Merge "Added actual event logging calls to the FORTIFY_SOURCE methods."
This commit is contained in:
commit
fd49579f3a
@ -30,6 +30,21 @@
|
||||
|
||||
#include <stdarg.h>
|
||||
|
||||
#define BIONIC_EVENT_MEMCPY_BUFFER_OVERFLOW 80100
|
||||
#define BIONIC_EVENT_STRCAT_BUFFER_OVERFLOW 80105
|
||||
#define BIONIC_EVENT_MEMMOVE_BUFFER_OVERFLOW 80110
|
||||
#define BIONIC_EVENT_STRNCAT_BUFFER_OVERFLOW 80115
|
||||
#define BIONIC_EVENT_STRNCPY_BUFFER_OVERFLOW 80120
|
||||
#define BIONIC_EVENT_MEMSET_BUFFER_OVERFLOW 80125
|
||||
#define BIONIC_EVENT_STRCPY_BUFFER_OVERFLOW 80130
|
||||
|
||||
#define BIONIC_EVENT_STRCAT_INTEGER_OVERFLOW 80200
|
||||
#define BIONIC_EVENT_STRNCAT_INTEGER_OVERFLOW 80205
|
||||
|
||||
#define BIONIC_EVENT_RESOLVER_OLD_RESPONSE 80300
|
||||
#define BIONIC_EVENT_RESOLVER_WRONG_SERVER 80305
|
||||
#define BIONIC_EVENT_RESOLVER_WRONG_QUERY 80310
|
||||
|
||||
enum {
|
||||
ANDROID_LOG_UNKNOWN = 0,
|
||||
ANDROID_LOG_DEFAULT, /* only for SetMinPriority() */
|
||||
|
@ -47,6 +47,7 @@ void *__memcpy_chk (void *dest, const void *src,
|
||||
if (len > dest_len) {
|
||||
__libc_android_log_print(ANDROID_LOG_FATAL, "libc",
|
||||
"*** memcpy buffer overflow detected ***\n");
|
||||
__libc_android_log_event_uid(BIONIC_EVENT_MEMCPY_BUFFER_OVERFLOW);
|
||||
abort();
|
||||
}
|
||||
|
||||
|
@ -47,6 +47,7 @@ void *__memmove_chk (void *dest, const void *src,
|
||||
if (len > dest_len) {
|
||||
__libc_android_log_print(ANDROID_LOG_FATAL, "libc",
|
||||
"*** memmove buffer overflow detected ***\n");
|
||||
__libc_android_log_event_uid(BIONIC_EVENT_MEMMOVE_BUFFER_OVERFLOW);
|
||||
abort();
|
||||
}
|
||||
|
||||
|
@ -46,6 +46,7 @@ void *__memset_chk (void *dest, int c, size_t n, size_t dest_len)
|
||||
if (n > dest_len) {
|
||||
__libc_android_log_print(ANDROID_LOG_FATAL, "libc",
|
||||
"*** memset buffer overflow detected ***\n");
|
||||
__libc_android_log_event_uid(BIONIC_EVENT_MEMSET_BUFFER_OVERFLOW);
|
||||
abort();
|
||||
}
|
||||
|
||||
|
@ -50,11 +50,17 @@ char *__strcat_chk (char *dest, const char *src, size_t dest_buf_size)
|
||||
size_t sum;
|
||||
|
||||
// sum = src_len + dest_len + 1 (with overflow protection)
|
||||
if (!safe_add3(&sum, src_len, dest_len, 1U)) abort();
|
||||
if (!safe_add3(&sum, src_len, dest_len, 1U)) {
|
||||
__libc_android_log_print(ANDROID_LOG_FATAL, "libc",
|
||||
"*** strcat integer overflow detected ***\n");
|
||||
__libc_android_log_event_uid(BIONIC_EVENT_STRCAT_INTEGER_OVERFLOW);
|
||||
abort();
|
||||
}
|
||||
|
||||
if (sum > dest_buf_size) {
|
||||
__libc_android_log_print(ANDROID_LOG_FATAL, "libc",
|
||||
"*** strcat buffer overflow detected ***\n");
|
||||
__libc_android_log_event_uid(BIONIC_EVENT_STRNCAT_BUFFER_OVERFLOW);
|
||||
abort();
|
||||
}
|
||||
|
||||
|
@ -48,6 +48,7 @@ char *__strcpy_chk (char *dest, const char *src, size_t dest_len)
|
||||
if (src_len > dest_len) {
|
||||
__libc_android_log_print(ANDROID_LOG_FATAL, "libc",
|
||||
"*** strcpy buffer overflow detected ***\n");
|
||||
__libc_android_log_event_uid(BIONIC_EVENT_STRCPY_BUFFER_OVERFLOW);
|
||||
abort();
|
||||
}
|
||||
|
||||
|
@ -54,11 +54,17 @@ char *__strncat_chk (char *dest, const char *src,
|
||||
|
||||
size_t sum;
|
||||
// sum = src_len + dest_len + 1 (with overflow protection)
|
||||
if (!safe_add3(&sum, src_len, dest_len, 1U)) abort();
|
||||
if (!safe_add3(&sum, src_len, dest_len, 1U)) {
|
||||
__libc_android_log_print(ANDROID_LOG_FATAL, "libc",
|
||||
"*** strncat integer overflow detected ***\n");
|
||||
__libc_android_log_event_uid(BIONIC_EVENT_STRNCAT_INTEGER_OVERFLOW);
|
||||
abort();
|
||||
}
|
||||
|
||||
if (sum > dest_buf_size) {
|
||||
__libc_android_log_print(ANDROID_LOG_FATAL, "libc",
|
||||
"*** strncat buffer overflow detected ***\n");
|
||||
__libc_android_log_event_uid(BIONIC_EVENT_STRNCAT_BUFFER_OVERFLOW);
|
||||
abort();
|
||||
}
|
||||
|
||||
|
@ -47,6 +47,7 @@ char *__strncpy_chk (char *dest, const char *src,
|
||||
if (len > dest_len) {
|
||||
__libc_android_log_print(ANDROID_LOG_FATAL, "libc",
|
||||
"*** strncpy buffer overflow detected ***\n");
|
||||
__libc_android_log_event_uid(BIONIC_EVENT_STRNCPY_BUFFER_OVERFLOW);
|
||||
abort();
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user