about summary refs log tree commit diff
path: root/debug
diff options
context:
space:
mode:
Diffstat (limited to 'debug')
-rw-r--r--debug/Makefile10
-rw-r--r--debug/Versions4
-rw-r--r--debug/asprintf_chk.c38
-rw-r--r--debug/dprintf_chk.c37
-rw-r--r--debug/obprintf_chk.c117
-rw-r--r--debug/tst-chk1.c36
-rw-r--r--debug/vasprintf_chk.c97
-rw-r--r--debug/vdprintf_chk.c69
8 files changed, 405 insertions, 3 deletions
diff --git a/debug/Makefile b/debug/Makefile
index a2c28f9737..ece7ee6bd7 100644
--- a/debug/Makefile
+++ b/debug/Makefile
@@ -1,4 +1,4 @@
-# Copyright (C) 1998-2001,2004,2005,2006,2007 Free Software Foundation, Inc.
+# Copyright (C) 1998-2001,2004-2008 Free Software Foundation, Inc.
 # This file is part of the GNU C Library.
 
 # The GNU C Library is free software; you can redistribute it and/or
@@ -41,7 +41,8 @@ routines  = backtrace backtracesyms backtracesymsfd noophooks \
 	    confstr_chk getgroups_chk ttyname_r_chk getlogin_r_chk \
 	    gethostname_chk getdomainname_chk wcrtomb_chk mbsnrtowcs_chk \
 	    wcsnrtombs_chk mbsrtowcs_chk wcsrtombs_chk mbstowcs_chk \
-	    wcstombs_chk \
+	    wcstombs_chk asprintf_chk vasprintf_chk dprintf_chk \
+	    vdprintf_chk obprintf_chk \
 	    stack_chk_fail fortify_fail \
 	    $(static-only-routines)
 static-only-routines := warning-nop stack_chk_fail_local
@@ -51,6 +52,11 @@ CFLAGS-sprintf_chk.c = -D_IO_MTSAFE_IO
 CFLAGS-snprintf_chk.c = -D_IO_MTSAFE_IO
 CFLAGS-vsprintf_chk.c = -D_IO_MTSAFE_IO
 CFLAGS-vsnprintf_chk.c = -D_IO_MTSAFE_IO
+CFLAGS-asprintf_chk.c = -D_IO_MTSAFE_IO
+CFLAGS-vasprintf_chk.c = -D_IO_MTSAFE_IO
+CFLAGS-obprintf_chk.c = -D_IO_MTSAFE_IO
+CFLAGS-dprintf_chk.c = -D_IO_MTSAFE_IO $(exceptions)
+CFLAGS-vdprintf_chk.c = -D_IO_MTSAFE_IO $(exceptions)
 CFLAGS-printf_chk.c = -D_IO_MTSAFE_IO $(exceptions)
 CFLAGS-fprintf_chk.c = -D_IO_MTSAFE_IO $(exceptions)
 CFLAGS-vprintf_chk.c = -D_IO_MTSAFE_IO $(exceptions)
diff --git a/debug/Versions b/debug/Versions
index e467cc0602..ef6b08b7b3 100644
--- a/debug/Versions
+++ b/debug/Versions
@@ -42,6 +42,10 @@ libc {
   GLIBC_2.7 {
     __fread_chk; __fread_unlocked_chk;
   }
+  GLIBC_2.8 {
+    __asprintf_chk; __vasprintf_chk;  __dprintf_chk; __vdprintf_chk;
+    __obstack_printf_chk; __obstack_vprintf_chk;
+  }
   GLIBC_PRIVATE {
     __fortify_fail;
   }
diff --git a/debug/asprintf_chk.c b/debug/asprintf_chk.c
new file mode 100644
index 0000000000..fd943c851b
--- /dev/null
+++ b/debug/asprintf_chk.c
@@ -0,0 +1,38 @@
+/* Copyright (C) 1991, 1995, 1997, 1998, 2004, 2006, 2008
+   Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, write to the Free
+   Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+   02111-1307 USA.  */
+
+#include <libioP.h>
+#include <stdarg.h>
+#include <stdio.h>
+
+
+/* Write formatted output from FORMAT to a string which is
+   allocated with malloc and stored in *STRING_PTR.  */
+int
+__asprintf_chk (char **result_ptr, int flags, const char *format, ...)
