Date: Sun, 19 May 2024 04:39:59 +0000 (UTC) From: Pedro Giffuni <pfg@freebsd.org> To: Kyle Evans <kevans@freebsd.org> Cc: "src-committers@freebsd.org" <src-committers@freebsd.org>, "dev-commits-src-all@freebsd.org" <dev-commits-src-all@freebsd.org>, "dev-commits-src-main@freebsd.org" <dev-commits-src-main@freebsd.org> Subject: Re: git: be04fec42638 - main - Import _FORTIFY_SOURCE implementation from NetBSD Message-ID: <1413980952.1357400.1716093599901@mail.yahoo.com> In-Reply-To: <6276b721-6c7b-41cd-9d1b-4169e86ec5e9@FreeBSD.org> References: <02326b5e-a1fe-4411-a869-d21f9a76130c@email.android.com> <999469960.1638478.1716080957814@mail.yahoo.com> <6276b721-6c7b-41cd-9d1b-4169e86ec5e9@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
------=_Part_1357399_2058372477.1716093599883
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
FWIW .. and let me be clear I haven't worked on this in ages and I am not =
planning to retake this either...
clang just couldn't do the static=C2=A0 fortify_source checks=C2=A0 due to =
the way llvm uses an intermediate representation; the size just couldn't be=
handled in the preprocessor. Google did spend some time adding extra attri=
butes to clang to improve the debugging and you can see that implemented in=
bionic libc but that was it. musl didn't even try.
fortify_source does replace some key libc functions with memory checking al=
ternatives and that turns out to be annoying when debugging. In a way it br=
eaks that principle C programmers once had, where developers are expected t=
o know what they are doing, and if the error is caught at runtime by the st=
ack protector anyways it ends up being redundant.
One more thing about the static checks. Most of the linux distributions out=
there indeed have built their software packages with GCC and fortify_sourc=
e >=3D2. As a consequence, when we ran an exp-run on the ports tree (with G=
CC), fortify_source didn't find anything: it was basically a waste of time.
Another reason for not setting it by default is performance. And here I ans=
wer Shawn's comment on why not enable stack-protector-all and safestack and=
fortify_source at the same time: running unnecessary checks over and over =
again wastes energy and can have some performance hit. The later may seem n=
egligible in modern processors, but why do them if they bring no benefit? (=
No need to answer ... just left as food for thought)
Pedro.
On Saturday, May 18, 2024 at 09:08:52 PM GMT-5, Kyle Evans <kevans@free=
bsd.org> wrote: =20
=20
=20
On 5/18/24 20:09, Pedro Giffuni wrote:
> (sorry for top posting .. my mailer just sucks)
> Hi;
>=20
> I used to like the limited static checking FORTIFY_SOURCE provides and=20
> when I ran it over FreeBSD it did find a couple of minor issues. It only=
=20
> works for GCC though.
>=20
I don't think this is particularly true anymore; I haven't found a case=20
yet where __builtin_object_size(3) doesn't give me the correct size=20
while GCC did.=C2=A0 I'd welcome counter-examples here, though -- we have=
=20
funding to both finish the project (widen the _FORTIFY_SOURCE net to=20
more of libc/libsys) and add tests to demonstrate that it's both=20
functional and correct.=C2=A0 It would be useful to also document=20
deficiencies in the tests.
> I guess it doesn't really hurt to have FORTIFY_SOURCE around and NetBSD=
=20
> had the least intrusive implementation the last time I checked but I=20
> would certainly request it should never be activated by default,=20
> specially with clang. The GCC version has seen more development on glibc=
=20
> but I still think its a dead end.
>=20
I don't see a compelling reason to avoid enabling it by default; see=20
above, the functionality that we need in clang appears to be just fine=20
(and, iirc, was also fine when I checked at the beginning of working on=20
this in 2021) and it provides useful
> What I would like to see working on FreeBSD is Safestack as a=20
> replacement for the stack protector, which we were so very slow to adopt=
=20
> even when it was originally developed in FreeBSD. I think other projects=
=20
> based on FreeBSD (Chimera and hardenedBSD) have been using it but I=20
> don't know the details.
>=20
No comment there, though I think Shawn Webb / HardenedBSD had been=20
playing around with SafeStack (and might have enabled it? I haven't=20
actually looked in a while now).
