atmos/fortify-headers
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
148 Commits 2 Branches 11 Tags 159 KiB
1cd5461a53
Commit Graph

115 Commits

Author SHA1 Message Date
Trutz Behn
1cd5461a53 Use namespace-safe macro, param and variable names 2015-06-03 18:55:35 +01:00
Trutz Behn
a9ee1d2743 Fix usage of __USER_LABEL_PREFIX__ 
The predefined __USER_LABEL_PREFIX__ macro if it is non-empty contains
an identifier, not a string literal, thus it needs to be stringified.
 2015-06-03 08:33:32 +01:00
Trutz Behn
720c4f7414 Fix return-type of fortified FD_CLR and FD_SET 
POSIX specifies them to have return-type void, not int.
 2015-05-21 10:10:17 +01:00
sin
50e37c7f76 Wrap some overly long lines 2015-05-13 12:18:35 +01:00
sin
07adb50914 Add LICENSE header 2015-05-13 12:15:36 +01:00
sin
158782b3bb Add fortify_fn() helper in fortify-headers.h 2015-05-13 12:05:29 +01:00
sin
316a486533 Minor style fix 2015-05-07 18:04:01 +01:00
Natanael Copa
c2bb9e106a fix realpath when stdlib.h is included before limits.h 
If program includes stdlib.h before limits.h without _XOPEN_SOURCE,
_GNU_SOURCE or _BSD_SOURCE explicitly set, then will it always trigger
the trap with musl libc.

This is becase stdlib.h will pull in features.h which will set
_GNU_SOURCE. This means that the fortify stdlib.h will not include
limits.h but it will still trigger the fortified realpath(), but without
PATH_MAX set.

We fix this by including system stdlib.h before testing if limits.h
should be included.

Since PATH_MAX is known at compile time we can also error at compile
time, instead of compiling a broken realpath().
 2015-05-07 15:02:11 +01:00
sin
c7e82d4863 Add read checks for bcopy() 2015-04-08 15:25:47 +01:00
sin
2bd3091b36 Check for out of bound reads for memcpy, memmove and mempcpy() 2015-04-08 15:18:49 +01:00
sin
73839e34a6 Add feature-test guards for mbsnrtowcs() and wcsnrtombs() 2015-04-01 12:41:08 +01:00
sin
442a2a4d65 Hide stpcpy() and stpncpy() under feature test macros 2015-03-15 09:57:26 +00:00
Trutz Behn
22e7e51007 Use __typeof__ to in part avoid replicating function types 2015-03-14 20:37:27 +00:00
Trutz Behn
c2c9d0c6c8 Fix typo in attribute name 2015-03-14 19:39:14 +00:00
sin
0932a82ada Explicitly cast pointers to satisfy C++ code 2015-03-14 09:45:37 +00:00
sin
37eb2c9c1d Add __artificial__ to aid in debugging 2015-03-14 09:38:22 +00:00
sin
d12254166a Restore C++ support 2015-03-13 23:09:15 +00:00
sin
c4abf4497b Fix typo again 2015-03-13 17:14:58 +00:00
sin
c8ecc164f1 Implement snprintf() and sprintf() using __builtin_va_arg_pack() 
Requires at least GCC 4.3.
 2015-03-13 17:03:52 +00:00
sin
c2b0ad0bf5 Re-order vsnprintf() and vsprintf() 
vsprintf() needs to access __vsnprintf_orig().
 2015-03-13 14:22:41 +00:00
sin
2b6657b759 Fix typo 2015-03-13 14:19:32 +00:00
sin
9f8c543dc8 Rework fortify implementation to use extern inline 
Overriding functions with macros is legal in C but a lot of software
is not prepared for it.  Use the extern inline method to achieve the
same result.
 2015-03-13 11:00:46 +00:00
Trutz Behn
b211796d68 Put include guards in the reserved namespace 
fortify-headers is considered part of the implementation.
 2015-03-11 21:33:01 +00:00
sin
69e43f5c5e Revert "Add explicit casts to satisfy C++ code" 
This reverts commit 1fbf7a3a5e9c02cf992848002cfb88c3c7cc0212.
 2015-03-11 12:57:37 +00:00
sin
14af218559 Ignore C++ for now 
It is not legal to override standard functions using macros in C++.
We may have to revisit this in the future.
 2015-03-11 11:18:31 +00:00
sin
8604f138c5 Add ifdef guards for C++ code 2015-03-11 09:26:11 +00:00
sin
1fbf7a3a5e Add explicit casts to satisfy C++ code 2015-03-11 09:21:25 +00:00
sin
499ea65dd5 Revert "Fix invalid conversion in C++ code" 
This reverts commit 4b4dfea25d660a8a27e95ea531686001246b3d1e.
 2015-03-11 09:21:00 +00:00
sin
4b4dfea25d Fix invalid conversion in C++ code 
/usr/include/fortify/string.h: In function 'void* __fortify_memcpy(void*, const void*, size_t)':
/usr/include/fortify/string.h:13:12: error: invalid conversion from 'void*' to 'char*' [-fpermissive]
/usr/include/fortify/string.h:14:18: error: invalid conversion from 'const void*' to 'const char*' [-fpermissive]

