FORTIFY_SOURCE: fortify strchr

Detect when strchr reads off the end of a buffer. Change-Id: I0e952eedcff5c36d646a9c3bc4e1337b959224f2
2012-11-30 15:15:58 -08:00
parent 16c61f0885
commit 049e58369c
3 changed files with 31 additions and 2 deletions
--- a/libc/include/string.h
+++ b/libc/include/string.h
@@ -224,6 +224,23 @@ size_t strlen(const char *s) {
    return __strlen_chk(s, bos);
 }

+__purefunc extern char* __strchr_real(const char *, int)
+    __asm__(__USER_LABEL_PREFIX__ "strchr");
+extern char* __strchr_chk(const char *, int, size_t);
+
+__BIONIC_FORTIFY_INLINE
+char* strchr(const char *s, int c) {
+    size_t bos = __builtin_object_size(s, 0);
+
+    // Compiler doesn't know destination size. Don't call __strchr_chk
+    if (bos == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
+        return __strchr_real(s, c);
+    }
+
+    return __strchr_chk(s, c, bos);
+}
+
+
 #endif /* defined(__BIONIC_FORTIFY_INLINE) */

 __END_DECLS