> This is just all my $0.02
>=20
> Pedro.
Thanks,
Kyle Evans
>=20
> On Saturday, May 18, 2024 at 05:54:42 PM GMT-5, Kyle Evans=20
> <kaevans@fastmail.com> wrote:
>=20
>=20
>=20
>=20
> On May 18, 2024 13:42, Pedro Giffuni <pfg@freebsd.org> wrote:
>=20
>=C2=A0 =C2=A0 Oh no .. please not...
>=20
>=C2=A0 =C2=A0 We went into that in a GSoC:
>=20
>=C2=A0 =C2=A0 https://wiki.freebsd.org/SummerOfCode2015/FreeBSDLibcSecurit=
yExtensions <https://wiki.freebsd.org/SummerOfCode2015/FreeBSDLibcSecurityE=
xtensions>
>=20
>=20
>=C2=A0 =C2=A0 Ultimately it proved to be useless since stack-protector-str=
ong.
>=20
>=20
> Respectfully, I disagree with your conclusion here:
>=20
> 1.) _FORTIFY_SOURCE provides more granular detection of overflow; I=20
> don't have to overflow all the way into the canary at the end of the=20
> frame to be detected, so my minor bug now can be caught before something=
=20
> causes the stack frame to be rearranged and turn it into a security=20
> issue later
>=20
> 2.) __builtin_object_size doesn't work on heap objects, but it actually=
=20
> can work on subobjects from a heap allocation (e.g., &foo->name), so the=
=20
> coverage extends beyond the stack into starting to detect other kinds of=
=20
> overflow
>=20
> While the security value over stack-protector-strong may be marginal (I=
=20
> won't debate this specifically), the feature still has value in general.
>=20
> Thanks,
>=20
> Kyle Evans
>=20
>=C2=A0 =C2=A0 The NetBSD code was not well adapted to clang either.
>=20
>=C2=A0 =C2=A0 Ask me more if you really want to dig into it, but we don't =
want this.
>=20
>=C2=A0 =C2=A0 Pedro.
>=20
>=20
>=C2=A0 =C2=A0 On Monday, May 13, 2024 at 12:24:13 AM GMT-5, Kyle Evans
>=C2=A0 =C2=A0 <kevans@freebsd.org> wrote:
>=20
>=20
>=C2=A0 =C2=A0 The branch main has been updated by kevans:
>=20
>=C2=A0 =C2=A0 URL:
>=C2=A0 =C2=A0 https://cgit.FreeBSD.org/src/commit/?id=3Dbe04fec42638f30f50=
b5b55fd8e3634c0fb89928 <https://cgit.FreeBSD.org/src/commit/?id=3Dbe04fec42=
638f30f50b5b55fd8e3634c0fb89928>
>=20
>=C2=A0 =C2=A0 commit be04fec42638f30f50b5b55fd8e3634c0fb89928
>=C2=A0 =C2=A0 Author:=C2=A0 =C2=A0 Kyle Evans <kevans@FreeBSD.org <mailto:=
kevans@FreeBSD.org>>
>=C2=A0 =C2=A0 AuthorDate: 2024-05-13 05:23:49 +0000
>=C2=A0 =C2=A0 Commit:=C2=A0 =C2=A0 Kyle Evans <kevans@FreeBSD.org <mailto:=
kevans@FreeBSD.org>>
>=C2=A0 =C2=A0 CommitDate: 2024-05-13 05:23:49 +0000
>=20
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 Import _FORTIFY_SOURCE implementation f=
rom NetBSD
>=20
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 This is a mostly-unmodified copy of the=
various *_chk
>=C2=A0 =C2=A0 implementations
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 and headers from NetBSD, without yet mo=
difying system headers
>=C2=A0 =C2=A0 to start
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 actually including them.=C2=A0 A future=
commit will also apply the
>=C2=A0 =C2=A0 needed
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 bits to fix ssp/unistd.h.
>=20
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 Reviewed by:=C2=A0 =C2=A0 imp, pauamma_=
gundo.com (both previous
>=C2=A0 =C2=A0 versions), kib
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 Sponsored by:=C2=A0 Stormshield
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 Sponsored by:=C2=A0 Klara, Inc.
