Skip to content

Commit

Permalink
Bugfix in safec mapping and miscellaneous fixes
Browse files Browse the repository at this point in the history 
Signed-off-by: Yongkui Han <yonhan@cisco.com>
  • Loading branch information
@yonhan3
yonhan3 committed Aug 22, 2023
1 parent a71741e commit 339c687
Show file tree
Hide file tree
Showing 10 changed files with 96 additions and 29 deletions.
3 changes: 3 additions & 0 deletions DEBIAN/rules
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,7 @@
#!/usr/bin/make -f

override_dh_shlibdeps:
dh_shlibdeps --dpkg-shlibdeps-params=--ignore-missing-info

%:
dh $@
2 changes: 1 addition & 1 deletion VERSION
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
1.0.5
1.0.6
6 changes: 3 additions & 3 deletions include/openosc.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,11 +153,11 @@
/*
* Detect the compiler and select the best compile-time check method.
*/
#if __ICC
#if defined __ICC
#define OSC_COMPILE_CHK OSC_ASSERT_USE_RUNTIME_CHK
#elif __clang__
#elif defined __clang__
#define OSC_COMPILE_CHK OSC_ASSERT_USE_ERR_ATTR
#elif __GNUC__
#elif defined __GNUC__
#define OSC_COMPILE_CHK OSC_ASSERT_USE_ERR_ATTR
#else
#error "Unsupported compiler detected, contact OpenOSC package owner for guidance"
Expand Down
6 changes: 3 additions & 3 deletions include/openosc_fortify.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -143,7 +143,7 @@
#if __GNUC_PREREQ (3,4)
# define __attribute_warn_unused_result__ \
__attribute__ ((__warn_unused_result__))
# if __USE_FORTIFY_LEVEL > 0
# if defined __USE_FORTIFY_LEVEL && __USE_FORTIFY_LEVEL > 0
# define __wur __attribute_warn_unused_result__
# endif
#else
Expand Down Expand Up @@ -217,10 +217,10 @@
#define __dst_overflow_msg(func) func " caller with bigger length than size of destination buffer"
#define __src_overread_msg(func) func " caller with bigger length than size of source buffer, will cause src overread"

#define __OPENOSC_CLANG_CC (__clang__ && __clang_major__ >= 5)
#define __OPENOSC_CLANG_CC (defined __clang__ && __clang_major__ >= 5)

/* For clang compiler support */
#if __clang__
#if defined __clang__

#define __bos0(ptr) __builtin_object_size (ptr, 0)
#define __bos1(ptr) __builtin_object_size (ptr, 1)
Expand Down
2 changes: 1 addition & 1 deletion include/openosc_fortify_redirect_map.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1061,7 +1061,7 @@ __clang_warn_or_error_if(__size_too_small (__bos0, buf, count), __dst_overflow_m

/* Mapping for readlinkat */

extern int
extern ssize_t
__openosc_readlinkat_to_buf(size_t dest_len, int dirfd, const char *pathname, char *buf, size_t bufsiz);
extern ssize_t __REDIRECT_NTH (__openosc_readlinkat_alias,
(int dirfd, const char *pathname, char *buf, size_t bufsiz), readlinkat);
Expand Down
6 changes: 3 additions & 3 deletions include/openosc_header_metric.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -118,19 +118,19 @@ long long int __attribute__((weak)) rtd_osc_header_h_included_int = MAGIC_OSC_HE

#ifdef OPENOSC_METRIC_USEFUL_INFO

#if __ICC
#if defined __ICC
#if defined __BIG_ENDIAN__ || defined __BIG_ENDIAN || (defined __BYTE_ORDER__ && __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__)
#define MAGIC_OSC_COMPILER 0x97cfa25a9fb39d01
#else
#define MAGIC_OSC_COMPILER 0x019db39f5aa2cf97
#endif
#elif __clang__
#elif defined __clang__
#if defined __BIG_ENDIAN__ || defined __BIG_ENDIAN || (defined __BYTE_ORDER__ && __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__)
#define MAGIC_OSC_COMPILER 0x97cfa25a9fb39d02
#else
#define MAGIC_OSC_COMPILER 0x029db39f5aa2cf97
#endif
#elif __GNUC__
#elif defined __GNUC__
#if defined __BIG_ENDIAN__ || defined __BIG_ENDIAN || (defined __BYTE_ORDER__ && __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__)
#define MAGIC_OSC_COMPILER 0x97cfa25a9fb39d03
#else
Expand Down
2 changes: 1 addition & 1 deletion include/openosc_metric_only.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@
#endif

