From 61062f56304750c367c5c1533351621353c112a7 Mon Sep 17 00:00:00 2001 From: Ulrich Drepper Date: Tue, 1 Mar 2005 00:35:23 +0000 Subject: [PATCH] * posix/bits/unistd.h: Avoid calling __*_chk variants if we can determine the call will never trigger a failure. * sysdeps/i386/i686/memset_chk.S: Remove alias and warning. * sysdeps/x86_64/memset_chk.S: Likewise. 2005-02-24 Roland McGrath * debug/Versions (libc: GLIBC_2.4): Remove __memset_zero_constant_len_parameter. * sysdeps/generic/memset_chk.c: Remove alias and warning. * misc/sys/cdefs.h (__warndecl): New macro. * debug/warning-nop.c: New file. * string/bits/string3.h (memset): Call __warn_memset_zero_len with no arguments, instead of calling __memset_zero_constant_len_parameter. Use __warndecl for __warn_memset_zero_len. * debug/Makefile (routines): Add $(static-only-routines). (static-only-routines): New variable. --- ChangeLog | 21 +++++++++++++++++++++ debug/Makefile | 6 ++++-- debug/Versions | 1 - debug/pread_chk.c | 9 +++------ debug/read_chk.c | 13 +++++-------- debug/warning-nop.c | 38 ++++++++++++++++++++++++++++++++++++++ misc/sys/cdefs.h | 1 + posix/bits/unistd.h | 6 ++++++ string/bits/string3.h | 6 +++--- sysdeps/generic/memset_chk.c | 4 ---- sysdeps/i386/i686/memset_chk.S | 4 ---- sysdeps/x86_64/memset_chk.S | 4 ---- 12 files changed, 81 insertions(+), 32 deletions(-) create mode 100644 debug/warning-nop.c diff --git a/ChangeLog b/ChangeLog index 824f9d3..5241846 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,24 @@ +2005-02-28 Ulrich Drepper + + * posix/bits/unistd.h: Avoid calling __*_chk variants if we can + determine the call will never trigger a failure. + + * sysdeps/i386/i686/memset_chk.S: Remove alias and warning. + * sysdeps/x86_64/memset_chk.S: Likewise. + +2005-02-24 Roland McGrath + + * debug/Versions (libc: GLIBC_2.4): Remove + __memset_zero_constant_len_parameter. + * sysdeps/generic/memset_chk.c: Remove alias and warning. + * misc/sys/cdefs.h (__warndecl): New macro. + * debug/warning-nop.c: New file. + * string/bits/string3.h (memset): Call __warn_memset_zero_len with no + arguments, instead of calling __memset_zero_constant_len_parameter. + Use __warndecl for __warn_memset_zero_len. + * debug/Makefile (routines): Add $(static-only-routines). + (static-only-routines): New variable. + 2005-02-27 Ulrich Drepper * po/tr.po: Update from translation team. diff --git a/debug/Makefile b/debug/Makefile index a3f20fd..c904913 100644 --- a/debug/Makefile +++ b/debug/Makefile @@ -24,14 +24,16 @@ subdir := debug headers := execinfo.h distribute = sigcontextinfo.h register-dump.h frame.h -routines := backtrace backtracesyms backtracesymsfd noophooks \ +routines = backtrace backtracesyms backtracesymsfd noophooks \ memcpy_chk memmove_chk mempcpy_chk memset_chk stpcpy_chk \ strcat_chk strcpy_chk strncat_chk strncpy_chk \ sprintf_chk vsprintf_chk snprintf_chk vsnprintf_chk \ printf_chk fprintf_chk vprintf_chk vfprintf_chk \ gets_chk chk_fail readonly-area fgets_chk fgets_u_chk \ read_chk pread_chk pread64_chk recv_chk recvfrom_chk \ - readlink_chk getwd_chk getcwd_chk + readlink_chk getwd_chk getcwd_chk \ + $(static-only-routines) +static-only-routines := warning-nop CFLAGS-backtrace.c = -fno-omit-frame-pointer CFLAGS-sprintf_chk.c = -D_IO_MTSAFE_IO diff --git a/debug/Versions b/debug/Versions index a4229d7..fd97834 100644 --- a/debug/Versions +++ b/debug/Versions @@ -22,7 +22,6 @@ libc { __fgets_chk; __fgets_unlocked_chk; __read_chk; __pread_chk; __pread64_chk; __readlink_chk; __getcwd_chk; __getwd_chk; - __memset_zero_constant_len_parameter; __recv_chk; __recvfrom_chk; } } diff --git a/debug/pread_chk.c b/debug/pread_chk.c index 6dfa2ab..483b5d0 100644 --- a/debug/pread_chk.c +++ b/debug/pread_chk.c @@ -23,11 +23,8 @@ ssize_t __pread_chk (int fd, void *buf, size_t nbytes, off_t offset, size_t buflen) { - /* In case NBYTES is greater than BUFLEN, we read BUFLEN+1 bytes. - This might overflow the buffer but the damage is reduced to just - one byte. And the program will terminate right away. */ - ssize_t n = __pread (fd, buf, offset, MIN (nbytes, buflen + 1)); - if (n > 0 && (size_t) n > buflen) + if (nbytes > buflen) __chk_fail (); - return n; + + return __pread (fd, buf, offset, MIN (nbytes, buflen + 1)); } diff --git a/debug/read_chk.c b/debug/read_chk.c index 88404ed..f738c48 100644 --- a/debug/read_chk.c +++ b/debug/read_chk.c @@ -27,15 +27,12 @@ ssize_t __read_chk (int fd, void *buf, size_t nbytes, size_t buflen) { - /* In case NBYTES is greater than BUFLEN, we read BUFLEN+1 bytes. - This might overflow the buffer but the damage is reduced to just - one byte. And the program will terminate right away. */ + if (nbytes > buflen) + __chk_fail (); + #ifdef HAVE_INLINED_SYSCALLS - ssize_t n = INLINE_SYSCALL (read, 3, fd, buf, MIN (nbytes, buflen + 1)); + return = INLINE_SYSCALL (read, 3, fd, buf, nbytes); #else - ssize_t n = __read (fd, buf, MIN (nbytes, buflen + 1)); + return = __read (fd, buf, nbytes); #endif - if (n > 0 && (size_t) n > buflen) - __chk_fail (); - return n; } diff --git a/debug/warning-nop.c b/debug/warning-nop.c new file mode 100644 index 0000000..84de3a9 --- /dev/null +++ b/debug/warning-nop.c @@ -0,0 +1,38 @@ +/* Dummy nop functions to elicit link-time warnings. + Copyright (C) 2005 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, write to the Free + Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307 USA. */ + +#include + +void __nop (void) +{ +} + +/* Don't insert any other #include's before this #undef! */ + +#undef __warndecl +#define __warndecl(name, msg) \ + strong_alias (__nop, name) link_warning (name, msg) + +#undef __USE_FORTIFY_LEVEL +#define __USE_FORTIFY_LEVEL 99 + +/* Following here we need an #include for each public header file + that uses __warndecl. */ + +#include diff --git a/misc/sys/cdefs.h b/misc/sys/cdefs.h index 8d529bf..6f562e5 100644 --- a/misc/sys/cdefs.h +++ b/misc/sys/cdefs.h @@ -130,6 +130,7 @@ /* Fortify support. */ #define __bos(ptr) __builtin_object_size (ptr, __USE_FORTIFY_LEVEL > 1) #define __bos0(ptr) __builtin_object_size (ptr, 0) +#define __warndecl(name, msg) extern void name (void) /* Support for flexible arrays. */ diff --git a/posix/bits/unistd.h b/posix/bits/unistd.h index 3b9c67c..0e5417c 100644 --- a/posix/bits/unistd.h +++ b/posix/bits/unistd.h @@ -25,6 +25,7 @@ extern ssize_t __read_chk (int __fd, void *__buf, size_t __nbytes, size_t __buflen) __wur; #define read(fd, buf, nbytes) \ (__bos (buf) != (size_t) -1 \ + && (!__builtin_constant_p (nbytes) || (nbytes) > __bos (buf)) \ ? __read_chk (fd, buf, nbytes, __bos (buf)) \ : read (fd, buf, nbytes)) @@ -36,11 +37,13 @@ extern ssize_t __pread64_chk (int __fd, void *__buf, size_t __nbytes, # ifndef __USE_FILE_OFFSET64 # define pread(fd, buf, nbytes, offset) \ (__bos (buf) != (size_t) -1 \ + && (!__builtin_constant_p (nbytes) || (nbytes) > __bos (buf)) \ ? __pread64_chk (fd, buf, nbytes, offset, __bos (buf)) \ : pread (fd, buf, offset, nbytes)) # else # define pread(fd, buf, nbytes, offset) \ (__bos (buf) != (size_t) -1 \ + && (!