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 Differential Revision: https://reviews.=
freebsd.org/D32306
>=C2=A0 =C2=A0 <https://reviews.freebsd.org/D32306>;
>=C2=A0 =C2=A0 ---
>=C2=A0 =C2=A0 etc/mtree/BSD.include.dist=C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2=
=A0 2 +
>=C2=A0 =C2=A0 include/Makefile=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0 |=C2=A0 2 +-
>=C2=A0 =C2=A0 include/ssp/Makefile=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 |=C2=A0 6 ++
>=C2=A0 =C2=A0 include/ssp/ssp.h=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0 |=C2=A0 91 ++++++++++++++++++++++++++
>=C2=A0 =C2=A0 include/ssp/stdio.h=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
=C2=A0 =C2=A0 |=C2=A0 93 ++++++++++++++++++++++++++
>=C2=A0 =C2=A0 include/ssp/string.h=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 | 129
>=C2=A0 =C2=A0 ++++++++++++++++++++++++++++++++++++
>=C2=A0 =C2=A0 include/ssp/strings.h=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 |=C2=A0 67 +++++++++++++++++++
>=C2=A0 =C2=A0 include/ssp/unistd.h=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 |=C2=A0 54 +++++++++++++++
>=C2=A0 =C2=A0 lib/libc/secure/Makefile.inc=C2=A0 =C2=A0 =C2=A0 |=C2=A0 11 =
++++
>=C2=A0 =C2=A0 lib/libc/secure/Symbol.map=C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2=
=A0 18 +++++
>=C2=A0 =C2=A0 lib/libc/secure/fgets_chk.c=C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2=
=A0 54 +++++++++++++++
>=C2=A0 =C2=A0 lib/libc/secure/gets_chk.c=C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2=
=A0 74 +++++++++++++++++++++
>=C2=A0 =C2=A0 lib/libc/secure/memcpy_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 53 =
+++++++++++++++
>=C2=A0 =C2=A0 lib/libc/secure/memmove_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 47=
+++++++++++++
>=C2=A0 =C2=A0 lib/libc/secure/memset_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 46 =
+++++++++++++
>=C2=A0 =C2=A0 lib/libc/secure/snprintf_chk.c=C2=A0 =C2=A0 |=C2=A0 56 +++++=
+++++++++++
>=C2=A0 =C2=A0 lib/libc/secure/sprintf_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 61=
+++++++++++++++++
>=C2=A0 =C2=A0 lib/libc/secure/ssp_internal.h=C2=A0 =C2=A0 |=C2=A0 37 +++++=
++++++
>=C2=A0 =C2=A0 lib/libc/secure/stpcpy_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 55 =
++++++++++++++++
>=C2=A0 =C2=A0 lib/libc/secure/stpncpy_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 53=
+++++++++++++++
>=C2=A0 =C2=A0 lib/libc/secure/strcat_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 60 =
+++++++++++++++++
>=C2=A0 =C2=A0 lib/libc/secure/strcpy_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 54 =
+++++++++++++++
>=C2=A0 =C2=A0 lib/libc/secure/strncat_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 70=
++++++++++++++++++++
>=C2=A0 =C2=A0 lib/libc/secure/strncpy_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 53=
+++++++++++++++
>=C2=A0 =C2=A0 lib/libc/secure/vsnprintf_chk.c=C2=A0 =C2=A0 |=C2=A0 49 ++++=
++++++++++
>=C2=A0 =C2=A0 lib/libc/secure/vsprintf_chk.c=C2=A0 =C2=A0 |=C2=A0 58 +++++=
+++++++++++
>=C2=A0 =C2=A0 lib/libssp/Makefile=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
=C2=A0 =C2=A0 |=C2=A0 20 +++++-
>=C2=A0 =C2=A0 lib/libssp/Symbol.map=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 |=C2=A0 12 ++--
>=C2=A0 =C2=A0 lib/libssp/Versions.def=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 |=C2=A0 5 ++
>=C2=A0 =C2=A0 lib/libssp/__builtin_object_size.3 | 110 +++++++++++++++++++=
++++++++++++
>=C2=A0 =C2=A0 lib/libssp/fortify_stubs.c=C2=A0 =C2=A0 =C2=A0 =C2=A0 | 131
>=C2=A0 =C2=A0 -------------------------------------
>=C2=A0 =C2=A0 lib/libssp/ssp.3=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
=C2=A0 =C2=A0 =C2=A0 | 130
>=C2=A0 =C2=A0 ++++++++++++++++++++++++++++++++++++
>=C2=A0 =C2=A0 32 files changed, 1621 insertions(+), 140 deletions(-)
>=20
>=C2=A0 =C2=A0 diff --git a/etc/mtree/BSD.include.dist b/etc/mtree/BSD.incl=
ude.dist
>=C2=A0 =C2=A0 index a6bd5880bf61..f8c83d6dde7a 100644
>=C2=A0 =C2=A0 --- a/etc/mtree/BSD.include.dist
>=C2=A0 =C2=A0 +++ b/etc/mtree/BSD.include.dist
>=C2=A0 =C2=A0 @@ -372,6 +372,8 @@
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 mac_veriexec
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 ..
