Disable pedantic checks by default

They can be re-enabled via `PEDANTIC_CHECKS`
author: jvoisin 2024-04-24 14:49:52 +0200
committer: jvoisin 2024-04-24 14:51:19 +0200
commit: 265fa03fa0c467c9c41d803ebe2a538e758cba20 (patch)
tree: a5264cc8e44704b24672d44e1acbdd0120909c8a
parent: 8ed72e7c1caa0eb4238e649063c26a11720935de (diff)
3 files changed, 13 insertions, 4 deletions
diff --git a/README.md b/README.md
index 21d3ccf..9b9a956 100644
--- a/README.md
+++ b/README.md
@@ -28,8 +28,10 @@ on Clang. It was initially intended to be used on
  [significant coverage](https://jvoisin.github.io/fortify-headers/)
 - Defining `USE_NATIVE_CHK` will make use of compiler-provided builtin `_chk`
  functions, which might be a bit better in term of diagnostics,
-  but won't necesarily provide the same amount of security checks.
+  but won't necessarily provide the same amount of security checks.
+- Defining `PEDANTIC_CHECKS` will enable pedantic checks, that while technically
+  correct, might break some programs relying on widely accepted
+  undefined-behaviours.
 # Sample usage
diff --git a/include/string.h b/include/string.h
index db2e6c3..071d592 100644
--- a/include/string.h
+++ b/include/string.h
@@ -51,8 +51,10 @@ __error_if((__fh_bos(__od, 0) < __n), "'memcpy' called with `n` bigger than the
 #if __has_builtin(__builtin___memcpy_chk) && USE_NATIVE_CHK
        return __builtin___memcpy_chk(__od, __os, __n, __fh_bos(__od, 0));
 #else
+#if defined PEDANTIC_CHECKS
        if (!__od || !__os)
                __builtin_trap();
+#endif
        __fh_size_t __bd = __fh_bos(__od, 0);
        __fh_size_t __bs = __fh_bos(__os, 0);
@@ -78,8 +80,10 @@ _FORTIFY_FN(memmove) void *memmove(void * _FORTIFY_POS0 __d,
 #if __has_builtin(__builtin___memmove_chk) && USE_NATIVE_CHK
        return __builtin___memmove_chk(__d, __s, __n, __fh_bos(__d, 0));
 #else
+#if defined PEDANTIC_CHECKS
        if (!__d || !__s)
                __builtin_trap();
+#endif
        __fh_size_t __bd = __fh_bos(__d, 0);
        __fh_size_t __bs = __fh_bos(__s, 0);
@@ -100,8 +104,10 @@ __warning_if(__c != 0 && __n == 0, "'memset' will set `0` bytes; did you invert
 #if __has_builtin(__builtin___memset_chk) && USE_NATIVE_CHK
        return __builtin___memset_chk(__d, __c, __n, __fh_bos(__d, 0));
 #else
+#if defined PEDANTIC_CHECKS
        if (!__d)
                __builtin_trap();
+#endif
        __fh_size_t __b = __fh_bos(__d, 0);
@@ -120,14 +126,15 @@ _FORTIFY_FN(memchr) void *memchr(const void * _FORTIFY_POS0 __d, int __c, size_t
 #if __has_builtin(__builtin___memchr_chk) && USE_NATIVE_CHK
        return __builtin___memchr_chk(__d, __c, __n, __fh_bos(__d, 0));
 #else
+#if defined PEDANTIC_CHECKS
        if (!__d)
                __builtin_trap();
 #if __STDC_VERSION__ < 201112L
        __fh_size_t __b = __fh_bos(__d, 0);
        if (__n > __b)
                __builtin_trap();
 #endif
+#endif
        return __builtin_memchr(__d, __c, __n);
 #endif
diff --git a/tests/Makefile b/tests/Makefile
index b1223ea..8faf11a 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -1,4 +1,4 @@
-CFLAGS+=-I../include/ -D_FORTIFY_SOURCE=3 -static -O2
+CFLAGS+=-I../include/ -D_FORTIFY_SOURCE=3 -static -O2 -DPEDANTIC_CHECKS
 COMPTIME_TARGETS= \
        test_memcpy_overwrite_under  \
author	jvoisin	2024-04-24 14:49:52 +0200
committer	jvoisin	2024-04-24 14:51:19 +0200
commit	265fa03fa0c467c9c41d803ebe2a538e758cba20 (patch)
tree	a5264cc8e44704b24672d44e1acbdd0120909c8a
parent	8ed72e7c1caa0eb4238e649063c26a11720935de (diff)

diff --git a/README.md b/README.md index 21d3ccf..9b9a956 100644 --- a/README.md +++ b/README.md
@@ -28,8 +28,10 @@ on Clang. It was initially intended to be used on
28	[significant coverage](https://jvoisin.github.io/fortify-headers/)	28	[significant coverage](https://jvoisin.github.io/fortify-headers/)
29	- Defining `USE_NATIVE_CHK` will make use of compiler-provided builtin `_chk`	29	- Defining `USE_NATIVE_CHK` will make use of compiler-provided builtin `_chk`
30	functions, which might be a bit better in term of diagnostics,	30	functions, which might be a bit better in term of diagnostics,
31	but won't necesarily provide the same amount of security checks.	31	but won't necessarily provide the same amount of security checks.
32		32	- Defining `PEDANTIC_CHECKS` will enable pedantic checks, that while technically
		33	correct, might break some programs relying on widely accepted
		34	undefined-behaviours.
33		35
34	# Sample usage	36	# Sample usage
35		37


