Merge "Added actual event logging calls to the FORTIFY_SOURCE methods."

This commit is contained in:
Geremy Condra 2012-06-11 11:50:03 -07:00 committed by Android (Google) Code Review
commit fd49579f3a
8 changed files with 34 additions and 2 deletions

View File

@ -30,6 +30,21 @@
#include <stdarg.h>
#define BIONIC_EVENT_MEMCPY_BUFFER_OVERFLOW 80100
#define BIONIC_EVENT_STRCAT_BUFFER_OVERFLOW 80105
#define BIONIC_EVENT_MEMMOVE_BUFFER_OVERFLOW 80110
#define BIONIC_EVENT_STRNCAT_BUFFER_OVERFLOW 80115
#define BIONIC_EVENT_STRNCPY_BUFFER_OVERFLOW 80120
#define BIONIC_EVENT_MEMSET_BUFFER_OVERFLOW 80125
#define BIONIC_EVENT_STRCPY_BUFFER_OVERFLOW 80130
#define BIONIC_EVENT_STRCAT_INTEGER_OVERFLOW 80200
#define BIONIC_EVENT_STRNCAT_INTEGER_OVERFLOW 80205
#define BIONIC_EVENT_RESOLVER_OLD_RESPONSE 80300
#define BIONIC_EVENT_RESOLVER_WRONG_SERVER 80305
#define BIONIC_EVENT_RESOLVER_WRONG_QUERY 80310
enum {
ANDROID_LOG_UNKNOWN = 0,
ANDROID_LOG_DEFAULT, /* only for SetMinPriority() */

View File

@ -47,6 +47,7 @@ void *__memcpy_chk (void *dest, const void *src,
if (len > dest_len) {
__libc_android_log_print(ANDROID_LOG_FATAL, "libc",
"*** memcpy buffer overflow detected ***\n");
__libc_android_log_event_uid(BIONIC_EVENT_MEMCPY_BUFFER_OVERFLOW);
abort();
}

View File

@ -47,6 +47,7 @@ void *__memmove_chk (void *dest, const void *src,
if (len > dest_len) {
__libc_android_log_print(ANDROID_LOG_FATAL, "libc",
"*** memmove buffer overflow detected ***\n");
__libc_android_log_event_uid(BIONIC_EVENT_MEMMOVE_BUFFER_OVERFLOW);
abort();
}

View File

@ -46,6 +46,7 @@ void *__memset_chk (void *dest, int c, size_t n, size_t dest_len)
if (n > dest_len) {
__libc_android_log_print(ANDROID_LOG_FATAL, "libc",
"*** memset buffer overflow detected ***\n");
__libc_android_log_event_uid(BIONIC_EVENT_MEMSET_BUFFER_OVERFLOW);
abort();
}

View File

@ -50,11 +50,17 @@ char *__strcat_chk (char *dest, const char *src, size_t dest_buf_size)
size_t sum;
// sum = src_len + dest_len + 1 (with overflow protection)
if (!safe_add3(&sum, src_len, dest_len, 1U)) abort();
if (!safe_add3(&sum, src_len, dest_len, 1U)) {
__libc_android_log_print(ANDROID_LOG_FATAL, "libc",
"*** strcat integer overflow detected ***\n");
__libc_android_log_event_uid(BIONIC_EVENT_STRCAT_INTEGER_OVERFLOW);
abort();
}
if (sum > dest_buf_size) {
__libc_android_log_print(ANDROID_LOG_FATAL, "libc",
"*** strcat buffer overflow detected ***\n");
__libc_android_log_event_uid(BIONIC_EVENT_STRNCAT_BUFFER_OVERFLOW);
abort();
}

View File

@ -48,6 +48,7 @@ char *__strcpy_chk (char *dest, const char *src, size_t dest_len)
if (src_len > dest_len) {
__libc_android_log_print(ANDROID_LOG_FATAL, "libc",
"*** strcpy buffer overflow detected ***\n");
__libc_android_log_event_uid(BIONIC_EVENT_STRCPY_BUFFER_OVERFLOW);
abort();
}

View File

@ -54,11 +54,17 @@ char *__strncat_chk (char *dest, const char *src,
size_t sum;
// sum = src_len + dest_len + 1 (with overflow protection)
if (!safe_add3(&sum, src_len, dest_len, 1U)) abort();
if (!safe_add3(&sum, src_len, dest_len, 1U)) {
__libc_android_log_print(ANDROID_LOG_FATAL, "libc",
"*** strncat integer overflow detected ***\n");
__libc_android_log_event_uid(BIONIC_EVENT_STRNCAT_INTEGER_OVERFLOW);
abort();
}
if (sum > dest_buf_size) {
__libc_android_log_print(ANDROID_LOG_FATAL, "libc",
"*** strncat buffer overflow detected ***\n");
__libc_android_log_event_uid(BIONIC_EVENT_STRNCAT_BUFFER_OVERFLOW);
abort();
}

View File

@ -47,6 +47,7 @@ char *__strncpy_chk (char *dest, const char *src,
if (len > dest_len) {
__libc_android_log_print(ANDROID_LOG_FATAL, "libc",
"*** strncpy buffer overflow detected ***\n");
__libc_android_log_event_uid(BIONIC_EVENT_STRNCPY_BUFFER_OVERFLOW);
abort();
}