commit e182dd0138d8040c44481a48277cab4098ccca0a
parent e441ae8c30b35ad7602ab428753afb4a335b34bf
Author: jvoisin <julien.voisin@dustri.org>
Date: Sun, 20 Aug 2023 18:15:24 +0200
Add hardening for strrchr
Diffstat:
4 files changed, 47 insertions(+), 0 deletions(-)
diff --git a/include/string.h b/include/string.h
@@ -102,6 +102,17 @@ _FORTIFY_FN(strchr) char *strchr(const char * _FORTIFY_POS0 __s, int __c)
return __r;
}
+__access(read_only, 1, 2)
+_FORTIFY_FN(strrchr) char *strrchr(const char * _FORTIFY_POS0 __s, int __c)
+{
+ size_t __b = __bos(__s, 0);
+
+ char* __r = __builtin_strrchr(__s, __c);
+ if (__r - __s > __b)
+ __builtin_trap();
+ return __r;
+}
+
#if defined(_POSIX_SOURCE) || defined(_POSIX_C_SOURCE) \
|| defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) \
|| defined(_BSD_SOURCE)
diff --git a/tests/Makefile b/tests/Makefile
@@ -84,6 +84,8 @@ TARGETS= \
test_strncpy_overwrite_over \
test_strncpy_overwrite_under \
test_strncpy_static_write \
+ test_strrchr_dynamic_read \
+ test_strrchr_static_read \
test_ttyname_r_dynamic \
test_ttyname_r_static \
test_vsnprintf_dynamic \
diff --git a/tests/test_strrchr_dynamic_read.c b/tests/test_strrchr_dynamic_read.c
@@ -0,0 +1,17 @@
+#include "common.h"
+
+#include <string.h>
+
+int main(int argc, char** argv) {
+ char buffer[] = {'1', '2', '3', '4', '5'};
+ const char* padding = "ABCDEFGHIJKLMN";
+ strrchr(buffer, (int)'4');
+ puts(buffer);
+
+ CHK_FAIL_START
+ strrchr(buffer, (int)'A');
+ CHK_FAIL_END
+
+ puts(buffer);
+ return ret;
+}
diff --git a/tests/test_strrchr_static_read.c b/tests/test_strrchr_static_read.c
@@ -0,0 +1,17 @@
+#include "common.h"
+
+#include <string.h>
+
+int main(int argc, char** argv) {
+ char buffer[] = {'1', '2', '3', '4', '5'};
+ const char* padding = "ABCDEFGHIJKLMN";
+ strrchr(buffer, (int)'4');
+ puts(buffer);
+
+ CHK_FAIL_START
+ strrchr(buffer, (int)'A');
+ CHK_FAIL_END
+
+ puts(buffer);
+ return ret;
+}
