Merge "Fix compare_exchange_weak tests to allow spurious failure"
diff --git a/libc/bionic/fortify.cpp b/libc/bionic/fortify.cpp
index cf2d1c2..cfbfbc5 100644
--- a/libc/bionic/fortify.cpp
+++ b/libc/bionic/fortify.cpp
@@ -133,7 +133,7 @@
void* __memchr_chk(const void* s, int c, size_t n, size_t actual_size) {
__check_buffer_access("memchr", "read from", n, actual_size);
- return memchr(s, c, n);
+ return const_cast<void*>(memchr(s, c, n));
}
// Runtime implementation of __builtin____memmove_chk (used directly by compiler, not in headers).
diff --git a/libc/bionic/memmem.cpp b/libc/bionic/memmem.cpp
index 61d681f..019e772 100644
--- a/libc/bionic/memmem.cpp
+++ b/libc/bionic/memmem.cpp
@@ -35,7 +35,7 @@
if (n < m) return nullptr;
if (m == 0) return const_cast<void*>(void_haystack);
- if (m == 1) return memchr(haystack, needle[0], n);
+ if (m == 1) return const_cast<void*>(memchr(haystack, needle[0], n));
// This uses the "Not So Naive" algorithm, a very simple but usually effective algorithm.
// http://www-igm.univ-mlv.fr/~lecroq/string/
diff --git a/libc/bionic/ndk_cruft.cpp b/libc/bionic/ndk_cruft.cpp
index c042f9f..29565a2 100644
--- a/libc/bionic/ndk_cruft.cpp
+++ b/libc/bionic/ndk_cruft.cpp
@@ -322,7 +322,7 @@
// This was removed from POSIX 2008.
char* index(const char* str, int ch) {
- return strchr(str, ch);
+ return const_cast<char*>(strchr(str, ch));
}
// This was removed from BSD.
diff --git a/libc/include/string.h b/libc/include/string.h
index 0cbd61c..6520996 100644
--- a/libc/include/string.h
+++ b/libc/include/string.h
@@ -168,48 +168,47 @@
// trickery...
#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
__BIONIC_FORTIFY_INLINE
-void* memcpy(void* _Nonnull __restrict const dst __pass_object_size0,
- const void* _Nonnull __restrict src, size_t copy_amount) __overloadable {
+void* memcpy(void* _Nonnull __restrict const dst __pass_object_size0, const void* _Nonnull __restrict src, size_t copy_amount)
+ __overloadable {
return __builtin___memcpy_chk(dst, src, copy_amount, __bos0(dst));
}
__BIONIC_FORTIFY_INLINE
-void* memmove(void* const _Nonnull dst __pass_object_size0,
- const void* _Nonnull src, size_t len) __overloadable {
+void* memmove(void* const _Nonnull dst __pass_object_size0, const void* _Nonnull src, size_t len)
+ __overloadable {
return __builtin___memmove_chk(dst, src, len, __bos0(dst));
}
#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
#if __ANDROID_API__ >= __ANDROID_API_L__
__BIONIC_FORTIFY_INLINE
-char* stpcpy(char* _Nonnull __restrict const dst __pass_object_size,
- const char* _Nonnull __restrict src) __overloadable {
+char* stpcpy(char* _Nonnull __restrict const dst __pass_object_size, const char* _Nonnull __restrict src)
+ __overloadable {
return __builtin___stpcpy_chk(dst, src, __bos(dst));
}
#endif /* __ANDROID_API__ >= __ANDROID_API_L__ */
#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
__BIONIC_FORTIFY_INLINE
-char* strcpy(char* _Nonnull __restrict const dst __pass_object_size,
- const char* _Nonnull __restrict src) __overloadable {
+char* strcpy(char* _Nonnull __restrict const dst __pass_object_size, const char* _Nonnull __restrict src)
