new file mode 100644
@@ -0,0 +1,112 @@
+/* $NetBSD: string.h,v 1.13 2014/11/29 13:23:48 pooka Exp $ */
+
+/*-
+ * Copyright (c) 2006 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Christos Zoulas.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#ifndef _SSP_STRING_H_
+#define _SSP_STRING_H_
+
+#include <sys/cdefs.h>
+#include <ssp/ssp.h>
+
+__BEGIN_DECLS
+void *__memcpy_chk(void *, const void *, size_t, size_t);
+void *__memmove_chk(void *, void *, size_t, size_t);
+void *__memset_chk(void *, int, size_t, size_t);
+char *__stpcpy_chk(char *, const char *, size_t);
+char *__strcat_chk(char *, const char *, size_t);
+char *__strcpy_chk(char *, const char *, size_t);
+char *__strncat_chk(char *, const char *, size_t, size_t);
+char *__strncpy_chk(char *, const char *, size_t, size_t);
+__END_DECLS
+
+#if __SSP_FORTIFY_LEVEL > 0
+
+#define __ssp_bos_check3(fun, dst, src, len) \
+ ((__ssp_bos0(dst) != (size_t)-1) ? \
+ __builtin___ ## fun ## _chk(dst, src, len, __ssp_bos0(dst)) : \
+ __ ## fun ## _ichk(dst, src, len))
+
+#define __ssp_bos_check2(fun, dst, src) \
+ ((__ssp_bos0(dst) != (size_t)-1) ? \
+ __builtin___ ## fun ## _chk(dst, src, __ssp_bos0(dst)) : \
+ __ ## fun ## _ichk(dst, src))
+
+#define __ssp_bos_icheck3_restrict(fun, type1, type2) \
+static __inline type1 __ ## fun ## _ichk(type1 __restrict, type2 __restrict, size_t); \
+static __inline __attribute__((__always_inline__)) type1 \
+__ ## fun ## _ichk(type1 __restrict dst, type2 __restrict src, size_t len) { \
+ return __builtin___ ## fun ## _chk(dst, src, len, __ssp_bos0(dst)); \
+}
+
+#define __ssp_bos_icheck3(fun, type1, type2) \
+static __inline type1 __ ## fun ## _ichk(type1, type2, size_t); \
+static __inline __attribute__((__always_inline__)) type1 \
+__ ## fun ## _ichk(type1 dst, type2 src, size_t len) { \
+ return __builtin___ ## fun ## _chk(dst, src, len, __ssp_bos0(dst)); \
+}
+
+#define __ssp_bos_icheck2_restrict(fun, type1, type2) \
+static __inline type1 __ ## fun ## _ichk(type1, type2); \
+static __inline __attribute__((__always_inline__)) type1 \
+__ ## fun ## _ichk(type1 __restrict dst, type2 __restrict src) { \
+ return __builtin___ ## fun ## _chk(dst, src, __ssp_bos0(dst)); \
+}
+
+__BEGIN_DECLS
+__ssp_bos_icheck3_restrict(memcpy, void *, const void *)
+__ssp_bos_icheck3(memmove, void *, const void *)
+__ssp_bos_icheck3_restrict(mempcpy, void *, const void *)
+__ssp_bos_icheck3(memset, void *, int)
+__ssp_bos_icheck2_restrict(stpcpy, char *, const char *)
+#if __GNUC_PREREQ__(4,8) || defined(__clang__)
+__ssp_bos_icheck3_restrict(stpncpy, char *, const char *)
+#endif
+__ssp_bos_icheck2_restrict(strcpy, char *, const char *)
+__ssp_bos_icheck2_restrict(strcat, char *, const char *)
+__ssp_bos_icheck3_restrict(strncpy, char *, const char *)
+__ssp_bos_icheck3_restrict(strncat, char *, const char *)
+__END_DECLS
+
+#define memcpy(dst, src, len) __ssp_bos_check3(memcpy, dst, src, len)
+#define memmove(dst, src, len) __ssp_bos_check3(memmove, dst, src, len)
+#if __GNU_VISIBLE
+#define mempcpy(dst, src, len) __ssp_bos_check3(mempcpy, dst, src, len)
+#endif
+#define memset(dst, val, len) __ssp_bos_check3(memset, dst, val, len)
+#define stpcpy(dst, src) __ssp_bos_check2(stpcpy, dst, src)
+#if __GNUC_PREREQ__(4,8) || defined(__clang__)
+#define stpncpy(dst, src, len) __ssp_bos_check3(stpncpy, dst, src, len)
+#endif
+#define strcpy(dst, src) __ssp_bos_check2(strcpy, dst, src)