#ifdef _FORTIFY_SOURCE
#if __clang__
#if defined __clang__
#warning "The OSC-METRICS feature suppresses fortify-source buffer-overflow warnings for clang"
#else
#warning "The OSC-METRICS feature suppresses some function-attribute warnings, like -Wunused-result/-Wnonnull"
Expand Down
50 changes: 36 additions & 14 deletions include/openosc_safec_map.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,13 +56,21 @@
* inserted into production image by the compiler.
*/
#if (OSC_COMPILE_CHK == OSC_ASSERT_USE_ERR_ATTR)
extern int __attribute__((error("Compiler Assertion: memcmp_s n indexes beyond s1"))) \
osc_compile_check_memcmp_s1(void);
#define OSC_ASSERT_memcmp_s1() ({osc_compile_check_memcmp_s1(), (errno_t)0;})

extern int __attribute__((error("Compiler Assertion: memcmp_s s1max indexes beyond s1"))) \
osc_compile_check_memcmp_s(void);
#define OSC_ASSERT_memcmp_s() ({osc_compile_check_memcmp_s(), (errno_t)0;})
osc_compile_check_memcmp_s2(void);
#define OSC_ASSERT_memcmp_s2() ({osc_compile_check_memcmp_s2(), (errno_t)0;})

extern int __attribute__((error("Compiler Assertion: memcpy_s n indexes beyond dest"))) \
osc_compile_check_memcpy_s1(void);
#define OSC_ASSERT_memcpy_s1() ({osc_compile_check_memcpy_s1(), (errno_t)0;})

extern int __attribute__((error("Compiler Assertion: memcpy_s dmax could overflow dest"))) \
osc_compile_check_memcpy_s(void);
#define OSC_ASSERT_memcpy_s() ({osc_compile_check_memcpy_s(), (errno_t)0;})
osc_compile_check_memcpy_s2(void);
#define OSC_ASSERT_memcpy_s2() ({osc_compile_check_memcpy_s2(), (errno_t)0;})

