1 /* 2 * Copyright (C) 2012 The Android Open Source Project 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * * Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * * Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in 12 * the documentation and/or other materials provided with the 13 * distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 16 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 17 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 18 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 19 * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 21 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 22 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 23 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 24 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 25 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29 #undef _FORTIFY_SOURCE 30 #include <string.h> 31 #include <stdlib.h> 32 #include "libc_logging.h" 33 34 /* 35 * Runtime implementation of __memcpy_chk. 36 * 37 * See 38 * http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html 39 * http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html 40 * for details. 41 * 42 * This memcpy check is called if _FORTIFY_SOURCE is defined and 43 * greater than 0. 44 */ 45 extern "C" void *__memcpy_chk(void *dest, const void *src, 46 size_t copy_amount, size_t dest_len) 47 { 48 if (__builtin_expect(copy_amount > dest_len, 0)) { 49 __fortify_chk_fail("memcpy buffer overflow", 50 BIONIC_EVENT_MEMCPY_BUFFER_OVERFLOW); 51 } 52 53 return memcpy(dest, src, copy_amount); 54 } 55