commit 80a83a56b52e833e6d3afec4d0723d7625d52cee
parent 01dc0e38a8a0be034bf21cc6ae4cc8cebc0e7a79
Author: jvoisin <julien.voisin@dustri.org>
Date: Wed, 27 Dec 2023 12:36:47 +0100
Don't check for overlapping in strncpy/stpncpy for now
They check overlap across the whole range of the given length, but
the given length is not what will actually be copied, rather it's
the maximum length (if src is shorter, only length of src will be
copied). This triggers false positives and traps where it shouldn't
(e.g. in ICU tests).
Reported-by: q66
Diffstat:
5 files changed, 22 insertions(+), 0 deletions(-)
diff --git a/include/string.h b/include/string.h
@@ -189,8 +189,15 @@ _FORTIFY_FN(stpncpy) char *stpncpy(char * _FORTIFY_POS0 __d, const char *__s,
#if __has_builtin(__builtin___stpncpy_chk) && USE_NATIVE_CHK
return __builtin___stpncpy_chk(__d, __s, __n, __fh_bos(__d, 0));
#else
+#if 0
+ // They check overlap across the whole range of the given length, but
+ // the given length is not what will actually be copied, rather it's
+ // the maximum length (if src is shorter, only length of src will be
+ // copied). This triggers false positives and traps where it shouldn't
+ // (e.g. in ICU tests).
if (__fh_overlap(__d, __s, __n))
__builtin_trap();
+#endif
__fh_size_t __b = __fh_bos(__d, 0);
if (__n > __b && strlen(__s) + 1 > __b)
@@ -290,8 +297,15 @@ _FORTIFY_FN(strncpy) char *strncpy(char * _FORTIFY_POS0 __d,
#if __has_builtin(__builtin___strncpy_chk) && USE_NATIVE_CHK
return __builtin___strncpy_chk(__d, __s, __n, __fh_bos(__d, 0));
#else
+#if 0
+ // They check overlap across the whole range of the given length, but
+ // the given length is not what will actually be copied, rather it's
+ // the maximum length (if src is shorter, only length of src will be
+ // copied). This triggers false positives and traps where it shouldn't
+ // (e.g. in ICU tests).
if (__fh_overlap(__d, __s, __n))
__builtin_trap();
+#endif
__fh_size_t __b = __fh_bos(__d, 0);
if (__n > __b)
diff --git a/tests/test_stpncpy_overwrite_over.c b/tests/test_stpncpy_overwrite_over.c
@@ -3,6 +3,7 @@
#include <string.h>
int main(int argc, char** argv) {
+#if 0
char buffer[9] = {'A', 'A', 'A', 'A', 'B', 'B', 'B', 'B', '\0'};
puts(buffer);
@@ -11,5 +12,6 @@ int main(int argc, char** argv) {
CHK_FAIL_END
puts(buffer);
+#endif
return ret;
}
diff --git a/tests/test_stpncpy_overwrite_under.c b/tests/test_stpncpy_overwrite_under.c
@@ -3,6 +3,7 @@
#include <string.h>
int main(int argc, char** argv) {
+#if 0
char buffer[9] = {'A', 'A', 'A', 'A', 'B', 'B', 'B', 'B', '\0'};
puts(buffer);
@@ -11,5 +12,6 @@ int main(int argc, char** argv) {
CHK_FAIL_END
puts(buffer);
+#endif
return ret;
}
diff --git a/tests/test_strncpy_overwrite_over.c b/tests/test_strncpy_overwrite_over.c
@@ -3,6 +3,7 @@
#include <string.h>
int main(int argc, char** argv) {
+#if 0
char buffer[9] = {'A', 'A', 'A', 'A', 'B', 'B', 'B', 'B', '\0'};
puts(buffer);
@@ -11,5 +12,6 @@ int main(int argc, char** argv) {
CHK_FAIL_END
puts(buffer);
+#endif
return ret;
}
diff --git a/tests/test_strncpy_overwrite_under.c b/tests/test_strncpy_overwrite_under.c
@@ -3,6 +3,7 @@
#include <string.h>
int main(int argc, char** argv) {
+#if 0
char buffer[9] = {'A', 'A', 'A', 'A', 'B', 'B', 'B', 'B', '\0'};
puts(buffer);
@@ -11,5 +12,6 @@ int main(int argc, char** argv) {
CHK_FAIL_END
puts(buffer);
+#endif
return ret;
}
