generic-library/bionic
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge "FORTIFY_SOURCE: revert memcpy changes."

Browse Source
This commit is contained in:
Nick Kralevich 2012-07-16 08:24:32 -07:00 committed by android code review
commit b0f0d4276d
2 changed files with 4 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
libc/include/string.h
View File

@ -93,10 +93,6 @@ extern void __memcpy_src_size_error()
__attribute__((__error__("memcpy called with size bigger than source"))); __attribute__((__error__("memcpy called with size bigger than source")));
extern void __memcpy_overlap_error() extern void __memcpy_overlap_error()
__attribute__((__error__("memcpy called with overlapping regions"))); __attribute__((__error__("memcpy called with overlapping regions")));
extern void *__memcpy_real(void *, const void *, size_t)
__asm__(__USER_LABEL_PREFIX__ "memcpy");
extern void *__memcpy_chk2(void *, const void *, size_t, size_t, size_t);
__BIONIC_FORTIFY_INLINE __BIONIC_FORTIFY_INLINE
void *memcpy (void *dest, const void *src, size_t copy_amount) { void *memcpy (void *dest, const void *src, size_t copy_amount) {
@ -118,11 +114,7 @@ void *memcpy (void *dest, const void *src, size_t copy_amount) {
__memcpy_overlap_error(); __memcpy_overlap_error();
} }
if (__builtin_constant_p(copy_amount) && __builtin_constant_p(d - s)) { return __builtin___memcpy_chk(dest, src, copy_amount, d_len);
return __memcpy_real(dest, src, copy_amount);
}
return __memcpy_chk2(dest, src, copy_amount, d_len, s_len);
} }
__BIONIC_FORTIFY_INLINE __BIONIC_FORTIFY_INLINE

32
libc/string/__memcpy_chk.c
View File

@ -32,7 +32,7 @@
#include <private/logd.h> #include <private/logd.h>
/* /*
* Runtime implementation of __memcpy_chk2. * Runtime implementation of __memcpy_chk.
* *
* See * See
* http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
@ -42,12 +42,9 @@
* This memcpy check is called if _FORTIFY_SOURCE is defined and * This memcpy check is called if _FORTIFY_SOURCE is defined and
* greater than 0. * greater than 0.
*/ */
void *__memcpy_chk2(void *dest, const void *src, void *__memcpy_chk(void *dest, const void *src,
size_t copy_amount, size_t dest_len, size_t src_len) size_t copy_amount, size_t dest_len)
{ {
char *d = (char *) dest;
const char *s = (const char *) src;
if (__builtin_expect(copy_amount > dest_len, 0)) { if (__builtin_expect(copy_amount > dest_len, 0)) {
__libc_android_log_print(ANDROID_LOG_FATAL, "libc", __libc_android_log_print(ANDROID_LOG_FATAL, "libc",
"*** memcpy buffer overflow detected ***\n"); "*** memcpy buffer overflow detected ***\n");
@ -55,28 +52,5 @@ void *__memcpy_chk2(void *dest, const void *src,
abort(); abort();
} }
if (__builtin_expect(copy_amount > src_len, 0)) {
__libc_android_log_print(ANDROID_LOG_FATAL, "libc",
"*** memcpy read overflow detected ***\n");
abort();
}
if (__builtin_expect(((d <= s) && ((size_t)(s - d) < copy_amount))
|| ((d >= s) && ((size_t)(d - s) < copy_amount)), 0)) {
__libc_android_log_print(ANDROID_LOG_FATAL, "libc",
"*** memcpy memory overlap detected ***\n");
abort();
}
return memcpy(dest, src, copy_amount); return memcpy(dest, src, copy_amount);
} }
/*
* GCC can create references to __memcpy_chk when using
* __builtin__memmove_chk().
*/
void *__memcpy_chk(void *dest, const void *src,
size_t copy_amount, size_t dest_len)
{
return __memcpy_chk2(dest, src, copy_amount, dest_len, (size_t) -1);
}