From 0d705e4aef74f22e80ad84112c9e85268b1d2f7d Mon Sep 17 00:00:00 2001
From: Cristian Cadar <c.cadar@imperial.ac.uk>
Date: Fri, 6 Nov 2020 16:23:31 +0000
Subject: Added fortified library (for -D_FORTIFY_SOURCE), to be linked when
 uclibc is used.

---
 runtime/CMakeLists.txt         |  2 +
 runtime/Fortify/CMakeLists.txt | 28 ++++++++++++++
 runtime/Fortify/fortify.c      | 83 ++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 113 insertions(+)
 create mode 100644 runtime/Fortify/CMakeLists.txt
 create mode 100644 runtime/Fortify/fortify.c

(limited to 'runtime')

diff --git a/runtime/CMakeLists.txt b/runtime/CMakeLists.txt
index 9bd1442b..ea8335de 100644
--- a/runtime/CMakeLists.txt
+++ b/runtime/CMakeLists.txt
@@ -91,11 +91,13 @@ endforeach ()
 add_subdirectory(Freestanding)
 add_subdirectory(Intrinsic)
 add_subdirectory(klee-libc)
+add_subdirectory(Fortify)
 
 set(RUNTIME_LIBRARIES
         RuntimeFreestanding
         RuntimeIntrinsic
         RuntimeKLEELibc
+        RuntimeFortify
         )
 
 if (ENABLE_KLEE_EH_CXX)
diff --git a/runtime/Fortify/CMakeLists.txt b/runtime/Fortify/CMakeLists.txt
new file mode 100644
index 00000000..8e751f66
--- /dev/null
+++ b/runtime/Fortify/CMakeLists.txt
@@ -0,0 +1,28 @@
+#===------------------------------------------------------------------------===#
+#
+#                     The KLEE Symbolic Virtual Machine
+#
+# This file is distributed under the University of Illinois Open Source
+# License. See LICENSE.TXT for details.
+#
+#===------------------------------------------------------------------------===#
+
+set(LIB_PREFIX "RuntimeFortify")
+set(SRC_FILES
+        fortify.c
+        ../Freestanding/fortify-fs.c
+        ../klee-libc/fortify-klibc.c
+        )
+
+# Add __NO_INLINE__ to prevent glibc from using inline definitions of some
+# builtins (i.e. putchar and atoi).
+set(ADDITIONAL_CC_FLAGS
+        -D__NO_INLINE__
+        -std=gnu89
+        )
+
+# Build it
+include("${CMAKE_SOURCE_DIR}/cmake/compile_bitcode_library.cmake")
+prefix_with_path("${SRC_FILES}" "${CMAKE_CURRENT_SOURCE_DIR}/" prefixed_files)
+
+add_bitcode_library_targets("${LIB_PREFIX}" "${prefixed_files}" "${ADDITIONAL_CC_FLAGS}" "")
diff --git a/runtime/Fortify/fortify.c b/runtime/Fortify/fortify.c
new file mode 100644
index 00000000..a8d54fd8
--- /dev/null
+++ b/runtime/Fortify/fortify.c
@@ -0,0 +1,83 @@
+//===-- fortify.c ---------------------------------------------------------===//
+//
+//                     The KLEE Symbolic Virtual Machine
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===----------------------------------------------------------------------===//
+
+#include "klee/klee.h"
+
+#include <limits.h>
+#include <stddef.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/socket.h>
+#include <unistd.h>
+
+char *__fgets_chk(char *s, size_t size, int strsize, FILE *stream) {
+  return fgets(s, size, stream);
+}
+
+ssize_t __pread_chk(int fd, void *buf, size_t nbytes, off_t offset,
+                    size_t buflen) {
+  if (nbytes > buflen)
+    klee_report_error(__FILE__, __LINE__, "pread overflow", "ptr.err");
+
+  return pread(fd, buf, nbytes, offset);
+}
+
+ssize_t __read_chk(int fd, void *buf, size_t nbytes, size_t buflen) {
+  if (nbytes > buflen)
+    klee_report_error(__FILE__, __LINE__, "read overflow", "ptr.err");
+
+  return read(fd, buf, nbytes);
+}
+
+ssize_t __readlink_chk(const char *path, char *buf, size_t len, size_t buflen) {
+  if (len > buflen)
+    klee_report_error(__FILE__, __LINE__, "readlink overflow", "ptr.err");
+
+  return readlink(path, buf, len);
+}
+
+char *__realpath_chk(const char *path, char *resolved_path,
+                     size_t resolved_len) {
+  if (resolved_len < PATH_MAX)
+    klee_report_error(__FILE__, __LINE__, "realpath overflow", "ptr.err");
+
+  return realpath(path, resolved_path);
+}
+
+ssize_t __recv_chk(int fd, void *buf, size_t len, size_t buflen, int flag) {
+  if (len > buflen)
+    klee_report_error(__FILE__, __LINE__, "recv overflow", "ptr.err");
+
+  return recv(fd, buf, len, flag);
+}
+
+ssize_t __recvfrom_chk(int fd, void *buf, size_t len, size_t buflen, int flag,
+                       struct sockaddr *from, socklen_t *fromlen) {
+  if (len > buflen)
+    klee_report_error(__FILE__, __LINE__, "recvfrom overflow", "ptr.err");
+
+  return recvfrom(fd, buf, len, flag, from, fromlen);
+}
+
+char *__stpncpy_chk(char *dest, const char *src, size_t n, size_t destlen) {
+  if (n > destlen)
+    klee_report_error(__FILE__, __LINE__, "stpncpy overflow", "ptr.err");
+  return stpncpy(dest, src, n);
+}
+
+char *__strncat_chk(char *s1, const char *s2, size_t n, size_t s1len) {
+  return strncat(s1, s2, n);
+}
+
+int __ttyname_r_chk(int fd, char *buf, size_t buflen, size_t nreal) {
+  if (buflen > nreal)
+    klee_report_error(__FILE__, __LINE__, "ttyname_r overflow", "ptr.err");
+  return ttyname_r(fd, buf, nreal);
+}
-- 
cgit 1.4.1