diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/string.h | 29 |
1 files changed, 12 insertions, 17 deletions
diff --git a/include/string.h b/include/string.h index 9cb0598..75dadab 100644 --- a/include/string.h +++ b/include/string.h | |||
| @@ -189,19 +189,17 @@ _FORTIFY_FN(stpncpy) char *stpncpy(char * _FORTIFY_POS0 __d, const char *__s, | |||
| 189 | #if __has_builtin(__builtin___stpncpy_chk) && USE_NATIVE_CHK | 189 | #if __has_builtin(__builtin___stpncpy_chk) && USE_NATIVE_CHK |
| 190 | return __builtin___stpncpy_chk(__d, __s, __n, __fh_bos(__d, 0)); | 190 | return __builtin___stpncpy_chk(__d, __s, __n, __fh_bos(__d, 0)); |
| 191 | #else | 191 | #else |
| 192 | #if 0 | 192 | __fh_size_t max_len_s = strnlen(__s, __n); |
| 193 | // They check overlap across the whole range of the given length, but | 193 | if (__fh_overlap(__d, max_len_s, __s, max_len_s)) |
| 194 | // the given length is not what will actually be copied, rather it's | ||
| 195 | // the maximum length (if src is shorter, only length of src will be | ||
| 196 | // copied). This triggers false positives and traps where it shouldn't | ||
| 197 | // (e.g. in ICU tests). | ||
| 198 | if (__fh_overlap(__d, __s, __n)) | ||
| 199 | __builtin_trap(); | 194 | __builtin_trap(); |
| 200 | #endif | ||
| 201 | 195 | ||
| 196 | // If the length strlen(src) is smaller than n, the remaining | ||
| 197 | // characters in the array pointed to by dest are filled with null | ||
| 198 | // bytes ('\0') | ||
| 202 | __fh_size_t __b = __fh_bos(__d, 0); | 199 | __fh_size_t __b = __fh_bos(__d, 0); |
| 203 | if (__n > __b && strlen(__s) + 1 > __b) | 200 | if (__n > __b) |
| 204 | __builtin_trap(); | 201 | __builtin_trap(); |
| 202 | |||
| 205 | return __orig_stpncpy(__d, __s, __n); | 203 | return __orig_stpncpy(__d, __s, __n); |
| 206 | #endif | 204 | #endif |
| 207 | } | 205 | } |
| @@ -297,19 +295,16 @@ _FORTIFY_FN(strncpy) char *strncpy(char * _FORTIFY_POS0 __d, | |||
| 297 | #if __has_builtin(__builtin___strncpy_chk) && USE_NATIVE_CHK | 295 | #if __has_builtin(__builtin___strncpy_chk) && USE_NATIVE_CHK |
| 298 | return __builtin___strncpy_chk(__d, __s, __n, __fh_bos(__d, 0)); | 296 | return __builtin___strncpy_chk(__d, __s, __n, __fh_bos(__d, 0)); |
| 299 | #else | 297 | #else |
| 300 | #if 0 | 298 | __fh_size_t max_len_s = strnlen(__s, __n); |
| 301 | // They check overlap across the whole range of the given length, but | 299 | if (__fh_overlap(__d, max_len_s, __s, max_len_s)) |
| 302 | // the given length is not what will actually be copied, rather it's | ||
| 303 | // the maximum length (if src is shorter, only length of src will be | ||
| 304 | // copied). This triggers false positives and traps where it shouldn't | ||
| 305 | // (e.g. in ICU tests). | ||
| 306 | if (__fh_overlap(__d, __s, __n)) | ||
| 307 | __builtin_trap(); | 300 | __builtin_trap(); |
| 308 | #endif | ||
| 309 | 301 | ||
| 302 | // If the length of src is less than n, strncpy() writes additional | ||
| 303 | // null bytes to dest to ensure that a total of n bytes are written. | ||
| 310 | __fh_size_t __b = __fh_bos(__d, 0); | 304 | __fh_size_t __b = __fh_bos(__d, 0); |
| 311 | if (__n > __b) | 305 | if (__n > __b) |
| 312 | __builtin_trap(); | 306 | __builtin_trap(); |
| 307 | |||
| 313 | return __orig_strncpy(__d, __s, __n); | 308 | return __orig_strncpy(__d, __s, __n); |
| 314 | #endif | 309 | #endif |
| 315 | } | 310 | } |