diff --git a/include/string.h b/include/string.h index db2e6c3..071d592 100644 --- a/include/string.h +++ b/include/string.h
@@ -51,8 +51,10 @@ __error_if((__fh_bos(__od, 0) < __n), "'memcpy' called with `n` bigger than the
51	#if __has_builtin(__builtin___memcpy_chk) && USE_NATIVE_CHK	51	#if __has_builtin(__builtin___memcpy_chk) && USE_NATIVE_CHK
52	return __builtin___memcpy_chk(__od, __os, __n, __fh_bos(__od, 0));	52	return __builtin___memcpy_chk(__od, __os, __n, __fh_bos(__od, 0));
53	#else	53	#else
		54	#if defined PEDANTIC_CHECKS
54	if (!__od \|\| !__os)	55	if (!__od \|\| !__os)
55	__builtin_trap();	56	__builtin_trap();
		57	#endif
56		58
57	__fh_size_t __bd = __fh_bos(__od, 0);	59	__fh_size_t __bd = __fh_bos(__od, 0);
58	__fh_size_t __bs = __fh_bos(__os, 0);	60	__fh_size_t __bs = __fh_bos(__os, 0);
@@ -78,8 +80,10 @@ _FORTIFY_FN(memmove) void memmove(void _FORTIFY_POS0 __d,
78	#if __has_builtin(__builtin___memmove_chk) && USE_NATIVE_CHK	80	#if __has_builtin(__builtin___memmove_chk) && USE_NATIVE_CHK
79	return __builtin___memmove_chk(__d, __s, __n, __fh_bos(__d, 0));	81	return __builtin___memmove_chk(__d, __s, __n, __fh_bos(__d, 0));
80	#else	82	#else
		83	#if defined PEDANTIC_CHECKS
81	if (!__d \|\| !__s)	84	if (!__d \|\| !__s)
82	__builtin_trap();	85	__builtin_trap();
		86	#endif
83		87
84	__fh_size_t __bd = __fh_bos(__d, 0);	88	__fh_size_t __bd = __fh_bos(__d, 0);
85	__fh_size_t __bs = __fh_bos(__s, 0);	89	__fh_size_t __bs = __fh_bos(__s, 0);
@@ -100,8 +104,10 @@ __warning_if(__c != 0 && __n == 0, "'memset' will set `0` bytes; did you invert
100	#if __has_builtin(__builtin___memset_chk) && USE_NATIVE_CHK	104	#if __has_builtin(__builtin___memset_chk) && USE_NATIVE_CHK
101	return __builtin___memset_chk(__d, __c, __n, __fh_bos(__d, 0));	105	return __builtin___memset_chk(__d, __c, __n, __fh_bos(__d, 0));
102	#else	106	#else
		107	#if defined PEDANTIC_CHECKS
103	if (!__d)	108	if (!__d)
104	__builtin_trap();	109	__builtin_trap();
		110	#endif
105		111
106	__fh_size_t __b = __fh_bos(__d, 0);	112	__fh_size_t __b = __fh_bos(__d, 0);
107		113
@@ -120,14 +126,15 @@ _FORTIFY_FN(memchr) void memchr(const void _FORTIFY_POS0 __d, int __c, size_t
120	#if __has_builtin(__builtin___memchr_chk) && USE_NATIVE_CHK	126	#if __has_builtin(__builtin___memchr_chk) && USE_NATIVE_CHK
121	return __builtin___memchr_chk(__d, __c, __n, __fh_bos(__d, 0));	127	return __builtin___memchr_chk(__d, __c, __n, __fh_bos(__d, 0));
122	#else	128	#else
		129	#if defined PEDANTIC_CHECKS
123	if (!__d)	130	if (!__d)
124	__builtin_trap();	131	__builtin_trap();
125
126	#if __STDC_VERSION__ < 201112L	132	#if __STDC_VERSION__ < 201112L
127	__fh_size_t __b = __fh_bos(__d, 0);	133	__fh_size_t __b = __fh_bos(__d, 0);
128	if (__n > __b)	134	if (__n > __b)
129	__builtin_trap();	135	__builtin_trap();
130	#endif	136	#endif
		137	#endif
131		138
132	return __builtin_memchr(__d, __c, __n);	139	return __builtin_memchr(__d, __c, __n);
133	#endif	140	#endif


diff --git a/tests/Makefile b/tests/Makefile index b1223ea..8faf11a 100644 --- a/tests/Makefile +++ b/tests/Makefile
@@ -1,4 +1,4 @@
1	CFLAGS+=-I../include/ -D_FORTIFY_SOURCE=3 -static -O2	1	CFLAGS+=-I../include/ -D_FORTIFY_SOURCE=3 -static -O2 -DPEDANTIC_CHECKS
2		2
3	COMPTIME_TARGETS= \	3	COMPTIME_TARGETS= \
4	test_memcpy_overwrite_under \	4	test_memcpy_overwrite_under \