From dff375150393cf31c06010153082959438da9886 Mon Sep 17 00:00:00 2001 From: Ulrich Drepper Date: Wed, 5 Mar 2008 07:05:13 +0000 Subject: * include/stdio.h (__asprintf_chk, __dprintf_chk, __obstack_printf_chk): New prototypes. (__vasprintf_chk, __vdprintf_chk, __obstack_vprintf_chk): Likewise. Add libc_hidden_proto. * libio/obprintf.c (_IO_obstack_jumps): No longer static, add attribute_hidden. * libio/bits/stdio-ldbl.h (__asprintf_chk, __dprintf_chk, __obstack_printf_chk, __vasprintf_chk, __vdprintf_chk, __obstack_vprintf_chk): Add __LDBL_REDIR_DECL. * libio/bits/stdio2.h (__asprintf_chk, __dprintf_chk, __obstack_printf_chk, __vasprintf_chk, __vdprintf_chk, __obstack_vprintf_chk): New prototypes. (asprintf, __asprintf, dprintf, obstack_printf, vasprintf, vdprintf, obstack_vprintf): New inlines. * debug/dprintf_chk.c: New file. * debug/vdprintf_chk.c: New file. * debug/asprintf_chk.c: New file. * debug/vasprintf_chk.c: New file. * debug/obprintf_chk.c: New file. * debug/tst-chk1.c (do_test): Add asprintf and obstack_printf tests. * debug/Versions (__asprintf_chk, __dprintf_chk, __obstack_printf_chk, __vasprintf_chk, __vdprintf_chk, __obstack_vprintf_chk): Export @@GLIBC_2.8. * debug/Makefile: Build asprintf_chk, vasprintf_chk, dprintf_chk, vdprintf_chk and obprintf_chk, set CFLAGS for them. * sysdeps/ieee754/ldbl-opt/nldbl-compat.c (__nldbl___vasprintf_chk, __nldbl___vdprintf_chk, __nldbl___obstack_vprintf_chk): Add libc_hidden_proto. * sysdeps/ieee754/ldbl-opt/nldbl-compat.h (__nldbl___vasprintf_chk, __nldbl___vdprintf_chk, __nldbl___obstack_vprintf_chk): New prototypes. * sysdeps/ieee754/ldbl-opt/Versions (__nldbl___asprintf_chk, __nldbl___vasprintf_chk, __nldbl___dprintf_chk, __nldbl___vdprintf_chk, __nldbl___obstack_printf_chk, __nldbl___obstack_vprintf_chk): Export @@GLIBC_2.8. * sysdeps/ieee754/ldbl-opt/Makefile (libnldbl-calls): Add asprintf_chk, vasprintf_chk, dprintf_chk, vdprintf_chk, obstack_printf_chk and obstack_vprintf_chk. * sysdeps/ieee754/ldbl-opt/nldbl-obstack_vprintf_chk.c: New file. * sysdeps/ieee754/ldbl-opt/nldbl-dprintf_chk.c: New file. * sysdeps/ieee754/ldbl-opt/nldbl-obstack_printf_chk.c: New file. * sysdeps/ieee754/ldbl-opt/nldbl-asprintf_chk.c: New file. * sysdeps/ieee754/ldbl-opt/nldbl-vdprintf_chk.c: New file. * sysdeps/ieee754/ldbl-opt/nldbl-vasprintf_chk.c: New file. --- debug/Makefile | 10 ++++- debug/Versions | 4 ++ debug/asprintf_chk.c | 38 ++++++++++++++++ debug/dprintf_chk.c | 37 ++++++++++++++++ debug/obprintf_chk.c | 117 ++++++++++++++++++++++++++++++++++++++++++++++++++ debug/tst-chk1.c | 36 +++++++++++++++- debug/vasprintf_chk.c | 97 +++++++++++++++++++++++++++++++++++++++++ debug/vdprintf_chk.c | 69 +++++++++++++++++++++++++++++ 8 files changed, 405 insertions(+), 3 deletions(-) create mode 100644 debug/asprintf_chk.c create mode 100644 debug/dprintf_chk.c create mode 100644 debug/obprintf_chk.c create mode 100644 debug/vasprintf_chk.c create mode 100644 debug/vdprintf_chk.c (limited to 'debug') diff --git a/debug/Makefile b/debug/Makefile index a2c28f9737..ece7ee6bd7 100644 --- a/debug/Makefile +++ b/debug/Makefile @@ -1,4 +1,4 @@ -# Copyright (C) 1998-2001,2004,2005,2006,2007 Free Software Foundation, Inc. +# Copyright (C) 1998-2001,2004-2008 Free Software Foundation, Inc. # This file is part of the GNU C Library. # The GNU C Library is free software; you can redistribute it and/or @@ -41,7 +41,8 @@ routines = backtrace backtracesyms backtracesymsfd noophooks \ confstr_chk getgroups_chk ttyname_r_chk getlogin_r_chk \ gethostname_chk getdomainname_chk wcrtomb_chk mbsnrtowcs_chk \ wcsnrtombs_chk mbsrtowcs_chk wcsrtombs_chk mbstowcs_chk \ - wcstombs_chk \ + wcstombs_chk asprintf_chk vasprintf_chk dprintf_chk \ + vdprintf_chk obprintf_chk \ stack_chk_fail fortify_fail \ $(static-only-routines) static-only-routines := warning-nop stack_chk_fail_local @@ -51,6 +52,11 @@ CFLAGS-sprintf_chk.c = -D_IO_MTSAFE_IO CFLAGS-snprintf_chk.c = -D_IO_MTSAFE_IO CFLAGS-vsprintf_chk.c = -D_IO_MTSAFE_IO CFLAGS-vsnprintf_chk.c = -D_IO_MTSAFE_IO +CFLAGS-asprintf_chk.c = -D_IO_MTSAFE_IO +CFLAGS-vasprintf_chk.c = -D_IO_MTSAFE_IO +CFLAGS-obprintf_chk.c = -D_IO_MTSAFE_IO +CFLAGS-dprintf_chk.c = -D_IO_MTSAFE_IO $(exceptions) +CFLAGS-vdprintf_chk.c = -D_IO_MTSAFE_IO $(exceptions) CFLAGS-printf_chk.c = -D_IO_MTSAFE_IO $(exceptions) CFLAGS-fprintf_chk.c = -D_IO_MTSAFE_IO $(exceptions) CFLAGS-vprintf_chk.c = -D_IO_MTSAFE_IO $(exceptions) diff --git a/debug/Versions b/debug/Versions index e467cc0602..ef6b08b7b3 100644 --- a/debug/Versions +++ b/debug/Versions @@ -42,6 +42,10 @@ libc { GLIBC_2.7 { __fread_chk; __fread_unlocked_chk; } + GLIBC_2.8 { + __asprintf_chk; __vasprintf_chk; __dprintf_chk; __vdprintf_chk; + __obstack_printf_chk; __obstack_vprintf_chk; + } GLIBC_PRIVATE { __fortify_fail; } diff --git a/debug/asprintf_chk.c b/debug/asprintf_chk.c new file mode 100644 index 0000000000..fd943c851b --- /dev/null +++ b/debug/asprintf_chk.c @@ -0,0 +1,38 @@ +/* Copyright (C) 1991, 1995, 1997, 1998, 2004, 2006, 2008 + Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, write to the Free + Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307 USA. */ + +#include +#include +#include + + +/* Write formatted output from FORMAT to a string which is + allocated with malloc and stored in *STRING_PTR. */ +int +__asprintf_chk (char **result_ptr, int flags, const char *format, ...) +{ + va_list arg; + int done; + + va_start (arg, format); + done = __vasprintf_chk (result_ptr, flags, format, arg); + va_end (arg); + + return done; +} diff --git a/debug/dprintf_chk.c b/debug/dprintf_chk.c new file mode 100644 index 0000000000..d9e6705db0 --- /dev/null +++ b/debug/dprintf_chk.c @@ -0,0 +1,37 @@ +/* Copyright (C) 1991, 1995, 1997, 1998, 2004, 2006, 2008 + Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, write to the Free + Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307 USA. */ + +#include +#include +#include + + +/* Write formatted output to D, according to the format string FORMAT. */ +int +__dprintf_chk (int d, int flags, const char *format, ...) +{ + va_list arg; + int done; + + va_start (arg, format); + done = __vdprintf_chk (d, flags, format, arg); + va_end (arg); + + return done; +} diff --git a/debug/obprintf_chk.c b/debug/obprintf_chk.c new file mode 100644 index 0000000000..8e7014f394 --- /dev/null +++ b/debug/obprintf_chk.c @@ -0,0 +1,117 @@ +/* Print output of stream to given obstack. + Copyright (C) 1996,1997,1999,2000,2001,2002,2003,2004,2005,2006,2008 + Free Software Foundation, Inc. + This file is part of the GNU C Library. + Contributed by Ulrich Drepper , 1996. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, write to the Free + Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307 USA. */ + + +#include +#include +#include "../libio/strfile.h" +#include +#include +#include +#include +#include +#include + + +struct _IO_obstack_file +{ + struct _IO_FILE_plus file; + struct obstack *obstack; +}; + +extern const struct _IO_jump_t _IO_obstack_jumps attribute_hidden; + +int +__obstack_vprintf_chk (struct obstack *obstack, int flags, const char *format, + va_list args) +{ + struct obstack_FILE + { + struct _IO_obstack_file ofile; + } new_f; + int result; + int size; + int room; + +#ifdef _IO_MTSAFE_IO + new_f.ofile.file.file._lock = NULL; +#endif + + _IO_no_init (&new_f.ofile.file.file, _IO_USER_LOCK, -1, NULL, NULL); + _IO_JUMPS (&new_f.ofile.file) = &_IO_obstack_jumps; + room = obstack_room (obstack); + size = obstack_object_size (obstack) + room; + if (size == 0) + { + /* We have to handle the allocation a bit different since the + `_IO_str_init_static' function would handle a size of zero + different from what we expect. */ + + /* Get more memory. */ + obstack_make_room (obstack, 64); + + /* Recompute how much room we have. */ + room = obstack_room (obstack); + size = room; + + assert (size != 0); + } + + _IO_str_init_static_internal ((struct _IO_strfile_ *) &new_f.ofile, + obstack_base (obstack), + size, obstack_next_free (obstack)); + /* Now allocate the rest of the current chunk. */ + assert (size == (new_f.ofile.file.file._IO_write_end + - new_f.ofile.file.file._IO_write_base)); + assert (new_f.ofile.file.file._IO_write_ptr + == (new_f.ofile.file.file._IO_write_base + + obstack_object_size (obstack))); + obstack_blank_fast (obstack, room); + + new_f.ofile.obstack = obstack; + + /* For flags > 0 (i.e. __USE_FORTIFY_LEVEL > 1) request that %n + can only come from read-only format strings. */ + if (flags > 0) + new_f.ofile.file.file._flags2 |= _IO_FLAGS2_FORTIFY; + + result = INTUSE(_IO_vfprintf) (&new_f.ofile.file.file, format, args); + + /* Shrink the buffer to the space we really currently need. */ + obstack_blank_fast (obstack, (new_f.ofile.file.file._IO_write_ptr + - new_f.ofile.file.file._IO_write_end)); + + return result; +} +libc_hidden_def (__obstack_vprintf_chk) + + +int +__obstack_printf_chk (struct obstack *obstack, int flags, const char *format, + ...) +{ + int result; + va_list ap; + va_start (ap, format); + result = __obstack_vprintf_chk (obstack, flags, format, ap); + va_end (ap); + return result; +} diff --git a/debug/tst-chk1.c b/debug/tst-chk1.c index 487b071026..e03f3dba6d 100644 --- a/debug/tst-chk1.c +++ b/debug/tst-chk1.