diff options
| author | jvoisin | 2023-05-30 20:46:14 +0200 |
|---|---|---|
| committer | jvoisin | 2023-05-30 20:46:14 +0200 |
| commit | 1ace027335c9ca0ae400958aded936d04505ec86 (patch) | |
| tree | cedfb24733bffe35d070688ef5baee94ce90d997 /include | |
| parent | b40f6d87482f20e968b27470baca042e50cd6792 (diff) | |
Add a check for overlapping copies in strcpy
Diffstat (limited to 'include')
| -rw-r--r-- | include/string.h | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/include/string.h b/include/string.h index f08eb4c..8685bb7 100644 --- a/include/string.h +++ b/include/string.h | |||
| @@ -107,8 +107,15 @@ _FORTIFY_FN(strcat) char *strcat(char *__d, const char *__s) | |||
| 107 | 107 | ||
| 108 | _FORTIFY_FN(strcpy) char *strcpy(char *__d, const char *__s) | 108 | _FORTIFY_FN(strcpy) char *strcpy(char *__d, const char *__s) |
| 109 | { | 109 | { |
| 110 | size_t __b = __bos(__d, 0); | 110 | size_t __n = strlen(__s) + 1; |
| 111 | |||
| 112 | /* trap if pointers are overlapping but not if dst == src. | ||
| 113 | * gcc seems to like to generate code that relies on dst == src */ | ||
| 114 | if ((__d < __s && __d + __n > __s) || | ||
| 115 | (__s < __d && __s + __n > __d)) | ||
| 116 | __builtin_trap(); | ||
| 111 | 117 | ||
| 118 | size_t __b = __bos(__d, 0); | ||
| 112 | if (strlen(__s) + 1 > __b) | 119 | if (strlen(__s) + 1 > __b) |
| 113 | __builtin_trap(); | 120 | __builtin_trap(); |
| 114 | return __orig_strcpy(__d, __s); | 121 | return __orig_strcpy(__d, __s); |