) (((flags) & O_CREAT) || ((flags) & O_TMPFILE) == O_TMPFILE)
-#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
__BIONIC_ERROR_FUNCTION_VISIBILITY
int open(const char* pathname, int flags, mode_t modes, ...) __overloadable
__errorattr(__open_too_many_args_error);
@@ -60,7 +59,11 @@
int open(const char* const __pass_object_size pathname, int flags)
__overloadable
__clang_error_if(__open_modes_useful(flags), "'open' " __open_too_few_args_error) {
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
return __open_2(pathname, flags);
+#else
+ return __open_real(pathname, flags);
+#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
}
__BIONIC_FORTIFY_INLINE
@@ -80,7 +83,11 @@
int openat(int dirfd, const char* const __pass_object_size pathname, int flags)
__overloadable
__clang_error_if(__open_modes_useful(flags), "'openat' " __open_too_few_args_error) {
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
return __openat_2(dirfd, pathname, flags);
+#else
+ return __openat_real(dirfd, pathname, flags);
+#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
}
__BIONIC_FORTIFY_INLINE
@@ -90,13 +97,9 @@
"'openat' " __open_useless_modes_warning) {
return __openat_real(dirfd, pathname, flags, modes);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
-#if __ANDROID_API__ >= __ANDROID_API_R__
-int __open64_2(const char*, int) __INTRODUCED_IN(30);
-int __openat64_2(int, const char*, int) __INTRODUCED_IN(30);
-int __open64_real(const char* __path, int __flags, ...) __RENAME(open64);
-int __openat64_real(int, const char*, int, ...) __RENAME(openat64);
+#if __ANDROID_API__ >= __ANDROID_API_L__
+/* Note that open == open64, so we reuse those bits in the open64 variants below. */
__BIONIC_ERROR_FUNCTION_VISIBILITY
int open64(const char* pathname, int flags, mode_t modes, ...) __overloadable
@@ -106,7 +109,7 @@
int open64(const char* const __pass_object_size pathname, int flags)
__overloadable
__clang_error_if(__open_modes_useful(flags), "'open64' " __open_too_few_args_error) {
- return __open64_2(pathname, flags);
+ return __open_2(pathname, flags);
}
__BIONIC_FORTIFY_INLINE
@@ -114,7 +117,7 @@
__overloadable
__clang_warning_if(!__open_modes_useful(flags) && modes,
"'open64' " __open_useless_modes_warning) {
- return __open64_real(pathname, flags, modes);
+ return __open_real(pathname, flags, modes);
}
__BIONIC_ERROR_FUNCTION_VISIBILITY
@@ -126,7 +129,7 @@
int openat64(int dirfd, const char* const __pass_object_size pathname, int flags)
__overloadable
__clang_error_if(__open_modes_useful(flags), "'openat64' " __open_too_few_args_error) {
- return __openat64_2(dirfd, pathname, flags);
+ return __openat_2(dirfd, pathname, flags);
}
__BIONIC_FORTIFY_INLINE
@@ -134,9 +137,9 @@
__overloadable
__clang_warning_if(!__open_modes_useful(flags) && modes,
"'openat64' " __open_useless_modes_warning) {
- return __openat64_real(dirfd, pathname, flags, modes);
+ return __openat_real(dirfd, pathname, flags, modes);
}
-#endif /* __ANDROID_API__ >= __ANDROID_API_R__ */
+#endif /* __ANDROID_API__ >= __ANDROID_API_L__ */
#undef __open_too_many_args_error
#undef __open_too_few_args_error
diff --git a/libc/include/bits/fortify/string.h b/libc/include/bits/fortify/string.h
index 9be2b1a..bd36483 100644
--- a/libc/include/bits/fortify/string.h
+++ b/libc/include/bits/fortify/string.h
@@ -46,7 +46,7 @@
void* memcpy(void* const dst __pass_object_size0, const void* src, size_t copy_amount)
__overloadable {
size_t bos_dst = __bos0(dst);
- if (__bos_trivially_not_lt(bos_dst, copy_amount)) {
+ if (__bos_trivially_ge(bos_dst, copy_amount)) {
return __builtin_memcpy(dst, src, copy_amount);
}
return __builtin___memcpy_chk(dst, src, copy_amount, bos_dst);
@@ -56,7 +56,7 @@
__BIONIC_FORTIFY_INLINE
void* memmove(void* const dst __pass_object_size0, const void* src, size_t len) __overloadable {
size_t bos_dst = __bos0(dst);
- if (__bos_trivially_not_lt(bos_dst, len)) {
+ if (__bos_trivially_ge(bos_dst, len)) {
return __builtin_memmove(dst, src, len);
