]> git.saurik.com Git - apple/libc.git/blame_incremental - secure/chk_fail.c
Libc-1439.100.3.tar.gz
[apple/libc.git] / secure / chk_fail.c
... / ...
CommitLineData
1/*
2 * Copyright (c) 2007-2013 Apple Inc. All rights reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24#include <os/assumes.h>
25#include <stdint.h>
26#include <TargetConditionals.h>
27#include "crt_externs.h"
28
29#ifndef PR_13085474_CHECK
30#define PR_13085474_CHECK TARGET_OS_OSX
31#endif
32
33#if PR_13085474_CHECK
34/* Some shipped applications fail this check and were tested against
35 * versions of these functions that supported overlapping buffers.
36 *
37 * We would rather let such applications run, using the old memmove
38 * implementation, than abort() because they can't use the new
39 * implementation.
40 */
41
42#include <libkern/OSAtomic.h>
43#include <mach-o/dyld.h>
44#include <mach-o/dyld_priv.h>
45#if TARGET_OS_OSX
46#define START_VERSION dyld_platform_version_macOS_10_9
47#else
48#error "This platform should not build with PR_13085474_CHECK=1"
49#endif
50#endif /* !PR_13085474_CHECK */
51
52/* For PR_13085474_CHECK set, we initialize __chk_assert_no_overlap to
53 * 1 initially and then reset it to 0 if the main image of the process
54 * was linked earlier than 10.9.
55 *
56 * If PR_13085474_CHECK is zero, then we never do any sdk version checking
57 * and always do overlap checks.
58 */
59__attribute__ ((visibility ("hidden")))
60uint32_t __chk_assert_no_overlap = 1;
61
62#if PR_13085474_CHECK
63static bool
64__chk_assert_sdk_pre_start(const struct mach_header *mh) {
65 return (dyld_get_active_platform() == PLATFORM_MACOS &&
66 !dyld_sdk_at_least(mh, START_VERSION));
67}
68#endif
69
70__attribute__ ((visibility ("hidden")))
71void __chk_init(void) {
72#if PR_13085474_CHECK
73 if (__chk_assert_sdk_pre_start((const struct mach_header *)
74 _NSGetMachExecuteHeader())) {
75 __chk_assert_no_overlap = 0;
76 }
77#endif
78}
79
80__attribute__ ((visibility ("hidden")))
81__attribute__ ((noreturn))
82void
83__chk_fail_overflow (void) {
84 os_crash("detected buffer overflow");
85}
86
87__attribute__ ((visibility ("hidden")))
88__attribute__ ((noreturn))
89void
90__chk_fail_overlap (void) {
91 os_crash("detected source and destination buffer overlap");
92}
93
94__attribute__ ((visibility ("hidden")))
95void
96__chk_overlap (const void *_a, size_t an, const void *_b, size_t bn) {
97 uintptr_t a = (uintptr_t)_a;
98 uintptr_t b = (uintptr_t)_b;
99
100 if (__builtin_expect(an == 0 || bn == 0, 0)) {
101 return;
102 } else if (__builtin_expect(a == b, 0)) {
103 __chk_fail_overlap();
104 } else if (a < b) {
105 if (__builtin_expect(a + an > b, 0))
106 __chk_fail_overlap();
107 } else { // b < a
108 if (__builtin_expect(b + bn > a, 0))
109 __chk_fail_overlap();
110 }
111}