picnoir/glibc
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
glibc/string/strings.h
Adhemerval Zanella 38765ab68f Use fortify macros for b{zero,copy} along decl from strings.h 
As described in BZ#20558, bzero and bcopy declaration can only benefit
from fortified macros when decl came from string.h and when __USE_MISC
is defined (default behaviour).

This is due no standard includes those functions in string.h, so they
are only declared if __USE_MISC is defined (as pointed out in comment 4).
However fortification should be orthogona to other features test macros,
i.e, any function should be fortified if that function is declared.

To fix this behavior, the patch moved the bzero, bcopy, and
__explicit_bzero_chk to a common header (string/bits/strings_fortified.h)
and explicit fortified inclusion macros similar to string.h is added
on strings.h.  This allows to get fortified declarions by only including
strings.h.

Checked on x86_64-linux-gnu and along on a bootstrap installation to check
if the fortified are correctly triggered with example from bug report.

	[BZ #20558]
	* string/bits/string3.h [__USE_MISC] (bcopy): Move to
	strings_fortified.h.
	[__USE_MISC] (bzero): Likewise.
	[__USE_MISC] (explicit_bzero): Likewise.
	* string/strings.h: Include strings_fortified.h.
	* string/Makefile (headers): Add strings_fortified.h.
	* string/bits/strings_fortified.h: New file.
	* include/bits/strings_fortified.h: Likewise.
2017-01-05 15:54:13 -02:00

148 lines
4.7 KiB
C
Raw Blame History

/* Copyright (C) 1991-2017 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, see
<http://www.gnu.org/licenses/>. */
#ifndef _STRINGS_H
#define _STRINGS_H 1
/* We don't need and should not read this file if <string.h> was already
read. The one exception being that if __USE_MISC isn't defined, then
these aren't defined in string.h, so we need to define them here. */
#if !defined _STRING_H || !defined __USE_MISC
# include <features.h>
# define __need_size_t
# include <stddef.h>
/* Tell the caller that we provide correct C++ prototypes. */
# if defined __cplusplus && __GNUC_PREREQ (4, 4)
# define __CORRECT_ISO_CPP_STRINGS_H_PROTO
# endif
__BEGIN_DECLS
# if defined __USE_MISC || !defined __USE_XOPEN2K8
/* Compare N bytes of S1 and S2 (same as memcmp). */
extern int bcmp (const void *__s1, const void *__s2, size_t __n)
__THROW __attribute_pure__;
/* Copy N bytes of SRC to DEST (like memmove, but args reversed). */
extern void bcopy (const void *__src, void *__dest, size_t __n) __THROW;
/* Set N bytes of S to 0. */
extern void bzero (void *__s, size_t __n) __THROW;
/* Find the first occurrence of C in S (same as strchr). */
# ifdef __CORRECT_ISO_CPP_STRINGS_H_PROTO
extern "C++"
{
extern char *index (char *__s, int __c)
__THROW __asm ("index") __attribute_pure__ __nonnull ((1));
extern const char *index (const char *__s, int __c)
__THROW __asm ("index") __attribute_pure__ __nonnull ((1));
# if defined __OPTIMIZE__ && !defined __CORRECT_ISO_CPP_STRING_H_PROTO
__extern_always_inline char *
index (char *__s, int __c) __THROW
{
return __builtin_index (__s, __c);
}
__extern_always_inline const char *
index (const char *__s, int __c) __THROW
{
return __builtin_index (__s, __c);
}
# endif
}
# else
extern char *index (const char *__s, int __c)
__THROW __attribute_pure__ __nonnull ((1));
# endif
/* Find the last occurrence of C in S (same as strrchr). */
# ifdef __CORRECT_ISO_CPP_STRINGS_H_PROTO
extern "C++"
{
extern char *rindex (char *__s, int __c)
__THROW __asm ("rindex") __attribute_pure__ __nonnull ((1));
extern const char *rindex (const char *__s, int __c)
__THROW __asm ("rindex") __attribute_pure__ __nonnull ((1));
# if defined __OPTIMIZE__ && !defined __CORRECT_ISO_CPP_STRING_H_PROTO
__extern_always_inline char *
rindex (char *__s, int __c) __THROW
{
return __builtin_rindex (__s, __c);
}
__extern_always_inline const char *
rindex (const char *__s, int __c) __THROW
{
return __builtin_rindex (__s, __c);
}
# endif
}
# else
extern char *rindex (const char *__s, int __c)
__THROW __attribute_pure__ __nonnull ((1));
# endif
# endif
#if defined __USE_MISC || !defined __USE_XOPEN2K8 || defined __USE_XOPEN2K8XSI
/* Return the position of the first bit set in I, or 0 if none are set.
The least-significant bit is position 1, the most-significant 32. */
extern int ffs (int __i) __THROW __attribute__ ((const));
#endif
/* Compare S1 and S2, ignoring case. */
extern int strcasecmp (const char *__s1, const char *__s2)
__THROW __attribute_pure__;
/* Compare no more than N chars of S1 and S2, ignoring case. */
extern int strncasecmp (const char *__s1, const char *__s2, size_t __n)
__THROW __attribute_pure__;
#ifdef __USE_XOPEN2K8
/* The following functions are equivalent to the both above but they
take the locale they use for the collation as an extra argument.
This is not standardsized but something like will come. */
# include <xlocale.h>
/* Again versions of a few functions which use the given locale instead
of the global one. */
extern int strcasecmp_l (const char *__s1, const char *__s2, __locale_t __loc)
__THROW __attribute_pure__ __nonnull ((1, 2, 3));
extern int strncasecmp_l (const char *__s1, const char *__s2,
size_t __n, __locale_t __loc)
__THROW __attribute_pure__ __nonnull ((1, 2, 4));
#endif
__END_DECLS
#endif /* string.h */
#if __GNUC_PREREQ (3,4) && __USE_FORTIFY_LEVEL > 0 \
&& defined __fortify_function
/* Functions with security checks. */
# if defined __USE_MISC || !defined __USE_XOPEN2K8
# include <bits/strings_fortified.h>
# endif
#endif
#endif /* strings.h */
Reference in a new issue View git blame Copy permalink