+#define strcat(dst, src) __ssp_bos_check2(strcat, dst, src)
+#define strncpy(dst, src, len) __ssp_bos_check3(strncpy, dst, src, len)
+#define strncat(dst, src, len) __ssp_bos_check3(strncat, dst, src, len)
+
+#endif /* __SSP_FORTIFY_LEVEL > 0 */
+#endif /* _SSP_STRING_H_ */
@@ -176,4 +176,8 @@ char *_EXFUN(__nonnull (1) basename,(const char *)) __asm__(__ASMNAME("__gnu_bas
_END_STD_C
+#if _FORTIFY_SOURCE > 0
+#include <ssp/string.h>
+#endif
+
#endif /* _STRING_H_ */
new file mode 100644
@@ -0,0 +1,13 @@
+#include <signal.h>
+#include <string.h>
+#include <unistd.h>
+
+void
+__attribute__((__noreturn__))
+__chk_fail(void)
+{
+ char msg[] = "*** buffer overflow detected ***: terminated\n";
+ write (2, msg, strlen (msg));
+ raise (SIGABRT);
+ _exit (127);
+}
new file mode 100644
@@ -0,0 +1,54 @@
+/* $NetBSD: memcpy_chk.c,v 1.7 2015/05/13 19:57:16 joerg Exp $ */
+
+/*-
+ * Copyright (c) 2006 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Christos Zoulas.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#include <sys/cdefs.h>
+__RCSID("$NetBSD: memcpy_chk.c,v 1.7 2015/05/13 19:57:16 joerg Exp $");
+
+/*LINTLIBRARY*/
+
+#include <ssp/ssp.h>
+#include <string.h>
+
+#undef memcpy
+
+void *__memcpy_chk(void * __restrict, const void * __restrict, size_t, size_t);
+
+void *
+__memcpy_chk(void * __restrict dst, const void * __restrict src, size_t len,
+ size_t slen)
+{
+ if (len > slen)
+ __chk_fail();
+
+ if (__ssp_overlap((const char *)src, (const char *)dst, len))
+ __chk_fail();
+
+ return memcpy(dst, src, len);
+}
new file mode 100644
@@ -0,0 +1,50 @@
+/* $NetBSD: memmove_chk.c,v 1.5 2014/09/17 00:39:28 joerg Exp $ */
+
+/*-
+ * Copyright (c) 2006 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Christos Zoulas.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#include <sys/cdefs.h>
+__RCSID("$NetBSD: memmove_chk.c,v 1.5 2014/09/17 00:39:28 joerg Exp $");
+
+/*LINTLIBRARY*/
+
+#include <ssp/ssp.h>
+#include <string.h>
+
+#undef memmove
+
+void *__memmove_chk(void *, void *src, size_t, size_t);
+
+void *
+__memmove_chk(void *dst, void *src, size_t len,
+ size_t slen)
+{
+ if (len > slen)
+ __chk_fail();
+ return memmove(dst, src, len);
+}
new file mode 100644
@@ -0,0 +1,21 @@
+#define _GNU_SOURCE
+#include <sys/cdefs.h>
+#include <ssp/ssp.h>
+#include <string.h>
+
+#undef mempcpy
+
+void *__mempcpy_chk(void * __restrict, const void * __restrict, size_t, size_t);
+
+void *
+__mempcpy_chk(void * __restrict dst, const void * __restrict src, size_t len,
+ size_t slen)
+{
+ if (len > slen)
+ __chk_fail();
+
+ if (__ssp_overlap((const char *)src, (const char *)dst, len))
+ __chk_fail();
+
+ return mempcpy(dst, src, len);
+}
new file mode 100644
@@ -0,0 +1,49 @@
+/* $NetBSD: memset_chk.c,v 1.5 2014/09/17 00:39:28 joerg Exp $ */
+
+/*-
+ * Copyright (c) 2006 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Christos Zoulas.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#include <sys/cdefs.h>
+__RCSID("$NetBSD: memset_chk.c,v 1.5 2014/09/17 00:39:28 joerg Exp $");
+
+/*LINTLIBRARY*/
+
+#include <ssp/ssp.h>
+#include <string.h>
+
+#undef memset
+
+void *__memset_chk(void * __restrict, int, size_t, size_t);
+
+void *
+__memset_chk(void * __restrict dst, int val, size_t len, size_t slen)
+{
+ if (len > slen)
+ __chk_fail();
+ return memset(dst, val, len);
+}
new file mode 100644
@@ -0,0 +1,58 @@
+/* $NetBSD: stpcpy_chk.c,v 1.6 2015/05/09 15:42:21 christos Exp $ */
+
+/*-