Since we are relying on GCC anyway, assume void * arithmetic is OK.
 2015-03-11 09:17:56 +00:00
sin
0362def21a Inline ppoll() as well 2015-03-10 18:04:21 +00:00
sin
99d1025513 Make ppoll() static 
Thanks Timo Teras.
 2015-03-10 16:38:26 +00:00
sin
701d7d3303 Fix strncat() and strncpy() mappings 
Thanks zhasha.
 2015-03-10 16:38:26 +00:00
sin
8cb1c705b1 Style fix 2015-03-07 10:32:28 +00:00
sin
ead32d6320 Fix some checks in wchar.h 
Some of these functions allow the destination pointer to be NULL.
Do not trap in that case as nothing will be written to the destination
buffer.
 2015-03-06 12:39:11 +00:00
sin
9b128ed538 Fix mbsnrtowcs() and wcsnrtombs() checks 2015-03-05 18:21:52 +00:00
sin
c51977cfcc Fix wcsrtombs() check 2015-03-04 20:16:44 +00:00
sin
4ddbe16d88 Fix mbsrtowcs() check 2015-03-04 19:58:48 +00:00
sin
7392bcaef8 Handle early termination in wcsnrtombs() and mbsnrtowcs() 2015-03-04 17:10:50 +00:00
sin
3d237352de Add wctomb() check 2015-03-04 13:12:58 +00:00
sin
911f402e94 Add wcstombs() check 2015-03-04 13:09:31 +00:00
sin
3532ee2caa Add wcsnrtombs() and wcsrtombs() checks 2015-03-04 12:59:41 +00:00
sin
ce3377dbb2 Add wcsncat() and wcsncpy() checks 2015-03-04 12:42:55 +00:00
sin
a28cd72ce6 Add wcrtomb(), wcscat() and wcscpy() checks 2015-03-04 12:27:04 +00:00
sin
316c87a6a6 Style fix 2015-03-03 20:38:52 +00:00
sin
95f63b3084 Add mbstowcs() check 2015-03-03 20:36:35 +00:00
sin
d548f4a37d Add mbsnrtowcs() and mbsrtowcs() checks 2015-03-03 20:30:47 +00:00
sin
f0efb87f8f Add wmemcpy() and wmemmove() checks 2015-03-03 18:16:29 +00:00
sin
a810ecae68 Add wmemset() check 2015-03-03 18:13:14 +00:00
sin
4514109df1 Fix signed/unsigned warning 2015-03-03 17:11:16 +00:00
sin
d87f9d94e1 Remove gcc attribute decoration 2015-03-03 17:10:34 +00:00