+ __overloadable {
return __builtin___strcpy_chk(dst, src, __bos(dst));
}
__BIONIC_FORTIFY_INLINE
-char* strcat(char* _Nonnull __restrict const dst __pass_object_size,
- const char* _Nonnull __restrict src) __overloadable {
+char* strcat(char* _Nonnull __restrict const dst __pass_object_size, const char* _Nonnull __restrict src)
+ __overloadable {
return __builtin___strcat_chk(dst, src, __bos(dst));
}
__BIONIC_FORTIFY_INLINE
-char* strncat(char* const _Nonnull __restrict dst __pass_object_size,
- const char* _Nonnull __restrict src, size_t n) __overloadable {
+char* strncat(char* const _Nonnull __restrict dst __pass_object_size, const char* _Nonnull __restrict src, size_t n)
+ __overloadable {
return __builtin___strncat_chk(dst, src, n, __bos(dst));
}
__BIONIC_FORTIFY_INLINE
-void* memset(void* const _Nonnull s __pass_object_size0, int c, size_t n)
- __overloadable {
+void* memset(void* const _Nonnull s __pass_object_size0, int c, size_t n) __overloadable {
return __builtin___memset_chk(s, c, n, __bos0(s));
}
#endif /* __ANDROID_API__ >= __ANDROID_API_J_MR1__ */
@@ -274,9 +273,8 @@
#if __ANDROID_API__ >= __ANDROID_API_L__
__BIONIC_FORTIFY_INLINE
-char* stpncpy(char* __restrict const _Nonnull dst __pass_object_size,
- const char* __restrict const _Nonnull src __pass_object_size,
- size_t n) __overloadable {
+char* stpncpy(char* __restrict const _Nonnull dst __pass_object_size, const char* __restrict const _Nonnull src __pass_object_size, size_t n)
+ __overloadable {
size_t bos_dst = __bos(dst);
size_t bos_src = __bos(src);
@@ -289,9 +287,8 @@
}
__BIONIC_FORTIFY_INLINE
-char* strncpy(char* __restrict const _Nonnull dst __pass_object_size,
- const char* __restrict const _Nonnull src __pass_object_size,
- size_t n) __overloadable {
+char* strncpy(char* __restrict const _Nonnull dst __pass_object_size, const char* __restrict const _Nonnull src __pass_object_size, size_t n)
+ __overloadable {
size_t bos_dst = __bos(dst);
size_t bos_src = __bos(src);
@@ -306,8 +303,8 @@
#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
__BIONIC_FORTIFY_INLINE
-size_t strlcpy(char* const _Nonnull __restrict dst __pass_object_size,
- const char *_Nonnull __restrict src, size_t size) __overloadable {
+size_t strlcpy(char* const _Nonnull __restrict dst __pass_object_size, const char *_Nonnull __restrict src, size_t size)
+ __overloadable {
size_t bos = __bos(dst);
if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
@@ -318,8 +315,8 @@
}
__BIONIC_FORTIFY_INLINE
-size_t strlcat(char* const _Nonnull __restrict dst __pass_object_size,
- const char* _Nonnull __restrict src, size_t size) __overloadable {
+size_t strlcat(char* const _Nonnull __restrict dst __pass_object_size, const char* _Nonnull __restrict src, size_t size)
+ __overloadable {
size_t bos = __bos(dst);
if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
@@ -366,7 +363,6 @@
return __builtin_strchr(s, c);
}
- // return __builtin_strchr(s, c);
return __strchr_chk(s, c, bos);
}
@@ -390,14 +386,12 @@
* but we should also provide a FORTIFY'ed escape hatch.
