fortify-headers

standalone fortify-source implementation
git clone git://git.2f30.org/fortify-headers.git
Log | Files | Refs | README | LICENSE

commit aa095b6d52ca4fa3b053d15c871c6ece34f99d1c
parent 6f0d1a1b6f4b449bb0b59545f2b66d61a1c1b4f3
Author: sin <sin@2f30.org>
Date:   Fri Jan 30 16:43:36 +0000

Add recv() checks

Diffstat:
include/sys/socket.h | 31+++++++++++++++++++++++++++++++
1 file changed, 31 insertions(+), 0 deletions(-)
diff --git a/include/sys/socket.h b/include/sys/socket.h @@ -0,0 +1,31 @@ +/* See LICENSE file for copyright and license details. */ +#ifndef FORTIFY_SYS_SOCKET_H_ +#define FORTIFY_SYS_SOCKET_H_ + +#include_next <sys/socket.h> + +#if defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE > 0 && defined(__OPTIMIZE__) && __OPTIMIZE__ > 0 + +#define __errordecl(name, msg) extern void name(void) __attribute__((__error__(msg))) + +__errordecl(__recv_error, "recv: buffer overflow detected"); +static inline __attribute__ ((always_inline)) +ssize_t +__fortify_recv(int sockfd, void *buf, size_t n, int flags) +{ + size_t bos = __builtin_object_size(buf, 0); + + if (__builtin_constant_p(n) && n > bos) + __recv_error(); + + if (n > bos) + __builtin_trap(); + return recv(sockfd, buf, n, flags); +} + +#undef recv +#define recv(sockfd, buf, n, flags) __fortify_recv(sockfd, buf, n, flags) + +#endif + +#endif