+ * Copyright (c) 2013 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Christos Zoulas.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#include <sys/cdefs.h>
+__RCSID("$NetBSD: stpcpy_chk.c,v 1.6 2015/05/09 15:42:21 christos Exp $");
+
+/*LINTLIBRARY*/
+
+#include <ssp/ssp.h>
+#include <string.h>
+
+#undef memcpy
+
+#if !__GNUC_PREREQ__(4, 8)
+char *__stpcpy_chk(char * __restrict, const char * __restrict, size_t);
+#endif
+
+char *
+__stpcpy_chk(char * __restrict dst, const char * __restrict src, size_t slen)
+{
+ size_t len = strlen(src);
+
+ if (len >= slen)
+ __chk_fail();
+
+ if (__ssp_overlap(src, dst, len))
+ __chk_fail();
+
+ (void)memcpy(dst, src, len + 1);
+ return dst + len;
+}
new file mode 100644
@@ -0,0 +1,56 @@
+/* $NetBSD: stpncpy_chk.c,v 1.3 2015/05/09 15:42:21 christos Exp $ */
+
+/*-
+ * Copyright (c) 2013 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Christos Zoulas.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#include <sys/cdefs.h>
+__RCSID("$NetBSD: stpncpy_chk.c,v 1.3 2015/05/09 15:42:21 christos Exp $");
+
+/*LINTLIBRARY*/
+
+#include <ssp/ssp.h>
+#include <string.h>
+
+#undef stpncpy
+
+#if !__GNUC_PREREQ__(4, 8)
+char *__stpncpy_chk(char * __restrict, const char * __restrict, size_t, size_t);
+#endif
+
+char *
+__stpncpy_chk(char * __restrict dst, const char * __restrict src, size_t len,
+ size_t slen)
+{
+ if (len > slen)
+ __chk_fail();
+
+ if (__ssp_overlap(src, dst, len))
+ __chk_fail();
+
+ return stpncpy(dst, src, len);
+}
new file mode 100644
@@ -0,0 +1,62 @@
+/* $NetBSD: strcat_chk.c,v 1.5 2014/09/17 00:39:28 joerg Exp $ */
+
+/*-
+ * Copyright (c) 2006 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Christos Zoulas.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#include <sys/cdefs.h>
+__RCSID("$NetBSD: strcat_chk.c,v 1.5 2014/09/17 00:39:28 joerg Exp $");
+
+/*LINTLIBRARY*/
+
+#include <ssp/ssp.h>
+#include <string.h>
+
+char *__strcat_chk(char * __restrict, const char * __restrict, size_t);
+
+char *
+__strcat_chk(char * __restrict dst, const char * __restrict src, size_t slen)
+{
+ char *d;
+
+ for (d = dst; *d; d++) {
+ if (slen-- == 0)
+ __chk_fail();
+ }
+
+ while (*src) {
+ if (slen-- == 0)
+ __chk_fail();
+ *d++ = *src++;
+ }
+
+ if (slen-- == 0)
+ __chk_fail();
+
+ *d = '\0';
+ return dst;
+}
new file mode 100644
@@ -0,0 +1,55 @@
+/* $NetBSD: strcpy_chk.c,v 1.8 2015/05/09 15:42:21 christos Exp $ */
+
+/*-
+ * Copyright (c) 2006 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Christos Zoulas.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#include <sys/cdefs.h>
+__RCSID("$NetBSD: strcpy_chk.c,v 1.8 2015/05/09 15:42:21 christos Exp $");
+
+/*LINTLIBRARY*/
+
+#include <ssp/ssp.h>
+#include <string.h>
+
+#undef memcpy
+
+char *__strcpy_chk(char * __restrict, const char * __restrict, size_t);
+
+char *
+__strcpy_chk(char * __restrict dst, const char * __restrict src, size_t slen)
+{
+ size_t len = strlen(src) + 1;
+
+ if (len > slen)
+ __chk_fail();
+
+ if (__ssp_overlap(src, dst, len))
+ __chk_fail();
+
+ return memcpy(dst, src, len);
+}
new file mode 100644
@@ -0,0 +1,73 @@
+/* $NetBSD: strncat_chk.c,v 1.5 2014/09/17 00:39:28 joerg Exp $ */
+
+/*-
+ * Copyright (c) 2006 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Christos Zoulas.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#include <sys/cdefs.h>
+__RCSID("$NetBSD: strncat_chk.c,v 1.5 2014/09/17 00:39:28 joerg Exp $");
+
+/*LINTLIBRARY*/
+
