From 0c47b9c211ede221629914ae0c5553586e772109 Mon Sep 17 00:00:00 2001 From: Kyle Evans Date: Tue, 16 Jul 2024 00:12:28 -0500 Subject: [PATCH] include: ssp: don't shadow the mempcpy builtin GCC emits a warning about shadowing a builtin with our mempcpy declaration, so switch it to using the same model as memcpy() and use the apparently-existing __builtin___mempcpy_chk(). Reviewed by: kib (earlier version), markj Sponsored by: Klara, Inc. Sponsored by: Stormshield Differential Revision: https://reviews.freebsd.org/D45976 --- include/ssp/string.h | 16 ++---------- include/string.h | 2 +- lib/libc/secure/Makefile.inc | 2 +- lib/libc/secure/Symbol.map | 1 + lib/libc/secure/mempcpy_chk.c | 49 +++++++++++++++++++++++++++++++++++ lib/libc/string/mempcpy.c | 2 +- 6 files changed, 55 insertions(+), 17 deletions(-) create mode 100644 lib/libc/secure/mempcpy_chk.c diff --git a/include/ssp/string.h b/include/ssp/string.h index b9f2dceb1df5..9f24254d9c01 100644 --- a/include/ssp/string.h +++ b/include/ssp/string.h @@ -106,6 +106,7 @@ __ ## fun ## _ichk(type1 __restrict dst, type2 __restrict src) { \ __BEGIN_DECLS __ssp_bos_icheck3_restrict(memcpy, void *, const void *) +__ssp_bos_icheck3_restrict(mempcpy, void *, const void *) __ssp_bos_icheck3(memmove, void *, const void *) __ssp_bos_icheck3(memset, void *, int) __ssp_bos_icheck2_restrict(stpcpy, char *, const char *) @@ -116,23 +117,10 @@ __ssp_redirect0(int, strerror_r, (int __errnum, char *__buf, size_t __len), (__errnum, __buf, __len)); __ssp_bos_icheck3_restrict(strncpy, char *, const char *) __ssp_bos_icheck3_restrict(strncat, char *, const char *) - -__ssp_redirect_raw_impl(void *, mempcpy, mempcpy, - (void *__restrict buf, const void *__restrict src, size_t len)) -{ - const size_t slen = __ssp_bos(buf); - - if (len > slen) - __chk_fail(); - - if (__ssp_overlap(src, buf, len)) - __chk_fail(); - - return (__ssp_real(mempcpy)(buf, src, len)); -} __END_DECLS #define memcpy(dst, src, len) __ssp_bos_check3(memcpy, dst, src, len) +#define mempcpy(dst, src, len) __ssp_bos_check3(mempcpy, dst, src, len) #define memmove(dst, src, len) __ssp_bos_check3(memmove, dst, src, len) #define memset(dst, val, len) \ __ssp_bos_check3_typed(memset, void *, dst, int, val, len) diff --git a/include/string.h b/include/string.h index c9d3e1add1a1..d9adcf4e0e41 100644 --- a/include/string.h +++ b/include/string.h @@ -68,7 +68,7 @@ void *memmem(const void *, size_t, const void *, size_t) __pure; #endif void *(memmove)(void *, const void *, size_t); #if __BSD_VISIBLE -void *mempcpy(void * __restrict, const void * __restrict, size_t); +void *(mempcpy)(void * __restrict, const void * __restrict, size_t); #endif void *(memset)(void *, int, size_t); #if __POSIX_VISIBLE >= 200809 diff --git a/lib/libc/secure/Makefile.inc b/lib/libc/secure/Makefile.inc index 5d10612e67a8..e5286a5a380f 100644 --- a/lib/libc/secure/Makefile.inc +++ b/lib/libc/secure/Makefile.inc @@ -4,7 +4,7 @@ .PATH: ${LIBC_SRCTOP}/secure # _FORTIFY_SOURCE -SRCS+= fgets_chk.c memcpy_chk.c memmove_chk.c memset_chk.c \ +SRCS+= fgets_chk.c memcpy_chk.c memmove_chk.c mempcpy_chk.c memset_chk.c \ snprintf_chk.c sprintf_chk.c stpcpy_chk.c stpncpy_chk.c \ strcat_chk.c strcpy_chk.c strlcat_chk.c strncat_chk.c strlcpy_chk.c \ strncpy_chk.c vsnprintf_chk.c vsprintf_chk.c diff --git a/lib/libc/secure/Symbol.map b/lib/libc/secure/Symbol.map index 1f12fe059367..df0a2d1ac93d 100644 --- a/lib/libc/secure/Symbol.map +++ b/lib/libc/secure/Symbol.map @@ -8,6 +8,7 @@ FBSD_1.8 { __fgets_chk; __memcpy_chk; __memmove_chk; + __mempcpy_chk; __memset_chk; __snprintf_chk; __sprintf_chk; diff --git a/lib/libc/secure/mempcpy_chk.c b/lib/libc/secure/mempcpy_chk.c new file mode 100644 index 000000000000..ca4ae150bc94 --- /dev/null +++ b/lib/libc/secure/mempcpy_chk.c @@ -0,0 +1,49 @@ +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include + +#include +#undef mempcpy + +void * +__mempcpy_chk(void * __restrict dst, const void * __restrict src, size_t len, + size_t slen) +{ + if (len > slen) + __chk_fail(); + + if (__ssp_overlap(src, dst, len)) + __chk_fail(); + + return (mempcpy(dst, src, len)); +} diff --git a/lib/libc/string/mempcpy.c b/lib/libc/string/mempcpy.c index 86e44cdebb85..4ea0af87aef1 100644 --- a/lib/libc/string/mempcpy.c +++ b/lib/libc/string/mempcpy.c @@ -32,7 +32,7 @@ #include void * -__ssp_real(mempcpy)(void *__restrict dst, const void *__restrict src, +(mempcpy)(void *__restrict dst, const void *__restrict src, size_t len) { return ((char *)memcpy(dst, src, len) + len);