From 1becad43298e74ba73bc66f9d44523e5d121c667 Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Mon, 20 May 2024 14:48:35 +0200
Subject: Add vasprintf/asprintf

The only hardening being done here is to set the char** parameter to thos
functions to NULL in case of an error, to prevent it from being used should
people forget to check return values. This is already done on some BSD, as well
as in Rocky Linux.
---
 include/stdio.h | 42 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)

(limited to 'include')

diff --git a/include/stdio.h b/include/stdio.h
index c6817fa..abdef6c 100644
--- a/include/stdio.h
+++ b/include/stdio.h
@@ -220,6 +220,26 @@ _FORTIFY_FN(vprintf) int vprintf(const char *__f, __builtin_va_list __v)
 	return __orig_vprintf(__f, __v);
 #endif
 }
+
+#if defined(_GNU_SOURCE) || defined(_BSD_SOURCE)
+#undef vasprintf
+#if __has_builtin(__builtin_vasprintf)
+__diagnose_as_builtin(__builtin_vasprintf, 1, 2, 3)
+#endif
+_FORTIFY_FN(vasprintf) int vasprintf(char **restrict strp, const char *restrict fmt, __builtin_va_list ap)
+{
+#if __has_builtin(__builtin___vasprintf_chk) && USE_NATIVE_CHK
+	return __builtin___vasprintf_chk(_FORTIFY_SOURCE, strp, fmt, ap);
+#else
+	int ret = __orig_vasprintf(strp, fmt, ap);
+	if (ret < 0)
+		*strp = NULL;
+	return ret;
+#endif
+}
+
+
+#endif // defined(_GNU_SOURCE) || defined(_BSD_SOURCE)
 #endif  // __clang__
 
 
@@ -312,6 +332,28 @@ _FORTIFY_FN(fprintf) int fprintf(FILE *__s, const char *__f, ...)
 #endif
 }
 
+#if defined(_GNU_SOURCE) || defined(_BSD_SOURCE)
+#ifndef __clang__
+#undef asprintf
+__fh_access(read_only, 2)
+__fh_format(printf, 2, 0)
+#if __has_builtin(__builtin_asprintf)
+__diagnose_as_builtin(__builtin_asprintf, 2, 3)
+#endif
+_FORTIFY_FN(asprintf) int asprintf(char **restrict strp, const char *restrict fmt, ...)
+{
+#if __has_builtin(__builtin___asprintf_chk) && USE_NATIVE_CHK
+	return __builtin___asprintf_chk(_FORTIFY_SOURCE, strp, fmt, __builtin_va_arg_pack());
+#else
+	int ret = __orig_asprintf(strp, fmt, __builtin_va_arg_pack());
+	if (ret<0)
+		*strp = NULL;
+	return ret;
+#endif
+}
+#endif // __clang__
+#endif
+
 #pragma GCC diagnostic pop
 #endif /* __has_builtin(__builtin_va_arg_pack) */
 
-- 
cgit v1.3