| c8ae8bd9418b79f4da85dc12a61ebd82146b7e51 |
|
27-Jun-2013 |
Nick Kralevich <nnk@google.com> |
stdio.h: enable vs?printf clang FORTIFY_SOURCE
Enable FORTIFY_SOURCE protections under clang for the following
functions:
* vsprintf
* vsnprintf
and add unittests.
Change-Id: I90f8a27f7b202c78b5dd8ebf53050bf9e33496f7
|
| 621b19dddbfba1cd98c01cb95ce312baa20e0e7c |
|
25-Jun-2013 |
Nick Kralevich <nnk@google.com> |
libc: enable FORTIFY_SOURCE snprintf under clang
Change-Id: I8b8059782a720104722b0841994b38f873ed02aa
|
| c6eb9854542c115fd9aa87731adcb1b5da57e8ac |
|
24-Jun-2013 |
Nick Kralevich <nnk@google.com> |
libc: enable sprintf FORTIFY_SOURCE under clang
clang doesn't support __builtin_va_arg_pack(), so we have
to use #define instead.
Change-Id: I2ee75e6267d60cdf997fee6b9b0547bf68f062a1
|
| 16d1af167f8e36a9aa4a07ae77034ad519b00463 |
|
17-Jun-2013 |
Nick Kralevich <nnk@google.com> |
libc: add limited FORTIFY_SOURCE support for clang
In 829c089f83ddee37203b52bcb294867a9ae7bdbc, we disabled all
FORTIFY_SOURCE support when compiling under clang. At the time,
we didn't have proper test cases, and couldn't easily create targeted
clang tests.
This change re-enables FORTIFY_SOURCE support under clang for a
limited set of functions, where we have explicit unittests available.
The functions are:
* memcpy
* memmove
* strcpy
* strncpy
* strcat
* strncat
* memset
* strlen (with modifications)
* strchr (with modifications)
* strrchr (with modifications)
It may be possible, in the future, to enable other functions. However,
I need to write unittests first.
For strlen, strchr, and strrchr, clang unconditionally calls the
fortified version of the relevant function. If it doesn't know the
size of the buffer it's dealing with, it passes in ((size_t) -1),
which is the largest possible size_t.
I added two new clang specific unittest files, primarily copied
from fortify?_test.cpp.
I've also rebuild the entire system with these changes, and didn't
observe any obvious problems.
Change-Id: If12a15089bb0ffe93824b485290d05b14355fcaa
|
| b24c0637d06fe0980b9e13a8d0c3e6f4dbda9cd5 |
|
18-Jun-2013 |
Nick Kralevich <nnk@google.com> |
libc: Introduce __errordecl()
Define __errordecl and replace __attribute__((__error__("foo")))
with __errordecl. Make sure __errordecl is a no-op on clang, as it
generates a compile time warning.
Change-Id: Ifa1a2d3afd6881de9d479fc2adac6737871a2949
|
| d04c18397946f87ac4495351537c31a3d67257da |
|
15-May-2013 |
Elliott Hughes <enh@google.com> |
Add more __restricts, clean up __format__ attributes.
Change-Id: I7e2d270cc722d339d221eaea92747eaff3b51403
|
| 9020fd503c9eb073f70dbc239a212f8ece19359d |
|
30-Apr-2013 |
Nick Kralevich <nnk@google.com> |
libc: upgrade some libc functions to _FORTIFY_SOURCE=2
Upgrade the following functions:
* vsnprintf
* vsprintf
* snprintf
* fgets
* strcpy
* strcat
* strncat
* strlcpy
* strlcat
* strlen
* strchr
Change-Id: Icc036fc7f0bb317e05f7c051617887a1601271aa
|
| 78d6d9888c24c50f65d694dc8283afdcb58db84c |
|
30-Apr-2013 |
Nick Kralevich <nnk@google.com> |
libc: upgrade sprintf to _FORTIFY_SOURCE=2
Upgrade sprintf to fortify_source level 2, to catch
additional security bugs.
Change-Id: Ibc957d65e4cb96152de84b3745a04e00fa22659e
|
| 890c8ed6ef773160cd6840a92e0d469fe530871f |
|
22-Mar-2013 |
Elliott Hughes <enh@google.com> |
Fix builds where _FORTIFY_SOURCE is off.
Also add a more intention-revealing guard so we don't have loads of
places checking whether our inlining macro is defined.
Change-Id: I168860cedcfc798b07a5145bc48a125700265e47
|
| 41b3179c9ef03ebb447cac7f5e8405dce399cb17 |
|
28-Jan-2013 |
Elliott Hughes <enh@google.com> |
Unit tests for formatting code, fix %%.
