bionic

generic-library/bionic

Fork 0

Commit Graph

Author	SHA1	Message	Date
Nick Kralevich	260bf8cfe0	FORTIFY_SOURCE: strlen check. This test is designed to detect code such as: int main() { char buf[10]; memcpy(buf, "1234567890", sizeof(buf)); size_t len = strlen(buf); // segfault here with _FORTIFY_SOURCE printf("%d\n", len); return 0; } or anytime strlen reads beyond an object boundary. This should help address memory leakage vulnerabilities and make other unrelated vulnerabilities harder to exploit. Change-Id: I354b425be7bef4713c85f6bab0e9738445e00182	2012-07-13 13:49:59 -07:00

Author

SHA1

Message

Date

Nick Kralevich

260bf8cfe0

FORTIFY_SOURCE: strlen check.

This test is designed to detect code such as:

int main() {
  char buf[10];
  memcpy(buf, "1234567890", sizeof(buf));
  size_t len = strlen(buf); // segfault here with _FORTIFY_SOURCE
  printf("%d\n", len);
  return 0;
}

or anytime strlen reads beyond an object boundary. This should
help address memory leakage vulnerabilities and make other
unrelated vulnerabilities harder to exploit.

Change-Id: I354b425be7bef4713c85f6bab0e9738445e00182

2012-07-13 13:49:59 -07:00

1 Commits