fortify-headers/README

111 lines
1.8 KiB
Plaintext
Raw Normal View History

2015-03-06 16:42:15 +00:00
What is it?
===========
2015-02-28 15:39:31 +00:00
2015-03-06 16:42:15 +00:00
This is a standalone implementation of fortify source[0]. It is libc-agnostic
2015-03-06 16:52:26 +00:00
and simply overlays the system headers by using the #include_next extension found
2015-03-06 17:55:22 +00:00
in GCC and clang. It was initially intended to be used on musl[1] based Linux
2015-03-06 16:52:26 +00:00
distributions.
2015-02-28 15:41:13 +00:00
2015-03-06 16:42:15 +00:00
2015-03-06 16:53:48 +00:00
Features
========
2015-03-06 16:42:15 +00:00
2015-03-06 17:55:22 +00:00
- It is portable, works on *BSD, Linux and possibly other systems.
2015-03-06 16:42:15 +00:00
- It will only trap non-conformant programs. This means that fortify
level 2 is treated in the same way as level 1.
- Avoids making function calls when UB has already been invoked. This
2015-03-06 16:52:26 +00:00
is handled by using __builtin_trap().
2015-03-06 17:10:22 +00:00
- Support for out-of-bounds read interfaces, such as send(), write(),
fwrite() etc.
2015-03-06 17:55:22 +00:00
- No ABI is enforced. All of the fortify check functions are inlined
into the resulting binary.
Sample usage
============
A plan for integrating fortify into a system is still under discussion.
If you want to quickly test it, you can try something like the following:
cat > fgets.c <<EOF
#include <stdio.h>
int
main(void)
{
char buf[BUFSIZ];
fgets(buf, sizeof(buf) + 1, stdin);
return 0;
}
EOF
cc -I<path-to-fortify-include-dir> -D_FORTIFY_SOURCE=1 -O1 fgets.c
./a.out
At this point, the program will crash.
2015-03-06 16:42:15 +00:00
2015-03-06 17:15:02 +00:00
Supported interfaces
====================
FD_CLR
FD_SET
bcopy
bzero
confstr
fgets
fgetws
fread
fwrite
getcwd
getdomainname
getgroups
gethostname
getlogin_r
mbsnrtowcs
mbsrtowcs
mbstowcs
memcpy
memmove
mempcpy
memset
poll
ppoll
pread
read
readlink
readlinkat
realpath
recv
recvfrom
send
sendto
snprintf
sprintf
stpcpy
stpncpy
strcat
strcpy
strlcat
strlcpy
strncat
strncpy
ttyname_r
vsnprintf
vsprintf
wcrtomb
wcscat
wcscpy
wcsncat
wcsncpy
wcsnrtombs
wcsrtombs
wcstombs
wctomb
wmemcpy
wmemmove
wmemset
write
2015-03-06 16:42:15 +00:00
[0] http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
[1] http://www.musl-libc.org/