+#include <ssp/ssp.h>
+#include <string.h>
+#include <stdio.h>
+
+char *__strncat_chk(char * __restrict, const char * __restrict, size_t,
+ size_t);
+
+char *
+__strncat_chk(char * __restrict dst, const char * __restrict src, size_t len,
+ size_t slen)
+{
+ char *d;
+
+ if (len == 0)
+ return dst;
+
+ if (len > slen)
+ __chk_fail();
+
+ for (d = dst; *d; d++) {
+ if (slen-- == 0)
+ __chk_fail();
+ }
+
+ do {
+ if ((*d = *src++) == '\0')
+ break;
+ if (slen-- == 0)
+ __chk_fail();
+ d++;
+ } while (--len != 0);
+
+ if (slen-- == 0)
+ __chk_fail();
+
+ *d = '\0';
+ return dst;
+}
new file mode 100644
@@ -0,0 +1,55 @@
+/* $NetBSD: strncpy_chk.c,v 1.6 2015/05/09 15:42:21 christos Exp $ */
+
+/*-
+ * Copyright (c) 2006 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Christos Zoulas.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#include <sys/cdefs.h>
+__RCSID("$NetBSD: strncpy_chk.c,v 1.6 2015/05/09 15:42:21 christos Exp $");
+
+/*LINTLIBRARY*/
+
+#include <ssp/ssp.h>
+#include <string.h>
+
+#undef strncpy
+
+char *__strncpy_chk(char * __restrict, const char * __restrict, size_t,
+ size_t);
+
+char *
+__strncpy_chk(char * __restrict dst, const char * __restrict src, size_t len,
+ size_t slen)
+{
+ if (len > slen)
+ __chk_fail();
+
+ if (__ssp_overlap(src, dst, len))
+ __chk_fail();
+
+ return strncpy(dst, src, len);
+}
The Object Size Checking (-D_FORTIFY_SOURCE=*) functionality provides wrappers around functions suspectible to buffer overflows. While independent from Stack Smashing Protection (-fstack-protector*), they are often used and implemented together. While GCC also provides an implementation in libssp, it is completely broken (CVE-2016-4973, RHBZ#1324759) and seemingly unfixable, as there is no reliable way for a preprocessor macro to trigger a link flag. Therefore, adding this here is necessary to make it work. Note that this does require building gcc with --disable-libssp and gcc_cv_libc_provides_ssp=yes. The implementation is from NetBSD, with the addition of mempcpy (a GNU extension) for parity with libssp. Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com> --- newlib/libc/include/ssp/string.h | 112 +++++++++++++++++++++++++++++++++++++++ newlib/libc/include/string.h | 4 ++ newlib/libc/ssp/chk_fail.c | 13 +++++ newlib/libc/ssp/memcpy_chk.c | 54 +++++++++++++++++++ newlib/libc/ssp/memmove_chk.c | 50 +++++++++++++++++ newlib/libc/ssp/mempcpy_chk.c | 21 ++++++++ newlib/libc/ssp/memset_chk.c | 49 +++++++++++++++++ newlib/libc/ssp/stpcpy_chk.c | 58 ++++++++++++++++++++ newlib/libc/ssp/stpncpy_chk.c | 56 ++++++++++++++++++++ newlib/libc/ssp/strcat_chk.c | 62 ++++++++++++++++++++++ newlib/libc/ssp/strcpy_chk.c | 55 +++++++++++++++++++ newlib/libc/ssp/strncat_chk.c | 73 +++++++++++++++++++++++++ newlib/libc/ssp/strncpy_chk.c | 55 +++++++++++++++++++ 13 files changed, 662 insertions(+) create mode 100644 newlib/libc/include/ssp/string.h create mode 100644 newlib/libc/ssp/chk_fail.c create mode 100644 newlib/libc/ssp/memcpy_chk.c create mode 100644 newlib/libc/ssp/memmove_chk.c create mode 100644 newlib/libc/ssp/mempcpy_chk.c create mode 100644 newlib/libc/ssp/memset_chk.c create mode 100644 newlib/libc/ssp/stpcpy_chk.c create mode 100644 newlib/libc/ssp/stpncpy_chk.c create mode 100644 newlib/libc/ssp/strcat_chk.c create mode 100644 newlib/libc/ssp/strcpy_chk.c create mode 100644 newlib/libc/ssp/strncat_chk.c create mode 100644 newlib/libc/ssp/strncpy_chk.c -- 2.14.3