Improve FORTIFY failure diagnostics.
Our FORTIFY _chk functions' implementations were very repetitive and verbose
but not very helpful. We'd also screwed up and put the SSIZE_MAX checks where
they would never fire unless you actually had a buffer as large as half your
address space, which probably doesn't happen very often.
Factor out the duplication and take the opportunity to actually show details
like how big the overrun buffer was, or by how much it was overrun.
Also remove the obsolete FORTIFY event logging.
Also remove the unused __libc_fatal_no_abort.
This change doesn't improve the diagnostics from the optimized assembler
implementations.
Change-Id: I176a90701395404d50975b547a00bd2c654e1252
diff --git a/libc/bionic/__strcpy_chk.cpp b/libc/bionic/__strcpy_chk.cpp
index ad3ef50..116fff4 100644
--- a/libc/bionic/__strcpy_chk.cpp
+++ b/libc/bionic/__strcpy_chk.cpp
@@ -29,27 +29,13 @@
#undef _FORTIFY_SOURCE
#include <string.h>
-#include <stdlib.h>
-#include "private/libc_logging.h"
-/*
- * Runtime implementation of __builtin____strcpy_chk.
- *
- * See
- * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
- * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
- * for details.
- *
- * This strcpy check is called if _FORTIFY_SOURCE is defined and
- * greater than 0.
- */
-extern "C" char* __strcpy_chk(char* dest, const char* src, size_t dest_len) {
+#include "private/bionic_fortify.h"
+
+// Runtime implementation of __builtin____strcpy_chk (used directly by compiler, not in headers).
+extern "C" char* __strcpy_chk(char* dst, const char* src, size_t dst_len) {
// TODO: optimize so we don't scan src twice.
size_t src_len = strlen(src) + 1;
- if (__predict_false(src_len > dest_len)) {
- __fortify_chk_fail("strcpy: prevented write past end of buffer",
- BIONIC_EVENT_STRCPY_BUFFER_OVERFLOW);
- }
-
- return strcpy(dest, src);
+ __check_buffer_access("strcpy", "write into", src_len, dst_len);
+ return strcpy(dst, src);
}