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2004, 2005, 2006, 2007 Free Software Foundation, Inc. +/* Copyright (C) 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Jakub Jelinek , 2004. @@ -20,6 +20,7 @@ #include #include #include +#include #include #include #include @@ -31,6 +32,9 @@ #include #include +#define obstack_chunk_alloc malloc +#define obstack_chunk_free free + char *temp_filename; static void do_prepare (void); static int do_test (void); @@ -705,6 +709,36 @@ do_test (void) if (fprintf (fp, buf2 + 4, str5) != 7) FAIL (); + char *my_ptr = NULL; + strcpy (buf2 + 2, "%n%s%n"); + /* When the format string is writable and contains %n, + with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */ + CHK_FAIL2_START + if (asprintf (&my_ptr, buf2, str4, &n1, str5, &n1) != 14) + FAIL (); + else + free (my_ptr); + CHK_FAIL2_END + + struct obstack obs; + obstack_init (&obs); + CHK_FAIL2_START + if (obstack_printf (&obs, buf2, str4, &n1, str5, &n1) != 14) + FAIL (); + CHK_FAIL2_END + obstack_free (&obs, NULL); + + my_ptr = NULL; + if (asprintf (&my_ptr, "%s%n%s%n", str4, &n1, str5, &n1) != 14) + FAIL (); + else + free (my_ptr); + + obstack_init (&obs); + if (obstack_printf (&obs, "%s%n%s%n", str4, &n1, str5, &n1) != 14) + FAIL (); + obstack_free (&obs, NULL); + if (freopen (temp_filename, "r", stdin) == NULL) { puts ("could not open temporary file"); diff --git a/debug/vasprintf_chk.c b/debug/vasprintf_chk.c new file mode 100644 index 0000000000..6105516d59 --- /dev/null +++ b/debug/vasprintf_chk.c @@ -0,0 +1,97 @@ +/* Copyright (C) 1995,1997,1999-2002,2004,2006,2008 + Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, write to the Free + Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307 USA. + + As a special exception, if you link the code in this file with + files compiled with a GNU compiler to produce an executable, + that does not cause the resulting executable to be covered by + the GNU Lesser General Public License. This exception does not + however invalidate any other reasons why the executable file + might be covered by the GNU Lesser General Public License. + This exception applies to code released by its copyright holders + in files containing the exception. */ + +#include +#include +#include +#include +#include "../libio/libioP.h" +#include "../libio/strfile.h" + +int +__vasprintf_chk (char **result_ptr, int flags, const char *format, + va_list args) +{ + /* Initial size of the buffer to be used. Will be doubled each time an + overflow occurs. */ + const _IO_size_t init_string_size = 100; + char *string; + _IO_strfile sf; + int ret; + _IO_size_t needed; + _IO_size_t allocated; + /* No need to clear the memory here (unlike for open_memstream) since + we know we will never seek on the stream. */ + string = (char *) malloc (init_string_size); + if (string == NULL) + return -1; +#ifdef _IO_MTSAFE_IO + sf._sbf._f._lock = NULL; +#endif + _IO_no_init ((_IO_FILE *) &sf._sbf, _IO_USER_LOCK, -1, NULL, NULL); + _IO_JUMPS ((struct _IO_FILE_plus *) &sf._sbf) = &_IO_str_jumps; + _IO_str_init_static_internal (&sf, string, init_string_size, string); + sf._sbf._f._flags &= ~_IO_USER_BUF; + sf._s._allocate_buffer = (_IO_alloc_type) malloc; + sf._s._free_buffer = (_IO_free_type) free; + + /* For flags > 0 (i.e. __USE_FORTIFY_LEVEL > 1) request that %n + can only come from read-only format strings. */ + if (flags > 0) + sf._sbf._f._flags2 |= _IO_FLAGS2_FORTIFY; + + ret = INTUSE(_IO_vfprintf) (&sf._sbf._f, format, args); + if (ret < 0) + { + free (sf._sbf._f._IO_buf_base); + return ret; + } + /* Only use realloc if the size we need is of the same (binary) + order of magnitude then the memory we allocated. */ + needed = sf._sbf._f._IO_write_ptr - sf._sbf._f._IO_write_base + 1; + allocated = sf._sbf._f._IO_write_end - sf._sbf._f._IO_write_base; + if ((allocated >> 1) <= needed) + *result_ptr = (char *) realloc (sf._sbf._f._IO_buf_base, needed); + else + { + *result_ptr = (char *) malloc (needed); + if (*result_ptr != NULL) + { + memcpy (*result_ptr, sf._sbf._f._IO_buf_base, needed - 1); + free (sf._sbf._f._IO_buf_base); + } + else + /* We have no choice, use the buffer we already have. */ + *result_ptr = (char *) realloc (sf._sbf._f._IO_buf_base, needed); + } + if (*result_ptr == NULL) + *result_ptr = sf._sbf._f._IO_buf_base; + (*result_ptr)[needed - 1] = '\0'; + return ret; +} +libc_hidden_def (__vasprintf_chk) diff --git a/debug/vdprintf_chk.c b/debug/vdprintf_chk.c new file mode 100644 index 0000000000..8f3d332a40 --- /dev/null +++ b/debug/vdprintf_chk.c @@ -0,0 +1,69 @@ +/* Copyright (C) 1995, 1997-2000, 2001, 2002, 2003, 2006, 2008 + Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, write to the Free + Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307 USA. + + As a special exception, if you link the code in this file with + files compiled with a GNU compiler to produce an executable, + that does not cause the resulting executable to be covered by + the GNU Lesser General Public License. This exception does not + however invalidate any other reasons why the executable file + might be covered by the GNU Lesser General Public License. + This exception applies to code released by its copyright holders + in files containing the exception. */ + +#include +#include + +int +__vdprintf_chk (int d, int flags, const char *format, va_list arg) +{ + struct _IO_FILE_plus tmpfil; + struct _IO_wide_data wd; + int done; + +#ifdef _IO_MTSAFE_IO + tmpfil.file._lock = NULL; +#endif + _IO_no_init (&tmpfil.file, _IO_USER_LOCK, 0, &wd, &_IO_wfile_jumps); + _IO_JUMPS (&tmpfil) = &_IO_file_jumps; + INTUSE(_IO_file_init) (&tmpfil); +#if !_IO_UNIFIED_JUMPTABLES + tmpfil.vtable = NULL; +#endif + if (INTUSE(_IO_file_attach) (&tmpfil.file, d) == NULL) + { + INTUSE(_IO_un_link) (&tmpfil); + return EOF; + } + tmpfil.file._IO_file_flags = + (_IO_mask_flags (&tmpfil.file, _IO_NO_READS, + _IO_NO_READS+_IO_NO_WRITES+_IO_IS_APPENDING) + | _IO_DELETE_DONT_CLOSE); + + /* For flags > 0 (i.e. __USE_FORTIFY_LEVEL > 1) request that %n + can only come from read-only format strings. */ + if (flags > 0) + tmpfil.file._flags2 |= _IO_FLAGS2_FORTIFY; + + done = INTUSE(_IO_vfprintf) (&tmpfil.file, format, arg); + + _IO_FINISH (&tmpfil.file); + + return done; +} +libc_hidden_def (__vdprintf_chk) -- cgit 1.4.1