mirror of
https://github.com/freebsd/freebsd-src.git
synced 2024-11-26 20:12:44 +00:00
lib/libc/string: apply SSP hardening and tests to memset_explicit
Reviewed by: emaste, kevans Differential Revision: https://reviews.freebsd.org/D47286
This commit is contained in:
parent
007871c356
commit
8983acc8de
@ -109,6 +109,8 @@ __ssp_bos_icheck3_restrict(memcpy, void *, const void *)
|
|||||||
__ssp_bos_icheck3_restrict(mempcpy, void *, const void *)
|
__ssp_bos_icheck3_restrict(mempcpy, void *, const void *)
|
||||||
__ssp_bos_icheck3(memmove, void *, const void *)
|
__ssp_bos_icheck3(memmove, void *, const void *)
|
||||||
__ssp_bos_icheck3(memset, void *, int)
|
__ssp_bos_icheck3(memset, void *, int)
|
||||||
|
__ssp_redirect(void *, memset_explicit, (void *__buf, int __ch, size_t __len),
|
||||||
|
(__buf, __ch, __len));
|
||||||
__ssp_bos_icheck2_restrict(stpcpy, char *, const char *)
|
__ssp_bos_icheck2_restrict(stpcpy, char *, const char *)
|
||||||
__ssp_bos_icheck3_restrict(stpncpy, char *, const char *)
|
__ssp_bos_icheck3_restrict(stpncpy, char *, const char *)
|
||||||
__ssp_bos_icheck2_restrict(strcpy, char *, const char *)
|
__ssp_bos_icheck2_restrict(strcpy, char *, const char *)
|
||||||
|
@ -5,6 +5,7 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
#include <ssp/ssp.h>
|
||||||
|
|
||||||
__attribute__((weak)) void __memset_explicit_hook(void *, int, size_t);
|
__attribute__((weak)) void __memset_explicit_hook(void *, int, size_t);
|
||||||
|
|
||||||
@ -17,7 +18,7 @@ __memset_explicit_hook(void *buf, int ch, size_t len)
|
|||||||
}
|
}
|
||||||
|
|
||||||
void *
|
void *
|
||||||
memset_explicit(void *buf, int ch, size_t len)
|
__ssp_real(memset_explicit)(void *buf, int ch, size_t len)
|
||||||
{
|
{
|
||||||
memset(buf, ch, len);
|
memset(buf, ch, len);
|
||||||
__memset_explicit_hook(buf, ch, len);
|
__memset_explicit_hook(buf, ch, len);
|
||||||
|
@ -685,6 +685,133 @@ monitor:
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
ATF_TC_WITHOUT_HEAD(memset_explicit_before_end);
|
||||||
|
ATF_TC_BODY(memset_explicit_before_end, tc)
|
||||||
|
{
|
||||||
|
#define BUF &__stack.__buf
|
||||||
|
struct {
|
||||||
|
uint8_t padding_l;
|
||||||
|
unsigned char __buf[42];
|
||||||
|
uint8_t padding_r;
|
||||||
|
} __stack;
|
||||||
|
const size_t __bufsz __unused = sizeof(__stack.__buf);
|
||||||
|
const size_t __len = 42 - 1;
|
||||||
|
const size_t __idx __unused = __len - 1;
|
||||||
|
|
||||||
|
memset_explicit(__stack.__buf, 0, __len);
|
||||||
|
#undef BUF
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
ATF_TC_WITHOUT_HEAD(memset_explicit_end);
|
||||||
|
ATF_TC_BODY(memset_explicit_end, tc)
|
||||||
|
{
|
||||||
|
#define BUF &__stack.__buf
|
||||||
|
struct {
|
||||||
|
uint8_t padding_l;
|
||||||
|
unsigned char __buf[42];
|
||||||
|
uint8_t padding_r;
|
||||||
|
} __stack;
|
||||||
|
const size_t __bufsz __unused = sizeof(__stack.__buf);
|
||||||
|
const size_t __len = 42;
|
||||||
|
const size_t __idx __unused = __len - 1;
|
||||||
|
|
||||||
|
memset_explicit(__stack.__buf, 0, __len);
|
||||||
|
#undef BUF
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
ATF_TC_WITHOUT_HEAD(memset_explicit_heap_before_end);
|
||||||
|
ATF_TC_BODY(memset_explicit_heap_before_end, tc)
|
||||||
|
{
|
||||||
|
#define BUF __stack.__buf
|
||||||
|
struct {
|
||||||
|
uint8_t padding_l;
|
||||||
|
unsigned char * __buf;
|
||||||
|
uint8_t padding_r;
|
||||||
|
} __stack;
|
||||||
|
const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
|
||||||
|
const size_t __len = 42 - 1;
|
||||||
|
const size_t __idx __unused = __len - 1;
|
||||||
|
|
||||||
|
__stack.__buf = malloc(__bufsz);
|
||||||
|
|
||||||
|
memset_explicit(__stack.__buf, 0, __len);
|
||||||
|
#undef BUF
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
