fortify-headers, branch strn Standalone portable header-based implementation of FORTIFY_SOURCE=3 http://git.dustri.org/fortify-headers/atom?h=strn 2024-10-10T13:50:40Z Fix a crash in strncpy/stpncpy 2024-10-10T13:50:40Z jvoisin 2024-10-10T13:50:40Z urn:sha1:e2cfd2879a15db00dfa9a42eeb1baaef6a930aff ``` Core was generated by `scripts/mod/modpost -M -m -o Module.symvers -n -T modules.order vmlinux.o'. Program terminated with signal SIGSEGV, Segmentation fault. warning: 17 src/string/strlen.c: No such file or directory (gdb) bt ``` > I think strncpy logic is broken: `__fh_size_t max_len_s = strlen(__s);` may try read past `size_t __n`. > Create a buf without any trailing `\0`, do `strncpy(dest, buf, sizeof(buf));`, it should work, since `strncpy` will stop at `sizeof buf` > but the current fority-headers implementation will do `strlen(buf)`, which will go boom when it is not terminated with \0 Reported-by: ncopa Disable snprintf/sprintf hardening for now 2024-10-09T23:51:34Z jvoisin 2024-10-09T23:20:07Z urn:sha1:c3b48c6b0bf501802295c85b1cf54275d6b74883 Run various C versions in the CI 2024-10-08T13:21:13Z jvoisin 2024-10-08T01:51:44Z urn:sha1:f8155f0b945c5cfb3600d7c146a5d86870ed09d2 Fix usage of strnlen 2024-10-03T22:16:50Z Quentin Rameau 2024-10-02T19:15:12Z urn:sha1:6573631a5e4339a2fc2f86680e36e35e25bf416c As with previous commit, some strnlen calls where introduced in 22a8094, but not reverted. As strnlen isn't part of C standard, this was breaking C builds. Use const fd_set for FD_ISSET 2024-10-03T18:22:48Z Natanael Copa 2024-10-03T08:56:21Z urn:sha1:60202fb5b50f3e56bf82f3424360377a29e25709 This fixes invalid conversion errors when the fd_set is defined as const. fixes https://github.com/jvoisin/fortify-headers/issues/66 Only install header files 2024-10-03T18:22:24Z Natanael Copa 2024-10-03T07:24:05Z urn:sha1:63f1b1c7629484370ebe1868da5af4008ba877e3 Avoid installing *.orig or other files. Work around a gcc warning 2024-09-06T11:38:22Z jvoisin 2024-09-06T11:36:15Z urn:sha1:f2e7f24daaa43c0927130b6ed02c3ed17689b3ca It seems that annotating sprintf with `write` makes gcc unhappy, as its analyser is unable to understand that we're checking if `__b != -1` before calling `__orig_snprintf`, so let's comment this annotation for now. Revert d2594298b89d0fb8989cae3ebc8900e77b6aa478 2024-09-02T14:11:06Z jvoisin 2024-09-02T14:08:38Z urn:sha1:114b563adc2b942bc5abd4c5820507076d453f64 As reported on irc: ``` 17:51 <q> jvoisin, fortify-headers seems to be broken (on Alpine at least) 17:52 <q> Repeating the message from over-there: 17:52 <q> /usr/include/fortify/string.h: In function 'strncat': 17:52 <q> /usr/include/fortify/string.h:297:36: error: implicit declaration of function 'strnlen'; did you mean 'strlen'? [-Wimplicit-function-declaration] 17:52 <q> This is with a simple file that includes string.h and call strncat, built with c99 -O1 f.c ``` Fix access annotation for stpncpy/strncpy 2024-07-10T14:46:15Z jvoisin 2024-07-10T14:46:15Z urn:sha1:c4d9299abf7f6b941493fc487d2ccbb47d756479 The dsize parameter is the length of the dst, not the length of the src. Reported-by: ncopa Fix access annotations to snprintf/sprintf 2024-07-10T14:03:42Z jvoisin 2024-07-10T14:03:42Z urn:sha1:9014b0266147dbb74d5d9e6e2c24ae9d21ad7e07 In the same spirit as the previous commit. Reported-by: ncopa