fortify-headers

standalone fortify-source implementation
git clone git://git.2f30.org/fortify-headers
Log | Files | Refs | README | LICENSE

commit 195fffa420525a53ecd72c6d49c8660630e97359
parent 60a707681655d249af66cec6786a6fad8337b49c
Author: sin <sin@2f30.org>
Date:   Sat, 28 Feb 2015 12:00:25 +0000

Add getgroups() check

Since getgroups() will never write more than NGROUPS_MAX entries
we might as well cap len to that value.

The following should probably not trap the program:

gid_t set[NGROUPS_MAX];
getgroups(NGROUPS_MAX + 1, set);

Diffstat:
Minclude/unistd.h | 13+++++++++++++
1 file changed, 13 insertions(+), 0 deletions(-)

diff --git a/include/unistd.h b/include/unistd.h @@ -42,6 +42,17 @@ __fortify_getdomainname(char *name, size_t len) static inline __attribute__ ((always_inline)) int +__fortify_getgroups(int len, gid_t *set) +{ + size_t bos = __builtin_object_size(set, 0); + + if (bos != -1 && len > bos / sizeof(gid_t)) + __builtin_trap(); + return getgroups(len, set); +} + +static inline __attribute__ ((always_inline)) +int __fortify_gethostname(char *name, size_t len) { size_t bos = __builtin_object_size(name, 0); @@ -105,6 +116,8 @@ __fortify_write(int fd, const void *buf, size_t n) #define getdomainname(name, len) __fortify_getdomainname(name, len) #endif +#undef getgroups +#define getgroups(len, set) __fortify_getgroups(len, set) #undef gethostname #define gethostname(name, len) __fortify_gethostname(name, len) #undef getlogin_r