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 ..
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 ssp
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 ..
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 sys
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 disk
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 ..
>=C2=A0 =C2=A0 diff --git a/include/Makefile b/include/Makefile
>=C2=A0 =C2=A0 index 19e6beb95203..32774419f162 100644
>=C2=A0 =C2=A0 --- a/include/Makefile
>=C2=A0 =C2=A0 +++ b/include/Makefile
>=C2=A0 =C2=A0 @@ -4,7 +4,7 @@
>=20
>=C2=A0 =C2=A0 PACKAGE=3Dclibs
>=C2=A0 =C2=A0 CLEANFILES=3D osreldate.h version
>=C2=A0 =C2=A0 -SUBDIR=3D arpa protocols rpcsvc rpc xlocale
>=C2=A0 =C2=A0 +SUBDIR=3D arpa protocols rpcsvc rpc ssp xlocale
>=C2=A0 =C2=A0 .if ${MACHINE_CPUARCH} =3D=3D "amd64"
>=C2=A0 =C2=A0 SUBDIR+=3D=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 i386
>=C2=A0 =C2=A0 INCLUDE_SUBDIRS+=3D=C2=A0=C2=A0=C2=A0 i386
>=C2=A0 =C2=A0 diff --git a/include/ssp/Makefile b/include/ssp/Makefile
>=C2=A0 =C2=A0 new file mode 100644
>=C2=A0 =C2=A0 index 000000000000..dff19f43c920
>=C2=A0 =C2=A0 --- /dev/null
>=C2=A0 =C2=A0 +++ b/include/ssp/Makefile
>=C2=A0 =C2=A0 @@ -0,0 +1,6 @@
>=C2=A0 =C2=A0 +# $FreeBSD$
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +INCS=3D=C2=A0=C2=A0=C2=A0 ssp.h stdio.h string.h strings.h =
unistd.h
>=C2=A0 =C2=A0 +INCSDIR=3D=C2=A0=C2=A0=C2=A0 ${INCLUDEDIR}/ssp
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +.include <bsd.prog.mk>
>=C2=A0 =C2=A0 diff --git a/include/ssp/ssp.h b/include/ssp/ssp.h
>=C2=A0 =C2=A0 new file mode 100644
>=C2=A0 =C2=A0 index 000000000000..35a9aeee02df
>=C2=A0 =C2=A0 --- /dev/null
>=C2=A0 =C2=A0 +++ b/include/ssp/ssp.h
>=C2=A0 =C2=A0 @@ -0,0 +1,91 @@
>=C2=A0 =C2=A0 +/*=C2=A0=C2=A0=C2=A0 $NetBSD: ssp.h,v 1.13 2015/09/03 20:43=
:47 plunky Exp $=C2=A0=C2=A0=C2=A0 */
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +/*-
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * SPDX-License-Identifier: BSD-2-Clause
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Copyright (c) 2006, 2011 The NetBSD Foundation, Inc.
>=C2=A0 =C2=A0 + * All rights reserved.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * This code is derived from software contributed to The Ne=
tBSD
>=C2=A0 =C2=A0 Foundation
>=C2=A0 =C2=A0 + * by Christos Zoulas.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Redistribution and use in source and binary forms, with =
or without
>=C2=A0 =C2=A0 + * modification, are permitted provided that the following =
conditions
>=C2=A0 =C2=A0 + * are met:
>=C2=A0 =C2=A0 + * 1. Redistributions of source code must retain the above =
copyright
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 notice, this list of conditions and the fol=
lowing disclaimer.