*/
__BIONIC_ERROR_FUNCTION_VISIBILITY
-void* memset(void* _Nonnull s, int c, size_t n,
- struct __bionic_zero_size_is_okay_t ok)
+void* memset(void* _Nonnull s, int c, size_t n, struct __bionic_zero_size_is_okay_t ok)
__overloadable
__error_if_overflows_dst(memset, s, n, "size");
__BIONIC_FORTIFY_INLINE
-void* memset(void* const _Nonnull s __pass_object_size0, int c, size_t n,
- struct __bionic_zero_size_is_okay_t ok __attribute__((unused)))
+void* memset(void* const _Nonnull s __pass_object_size0, int c, size_t n, struct __bionic_zero_size_is_okay_t ok __attribute__((unused)))
__overloadable {
return __builtin___memset_chk(s, c, n, __bos0(s));
}
@@ -514,8 +508,7 @@
#if __ANDROID_API__ >= __ANDROID_API_J_MR1__
__BIONIC_FORTIFY_INLINE
-size_t strlcpy(char* _Nonnull __restrict dst __pass_object_size,
- const char* _Nonnull __restrict src, size_t size) {
+size_t strlcpy(char* _Nonnull __restrict dst __pass_object_size, const char* _Nonnull __restrict src, size_t size) {
size_t bos = __bos(dst);
// Compiler doesn't know destination size. Don't call __strlcpy_chk
@@ -606,6 +599,92 @@
#endif /* defined(__clang__) */
#endif /* defined(__BIONIC_FORTIFY) */
+/* Const-correct overloads. Placed after FORTIFY so we call those functions, if possible. */
+#if defined(__cplusplus) && defined(__clang__)
+/*
+ * Use two enable_ifs so these overloads don't conflict with + are preferred over libcxx's. This can
+ * be reduced to 1 after libcxx recognizes that we have const-correct overloads.
+ */
+#define __prefer_this_overload __enable_if(true, "preferred overload") __enable_if(true, "")
+extern "C++" {
+inline __always_inline
+void* __bionic_memchr(const void* const _Nonnull s __pass_object_size, int c, size_t n) {
+ return memchr(s, c, n);
+}
+
+inline __always_inline
+const void* memchr(const void* const _Nonnull s __pass_object_size, int c, size_t n)
+ __prefer_this_overload {
+ return __bionic_memchr(s, c, n);
+}
+
+inline __always_inline
+void* memchr(void* const _Nonnull s __pass_object_size, int c, size_t n) __prefer_this_overload {
+ return __bionic_memchr(s, c, n);
+}
+
+inline __always_inline
+char* __bionic_strchr(const char* const _Nonnull s __pass_object_size, int c) {
+ return strchr(s, c);
+}
+
+inline __always_inline
+const char* strchr(const char* const _Nonnull s __pass_object_size, int c)
+ __prefer_this_overload {
+ return __bionic_strchr(s, c);
+}
+
+inline __always_inline
+char* strchr(char* const _Nonnull s __pass_object_size, int c)
+ __prefer_this_overload {
+ return __bionic_strchr(s, c);
+}
+
+inline __always_inline
+char* __bionic_strrchr(const char* const _Nonnull s __pass_object_size, int c) {
+ return strrchr(s, c);
+}
+
+inline __always_inline
+const char* strrchr(const char* const _Nonnull s __pass_object_size, int c) __prefer_this_overload {
+ return __bionic_strrchr(s, c);
+}
+
+inline __always_inline
+char* strrchr(char* const _Nonnull s __pass_object_size, int c) __prefer_this_overload {
+ return __bionic_strrchr(s, c);
+}
+
+/* Functions with no FORTIFY counterpart. */
+inline __always_inline
+char* __bionic_strstr(const char* _Nonnull h, const char* _Nonnull n) { return strstr(h, n); }
+
+inline __always_inline
+const char* strstr(const char* _Nonnull h, const char* _Nonnull n) __prefer_this_overload {