__builtin_constant_p (nbytes) || (nbytes) > __bos (buf)) \ ? __pread_chk (fd, buf, nbytes, offset, __bos (buf)) \ : pread (fd, buf, offset, nbytes)) # endif @@ -48,6 +51,7 @@ extern ssize_t __pread64_chk (int __fd, void *__buf, size_t __nbytes, # ifdef __USE_LARGEFILE64 # define pread64(fd, buf, nbytes, offset) \ (__bos (buf) != (size_t) -1 \ + && (!__builtin_constant_p (nbytes) || (nbytes) > __bos (buf)) \ ? __pread64_chk (fd, buf, nbytes, offset, __bos (buf)) \ : pread64 (fd, buf, offset, nbytes)) # endif @@ -60,6 +64,7 @@ extern int __readlink_chk (__const char *__restrict __path, __THROW __nonnull ((1, 2)) __wur; # define readlink(path, buf, len) \ (__bos (buf) != (size_t) -1 \ + && (!__builtin_constant_p (len) || (len) > __bos (buf)) \ ? __readlink_chk (path, buf, len, __bos (buf)) \ : readlink (path, buf, len)) #endif @@ -68,6 +73,7 @@ extern char *__getcwd_chk (char *__buf, size_t __size, size_t __buflen) __THROW __wur; #define getcwd(buf, size) \ (__bos (buf) != (size_t) -1 \ + && (!__builtin_constant_p (size) || (size) > __bos (buf)) \ ? __getcwd_chk (buf, size, buflen) : getcwd (buf, size)) #if defined __USE_BSD || defined __USE_XOPEN_EXTENDED diff --git a/string/bits/string3.h b/string/bits/string3.h index 8fb66e4..6c027c2 100644 --- a/string/bits/string3.h +++ b/string/bits/string3.h @@ -85,11 +85,11 @@ __mempcpy_ichk (void *__restrict __dest, const void *__restrict __src, especially problematic if the intended fill value is zero. In this case no work is done at all. We detect these problems by referring non-existing functions. */ -extern char *__memset_zero_constant_len_parameter (void *, int, size_t, - size_t); +__warndecl (__warn_memset_zero_len, + "memset used with constant zero length parameter; this could be due to transposed parameters"); #define memset(dest, ch, len) \ (__builtin_constant_p (len) && (len) == 0 \ - ? __memset_zero_constant_len_parameter (dest, ch, len, 0) \ + ? (__warn_memset_zero_len (), (void) (ch), (void) (len), (void *) (dest)) \ : ((__bos0 (dest) != (size_t) -1) \ ? __builtin___memset_chk (dest, ch, len, __bos0 (dest)) \ : __memset_ichk (dest, ch, len))) diff --git a/sysdeps/generic/memset_chk.c b/sysdeps/generic/memset_chk.c index dfdcfbc..d6206ff 100644 --- a/sysdeps/generic/memset_chk.c +++ b/sysdeps/generic/memset_chk.c @@ -90,7 +90,3 @@ __memset_chk (dstpp, c, len, dstlen) return dstpp; } -strong_alias (__memset_chk, __memset_zero_constant_len_parameter) - -link_warning (__memset_zero_constant_len_parameter, - "memset used with constant zero length parameter; this could be due to transposed parameters") diff --git a/sysdeps/i386/i686/memset_chk.S b/sysdeps/i386/i686/memset_chk.S index b71cf32..cd93d5e 100644 --- a/sysdeps/i386/i686/memset_chk.S +++ b/sysdeps/i386/i686/memset_chk.S @@ -32,8 +32,4 @@ ENTRY (__memset_chk) jb __chk_fail jmp memset END (__memset_chk) - -strong_alias (__memset_chk, __memset_zero_constant_len_parameter) - .section .gnu.warning.__memset_zero_constant_len_parameter - .string "memset used with constant zero length parameter; this could be due to transposed parameters" #endif diff --git a/sysdeps/x86_64/memset_chk.S b/sysdeps/x86_64/memset_chk.S index 063f153..c1c8c23 100644 --- a/sysdeps/x86_64/memset_chk.S +++ b/sysdeps/x86_64/memset_chk.S @@ -31,8 +31,4 @@ ENTRY (__memset_chk) jb __chk_fail jmp memset END (__memset_chk) - -strong_alias (__memset_chk, __memset_zero_constant_len_parameter) - .section .gnu.warning.__memset_zero_constant_len_parameter - .string "memset used with constant zero length parameter; this could be due to transposed parameters" #endif -- 2.7.4