extern int __attribute__((error("Compiler Assertion: strcat_s dmax could overflow dest"))) \
osc_compile_check_strcat_s(void);
Expand Down Expand Up @@ -120,8 +128,10 @@ extern int __attribute__((error("Compiler Assertion: strstr_s s1max indexes beyo
* For safeC, there is no compiler built-in check so if OSC_COMPILE_CHK is set
* to OSC_ASSERT_USE_BUILTIN, just use the runtime check
*/
#define OSC_ASSERT_memcmp_s() (__openosc_memcmp_s_to_buf(_sz, s1, s1max, s2, n, diff))
#define OSC_ASSERT_memcpy_s() (__openosc_memcpy_s_to_buf(_sz, dest, dmax, src, n))
#define OSC_ASSERT_memcmp_s1() (__openosc_memcmp_s_to_buf(_sz, s1, s1max, s2, n, diff))
#define OSC_ASSERT_memcmp_s2() (__openosc_memcmp_s_to_buf(_sz, s1, s1max, s2, n, diff))
#define OSC_ASSERT_memcpy_s1() (__openosc_memcpy_s_to_buf(_sz, dest, dmax, src, n))
#define OSC_ASSERT_memcpy_s2() (__openosc_memcpy_s_to_buf(_sz, dest, dmax, src, n))
#define OSC_ASSERT_strcat_s() (__openosc_strcat_s_to_buf(_sz, dest, dmax, src))
#define OSC_ASSERT_strcmp_s() (__openosc_strcmp_s_to_buf(_sz, s1, s1max, s2, indicator))
#define OSC_ASSERT_strcpy_s() (__openosc_strcpy_s_to_buf(_sz, dest, dmax, src))
Expand All @@ -137,8 +147,10 @@ extern int __attribute__((error("Compiler Assertion: strstr_s s1max indexes beyo
#define OSC_ASSERT_strstr_s() (__openosc_strstr_s_to_buf(_sz, s1, s1max, s2, s2max, substring))
#elif (OSC_COMPILE_CHK == OSC_ASSERT_USE_NONE)
/* No compile time check, use original libc/safec function */
#define OSC_ASSERT_memcmp_s() (memcmp_s(s1, s1max, s2, n, diff))
#define OSC_ASSERT_memcpy_s() (memcpy_s(dest, dmax, src, n))
#define OSC_ASSERT_memcmp_s1() (memcmp_s(s1, s1max, s2, n, diff))
#define OSC_ASSERT_memcmp_s2() (memcmp_s(s1, s1max, s2, n, diff))
#define OSC_ASSERT_memcpy_s1() (memcpy_s(dest, dmax, src, n))
#define OSC_ASSERT_memcpy_s2() (memcpy_s(dest, dmax, src, n))
#define OSC_ASSERT_strcat_s() (strcat_s(dest, dmax, src))
#define OSC_ASSERT_strcmp_s() (strcmp_s(s1, s1max, s2, indicator))
#define OSC_ASSERT_strcpy_s() (strcpy_s(dest, dmax, src))
Expand All @@ -165,23 +177,28 @@ __openosc_memcmp_s_to_buf (size_t s1_len,
const void *s2, rsize_t n, int *diff);

static inline __attribute__ ((always_inline)) errno_t
osc_memcmp_s (const void *s1, rsize_t s1max,
openosc_memcmp_s (const void *s1, rsize_t s1max,
const void *s2, rsize_t n, int *diff)
{
size_t _sz = __builtin_object_size(s1, OSC_OBJECT_SIZE_CHECK_0);
int is_s1max_constant = __builtin_constant_p(s1max);
int is_n_constant = __builtin_constant_p(n);
return ((_sz != (size_t) -1)
? (is_s1max_constant
? ((_sz >= s1max)
? (MEMCMP_S_CASE1 memcmp_s(s1, s1max, s2, n, diff))
: (MEMCMP_S_CASE2 OSC_ASSERT_memcmp_s()))
? (is_n_constant
? ((_sz >= n)
? (MEMCMP_S_CASE1 memcmp_s(s1, s1max, s2, n, diff))
: (MEMCMP_S_CASE2 OSC_ASSERT_memcmp_s1()))
: (MEMCMP_S_CASE3 OSC_RUNTIME_CHECK_memcmp_s()))
: (MEMCMP_S_CASE2 OSC_ASSERT_memcmp_s2()))
: (MEMCMP_S_CASE3 OSC_RUNTIME_CHECK_memcmp_s()))
: (MEMCMP_S_CASE4 memcmp_s(s1, s1max, s2, n, diff)));
}

#undef memcmp_s
#define memcmp_s(s1, s1max, s2, n, diff) \
osc_memcmp_s (s1, s1max, s2, n, diff)
openosc_memcmp_s (s1, s1max, s2, n, diff)

