This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug string/20558] New: POSIX bcopy/bzero decls do not implement Object Size Checking

From: "yselkowi at redhat dot com" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sourceware dot org
Date: Tue, 06 Sep 2016 08:47:21 +0000
Subject: [Bug string/20558] New: POSIX bcopy/bzero decls do not implement Object Size Checking
Auto-submitted: auto-generated

https://sourceware.org/bugzilla/show_bug.cgi?id=20558

            Bug ID: 20558
           Summary: POSIX bcopy/bzero decls do not implement Object Size
                    Checking
           Product: glibc
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: string
          Assignee: unassigned at sourceware dot org
          Reporter: yselkowi at redhat dot com
  Target Milestone: ---

Code using the POSIX.1 declarations of bcopy or bzero in <strings.h> do not
benefit from their available Object Size Checking functionality even when
compiled with -D_FORTIFY_SOURCE=*.

Test case:

$ cat bzero-test.c
#include <stdio.h>
#include <string.h>
#include <strings.h>

int main (void) {
  char buf1[9], buf2[2];
  bzero (buf1, 10);
  printf("%s %s\n", buf1, buf2);
  return 0;
}

In many cases, the BSD-compat declarations in <string.h> are used, which are
properly handled:

$ gcc -O2 -D_FORTIFY_SOURCE=2 bzero-test.c
In file included from /usr/include/string.h:635:0,
                 from bzero-test.c:2:
In function ‘bzero’,
    inlined from ‘main’ at bzero-test.c:7:3:
/usr/include/bits/string3.h:103:3: warning: call to __builtin___memset_chk will
always overflow destination buffer
   (void) __builtin___memset_chk (__dest, '\0', __len, __bos0 (__dest));
   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
$ nm -C a.out | grep -E '(bzero|memset)'
                 U __memset_chk@@GLIBC_2.3.4


However, using the POSIX.1 declarations in <strings.h> are not:

$ gcc -O2 -D_FORTIFY_SOURCE=2 -D_POSIX_SOURCE bzero-test.c
$ nm -C a.out | grep -E '(bzero|memset)'
$ gcc -O2 -D_FORTIFY_SOURCE=2 -D_POSIX_C_SOURCE=200112L bzero-test.c
$ nm -C a.out | grep -E '(bzero|memset)'

Note that these functions were removed in POSIX.1-2008, so there is a fairly
narrow window of compile options that would lead to this scenario.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Follow-Ups:
- [Bug string/20558] POSIX bcopy/bzero decls do not implement Object Size Checking
  - From: fweimer at redhat dot com

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]