fortify-headers

standalone fortify-source implementation
git clone git://git.2f30.org/fortify-headers.git
Log | Files | Refs | README | LICENSE

commit ff82ffbc74d82091527449e31fe351d15830f716
parent 1435d8186b1954de640ec79717c5e564243bd350
Author: info@mobile-stream.com <info@mobile-stream.com>
Date:   Wed,  6 Mar 2019 16:28:48 +0300

realpath: guard slow/trap path with PATH_MAX

This allows the compiler to optimize out the slow/trap path at all
for the typical correct code:

char buf[PATH_MAX];
r = realpath(path, buf);

The change keeps the "unknown object size" case handling intact.

Diffstat:
Minclude/stdlib.h | 8+++-----
1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/include/stdlib.h b/include/stdlib.h @@ -39,12 +39,10 @@ extern "C" { #undef realpath _FORTIFY_FN(realpath) char *realpath(const char *__p, char *__r) { - size_t __b = __builtin_object_size(__r, 0); - - if (__r) { #ifndef PATH_MAX #error PATH_MAX unset. A fortified realpath will not work. #else + if (__r && PATH_MAX > __builtin_object_size(__r, 2)) { char __buf[PATH_MAX], *__ret; size_t __l; @@ -52,13 +50,13 @@ _FORTIFY_FN(realpath) char *realpath(const char *__p, char *__r) if (!__ret) return NULL; __l = __builtin_strlen(__ret) + 1; - if (__l > __b) + if (__l > __builtin_object_size(__r, 0)) __builtin_trap(); __builtin_memcpy(__r, __ret, __l); return __r; -#endif } return __orig_realpath(__p, __r); +#endif } #endif