1/* 2 * Copyright (C) 2012 The Android Open Source Project 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * * Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * * Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in 12 * the documentation and/or other materials provided with the 13 * distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 16 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 17 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 18 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 19 * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 21 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 22 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 23 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 24 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 25 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29#include <string.h> 30#include <stdlib.h> 31#include "libc_logging.h" 32 33/* 34 * Runtime implementation of __strlen_chk. 35 * 36 * See 37 * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html 38 * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html 39 * for details. 40 * 41 * This strlen check is called if _FORTIFY_SOURCE is defined and 42 * greater than 0. 43 * 44 * This test is designed to detect code such as: 45 * 46 * int main() { 47 * char buf[10]; 48 * memcpy(buf, "1234567890", sizeof(buf)); 49 * size_t len = strlen(buf); // segfault here with _FORTIFY_SOURCE 50 * printf("%d\n", len); 51 * return 0; 52 * } 53 * 54 * or anytime strlen reads beyond an object boundary. 55 */ 56extern "C" size_t __strlen_chk(const char *s, size_t s_len) { 57 size_t ret = strlen(s); 58 59 if (__builtin_expect(ret >= s_len, 0)) { 60 __fortify_chk_fail("strlen read overflow", 0); 61 } 62 63 return ret; 64} 65