}
return __builtin___memmove_chk(dst, src, len, bos_dst);
@@ -71,39 +71,40 @@
__clang_error_if(__bos_unevaluated_lt(__bos0(dst), copy_amount),
"'mempcpy' called with size bigger than buffer") {
size_t bos_dst = __bos0(dst);
- if (__bos_trivially_not_lt(bos_dst, copy_amount)) {
+ if (__bos_trivially_ge(bos_dst, copy_amount)) {
return __builtin_mempcpy(dst, src, copy_amount);
}
return __builtin___mempcpy_chk(dst, src, copy_amount, bos_dst);
}
#endif /* __ANDROID_API__ >= __ANDROID_API_R__ */
-#endif
+#endif /* __USE_GNU */
-#if __ANDROID_API__ >= __ANDROID_API_L__
__BIONIC_FORTIFY_INLINE
char* stpcpy(char* const dst __pass_object_size, const char* src)
__overloadable
__clang_error_if(__bos_unevaluated_le(__bos(dst), __builtin_strlen(src)),
"'stpcpy' called with string bigger than buffer") {
+#if __ANDROID_API__ >= __ANDROID_API_L__
size_t bos_dst = __bos(dst);
- if (__bos_trivially_not_le(bos_dst, __builtin_strlen(src))) {
- return __builtin_stpcpy(dst, src);
+ if (!__bos_trivially_gt(bos_dst, __builtin_strlen(src))) {
+ return __builtin___stpcpy_chk(dst, src, bos_dst);
}
- return __builtin___stpcpy_chk(dst, src, bos_dst);
-}
#endif /* __ANDROID_API__ >= __ANDROID_API_L__ */
+ return __builtin_stpcpy(dst, src);
+}
-#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
__BIONIC_FORTIFY_INLINE
char* strcpy(char* const dst __pass_object_size, const char* src)
__overloadable
__clang_error_if(__bos_unevaluated_le(__bos(dst), __builtin_strlen(src)),
"'strcpy' called with string bigger than buffer") {
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
size_t bos_dst = __bos(dst);
- if (__bos_trivially_not_le(bos_dst, __builtin_strlen(src))) {
- return __builtin_strcpy(dst, src);
+ if (!__bos_trivially_gt(bos_dst, __builtin_strlen(src))) {
+ return __builtin___strcpy_chk(dst, src, bos_dst);
}
- return __builtin___strcpy_chk(dst, src, bos_dst);
+#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
+ return __builtin_strcpy(dst, src);
}
__BIONIC_FORTIFY_INLINE
@@ -111,27 +112,34 @@
__overloadable
__clang_error_if(__bos_unevaluated_le(__bos(dst), __builtin_strlen(src)),
"'strcat' called with string bigger than buffer") {
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
return __builtin___strcat_chk(dst, src, __bos(dst));
+#else
+ return __builtin_strcat(dst, src);
+#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
}
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
/* No diag -- clang diagnoses misuses of this on its own. */
__BIONIC_FORTIFY_INLINE
char* strncat(char* const dst __pass_object_size, const char* src, size_t n) __overloadable {
return __builtin___strncat_chk(dst, src, n, __bos(dst));
}
+#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
/* No diag -- clang diagnoses misuses of this on its own. */
__BIONIC_FORTIFY_INLINE
void* memset(void* const s __pass_object_size0, int c, size_t n) __overloadable
/* If you're a user who wants this warning to go away: use `(&memset)(foo, bar, baz)`. */
__clang_warning_if(c && !n, "'memset' will set 0 bytes; maybe the arguments got flipped?") {
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
size_t bos = __bos0(s);
- if (__bos_trivially_not_lt(bos, n)) {
- return __builtin_memset(s, c, n);
+ if (!__bos_trivially_ge(bos, n)) {
+ return __builtin___memset_chk(s, c, n, bos);
}
- return __builtin___memset_chk(s, c, n, bos);
-}
#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
+ return __builtin_memset(s, c, n);
+}
#if __ANDROID_API__ >= __ANDROID_API_M__
__BIONIC_FORTIFY_INLINE
@@ -189,19 +197,19 @@
}
#endif /* __ANDROID_API__ >= __ANDROID_API_L__ */
-#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
__BIONIC_FORTIFY_INLINE
size_t strlcpy(char* const dst __pass_object_size, const char* src, size_t size)
__overloadable
__clang_error_if(__bos_unevaluated_lt(__bos(dst), size),
"'strlcpy' called with size bigger than buffer") {
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
size_t bos = __bos(dst);
- if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
