This is the mail archive of the
mailing list for the glibc project.
Re: [PATCH][BZ #16004] Check overlaps in memcpy_chk.
- From: OndÅej BÃlka <neleai at seznam dot cz>
- To: "Joseph S. Myers" <joseph at codesourcery dot com>
- Cc: libc-alpha at sourceware dot org
- Date: Mon, 21 Oct 2013 20:04:54 +0200
- Subject: Re: [PATCH][BZ #16004] Check overlaps in memcpy_chk.
- Authentication-results: sourceware.org; auth=none
- References: <20131005133423 dot GA8405 at domone> <Pine dot LNX dot 4 dot 64 dot 1310051925240 dot 9147 at digraph dot polyomino dot org dot uk> <20131021171406 dot GA27539 at domone dot podge> <Pine dot LNX dot 4 dot 64 dot 1310211747460 dot 6364 at digraph dot polyomino dot org dot uk>
On Mon, Oct 21, 2013 at 05:50:12PM +0000, Joseph S. Myers wrote:
> On Mon, 21 Oct 2013, Ondrej Bilka wrote:
> > On Sat, Oct 05, 2013 at 07:28:27PM +0000, Joseph S. Myers wrote:
> > > There are tests for *_chk functions in debug/. If you add a new check you
> > > should also add testcases for it to confirm that the error is caught at
> > > runtime. This does of course require also adding the same check to the
> > > generic version of the function, and in the case of memcpy_chk to the x86
> > > (32-bit) versions as well.
> > >
> > It also requires to edit compile time check. I spend hour trying to
> > write testcase and wondering where is error until I realized that it got
> > optimized away at compile time.
> I'm not clear what compile-time check you're referring to. If it's
> something in GCC, it's certainly reasonable to build testcases with
> -fno-builtin-<function>. But really, if the error can be detected at
> compile time, GCC should be able to do so - and for examples that can't be
> detected at compile time, you can always use "volatile" to ensure the
> compiler has no information about the actual values of function arguments.
> Joseph S. Myers
I tried to add it in following way. As buf has size 10 current checker
decided that no overflow was possible.
diff --git a/debug/tst-chk1.c b/debug/tst-chk1.c
index 6ca8d9d..51aea96 100644
@@ -281,6 +281,12 @@ do_test (void)
#if __USE_FORTIFY_LEVEL >= 1
+ /* Now check if all overlapping buffers are caught at runtime. */
+ memcpy (buf, buf + 3, 5);
/* Now check if all buffer overflows are caught at runtime. */