From acfa9f6ce8295b2493b4e21b73463b93ef3c4333 Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Tue, 22 Aug 2023 19:16:49 +0200
Subject: Add hardening for pwrite

---
 include/unistd.h            | 11 +++++++++++
 tests/Makefile              |  2 ++
 tests/test_pwrite_dynamic.c | 14 ++++++++++++++
 tests/test_pwrite_static.c  | 14 ++++++++++++++
 4 files changed, 41 insertions(+)
 create mode 100644 tests/test_pwrite_dynamic.c
 create mode 100644 tests/test_pwrite_static.c

diff --git a/include/unistd.h b/include/unistd.h
index 1c79711..e91f922 100644
--- a/include/unistd.h
+++ b/include/unistd.h
@@ -180,6 +180,17 @@ _FORTIFY_FN(write) ssize_t write(int __f, const void * _FORTIFY_POS0 __s,
 	return __orig_write(__f, __s, __n);
 }
 
+__diagnose_as_builtin(__builtin_pwrite, 1, 2, 3, 4)
+_FORTIFY_FN(pwrite) ssize_t pwrite(int __f, const void * _FORTIFY_POS0 __s,
+                                 size_t __n, off_t __o)
+{
+	size_t __b = __bos(__s, 0);
+
+	if (__n > __b)
+		__builtin_trap();
+	return __orig_pwrite(__f, __s, __n, __o);
+}
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/tests/Makefile b/tests/Makefile
index 1f92b36..1c73c7e 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -63,6 +63,8 @@ TARGETS= \
 	test_ppoll_static            \
 	test_pread_dynamic           \
 	test_pread_static            \
+	test_pwrite_dynamic          \
+	test_pwrite_static           \
 	test_read_dynamic            \
 	test_read_static             \
 	test_readlink_dynamic        \
diff --git a/tests/test_pwrite_dynamic.c b/tests/test_pwrite_dynamic.c
new file mode 100644
index 0000000..8e132ed
--- /dev/null
+++ b/tests/test_pwrite_dynamic.c
@@ -0,0 +1,14 @@
+#include "common.h"
+
+#include <unistd.h>
+
+int main(int argc, char** argv) {
+  char buffer[8] = {0};
+
+  CHK_FAIL_START
+  pwrite(0, buffer, argc, 0);
+  CHK_FAIL_END
+
+  puts(buffer);
+  return ret;
+}
diff --git a/tests/test_pwrite_static.c b/tests/test_pwrite_static.c
new file mode 100644
index 0000000..6815fd4
--- /dev/null
+++ b/tests/test_pwrite_static.c
@@ -0,0 +1,14 @@
+#include "common.h"
+
+#include <unistd.h>
+
+int main(int argc, char** argv) {
+  char buffer[12] = {0};
+
+  CHK_FAIL_START
+  pwrite(0, buffer, 14, 0);
+  CHK_FAIL_END
+
+  puts(buffer);
+  return ret;
+}
-- 
cgit v1.3