diff mbox series

[08/15] string: Improve fortify with clang

Message ID	20231221185929.1307116-9-adhemerval.zanella@linaro.org
State	Superseded
Headers	DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org BB51C3858436 From: Adhemerval Zanella <adhemerval.zanella@linaro.org> To: libc-alpha@sourceware.org, Siddhesh Poyarekar <siddhesh@gotplt.org> Subject: [PATCH 08/15] string: Improve fortify with clang Date: Thu, 21 Dec 2023 15:59:22 -0300 Message-Id: <20231221185929.1307116-9-adhemerval.zanella@linaro.org> In-Reply-To: <20231221185929.1307116-1-adhemerval.zanella@linaro.org> References: <20231221185929.1307116-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: list Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org
Series	Improve fortify support with clang \| [00/15] Improve fortify support with clang [01/15] debug: Adapt fortify tests to libsupport [02/15] debug: Increase tst-fortify checks for compiler without __va_arg_pack support [03/15] debug: Add fortify dprintf tests [04/15] debug: Add fortify syslog tests [05/15] debug: Add fortify wprintf tests [06/15] cdefs.h: Add clang fortify directives [07/15] libio: Improve fortify with clang [08/15] string: Improve fortify with clang [09/15] stdlib: Improve fortify with clang [10/15] unistd: Improve fortify with clang [11/15] socket: Improve fortify with clang [12/15] syslog: Improve fortify with clang [13/15] wcsmbs: Improve fortify with clang [14/15] debug: Improve fcntl.h fortify warnings with clang [15/15] debug: Improve mqueue.h fortify warnings with clang

Checks

Context	Check	Description
redhat-pt-bot/TryBot-apply_patch	success	Patch applied to master at the time it was sent
linaro-tcwg-bot/tcwg_glibc_build--master-aarch64	fail	Patch failed to apply
linaro-tcwg-bot/tcwg_glibc_build--master-arm	fail	Patch failed to apply

Commit Message

Adhemerval Zanella Dec. 21, 2023, 6:59 p.m. UTC

  It improve fortify checks for strcpy, stpcpy, strncpy, stpncpy, strcat,
strncat, strlcpy, and strlcat.  The runtime and compile checks have
similar coverage as with GCC.

Checked on aarch64, armhf, x86_64, and i686.
---
 string/bits/string_fortified.h | 57 +++++++++++++++++++++-------------
 1 file changed, 35 insertions(+), 22 deletions(-)

diff mbox series

Patch

diff --git a/string/bits/string_fortified.h b/string/bits/string_fortified.h
index 23ef064168..d3ee250642 100644
--- a/string/bits/string_fortified.h
+++ b/string/bits/string_fortified.h
@@ -73,24 +73,29 @@  __NTH (explicit_bzero (void *__dest, size_t __len))
 }
 #endif
 
-__fortify_function char *
-__NTH (strcpy (char *__restrict __dest, const char *__restrict __src))
+__fortify_function __attribute_overloadable__ char *
+__NTH (strcpy (__fortify_clang_overload_arg (char *, __restrict, __dest),
+	       const char *__restrict __src))
+     __fortify_clang_warn_if_src_too_large (__dest, __src)
 {
   return __builtin___strcpy_chk (__dest, __src, __glibc_objsize (__dest));
 }
 
 #ifdef __USE_XOPEN2K8
-__fortify_function char *
-__NTH (stpcpy (char *__restrict __dest, const char *__restrict __src))
+__fortify_function __attribute_overloadable__ char *
+__NTH (stpcpy (__fortify_clang_overload_arg (char *, __restrict, __dest),
+	       const char *__restrict __src))
+     __fortify_clang_warn_if_src_too_large (__dest, __src)
 {
   return __builtin___stpcpy_chk (__dest, __src, __glibc_objsize (__dest));
 }
 #endif
 
 
-__fortify_function char *
-__NTH (strncpy (char *__restrict __dest, const char *__restrict __src,
-		size_t __len))
+__fortify_function __attribute_overloadable__ char *
+__NTH (strncpy (__fortify_clang_overload_arg (char *, __restrict, __dest),
+		const char *__restrict __src, size_t __len))
+     __fortify_clang_warn_if_dest_too_small (__dest, __len)
 {
   return __builtin___strncpy_chk (__dest, __src, __len,
 				  __glibc_objsize (__dest));
@@ -98,8 +103,10 @@  __NTH (strncpy (char *__restrict __dest, const char *__restrict __src,
 
