Gitiles
Code Review Sign In
gerrit.omnirom.org / android_bionic / b83d6747facc5d819a0df0bcb8762477eecfd962^! / . / libc / bionic / __strcat_chk.cpp
commitb83d6747facc5d819a0df0bcb8762477eecfd962[log] [tgz]
authorElliott Hughes <enh@google.com>Thu Feb 25 20:33:47 2016 -0800
committerElliott Hughes <enh@google.com>Fri Feb 26 22:06:17 2016 -0800
tree4f5b7589c2cfe21756a85327818a88a9becbc781
parente0959b4b164a26eb9931ed6925c71d7870c063fe [diff] [blame]
Improve FORTIFY failure diagnostics.

Our FORTIFY _chk functions' implementations were very repetitive and verbose
but not very helpful. We'd also screwed up and put the SSIZE_MAX checks where
they would never fire unless you actually had a buffer as large as half your
address space, which probably doesn't happen very often.

Factor out the duplication and take the opportunity to actually show details
like how big the overrun buffer was, or by how much it was overrun.

Also remove the obsolete FORTIFY event logging.

Also remove the unused __libc_fatal_no_abort.

This change doesn't improve the diagnostics from the optimized assembler
implementations.

Change-Id: I176a90701395404d50975b547a00bd2c654e1252

diff --git a/libc/bionic/__strcat_chk.cpp b/libc/bionic/__strcat_chk.cpp
index a0ab09e..16b2327 100644
--- a/libc/bionic/__strcat_chk.cpp
+++ b/libc/bionic/__strcat_chk.cpp

@@ -27,33 +27,22 @@
  */
 
 #include <string.h>
-#include <stdlib.h>
-#include "private/libc_logging.h"
 
-/*
- * Runtime implementation of __builtin____strcat_chk.
- *
- * See
- *   http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
- *   http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
- * for details.
- *
- * This strcat check is called if _FORTIFY_SOURCE is defined and
- * greater than 0.
- */
-extern "C" char* __strcat_chk(char* __restrict dest, const char* __restrict src,
-                              size_t dest_buf_size) {
-  char* save = dest;
-  size_t dest_len = __strlen_chk(dest, dest_buf_size);
+#include "private/bionic_fortify.h"
 
-  dest += dest_len;
-  dest_buf_size -= dest_len;
+// Runtime implementation of __builtin____strcat_chk (used directly by compiler, not in headers).
+extern "C" char* __strcat_chk(char* __restrict dst, const char* __restrict src,
+                              size_t dst_buf_size) {
+  char* save = dst;
+  size_t dst_len = __strlen_chk(dst, dst_buf_size);
 
-  while ((*dest++ = *src++) != '\0') {
-    dest_buf_size--;
-    if (__predict_false(dest_buf_size == 0)) {
-      __fortify_chk_fail("strcat: prevented write past end of buffer",
-                         BIONIC_EVENT_STRCAT_BUFFER_OVERFLOW);
+  dst += dst_len;
+  dst_buf_size -= dst_len;
+
+  while ((*dst++ = *src++) != '\0') {
+    dst_buf_size--;
+    if (__predict_false(dst_buf_size == 0)) {
+      __fortify_fatal("strcat: prevented write past end of %zu-byte buffer", dst_buf_size);
     }
   }