ATF_TC_WITHOUT_HEAD(memset_explicit_heap_end);
|
||||||
|
ATF_TC_BODY(memset_explicit_heap_end, tc)
|
||||||
|
{
|
||||||
|
#define BUF __stack.__buf
|
||||||
|
struct {
|
||||||
|
uint8_t padding_l;
|
||||||
|
unsigned char * __buf;
|
||||||
|
uint8_t padding_r;
|
||||||
|
} __stack;
|
||||||
|
const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
|
||||||
|
const size_t __len = 42;
|
||||||
|
const size_t __idx __unused = __len - 1;
|
||||||
|
|
||||||
|
__stack.__buf = malloc(__bufsz);
|
||||||
|
|
||||||
|
memset_explicit(__stack.__buf, 0, __len);
|
||||||
|
#undef BUF
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
ATF_TC_WITHOUT_HEAD(memset_explicit_heap_after_end);
|
||||||
|
ATF_TC_BODY(memset_explicit_heap_after_end, tc)
|
||||||
|
{
|
||||||
|
#define BUF __stack.__buf
|
||||||
|
struct {
|
||||||
|
uint8_t padding_l;
|
||||||
|
unsigned char * __buf;
|
||||||
|
uint8_t padding_r;
|
||||||
|
} __stack;
|
||||||
|
const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
|
||||||
|
const size_t __len = 42 + 1;
|
||||||
|
const size_t __idx __unused = __len - 1;
|
||||||
|
pid_t __child;
|
||||||
|
int __status;
|
||||||
|
|
||||||
|
__child = fork();
|
||||||
|
ATF_REQUIRE(__child >= 0);
|
||||||
|
if (__child > 0)
|
||||||
|
goto monitor;
|
||||||
|
|
||||||
|
/* Child */
|
||||||
|
disable_coredumps();
|
||||||
|
__stack.__buf = malloc(__bufsz);
|
||||||
|
|
||||||
|
memset_explicit(__stack.__buf, 0, __len);
|
||||||
|
_exit(EX_SOFTWARE); /* Should have aborted. */
|
||||||
|
|
||||||
|
monitor:
|
||||||
|
while (waitpid(__child, &__status, 0) != __child) {
|
||||||
|
ATF_REQUIRE_EQ(EINTR, errno);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!WIFSIGNALED(__status)) {
|
||||||
|
switch (WEXITSTATUS(__status)) {
|
||||||
|
case EX_SOFTWARE:
|
||||||
|
atf_tc_fail("FORTIFY_SOURCE failed to abort");
|
||||||
|
break;
|
||||||
|
case EX_OSERR:
|
||||||
|
atf_tc_fail("setrlimit(2) failed");
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
atf_tc_fail("child exited with status %d",
|
||||||
|
WEXITSTATUS(__status));
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
|
||||||
|
}
|
||||||
|
#undef BUF
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
ATF_TC_WITHOUT_HEAD(stpcpy_before_end);
|
ATF_TC_WITHOUT_HEAD(stpcpy_before_end);
|
||||||
ATF_TC_BODY(stpcpy_before_end, tc)
|
ATF_TC_BODY(stpcpy_before_end, tc)
|
||||||
{
|
{
|
||||||
@ -1899,6 +2026,11 @@ ATF_TP_ADD_TCS(tp)
|
|||||||
ATF_TP_ADD_TC(tp, memset_heap_before_end);
|
ATF_TP_ADD_TC(tp, memset_heap_before_end);
|
||||||
ATF_TP_ADD_TC(tp, memset_heap_end);
|
ATF_TP_ADD_TC(tp, memset_heap_end);
|
||||||
ATF_TP_ADD_TC(tp, memset_heap_after_end);
|
ATF_TP_ADD_TC(tp, memset_heap_after_end);
|
||||||
|
ATF_TP_ADD_TC(tp, memset_explicit_before_end);
|
||||||
|
ATF_TP_ADD_TC(tp, memset_explicit_end);
|
||||||
|
ATF_TP_ADD_TC(tp, memset_explicit_heap_before_end);
|
||||||
|
ATF_TP_ADD_TC(tp, memset_explicit_heap_end);
|
||||||
|
ATF_TP_ADD_TC(tp, memset_explicit_heap_after_end);
|
||||||
ATF_TP_ADD_TC(tp, stpcpy_before_end);
|
ATF_TP_ADD_TC(tp, stpcpy_before_end);
|
||||||
ATF_TP_ADD_TC(tp, stpcpy_end);
|
ATF_TP_ADD_TC(tp, stpcpy_end);
|
||||||
ATF_TP_ADD_TC(tp, stpcpy_heap_before_end);
|
ATF_TP_ADD_TC(tp, stpcpy_heap_before_end);
|
||||||
|
@ -630,6 +630,15 @@ local all_tests = {
|
|||||||
},
|
},
|
||||||
exclude = excludes_stack_overflow,
|
exclude = excludes_stack_overflow,
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
func = "memset_explicit",
|
||||||
|
arguments = {
|
||||||
|
"__buf",
|
||||||
|
"0",
|
||||||
|
"__len",
|
||||||
|
},
|
||||||
|
exclude = excludes_stack_overflow,
|
||||||
|
},
|
||||||
{
|
{
|
||||||
func = "stpcpy",
|
func = "stpcpy",
|
||||||
arguments = {
|
arguments = {
|
||||||
|
Loading…
Reference in New Issue
Block a user