+{
+  va_list arg;
+  int done;
+
+  va_start (arg, format);
+  done = __vasprintf_chk (result_ptr, flags, format, arg);
+  va_end (arg);
+
+  return done;
+}
diff --git a/debug/dprintf_chk.c b/debug/dprintf_chk.c
new file mode 100644
index 0000000000..d9e6705db0
--- /dev/null
+++ b/debug/dprintf_chk.c
@@ -0,0 +1,37 @@
+/* Copyright (C) 1991, 1995, 1997, 1998, 2004, 2006, 2008
+   Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, write to the Free
+   Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+   02111-1307 USA.  */
+
+#include <libioP.h>
+#include <stdarg.h>
+#include <stdio.h>
+
+
+/* Write formatted output to D, according to the format string FORMAT.  */
+int
+__dprintf_chk (int d, int flags, const char *format, ...)
+{
+  va_list arg;
+  int done;
+
+  va_start (arg, format);
+  done = __vdprintf_chk (d, flags, format, arg);
+  va_end (arg);
+
+  return done;
+}
diff --git a/debug/obprintf_chk.c b/debug/obprintf_chk.c
new file mode 100644
index 0000000000..8e7014f394
--- /dev/null
+++ b/debug/obprintf_chk.c
@@ -0,0 +1,117 @@
+/* Print output of stream to given obstack.
+   Copyright (C) 1996,1997,1999,2000,2001,2002,2003,2004,2005,2006,2008
+	Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+   Contributed by Ulrich Drepper <drepper@cygnus.com>, 1996.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, write to the Free
+   Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+   02111-1307 USA.  */
+
+
+#include <stdlib.h>
+#include <libioP.h>
+#include "../libio/strfile.h"
+#include <assert.h>
+#include <string.h>
+#include <errno.h>
+#include <obstack.h>
+#include <stdarg.h>
+#include <stdio_ext.h>
+
+
+struct _IO_obstack_file
+{
+  struct _IO_FILE_plus file;
+  struct obstack *obstack;
+};
+
+extern const struct _IO_jump_t _IO_obstack_jumps attribute_hidden;
+
+int
+__obstack_vprintf_chk (struct obstack *obstack, int flags, const char *format,
+		       va_list args)
+{
+  struct obstack_FILE
+    {
+      struct _IO_obstack_file ofile;
+    } new_f;
+  int result;
+  int size;
+  int room;
+
+#ifdef _IO_MTSAFE_IO
+  new_f.ofile.file.file._lock = NULL;
+#endif
+
+  _IO_no_init (&new_f.ofile.file.file, _IO_USER_LOCK, -1, NULL, NULL);
+  _IO_JUMPS (&new_f.ofile.file) = &_IO_obstack_jumps;
+  room = obstack_room (obstack);
+  size = obstack_object_size (obstack) + room;
+  if (size == 0)
+    {
+      /* We have to handle the allocation a bit different since the
+	 `_IO_str_init_static' function would handle a size of zero
+	 different from what we expect.  */
+
+      /* Get more memory.  */
+      obstack_make_room (obstack, 64);
+
+      /* Recompute how much room we have.  */
+      room = obstack_room (obstack);
+      size = room;
+
+      assert (size != 0);
+    }
+
+  _IO_str_init_static_internal ((struct _IO_strfile_ *) &new_f.ofile,
+				obstack_base (obstack),
+				size, obstack_next_free (obstack));
+  /* Now allocate the rest of the current chunk.  */
+  assert (size == (new_f.ofile.file.file._IO_write_end
+		   - new_f.ofile.file.file._IO_write_base));
+  assert (new_f.ofile.file.file._IO_write_ptr
+	  == (new_f.ofile.file.file._IO_write_base
+	      + obstack_object_size (obstack)));
+  obstack_blank_fast (obstack, room);
+
+  new_f.ofile.obstack = obstack;
+
+  /* For flags > 0 (i.e. __USE_FORTIFY_LEVEL > 1) request that %n
+     can only come from read-only format strings.  */
+  if (flags > 0)
+    new_f.ofile.file.file._flags2 |= _IO_FLAGS2_FORTIFY;
+
+  result = INTUSE(_IO_vfprintf) (&new_f.ofile.file.file, format, args);
+
+  /* Shrink the buffer to the space we really currently need.  */
+  obstack_blank_fast (obstack, (new_f.ofile.file.file._IO_write_ptr
+				- new_f.ofile.file.file._IO_write_end));
+
+  return result;
+}
+libc_hidden_def (__obstack_vprintf_chk)
+
+
+int
+__obstack_printf_chk (struct obstack *obstack, int flags, const char *format,
+		      ...)