/* Mapping for memcpy_s */

Expand All @@ -194,11 +211,16 @@ openosc_memcpy_s (void *dest, rsize_t dmax, const void *src, rsize_t n)
{
size_t _sz = __builtin_object_size(dest, OSC_OBJECT_SIZE_CHECK_0);
int is_dmax_constant = __builtin_constant_p(dmax);
int is_n_constant = __builtin_constant_p(n);
return ((_sz != (size_t) -1)
? (is_dmax_constant
? ((_sz >= dmax)
? (MEMCPY_S_CASE1 memcpy_s(dest, dmax, src, n))
: (MEMCPY_S_CASE2 OSC_ASSERT_memcpy_s()))
? (is_n_constant
? ((_sz >= n)
? (MEMCPY_S_CASE1 memcpy_s(dest, dmax, src, n))
: (MEMCPY_S_CASE2 OSC_ASSERT_memcpy_s1()))
: (MEMCPY_S_CASE3 OSC_RUNTIME_CHECK_memcpy_s()))
: (MEMCPY_S_CASE2 OSC_ASSERT_memcpy_s2()))
: (MEMCPY_S_CASE3 OSC_RUNTIME_CHECK_memcpy_s()))
: (MEMCPY_S_CASE4 memcpy_s(dest, dmax, src, n)));
}
Expand Down
28 changes: 26 additions & 2 deletions src/openosc_safec_map.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ __openosc_memcmp_s_to_buf (size_t s1_len,

if (s1max > s1_len) {
if (openosc_log) {
openosc_danger_error("memcmp_s", s1_len, s1max);
openosc_danger_error("memcmp_s s1max", s1_len, s1max);
}
openosc_get_config(&openosc_abort);
if (openosc_abort) {
Expand All @@ -39,6 +39,18 @@ __openosc_memcmp_s_to_buf (size_t s1_len,
s1max = s1_len;
}
}
if (n > s1_len) {
if (openosc_log) {
openosc_danger_error("memcmp_s n", s1_len, n);
}
openosc_get_config(&openosc_abort);
if (openosc_abort) {
abort();
}
if (openosc_truncate) {
n = s1_len;
}
}
#undef memcmp_s
return (memcmp_s(s1, s1max, s2, n, diff));
}
Expand All @@ -53,7 +65,7 @@ __openosc_memcpy_s_to_buf (size_t dest_len,

if (dmax > dest_len) {
if (openosc_log) {
openosc_danger_error("memcpy_s", dest_len, dmax);
openosc_danger_error("memcpy_s dmax", dest_len, dmax);
}
openosc_get_config(&openosc_abort);
if (openosc_abort) {
Expand All @@ -63,6 +75,18 @@ __openosc_memcpy_s_to_buf (size_t dest_len,
dmax = dest_len;
}
}
if (n > dest_len) {
if (openosc_log) {
openosc_danger_error("memcpy_s n", dest_len, dmax);
}
openosc_get_config(&openosc_abort);
if (openosc_abort) {
abort();
}
if (openosc_truncate) {
n = dest_len;
}
}
#undef memcpy_s
return (memcpy_s(dest, dmax, src, n));
}
Expand Down
20 changes: 19 additions & 1 deletion tools/oscmetrics.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2457,6 +2457,24 @@ def print_watermarkpc_summary_table(rdict, wsdirs=[]):
print (print_row(fmts, row_list))


def find_specific_unstripped_file(builddir, filename):
"""
Find all files with a specific filename in the build dir, excluding symbolic link files.
Also only those unstripped ELF files are returned, used for addr2line.
It simply runs the shell's find command and saves the result.
:param builddir: String, build dir of the workspace
:param filename: String, a specific filename, like libosc.so/lib4arg.so
:returns a list that contains all the binary file names.
"""
findcmd = "find " + cmd_quote(builddir) + " -type f -name " + cmd_quote(filename)
findcmd += " -exec sh -c 'file \"$1\" | grep -E \" ELF.*shared object.*not stripped| ELF.*executable.*not stripped\" >/dev/null ' _ {} \; -print || true"
output = subprocess.check_output(findcmd, shell=True, universal_newlines=True)
files = output.splitlines()
return files


def find_specific_file(builddir, filename):
"""
Find all files with a specific filename in the build dir, excluding symbolic link files.
Expand Down Expand Up @@ -3274,7 +3292,7 @@ def parse_dwarf_decoded_lines(lines):
ret = []
for line in lines:
tokens = line.split()
if len(tokens) != 3:
if len(tokens) < 3: # must have at least 3 tokens
continue
pc = tokens[2]
srcline = tokens[1]
Expand Down

0 comments on commit 339c687

Please sign in to comment.