| #
cf8e5289 |
| 13-Jul-2024 |
Kyle Evans <kevans@FreeBSD.org> |
include: ssp: round out fortification of current set of headers
ssp/ssp.h needed some improvements:
- `len` isn't always a size_t, it may need casted
- In some cases we may want to use a len that
include: ssp: round out fortification of current set of headers
ssp/ssp.h needed some improvements:
- `len` isn't always a size_t, it may need casted
- In some cases we may want to use a len that isn't specified as a
parameter (e.g., L_ctermid), so __ssp_redirect() should be more
flexible.
- In other cases we may want additional checking, so pull all of the
declaration bits out of __ssp_redirect_raw() so that some functions
can implement the body themselves.
strlcat/strlcpy should be the last of the fortified functions that get
their own __*_chk symbols, and these cases are only done to be
consistent with the rest of the str*() set.
Reviewed by: markj
Sponsored by: Klara, Inc.
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D45679
show more ...
|
| #
5af6fbd7 |
| 15-May-2024 |
Kyle Evans <kevans@FreeBSD.org> |
ssp: appease -Wgnu-statement-expression-from-macro-expansion
It's a stupid warning, but some ports enable it by default and were
already defining _FORTIFY_SOURCE, thus exposing the new macros
immedi
ssp: appease -Wgnu-statement-expression-from-macro-expansion
It's a stupid warning, but some ports enable it by default and were
already defining _FORTIFY_SOURCE, thus exposing the new macros
immediately. This at least fixes the libfido2 build, perhaps others as
well.
While we're here, fix a fresh build of stand w/ FORTIFY_SOURCE enabled
by not pulling in the ssp headers if _STANDALONE is defined. We do not
have runtime support in libsa as of the time of writing.
Reported by: netchild
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
show more ...
|
| #
be04fec4 |
| 13-May-2024 |
Kyle Evans <kevans@FreeBSD.org> |
Import _FORTIFY_SOURCE implementation from NetBSD
This is a mostly-unmodified copy of the various *_chk implementations
and headers from NetBSD, without yet modifying system headers to start
actuall
Import _FORTIFY_SOURCE implementation from NetBSD
This is a mostly-unmodified copy of the various *_chk implementations
and headers from NetBSD, without yet modifying system headers to start
actually including them. A future commit will also apply the needed
bits to fix ssp/unistd.h.
Reviewed by: imp, pauamma_gundo.com (both previous versions), kib
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D32306
show more ...
|