This is the mail archive of the libc-hacker@sources.redhat.com mailing list for the glibc project.

Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[PATCH] Fix read etc. with -D_FORTIFY_SOURCE=2

From: Jakub Jelinek <jakub at redhat dot com>
To: Ulrich Drepper <drepper at redhat dot com>, Roland McGrath <roland at redhat dot com>
Cc: Glibc hackers <libc-hacker at sources dot redhat dot com>
Date: Tue, 1 Mar 2005 10:50:54 +0100
Subject: [PATCH] Fix read etc. with -D_FORTIFY_SOURCE=2
Reply-to: Jakub Jelinek <jakub at redhat dot com>

Hi!

read/pread/pread64/recv/recvfrom do not read operate with strings, but
arbitrary data.  Therefore it is inappropriate to use
__builtin_object_size (, 1) for them, they should behave like
memcpy/memset and other memory operations rather than strcpy/fgets etc.
The difference is if
struct A { char buf[10]; char buf2[10]; } a;
read (1, &a.buf[0], 4);
read (1, &a.buf[4], sizeof (a) - 4);
is supposed to be valid under -D_FORTIFY_SOURCE=2.  IMHO it ought to be.

2005-03-01  Jakub Jelinek  <jakub@redhat.com>

	* posix/bits/unistd.h (read, pread, pread64): Use __bos0 instead
	of __bos.
	* socket/bits/socket2.h (recv, recvfrom): Likewise.

--- libc/posix/bits/unistd.h.jj	2005-03-01 10:34:44.000000000 +0100
+++ libc/posix/bits/unistd.h	2005-03-01 10:40:47.859365519 +0100
@@ -24,9 +24,9 @@
 extern ssize_t __read_chk (int __fd, void *__buf, size_t __nbytes,
 			   size_t __buflen) __wur;
 #define read(fd, buf, nbytes) \
-  (__bos (buf) != (size_t) -1						      \
-   && (!__builtin_constant_p (nbytes) || (nbytes) > __bos (buf))	      \
-   ? __read_chk (fd, buf, nbytes, __bos (buf))				      \
+  (__bos0 (buf) != (size_t) -1						      \
+   && (!__builtin_constant_p (nbytes) || (nbytes) > __bos0 (buf))	      \
+   ? __read_chk (fd, buf, nbytes, __bos0 (buf))				      \
    : read (fd, buf, nbytes))
 
 #ifdef __USE_UNIX98
@@ -36,23 +36,23 @@ extern ssize_t __pread64_chk (int __fd, 
 			      __off64_t __offset, size_t __bufsize) __wur;
 # ifndef __USE_FILE_OFFSET64
 #  define pread(fd, buf, nbytes, offset) \
-  (__bos (buf) != (size_t) -1						      \
-   && (!__builtin_constant_p (nbytes) || (nbytes) > __bos (buf))	      \
-   ? __pread64_chk (fd, buf, nbytes, offset, __bos (buf))		      \
+  (__bos0 (buf) != (size_t) -1						      \
+   && (!__builtin_constant_p (nbytes) || (nbytes) > __bos0 (buf))	      \
+   ? __pread64_chk (fd, buf, nbytes, offset, __bos0 (buf))		      \
    : pread (fd, buf, offset, nbytes))
 # else
 #  define pread(fd, buf, nbytes, offset) \
-  (__bos (buf) != (size_t) -1						      \
-   && (!__builtin_constant_p (nbytes) || (nbytes) > __bos (buf))	      \
-   ? __pread_chk (fd, buf, nbytes, offset, __bos (buf))			      \
+  (__bos0 (buf) != (size_t) -1						      \
+   && (!__builtin_constant_p (nbytes) || (nbytes) > __bos0 (buf))	      \
+   ? __pread_chk (fd, buf, nbytes, offset, __bos0 (buf))		      \
    : pread (fd, buf, offset, nbytes))
 # endif
 
 # ifdef __USE_LARGEFILE64
 #  define pread64(fd, buf, nbytes, offset) \
-  (__bos (buf) != (size_t) -1						      \
-   && (!__builtin_constant_p (nbytes) || (nbytes) > __bos (buf))	      \
-   ? __pread64_chk (fd, buf, nbytes, offset, __bos (buf))		      \
+  (__bos0 (buf) != (size_t) -1						      \
+   && (!__builtin_constant_p (nbytes) || (nbytes) > __bos0 (buf))	      \
+   ? __pread64_chk (fd, buf, nbytes, offset, __bos0 (buf))		      \
    : pread64 (fd, buf, offset, nbytes))
 # endif
 #endif
--- libc/socket/bits/socket2.h.jj	2005-02-21 23:47:46.000000000 +0100
+++ libc/socket/bits/socket2.h	2005-03-01 10:41:19.169759831 +0100
@@ -24,8 +24,8 @@
 extern ssize_t __recv_chk (int __fd, void *__buf, size_t __n, size_t __buflen,
 			   int __flags);
 #define recv(fd, buf, n, flags) \
-  (__bos (buf) != (size_t) -1						      \
-   ? __recv_chk (fd, buf, n, __bos (buf), flags)			      \
+  (__bos0 (buf) != (size_t) -1						      \
+   ? __recv_chk (fd, buf, n, __bos0 (buf), flags)			      \
    : recv (fd, buf, n, flags))
 
 extern ssize_t __recvfrom_chk (int __fd, void *__restrict __buf, size_t __n,
@@ -33,6 +33,6 @@ extern ssize_t __recvfrom_chk (int __fd,
 			       __SOCKADDR_ARG __addr,
 			       socklen_t *__restrict __addr_len);
 #define recvfrom(fd, buf, n, flags, addr, addr_len) \
-  (__bos (buf) != (size_t) -1						      \
-   ? __recvfrom_chk (fd, buf, n, __bos (buf), flags, addr, addr_len)	      \
+  (__bos0 (buf) != (size_t) -1						      \
+   ? __recvfrom_chk (fd, buf, n, __bos0 (buf), flags, addr, addr_len)	      \
    : recvfrom (fd, buf, n, flags, addr, addr_len))

	Jakub

Follow-Ups:
- Re: [PATCH] Fix read etc. with -D_FORTIFY_SOURCE=2
  - From: Roland McGrath

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]