+{
+  int result;
+  va_list ap;
+  va_start (ap, format);
+  result = __obstack_vprintf_chk (obstack, flags, format, ap);
+  va_end (ap);
+  return result;
+}
diff --git a/debug/tst-chk1.c b/debug/tst-chk1.c
index 487b071026..e03f3dba6d 100644
--- a/debug/tst-chk1.c
+++ b/debug/tst-chk1.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 2004, 2005, 2006, 2007 Free Software Foundation, Inc.
+/* Copyright (C) 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Contributed by Jakub Jelinek <jakub@redhat.com>, 2004.
 
@@ -20,6 +20,7 @@
 #include <assert.h>
 #include <fcntl.h>
 #include <locale.h>
+#include <obstack.h>
 #include <paths.h>
 #include <setjmp.h>
 #include <signal.h>
@@ -31,6 +32,9 @@
 #include <sys/socket.h>
 #include <sys/un.h>
 
+#define obstack_chunk_alloc malloc
+#define obstack_chunk_free free
+
 char *temp_filename;
 static void do_prepare (void);
 static int do_test (void);
@@ -705,6 +709,36 @@ do_test (void)
   if (fprintf (fp, buf2 + 4, str5) != 7)
     FAIL ();
 
+  char *my_ptr = NULL;
+  strcpy (buf2 + 2, "%n%s%n");
+  /* When the format string is writable and contains %n,
+     with -D_FORTIFY_SOURCE=2 it causes __chk_fail.  */
+  CHK_FAIL2_START
+  if (asprintf (&my_ptr, buf2, str4, &n1, str5, &n1) != 14)
+    FAIL ();
+  else
+    free (my_ptr);
+  CHK_FAIL2_END
+
+  struct obstack obs;
+  obstack_init (&obs);
+  CHK_FAIL2_START
+  if (obstack_printf (&obs, buf2, str4, &n1, str5, &n1) != 14)
+    FAIL ();
+  CHK_FAIL2_END
+  obstack_free (&obs, NULL);
+
+  my_ptr = NULL;
+  if (asprintf (&my_ptr, "%s%n%s%n", str4, &n1, str5, &n1) != 14)
+    FAIL ();
+  else
+    free (my_ptr);
+
+  obstack_init (&obs);
+  if (obstack_printf (&obs, "%s%n%s%n", str4, &n1, str5, &n1) != 14)
+    FAIL ();
+  obstack_free (&obs, NULL);
+
   if (freopen (temp_filename, "r", stdin) == NULL)
     {
       puts ("could not open temporary file");
diff --git a/debug/vasprintf_chk.c b/debug/vasprintf_chk.c
new file mode 100644
index 0000000000..6105516d59
--- /dev/null
+++ b/debug/vasprintf_chk.c
@@ -0,0 +1,97 @@
+/* Copyright (C) 1995,1997,1999-2002,2004,2006,2008
+   Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, write to the Free
+   Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+   02111-1307 USA.
+
+   As a special exception, if you link the code in this file with
+   files compiled with a GNU compiler to produce an executable,
+   that does not cause the resulting executable to be covered by
+   the GNU Lesser General Public License.  This exception does not
+   however invalidate any other reasons why the executable file
+   might be covered by the GNU Lesser General Public License.