 #ifdef __USE_XOPEN2K8
 # if __GNUC_PREREQ (4, 7) || __glibc_clang_prereq (2, 6)
-__fortify_function char *
-__NTH (stpncpy (char *__dest, const char *__src, size_t __n))
+__fortify_function __attribute_overloadable__ char *
+__NTH (stpncpy (__fortify_clang_overload_arg (char *, ,__dest),
+		const char *__src, size_t __n))
+     __fortify_clang_warn_if_dest_too_small (__dest, __n)
 {
   return __builtin___stpncpy_chk (__dest, __src, __n,
 				  __glibc_objsize (__dest));
@@ -112,8 +119,9 @@  extern char *__stpncpy_chk (char *__dest, const char *__src, size_t __n,
 extern char *__REDIRECT_NTH (__stpncpy_alias, (char *__dest, const char *__src,
 					       size_t __n), stpncpy);
 
-__fortify_function char *
-__NTH (stpncpy (char *__dest, const char *__src, size_t __n))
+__fortify_function __attribute_overloadable__ char *
+__NTH (stpncpy (__fortify_clang_overload_arg (char *, ,__dest),
+		const char *__src, size_t __n))
 {
   if (__bos (__dest) != (size_t) -1
       && (!__builtin_constant_p (__n) || __n > __bos (__dest)))
@@ -124,16 +132,19 @@  __NTH (stpncpy (char *__dest, const char *__src, size_t __n))
 #endif
 
 
-__fortify_function char *
-__NTH (strcat (char *__restrict __dest, const char *__restrict __src))
+__fortify_function __attribute_overloadable__ char *
+__NTH (strcat (__fortify_clang_overload_arg (char *, __restrict, __dest),
+	       const char *__restrict __src))
+     __fortify_clang_warn_if_src_too_large (__dest, __src)
 {
   return __builtin___strcat_chk (__dest, __src, __glibc_objsize (__dest));
 }
 
 
-__fortify_function char *
-__NTH (strncat (char *__restrict __dest, const char *__restrict __src,
-		size_t __len))
+__fortify_function __attribute_overloadable__ char *
+__NTH (strncat (__fortify_clang_overload_arg (char *, __restrict, __dest),
+		const char *__restrict __src, size_t __len))
+     __fortify_clang_warn_if_src_too_large (__dest, __src)
 {
   return __builtin___strncat_chk (__dest, __src, __len,
 				  __glibc_objsize (__dest));
@@ -146,9 +157,10 @@  extern size_t __REDIRECT_NTH (__strlcpy_alias,
 			      (char *__dest, const char *__src, size_t __n),
 			      strlcpy);
 
-__fortify_function size_t
-__NTH (strlcpy (char *__restrict __dest, const char *__restrict __src,
-		size_t __n))
+__fortify_function __attribute_overloadable__ size_t
+__NTH (strlcpy (__fortify_clang_overload_arg (char *, __restrict, __dest),
+		const char *__restrict __src, size_t __n))
+     __fortify_clang_warn_if_dest_too_small (__dest, __n)
 {
   if (__glibc_objsize (__dest) != (size_t) -1
       && (!__builtin_constant_p (__n > __glibc_objsize (__dest))
@@ -163,9 +175,10 @@  extern size_t __REDIRECT_NTH (__strlcat_alias,
 			      (char *__dest, const char *__src, size_t __n),
 			      strlcat);
 
-__fortify_function size_t
-__NTH (strlcat (char *__restrict __dest, const char *__restrict __src,
-		size_t __n))
+__fortify_function __attribute_overloadable__ size_t
+__NTH (strlcat (__fortify_clang_overload_arg (char *, __restrict, __dest),
+		const char *__restrict __src, size_t __n))
+     __fortify_clang_warn_if_src_too_large (__dest, __src)
 {
   if (__glibc_objsize (__dest) != (size_t) -1
       && (!__builtin_constant_p (__n > __glibc_objsize (__dest))