about summary refs log tree commit diff homepage
path: root/runtime/Fortify
diff options
context:
space:
mode:
authorCristian Cadar <c.cadar@imperial.ac.uk>2020-11-06 16:23:31 +0000
committerMartinNowack <2443641+MartinNowack@users.noreply.github.com>2020-11-09 19:39:13 +0000
commit0d705e4aef74f22e80ad84112c9e85268b1d2f7d (patch)
tree53a476c3aedcae8546ce69d1e9a61c51d2caacba /runtime/Fortify
parent4547882135af886e002d134d6bb5b510f7c73a06 (diff)
downloadklee-0d705e4aef74f22e80ad84112c9e85268b1d2f7d.tar.gz
Added fortified library (for -D_FORTIFY_SOURCE), to be linked when uclibc is used.
Diffstat (limited to 'runtime/Fortify')
-rw-r--r--runtime/Fortify/CMakeLists.txt28
-rw-r--r--runtime/Fortify/fortify.c83
2 files changed, 111 insertions, 0 deletions
diff --git a/runtime/Fortify/CMakeLists.txt b/runtime/Fortify/CMakeLists.txt
new file mode 100644
index 00000000..8e751f66
--- /dev/null
+++ b/runtime/Fortify/CMakeLists.txt
@@ -0,0 +1,28 @@
+#===------------------------------------------------------------------------===#
+#
+#                     The KLEE Symbolic Virtual Machine
+#
+# This file is distributed under the University of Illinois Open Source
+# License. See LICENSE.TXT for details.
+#
+#===------------------------------------------------------------------------===#
+
+set(LIB_PREFIX "RuntimeFortify")
+set(SRC_FILES
+        fortify.c
+        ../Freestanding/fortify-fs.c
+        ../klee-libc/fortify-klibc.c
+        )
+
+# Add __NO_INLINE__ to prevent glibc from using inline definitions of some
+# builtins (i.e. putchar and atoi).
+set(ADDITIONAL_CC_FLAGS
+        -D__NO_INLINE__
+        -std=gnu89
+        )
+
+# Build it
+include("${CMAKE_SOURCE_DIR}/cmake/compile_bitcode_library.cmake")
+prefix_with_path("${SRC_FILES}" "${CMAKE_CURRENT_SOURCE_DIR}/" prefixed_files)
+
+add_bitcode_library_targets("${LIB_PREFIX}" "${prefixed_files}" "${ADDITIONAL_CC_FLAGS}" "")
diff --git a/runtime/Fortify/fortify.c b/runtime/Fortify/fortify.c
new file mode 100644
index 00000000..a8d54fd8
--- /dev/null
+++ b/runtime/Fortify/fortify.c
@@ -0,0 +1,83 @@
+//===-- fortify.c ---------------------------------------------------------===//
+//
+//                     The KLEE Symbolic Virtual Machine
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===----------------------------------------------------------------------===//
+
+#include "klee/klee.h"
+
+#include <limits.h>
+#include <stddef.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/socket.h>
+#include <unistd.h>
+
+char *__fgets_chk(char *s, size_t size, int strsize, FILE *stream) {
+  return fgets(s, size, stream);
+}
+
+ssize_t __pread_chk(int fd, void *buf, size_t nbytes, off_t offset,
+                    size_t buflen) {
+  if (nbytes > buflen)
+    klee_report_error(__FILE__, __LINE__, "pread overflow", "ptr.err");
+
+  return pread(fd, buf, nbytes, offset);
+}
+
+ssize_t __read_chk(int fd, void *buf, size_t nbytes, size_t buflen) {
+  if (nbytes > buflen)
+    klee_report_error(__FILE__, __LINE__, "read overflow", "ptr.err");
+
+  return read(fd, buf, nbytes);
+}
+
+ssize_t __readlink_chk(const char *path, char *buf, size_t len, size_t buflen) {
+  if (len > buflen)
+    klee_report_error(__FILE__, __LINE__, "readlink overflow", "ptr.err");
+
+  return readlink(path, buf, len);
+}
+
+char *__realpath_chk(const char *path, char *resolved_path,
+                     size_t resolved_len) {
+  if (resolved_len < PATH_MAX)
+    klee_report_error(__FILE__, __LINE__, "realpath overflow", "ptr.err");
+
+  return realpath(path, resolved_path);
+}
+
+ssize_t __recv_chk(int fd, void *buf, size_t len, size_t buflen, int flag) {
+  if (len > buflen)
+    klee_report_error(__FILE__, __LINE__, "recv overflow", "ptr.err");
+
+  return recv(fd, buf, len, flag);
+}
+
+ssize_t __recvfrom_chk(int fd, void *buf, size_t len, size_t buflen, int flag,
+                       struct sockaddr *from, socklen_t *fromlen) {
+  if (len > buflen)
+    klee_report_error(__FILE__, __LINE__, "recvfrom overflow", "ptr.err");
+
+  return recvfrom(fd, buf, len, flag, from, fromlen);
+}
+
+char *__stpncpy_chk(char *dest, const char *src, size_t n, size_t destlen) {
+  if (n > destlen)
+    klee_report_error(__FILE__, __LINE__, "stpncpy overflow", "ptr.err");
+  return stpncpy(dest, src, n);
+}
+
+char *__strncat_chk(char *s1, const char *s2, size_t n, size_t s1len) {
+  return strncat(s1, s2, n);
+}
+
+int __ttyname_r_chk(int fd, char *buf, size_t buflen, size_t nreal) {
+  if (buflen > nreal)
+    klee_report_error(__FILE__, __LINE__, "ttyname_r overflow", "ptr.err");
+  return ttyname_r(fd, buf, nreal);
+}