+   This exception applies to code released by its copyright holders
+   in files containing the exception.  */
+
+#include <malloc.h>
+#include <string.h>
+#include <stdio.h>
+#include <stdio_ext.h>
+#include "../libio/libioP.h"
+#include "../libio/strfile.h"
+
+int
+__vasprintf_chk (char **result_ptr, int flags, const char *format,
+		 va_list args)
+{
+  /* Initial size of the buffer to be used.  Will be doubled each time an
+     overflow occurs.  */
+  const _IO_size_t init_string_size = 100;
+  char *string;
+  _IO_strfile sf;
+  int ret;
+  _IO_size_t needed;
+  _IO_size_t allocated;
+  /* No need to clear the memory here (unlike for open_memstream) since
+     we know we will never seek on the stream.  */
+  string = (char *) malloc (init_string_size);
+  if (string == NULL)
+    return -1;
+#ifdef _IO_MTSAFE_IO
+  sf._sbf._f._lock = NULL;
+#endif
+  _IO_no_init ((_IO_FILE *) &sf._sbf, _IO_USER_LOCK, -1, NULL, NULL);
+  _IO_JUMPS ((struct _IO_FILE_plus *) &sf._sbf) = &_IO_str_jumps;
+  _IO_str_init_static_internal (&sf, string, init_string_size, string);
+  sf._sbf._f._flags &= ~_IO_USER_BUF;
+  sf._s._allocate_buffer = (_IO_alloc_type) malloc;
+  sf._s._free_buffer = (_IO_free_type) free;
+
+  /* For flags > 0 (i.e. __USE_FORTIFY_LEVEL > 1) request that %n
+     can only come from read-only format strings.  */
+  if (flags > 0)
+    sf._sbf._f._flags2 |= _IO_FLAGS2_FORTIFY;
+
+  ret = INTUSE(_IO_vfprintf) (&sf._sbf._f, format, args);
+  if (ret < 0)
+    {
+      free (sf._sbf._f._IO_buf_base);
+      return ret;
+    }
+  /* Only use realloc if the size we need is of the same (binary)
+     order of magnitude then the memory we allocated.  */
+  needed = sf._sbf._f._IO_write_ptr - sf._sbf._f._IO_write_base + 1;
+  allocated = sf._sbf._f._IO_write_end - sf._sbf._f._IO_write_base;
+  if ((allocated >> 1) <= needed)
+    *result_ptr = (char *) realloc (sf._sbf._f._IO_buf_base, needed);
+  else
+    {
+      *result_ptr = (char *) malloc (needed);
+      if (*result_ptr != NULL)
+	{
+	  memcpy (*result_ptr, sf._sbf._f._IO_buf_base, needed - 1);
+	  free (sf._sbf._f._IO_buf_base);
+	}
+      else
+	/* We have no choice, use the buffer we already have.  */
+	*result_ptr = (char *) realloc (sf._sbf._f._IO_buf_base, needed);
+    }
+  if (*result_ptr == NULL)
+    *result_ptr = sf._sbf._f._IO_buf_base;
+  (*result_ptr)[needed - 1] = '\0';
+  return ret;
+}
+libc_hidden_def (__vasprintf_chk)
diff --git a/debug/vdprintf_chk.c b/debug/vdprintf_chk.c
new file mode 100644
index 0000000000..8f3d332a40
--- /dev/null
+++ b/debug/vdprintf_chk.c
@@ -0,0 +1,69 @@
+/* Copyright (C) 1995, 1997-2000, 2001, 2002, 2003, 2006, 2008
+   Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, write to the Free
+   Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+   02111-1307 USA.
+
+   As a special exception, if you link the code in this file with
+   files compiled with a GNU compiler to produce an executable,
+   that does not cause the resulting executable to be covered by
+   the GNU Lesser General Public License.  This exception does not
+   however invalidate any other reasons why the executable file
+   might be covered by the GNU Lesser General Public License.
+   This exception applies to code released by its copyright holders
+   in files containing the exception.  */
+
+#include <libioP.h>
+#include <stdio_ext.h>
+
+int
+__vdprintf_chk (int d, int flags, const char *format, va_list arg)
+{
+  struct _IO_FILE_plus tmpfil;
+  struct _IO_wide_data wd;
+  int done;
+
+#ifdef _IO_MTSAFE_IO
+  tmpfil.file._lock = NULL;
+#endif
+  _IO_no_init (&tmpfil.file, _IO_USER_LOCK, 0, &wd, &_IO_wfile_jumps);
+  _IO_JUMPS (&tmpfil) = &_IO_file_jumps;
+  INTUSE(_IO_file_init) (&tmpfil);
+#if  !_IO_UNIFIED_JUMPTABLES
+  tmpfil.vtable = NULL;
+#endif
+  if (INTUSE(_IO_file_attach) (&tmpfil.file, d) == NULL)
+    {
+      INTUSE(_IO_un_link) (&tmpfil);
+      return EOF;
+    }
+  tmpfil.file._IO_file_flags =
+    (_IO_mask_flags (&tmpfil.file, _IO_NO_READS,
+		     _IO_NO_READS+_IO_NO_WRITES+_IO_IS_APPENDING)
+     | _IO_DELETE_DONT_CLOSE);
+
+  /* For flags > 0 (i.e. __USE_FORTIFY_LEVEL > 1) request that %n
+     can only come from read-only format strings.  */
+  if (flags > 0)
+    tmpfil.file._flags2 |= _IO_FLAGS2_FORTIFY;
+
+  done = INTUSE(_IO_vfprintf) (&tmpfil.file, format, arg);
+
+  _IO_FINISH (&tmpfil.file);
+
+  return done;
+}
+libc_hidden_def (__vdprintf_chk)