Also fix <signal.h> and <stdio.h> so they don't cause compiler warnings.
Change-Id: Ib1a746bf01de22d47dbd964de0e6af80a7c96303
|
| 3975cec694a0c9b42e3f7e671fcd678da92836c3 |
|
30-Nov-2012 |
Elliott Hughes <enh@google.com> |
Remove (near-)duplicate definitions of size_t and ssize_t.
The near duplicates upset fussier compilers that insist that
typedefs be exactly the same, but the fix isn't to make all
copies identical...
Change-Id: Icfdace41726f36ec33c9ae919dbb5a54d3529cc9
|
| ce45fea03ddfd8d6d1900d6777a002dec98ea1e1 |
|
23-Oct-2012 |
Elliott Hughes <enh@google.com> |
Add missing BEGIN_DECLS/END_DECLS for FORTIFY_SOURCE stdio prototypes.
Change-Id: I35ceb09fedf873c5e98e1e26efce5e4f00a17e74
|
| 7d56ccbfaac2b702e4be0f71038efb7f251ef637 |
|
02-Oct-2012 |
Elliott Hughes <enh@google.com> |
Always take GCC's definition of NULL.
There's a (bad) definition of NULL in <linux/stddef.h>, and this
definition of NULL, and the One True definition in the <stddef.h> provided
by the compiler. This change at least kills one of the bad duplicates.
Killing the <linux/stddef.h> one is harder, because it's in a generated
file.
Change-Id: Iea4ccb12d6758199f312ea9cd753b84322d5c471
|
| 0cc0d250fd3097e4c26b70cdeb5c47caac634069 |
|
02-Oct-2012 |
Elliott Hughes <enh@google.com> |
Remove useless #defines and incorrect claims from header files.
The various __need_* macros were write-only.
Change-Id: Id3cca34188e0801fdf93a038b22f2817226ad9c2
|
| 422b6ef92c1cca3cfd412621dc3db3b8609fa88c |
|
28-Sep-2012 |
Elliott Hughes <enh@google.com> |
Define ssize_t if necessary.
Change-Id: I63801cc1f09be5e4ca20a6da7ec3366ba6441afd
|
| eac9eb462ed6f7fcfb791e7a08b4011fcca47829 |
|
08-Sep-2012 |
Irina Tirdea <irina.tirdea@intel.com> |
Add getdelim(3) and getline(3) to bionic
Some userspace programs (e.g. perf) need getline.
Changes:
() add getdelim.c, getline.c from NetBSD (http://netbsd.org/) under the
NetBSD Foundation's (TNF) license ("2 clause" Berkeley-style license).
() add stub for reentrant.h header that is needed by getdelim.c
() add tests for getdelim(3) and getline(3).
() update NOTICE file.
Change-Id: I22ed82dd5904b9d7a3695535c04f502be3c27c5d
Signed-off-by: Irina Tirdea <irina.tirdea@intel.com>
|
| 829c089f83ddee37203b52bcb294867a9ae7bdbc |
|
29-Aug-2012 |
Nick Kralevich <nnk@google.com> |
disable _FORTIFY_SOURCE under clang
Clang and _FORTIFY_SOURCE are just plain incompatible with
each other. First of all, clang doesn't understand the
__attribute__((gnu_inline)) header. Second of all,
Clang doesn't have support for __builtin_va_arg_pack()
and __builtin_va_arg_pack_len() (see
http://clang.llvm.org/docs/UsersManual.html#c_unimpl_gcc)
Until we can resolve these issues, don't even try using
_FORTIFY_SOURCE under clang.
Change-Id: I81c2b8073bb3276fa9a4a6b93c427b641038356a
|
| 9b6cc223a36835c4367a036d4cfeff14d25bc742 |
|
13-Jul-2012 |
Nick Kralevich <nnk@google.com> |
FORTIFY_SOURCE: introduce __BIONIC_FORTIFY_UNKNOWN_SIZE macro
Replace all occurances of "(size_t) -1" with a
__BIONIC_FORTIFY_UNKNOWN_SIZE macro.
Change-Id: I0b188f6cf31417d2dbef0e1bd759de3f9782873a
|
| 965dbc6405aa2c3170270cfc53a8d4416444fddb |
|
03-Jul-2012 |
Nick Kralevich <nnk@google.com> |
FORTIFY_SOURCE: add fgets support.