+ return __bionic_strstr(h, n);
+}
+
+inline __always_inline
+char* strstr(char* _Nonnull h, const char* _Nonnull n) __prefer_this_overload {
+ return __bionic_strstr(h, n);
+}
+
+inline __always_inline
+char* __bionic_strpbrk(const char* _Nonnull h, const char* _Nonnull n) { return strpbrk(h, n); }
+
+inline __always_inline
+char* strpbrk(char* _Nonnull h, const char* _Nonnull n) __prefer_this_overload {
+ return __bionic_strpbrk(h, n);
+}
+
+inline __always_inline
+const char* strpbrk(const char* _Nonnull h, const char* _Nonnull n) __prefer_this_overload {
+ return __bionic_strpbrk(h, n);
+}
+}
+#undef __prefer_this_overload
+#endif
+
#if defined(__clang__)
#pragma clang diagnostic pop
#endif
diff --git a/libc/include/sys/cdefs.h b/libc/include/sys/cdefs.h
index dab252d..aa93c78 100644
--- a/libc/include/sys/cdefs.h
+++ b/libc/include/sys/cdefs.h
@@ -297,9 +297,12 @@
/* __BIONIC_FORTIFY_NONSTATIC_INLINE is pointless in GCC's FORTIFY */
# define __BIONIC_FORTIFY_INLINE extern __inline__ __always_inline __attribute__((gnu_inline)) __attribute__((__artificial__))
# endif
-# define __pass_object_size __pass_object_size_n(__bos_level)
-# define __pass_object_size0 __pass_object_size_n(0)
+#else
+/* Further increase sharing for some inline functions */
+# define __pass_object_size_n(n)
#endif
+#define __pass_object_size __pass_object_size_n(__bos_level)
+#define __pass_object_size0 __pass_object_size_n(0)
/* Used to support clangisms with FORTIFY. This isn't in the FORTIFY section
* because these change how symbols are emitted. The linker must be kept happy.
diff --git a/tests/fortify_test.cpp b/tests/fortify_test.cpp
index 86b282c..c21c9da 100644
--- a/tests/fortify_test.cpp
+++ b/tests/fortify_test.cpp
@@ -231,35 +231,41 @@
}
#endif
-#ifndef __clang__
-// This test is disabled in clang because clang doesn't properly detect
-// this buffer overflow. TODO: Fix clang.
TEST_F(DEATHTEST, strchr_fortified2) {
#if defined(__BIONIC__)
foo myfoo;
memcpy(myfoo.a, "0123456789", sizeof(myfoo.a));
myfoo.b[0] = '\0';
ASSERT_FORTIFY(printf("%s", strchr(myfoo.a, 'a')));
+ ASSERT_FORTIFY(printf("%s", strchr(static_cast<const char*>(myfoo.a), 'a')));
#else // __BIONIC__
GTEST_LOG_(INFO) << "This test does nothing.\n";
#endif // __BIONIC__
}
-#endif
-#ifndef __clang__
-// This test is disabled in clang because clang doesn't properly detect
-// this buffer overflow. TODO: Fix clang.
TEST_F(DEATHTEST, strrchr_fortified2) {
#if defined(__BIONIC__)
foo myfoo;
memcpy(myfoo.a, "0123456789", 10);
memcpy(myfoo.b, "01234", 6);
ASSERT_FORTIFY(printf("%s", strrchr(myfoo.a, 'a')));
+ ASSERT_FORTIFY(printf("%s", strrchr(static_cast<const char*>(myfoo.a), 'a')));
#else // __BIONIC__
GTEST_LOG_(INFO) << "This test does nothing.\n";
#endif // __BIONIC__
}
-#endif
+
+TEST_F(DEATHTEST, memchr_fortified2) {
+#if defined(__BIONIC__)
+ foo myfoo;
+ volatile int asize = sizeof(myfoo.a) + 1;
+ memcpy(myfoo.a, "0123456789", sizeof(myfoo.a));
+ ASSERT_FORTIFY(printf("%s", memchr(myfoo.a, 'a', asize)));
+ ASSERT_FORTIFY(printf("%s", memchr(static_cast<const void*>(myfoo.a), 'a', asize)));
+#else // __BIONIC__
+ GTEST_LOG_(INFO) << "This test does nothing.\n";
+#endif // __BIONIC__
+}
#ifndef __clang__
// This test is disabled in clang because clang doesn't properly detect