1 /* 2 * Copyright (c) 2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef _FORTIFY_FORTIFY_H 17 #define _FORTIFY_FORTIFY_H 18 19 #ifdef __cplusplus 20 extern "C" { 21 #endif 22 23 #if (MUSL_FORTIFY_SOURCE == 1) || (MUSL_FORTIFY_SOURCE == 2) 24 #ifndef __FORTIFY_COMPILATION 25 #define __FORTIFY_COMPILATION 26 #endif 27 #endif 28 29 #if (MUSL_FORTIFY_SOURCE == 2) 30 #ifndef __FORTIFY_RUNTIME 31 #define __FORTIFY_RUNTIME 32 #endif 33 #endif 34 35 #if defined(__cplusplus) 36 #define __DIAGNOSE_CAST(_k, _t, _v) (_k<_t>(_v)) 37 #else 38 #define __DIAGNOSE_CAST(_k, _t, _v) ((_t) (_v)) 39 #endif 40 41 #if defined(__LP64__) 42 #ifndef FORTIFY_LONG_MAX 43 #define FORTIFY_LONG_MAX 0x7fffffffffffffffL 44 #endif 45 #ifndef FORTIFY_SSIZE_MAX 46 #define FORTIFY_SSIZE_MAX FORTIFY_LONG_MAX 47 #endif 48 #else 49 #ifndef FORTIFY_LONG_MAX 50 #define FORTIFY_LONG_MAX 0x7fffffffL 51 #endif 52 #ifndef FORTIFY_SSIZE_MAX 53 #define FORTIFY_SSIZE_MAX FORTIFY_LONG_MAX 54 #endif 55 #endif 56 #ifndef FORTIFY_PATH_MAX 57 #define FORTIFY_PATH_MAX 4096 58 #endif 59 60 #define __DIAGNOSE_ALWAYS_INLINE __attribute__((__always_inline__)) 61 #define __DIAGNOSE_PREDICT_TRUE(exp) __builtin_expect((exp) != 0, 1) 62 #define __DIAGNOSE_PREDICT_FALSE(exp) __builtin_expect((exp) != 0, 0) 63 #define __DIAGNOSE_ENABLE_IF(cond, msg) __attribute__((enable_if(cond, msg))) 64 #define __DIAGNOSE_ERROR_IF(cond, msg) __attribute__((diagnose_if(cond, msg, "error"))) 65 #define __DIAGNOSE_WARNING_IF(cond, msg) __attribute__((diagnose_if(cond, msg, "warning"))) 66 67 #define __DIAGNOSE_BOS_LEVEL (1) 68 #define __DIAGNOSE_BOSN(s, n) __builtin_object_size((s), (n)) 69 #define __DIAGNOSE_BOS(s) __DIAGNOSE_BOSN((s), __DIAGNOSE_BOS_LEVEL) 70 71 #define __DIAGNOSE_BOS0(s) __DIAGNOSE_BOSN((s), 0) 72 #define __DIAGNOSE_PASS_OBJECT_SIZE_N(n) __attribute__((pass_object_size(n))) 73 #define __DIAGNOSE__SIZE_MUL_OVERFLOW(a, b, result) __builtin_umull_overflow(a, b, result) 74 #define __DIAGNOSE_PRINTFLIKE(x, y) __attribute__((__format__(printf, x, y))) 75 #define __DIAGNOSE_CALL_BYPASSING_FORTIFY(fn) (&(fn)) 76 #define __DIAGNOSE_FORTIFY_INLINE static __inline__ __attribute__((no_stack_protector)) \ 77 __DIAGNOSE_ALWAYS_INLINE 78 79 #define __DIAGNOSE_FORTIFY_VARIADIC static __inline__ 80 81 #define __DIAGNOSE_PASS_OBJECT_SIZE __DIAGNOSE_PASS_OBJECT_SIZE_N(__DIAGNOSE_BOS_LEVEL) 82 #define __DIAGNOSE_PASS_OBJECT_SIZE0 __DIAGNOSE_PASS_OBJECT_SIZE_N(0) 83 84 #define __DIAGNOSE_FORTIFY_UNKNOWN_SIZE ((unsigned int) -1) 85 /* The following are intended for use in unevaluated environments, e.g. diagnose_if conditions. */ 86 #define __DIAGNOSE_UNEVALUATED_LT(bos_val, val) \ 87 ((bos_val) != __DIAGNOSE_FORTIFY_UNKNOWN_SIZE && (bos_val) < (val)) 88 89 #define __DIAGNOSE_UNEVALUATED_LE(bos_val, val) \ 90 ((bos_val) != __DIAGNOSE_FORTIFY_UNKNOWN_SIZE && (bos_val) <= (val)) 91 92 /* The following acts in the context of evaluation. */ 93 #define __DIAGNOSE_BOS_DYNAMIC_CHECK_IMPL_AND(bos_val, op, index, cond) \ 94 ((bos_val) == __DIAGNOSE_FORTIFY_UNKNOWN_SIZE || \ 95 (__builtin_constant_p(index) && bos_val op index && (cond))) 96 97 #define __DIAGNOSE_BOS_DYNAMIC_CHECK_IMPL(bos_val, op, index) \ 98 __DIAGNOSE_BOS_DYNAMIC_CHECK_IMPL_AND(bos_val, op, index, 1) 99 100 #define __DIAGNOSE_BOS_TRIVIALLY_GE(bos_val, index) __DIAGNOSE_BOS_DYNAMIC_CHECK_IMPL((bos_val), >=, (index)) 101 #define __DIAGNOSE_BOS_TRIVIALLY_GT(bos_val, index) __DIAGNOSE_BOS_DYNAMIC_CHECK_IMPL((bos_val), >, (index)) 102 103 #define __DIAGNOSE_OVERLOAD __attribute__((overloadable)) 104 105 /* 106 * A function to prevent this function from being applied. 107 * Used to rename the function so that the compiler emits a call to "x". 108 */ 109 #define __DIAGNOSE_RENAME(x) __asm__(#x) 110 #define __DIAGNOSE_OPEN_MODES_USEFUL(flags) (((flags) & O_CREAT) || ((flags) & O_TMPFILE) == O_TMPFILE) 111 #define __DIAGNOSE_BOS_FD_COUNT_TRIVIALLY_SAFE(bos_val, fds, fd_count) \ 112 __DIAGNOSE_BOS_DYNAMIC_CHECK_IMPL_AND((bos_val), >=, (sizeof(*(fds)) * (fd_count)), \ 113 (fd_count) <= __DIAGNOSE_CAST(static_cast, unsigned int, -1) / sizeof(*(fds))) 114 115 #define __DIAGNOSE_UNSAFE_CHK_MUL_OVERFLOW(x, y) ((__SIZE_TYPE__)-1 / (x) < (y)) 116 117 #define __DIAGNOSE_BOS_TRIVIALLY_GE_MUL(bos_val, size, count) \ 118 __DIAGNOSE_BOS_DYNAMIC_CHECK_IMPL_AND(bos_val, >=, (size) * (count), \ 119 !__DIAGNOSE_UNSAFE_CHK_MUL_OVERFLOW(size, count)) 120 121 #define FORTIFY_RUNTIME_ERROR_PREFIX "Musl Fortify runtime error: " 122 #define OPEN_TOO_MANY_ARGS_ERROR "There are too many arguments" 123 #define OPEN_TOO_FEW_ARGS_ERROR "invoking with O_CREAT or O_TMPFILE, but missing pattern." 124 #define OPEN_USELESS_MODES_WARNING "having redundant mode bits; but missing O_CREAT." 125 #define CALLED_WITH_STRING_BIGGER_BUFFER "called with a string larger than the buffer" 126 #define FD_COUNT_LARGE_GIVEN_BUFFER "fd_count is greater than the given buffer" 127 #define CALLED_WITH_SIZE_BIGGER_BUFFER "called with bigger size than the buffer" 128 #define OUTPUT_PARAMETER_BYTES "the output parameter must be nullptr or a pointer to the buffer with >= FORTIFY_PATH_MAX bytes" 129 #define SIZE_LARGER_THEN_DESTINATION_BUFFER "the size is greater than the target buffer" 130 131 void __fortify_error(const char* info, ...); 132 133 #ifdef __cplusplus 134 } 135 #endif 136 137 #endif