Change-Id: I8c3410a90c71a3336c4ac8581618fa9330edf5e3
|
| 9b549c39c938f54680f282c21e6885f53254bfb0 |
|
13-Jun-2012 |
Nick Kralevich <nnk@google.com> |
FORTIFY_SOURCE: add sprintf / vsprintf support
sprintf FORTIFY_SOURCE protections are not available
on clang.
Also add various __attribute__s to stdio functions.
Change-Id: I936d1f9e55fe53a68885c4524b7b59e68fed218d
|
| cffdf6693ffb50d2a1258d955a162bca83038f25 |
|
12-Jun-2012 |
Nick Kralevich <nnk@google.com> |
FORTIFY_SOURCE: add snprintf, vsnprintf
Add _FORTIFY_SOURCE support for snprintf, vsnprintf
At this time, we opt out of these protections for clang, as clang
does not implement __builtin_va_arg_pack().
http://clang.llvm.org/docs/UsersManual.html#c_unimpl_gcc
Change-Id: I73ebe5ec8dad1dca8898a76d6afb693a25f75375
|
| f39a3fe67d7f1faa21a39ea8e1f57a6596c8cadb |
|
09-Feb-2012 |
Glenn Kasten <gkasten@google.com> |
Allow C++ to call fdprintf
Change-Id: I1adb7b165ab9f62eaee4e7a9108e8b461350b347
|
| f582340a6a48588aa50da17e1620e8f91b146941 |
|
12-Feb-2011 |
Kenny Root <kroot@google.com> |
Fix the handle locking in stdio
Fix the handle locking in stdio to use flockfile/funlockfile
internally when and where required. Macros in <stdio.h> are updated
to automatically call the underlying functions when the process is
threaded to obtain the necessary locking. A private mutex is added
to protect __sglue, the internal list of FILE handles, and another
to protect the one-time initialization. Some routines in libc that
use getc() change to use getc_unlocked() as they're either protected
by their own lock or aren't thread-safe routines anyway.
Based on OpenBSD change by guenther@openbsd.org
http://www.mail-archive.com/source-changes@cvs.openbsd.org/msg01015.html
Bug: 3446659
Change-Id: Ie82116e358c541718d6709ec45ca6796be5a007b
|
| bb5581ad6eec40041dab4e961149f7a8a3a83497 |
|
09-Oct-2010 |
David 'Digit' Turner <digit@google.com> |
libc: tag missing functions in system headers.
This matches recent changes in the NDK header.
We enclose missing functions in #if 0 .. #endif blocks
with a clear "MISSING" in comments in order to locate
them later.
Change-Id: I87b3a62e777897e75c9243360fb0a82bcc53d9fb
|
| 50ace4fec5e8cb5afcbc656a4556fa528adfd760 |
|
17-Jun-2010 |
David 'Digit' Turner <digit@google.com> |
Remove compiler warnings when building Bionic.
Also add missing declarations to misc. functions.
Fix clearerr() implementation (previous was broken).
Handle feature test macros like _POSIX_C_SOURCE properly.
Change-Id: Icdc973a6b9d550a166fc2545f727ea837fe800c4
|
| fc10b24accd082fb33c8f92ff8b92481c22fe3dc |
|
14-Jan-2010 |
Colin Cross <ccross@android.com> |
Add implementation of fdprintf, clearenv, and stubs for ttyname_r, *usershell
Change-Id: I5fe7e8b6ee5edbb49e707c3b6737a58563781fa3
|
| c1202510b67f200b668d85ac0190db2b179b0c4d |
|
25-Nov-2009 |
Andy McFadden <fadden@android.com> |
Added a comment.
The structs for stdin/stdout/stderr are formed with a static initializer
that needs to be updated if something in FILE is changed.
|
| 1dc9e472e19acfe6dc7f41e429236e7eef7ceda1 |
|
04-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //depot/cupcake/@135843
|
| 1767f908af327fa388b1c66883760ad851267013 |
|
04-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //depot/cupcake/@135843
|
| e5cc1f386b167b9f7bfdebc7219e89aa9b71e4b2 |
|
16-Jan-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //branches/cupcake/...@126645
|
| 4e468ed2eb86a2406e14f1eca82072ee501d05fd |
|
18-Dec-2008 |
The Android Open Source Project <initial-contribution@android.com> |
Code drop from //branches/cupcake/...@124589
|
| a27d2baa0c1a2ec70f47ea9199b1dd6762c8a349 |
|
21-Oct-2008 |
The Android Open Source Project <initial-contribution@android.com> |
Initial Contribution
|