- return __call_bypassing_fortify(strlcpy)(dst, src, size);
+ if (bos != __BIONIC_FORTIFY_UNKNOWN_SIZE) {
+ return __strlcpy_chk(dst, src, size, bos);
}
-
- return __strlcpy_chk(dst, src, size, bos);
+#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
+ return __call_bypassing_fortify(strlcpy)(dst, src, size);
}
__BIONIC_FORTIFY_INLINE
@@ -209,50 +217,51 @@
__overloadable
__clang_error_if(__bos_unevaluated_lt(__bos(dst), size),
"'strlcat' called with size bigger than buffer") {
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
size_t bos = __bos(dst);
- if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
- return __call_bypassing_fortify(strlcat)(dst, src, size);
+ if (bos != __BIONIC_FORTIFY_UNKNOWN_SIZE) {
+ return __strlcat_chk(dst, src, size, bos);
}
-
- return __strlcat_chk(dst, src, size, bos);
+#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
+ return __call_bypassing_fortify(strlcat)(dst, src, size);
}
__BIONIC_FORTIFY_INLINE
size_t strlen(const char* const s __pass_object_size0) __overloadable {
size_t bos = __bos0(s);
- if (__bos_trivially_gt(bos, __builtin_strlen(s))) {
- return __builtin_strlen(s);
+#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
+ if (!__bos_trivially_gt(bos, __builtin_strlen(s))) {
+ return __strlen_chk(s, bos);
}
-
- return __strlen_chk(s, bos);
-}
#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
+ return __builtin_strlen(s);
+}
-#if __ANDROID_API__ >= __ANDROID_API_J_MR2__
__BIONIC_FORTIFY_INLINE
char* strchr(const char* const s __pass_object_size, int c) __overloadable {
+#if __ANDROID_API__ >= __ANDROID_API_J_MR2__
size_t bos = __bos(s);
- if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
- return __builtin_strchr(s, c);
+ if (bos != __BIONIC_FORTIFY_UNKNOWN_SIZE) {
+ return __strchr_chk(s, c, bos);
}
-
- return __strchr_chk(s, c, bos);
+#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR2__ */
+ return __builtin_strchr(s, c);
}
__BIONIC_FORTIFY_INLINE
char* strrchr(const char* const s __pass_object_size, int c) __overloadable {
+#if __ANDROID_API__ >= __ANDROID_API_J_MR2__
size_t bos = __bos(s);
- if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
- return __builtin_strrchr(s, c);
+ if (bos != __BIONIC_FORTIFY_UNKNOWN_SIZE) {
+ return __strrchr_chk(s, c, bos);
}
-
- return __strrchr_chk(s, c, bos);
-}
#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR2__ */
+ return __builtin_strrchr(s, c);
+}
#if __ANDROID_API__ >= __ANDROID_API_M__
#if defined(__cplusplus)
diff --git a/libc/include/bits/fortify/unistd.h b/libc/include/bits/fortify/unistd.h
index dbc64c0..45ed2cf 100644
--- a/libc/include/bits/fortify/unistd.h
+++ b/libc/include/bits/fortify/unistd.h
@@ -76,7 +76,7 @@
#if __ANDROID_API__ >= __ANDROID_API_N__
size_t bos = __bos(buf);
- if (!__bos_trivially_not_lt(bos, size)) {
+ if (!__bos_trivially_ge(bos, size)) {
return __getcwd_chk(buf, size, bos);
}
#endif /* __ANDROID_API__ >= __ANDROID_API_N__ */
diff --git a/libc/include/sys/cdefs.h b/libc/include/sys/cdefs.h
index 689b650..b061c22 100644
--- a/libc/include/sys/cdefs.h
+++ b/libc/include/sys/cdefs.h
@@ -305,14 +305,8 @@
__bos_dynamic_check_impl_and(bos_val, op, index, 1)
#define __bos_trivially_ge(bos_val, index) __bos_dynamic_check_impl((bos_val), >=, (index))
-
#define __bos_trivially_gt(bos_val, index) __bos_dynamic_check_impl((bos_val), >, (index))
-/* The names here are meant to match nicely with the __bos_unevaluated macros above. */
-#define __bos_trivially_not_lt __bos_trivially_ge
-#define __bos_trivially_not_le __bos_trivially_gt
-
-
#if defined(__BIONIC_FORTIFY) || defined(__BIONIC_DECLARE_FORTIFY_HELPERS)
# define __BIONIC_INCLUDE_FORTIFY_HEADERS 1
#endif
diff --git a/libc/libc.map.txt b/libc/libc.map.txt
index 9b39bb8..a4ab600 100644
--- a/libc/libc.map.txt
+++ b/libc/libc.map.txt
@@ -1483,8 +1483,6 @@
LIBC_R { # introduced=R
global:
__mempcpy_chk;
- __open64_2;
- __openat64_2;
__tls_get_addr; # arm64
call_once;
cnd_broadcast;