Add `printf` hardening

author: jvoisin 2023-09-27 23:28:50 +0200
committer: jvoisin 2023-09-28 15:05:57 +0200
commit: 3067c28ceb744b2bafe9202023084f762871e844 (patch)
tree: 9337559b6230fc4620e47d9229c13489ac1c3913
parent: 81ef1fd8c55aae65d321b2730ff5da6b73d1e707 (diff)
3 files changed, 20 insertions, 0 deletions
diff --git a/include/stdio.h b/include/stdio.h
index b407d0f..c363edc 100644
--- a/include/stdio.h
+++ b/include/stdio.h
@@ -38,6 +38,7 @@ extern "C" {
 #undef popen
 #undef vsnprintf
 #undef vsprintf
+#undef printf
 __access(read_only, 2)
 #if __has_builtin(__builtin_fdopen)
@@ -241,6 +242,17 @@ _FORTIFY_FN(sprintf) int sprintf(char *__s, const char *__f, ...)
 #endif
 }
+__format(printf, 1, 2)
+__access(read_only, 1)
+_FORTIFY_FN(printf) int printf(const char *__f, ...)
+{
+#if __has_builtin(__builtin___printf_chk) && USE_NATIVE_CHK
+        return __builtin___printf_chk(_FORTIFY_SOURCE, __f, __builtin_va_arg_pack());
+#else
+        return __orig_printf(__f, __builtin_va_arg_pack());
+#endif
+}
 #endif /* __has_builtin(__builtin_va_arg_pack) */
 #ifdef __cplusplus
diff --git a/tests/Makefile b/tests/Makefile
index 4e5ee00..a628a2a 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -64,6 +64,7 @@ RUNTIME_TARGETS= \
        test_ppoll_static            \
        test_pread_dynamic           \
        test_pread_static            \
+        test_printf                  \
        test_pwrite_dynamic          \
        test_pwrite_static           \
        test_read_dynamic            \
diff --git a/tests/test_printf.c b/tests/test_printf.c
new file mode 100644
index 0000000..d444a52
--- /dev/null
+++ b/tests/test_printf.c
@@ -0,0 +1,7 @@
+#include "common.h"
+#include <stdio.h>
+int main(int argc, char** argv) {
+  printf("%s", "1234567");
+}
author	jvoisin	2023-09-27 23:28:50 +0200
committer	jvoisin	2023-09-28 15:05:57 +0200
commit	3067c28ceb744b2bafe9202023084f762871e844 (patch)
tree	9337559b6230fc4620e47d9229c13489ac1c3913
parent	81ef1fd8c55aae65d321b2730ff5da6b73d1e707 (diff)

diff --git a/include/stdio.h b/include/stdio.h index b407d0f..c363edc 100644 --- a/include/stdio.h +++ b/include/stdio.h
@@ -38,6 +38,7 @@ extern "C" {
38	#undef popen	38	#undef popen
39	#undef vsnprintf	39	#undef vsnprintf
40	#undef vsprintf	40	#undef vsprintf
		41	#undef printf
41		42
42	__access(read_only, 2)	43	__access(read_only, 2)
43	#if __has_builtin(__builtin_fdopen)	44	#if __has_builtin(__builtin_fdopen)
@@ -241,6 +242,17 @@ _FORTIFY_FN(sprintf) int sprintf(char __s, const char __f, ...)
241	#endif	242	#endif
242	}	243	}
243		244
		245	__format(printf, 1, 2)
		246	__access(read_only, 1)
		247	_FORTIFY_FN(printf) int printf(const char *__f, ...)
		248	{
		249	#if __has_builtin(__builtin___printf_chk) && USE_NATIVE_CHK
		250	return __builtin___printf_chk(_FORTIFY_SOURCE, __f, __builtin_va_arg_pack());
		251	#else
		252	return __orig_printf(__f, __builtin_va_arg_pack());
		253	#endif
		254	}
		255
244	#endif /* __has_builtin(__builtin_va_arg_pack) */	256	#endif /* __has_builtin(__builtin_va_arg_pack) */
245		257
246	#ifdef __cplusplus	258	#ifdef __cplusplus


diff --git a/tests/Makefile b/tests/Makefile index 4e5ee00..a628a2a 100644 --- a/tests/Makefile +++ b/tests/Makefile
@@ -64,6 +64,7 @@ RUNTIME_TARGETS= \
64	test_ppoll_static \	64	test_ppoll_static \
65	test_pread_dynamic \	65	test_pread_dynamic \
66	test_pread_static \	66	test_pread_static \
		67	test_printf \
67	test_pwrite_dynamic \	68	test_pwrite_dynamic \
68	test_pwrite_static \	69	test_pwrite_static \
69	test_read_dynamic \	70	test_read_dynamic \


diff --git a/tests/test_printf.c b/tests/test_printf.c new file mode 100644 index 0000000..d444a52 --- /dev/null +++ b/tests/test_printf.c
@@ -0,0 +1,7 @@
		1	#include "common.h"
		2
		3	#include <stdio.h>
		4
		5	int main(int argc, char** argv) {
		6	printf("%s", "1234567");
		7	}