commit 77f99aaf58b944b23f2cfb38fce08a98feabe93f
author George Burgess IV <gbiv@google.com> Thu Jun 06 14:14:52 2019 -0700
committer George Burgess IV <gbiv@google.com> Thu Jun 13 23:26:02 2019 -0700
tree ddcadad346c394fa7d1d7b15d488e988e5feaaf0
parent 1eb5976d7505f299754040e19792a0de94abccbc

fortify: add diagnostics for str* functions

This CL allows us to diagnose string functions that get an explicit size
passed into them, and string functions that are trivially misused.

Bug: 131861088
Test: mma
Change-Id: I894aec99420a75c6474cfd7d5010f0cf2f10ab21

tests/clang_fortify_tests.cpp

diff --git a/tests/clang_fortify_tests.cpp b/tests/clang_fortify_tests.cpp
index 0c09d36..fa0797c 100644
--- a/tests/clang_fortify_tests.cpp
+++ b/tests/clang_fortify_tests.cpp
@@ -177,22 +177,18 @@
     EXPECT_FORTIFY_DEATH(strcpy(small_buffer, large_string));
     // expected-error@+1{{string bigger than buffer}}
     EXPECT_FORTIFY_DEATH(stpcpy(small_buffer, large_string));
-#if 0
-    // expected-error@+1{{called with bigger length than the destination}}
-#endif
+    // expected-error@+1{{size bigger than buffer}}
     EXPECT_FORTIFY_DEATH(strncpy(small_buffer, large_string, sizeof(large_string)));
-#if 0
-    // expected-error@+1{{called with bigger length than the destination}}
-#endif
+    // expected-error@+1{{size bigger than buffer}}
     EXPECT_FORTIFY_DEATH(stpncpy(small_buffer, large_string, sizeof(large_string)));
-#if 0
-    // expected-error@+1{{destination buffer will always be overflown}}
-#endif
+    // expected-error@+1{{string bigger than buffer}}
     EXPECT_FORTIFY_DEATH(strcat(small_buffer, large_string));
-#if 0
-    // expected-error@+1{{destination buffer will always be overflown}}
-#endif
+    // expected-error@+1{{size bigger than buffer}}
     EXPECT_FORTIFY_DEATH(strncat(small_buffer, large_string, sizeof(large_string)));
+    // expected-error@+1{{size bigger than buffer}}
+    EXPECT_FORTIFY_DEATH(strlcpy(small_buffer, large_string, sizeof(large_string)));
+    // expected-error@+1{{size bigger than buffer}}
+    EXPECT_FORTIFY_DEATH(strlcat(small_buffer, large_string, sizeof(large_string)));
   }
 
   {
@@ -224,32 +220,34 @@
     EXPECT_FORTIFY_DEATH_STRUCT(stpcpy(split.tiny_buffer, small_string));
 
 #if _FORTIFY_SOURCE > 1
-#if 0
-    // expected-error@+2{{called with bigger length than the destination}}
-#endif
+    // expected-error@+2{{size bigger than buffer}}
 #endif
     EXPECT_FORTIFY_DEATH_STRUCT(strncpy(split.tiny_buffer, small_string, sizeof(small_string)));
 
 #if _FORTIFY_SOURCE > 1
-#if 0
-    // expected-error@+2{{called with bigger length than the destination}}
-#endif
+    // expected-error@+2{{size bigger than buffer}}
 #endif
     EXPECT_FORTIFY_DEATH_STRUCT(stpncpy(split.tiny_buffer, small_string, sizeof(small_string)));
 
 #if _FORTIFY_SOURCE > 1
-#if 0
-    // expected-error@+2{{destination buffer will always be overflown}}
-#endif
+    // expected-error@+2{{string bigger than buffer}}
 #endif
     EXPECT_FORTIFY_DEATH_STRUCT(strcat(split.tiny_buffer, small_string));
 
 #if _FORTIFY_SOURCE > 1
-#if 0
-    // expected-error@+2{{destination buffer will always be overflown}}
-#endif
+    // expected-error@+2{{size bigger than buffer}}
 #endif
     EXPECT_FORTIFY_DEATH_STRUCT(strncat(split.tiny_buffer, small_string, sizeof(small_string)));
+
+#if _FORTIFY_SOURCE > 1
+    // expected-error@+2{{size bigger than buffer}}
+#endif
+    EXPECT_FORTIFY_DEATH_STRUCT(strlcat(split.tiny_buffer, small_string, sizeof(small_string)));
+
+#if _FORTIFY_SOURCE > 1
+    // expected-error@+2{{size bigger than buffer}}
+#endif
+    EXPECT_FORTIFY_DEATH_STRUCT(strlcpy(split.tiny_buffer, small_string, sizeof(small_string)));
   }
 }