>=C2=A0 =C2=A0 + * 2. Redistributions in binary form must reproduce the abo=
ve copyright
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 notice, this list of conditions and the fol=
lowing disclaimer
>=C2=A0 =C2=A0 in the
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 documentation and/or other materials provid=
ed with the
>=C2=A0 =C2=A0 distribution.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC.=
AND
>=C2=A0 =C2=A0 CONTRIBUTORS
>=C2=A0 =C2=A0 + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDI=
NG, BUT
>=C2=A0 =C2=A0 NOT LIMITED
>=C2=A0 =C2=A0 + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNES=
S FOR A
>=C2=A0 =C2=A0 PARTICULAR
>=C2=A0 =C2=A0 + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUN=
DATION OR
>=C2=A0 =C2=A0 CONTRIBUTORS
>=C2=A0 =C2=A0 + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
>=C2=A0 =C2=A0 EXEMPLARY, OR
>=C2=A0 =C2=A0 + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PR=
OCUREMENT OF
>=C2=A0 =C2=A0 + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROF=
ITS; OR
>=C2=A0 =C2=A0 BUSINESS
>=C2=A0 =C2=A0 + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABIL=
ITY,
>=C2=A0 =C2=A0 WHETHER IN
>=C2=A0 =C2=A0 + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENC=
E OR
>=C2=A0 =C2=A0 OTHERWISE)
>=C2=A0 =C2=A0 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN=
IF
>=C2=A0 =C2=A0 ADVISED OF THE
>=C2=A0 =C2=A0 + * POSSIBILITY OF SUCH DAMAGE.
>=C2=A0 =C2=A0 + */
>=C2=A0 =C2=A0 +#ifndef _SSP_SSP_H_
>=C2=A0 =C2=A0 +#define _SSP_SSP_H_
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#include <sys/cdefs.h>
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#if !defined(__cplusplus)
>=C2=A0 =C2=A0 +# if defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE > 0 && \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 (__OPTIMIZE__ > 0 || defined(__clang__))
>=C2=A0 =C2=A0 +#=C2=A0 if _FORTIFY_SOURCE > 1
>=C2=A0 =C2=A0 +#=C2=A0 define __SSP_FORTIFY_LEVEL 2
>=C2=A0 =C2=A0 +#=C2=A0 else
>=C2=A0 =C2=A0 +#=C2=A0 define __SSP_FORTIFY_LEVEL 1
>=C2=A0 =C2=A0 +#=C2=A0 endif
>=C2=A0 =C2=A0 +# else
>=C2=A0 =C2=A0 +#=C2=A0 define __SSP_FORTIFY_LEVEL 0
>=C2=A0 =C2=A0 +# endif
>=C2=A0 =C2=A0 +#else
>=C2=A0 =C2=A0 +# define __SSP_FORTIFY_LEVEL 0
>=C2=A0 =C2=A0 +#endif
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define=C2=A0=C2=A0=C2=A0 __ssp_var(type)=C2=A0=C2=A0=C2=A0=
__CONCAT(__ssp_ ## type, __COUNTER__)
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +/* __ssp_real is used by the implementation in libc */
>=C2=A0 =C2=A0 +#if __SSP_FORTIFY_LEVEL =3D=3D 0
>=C2=A0 =C2=A0 +#define __ssp_real_(fun)=C2=A0=C2=A0=C2=A0 fun
>=C2=A0 =C2=A0 +#else
>=C2=A0 =C2=A0 +#define __ssp_real_(fun)=C2=A0=C2=A0=C2=A0 __ssp_real_ ## f=
un
>=C2=A0 =C2=A0 +#endif
>=C2=A0 =C2=A0 +#define __ssp_real(fun)=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=
=A0 __ssp_real_(fun)
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define __ssp_inline static __inline __attribute__((__alway=
s_inline__))
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define __ssp_bos(ptr) __builtin_object_size(ptr,
>=C2=A0 =C2=A0 __SSP_FORTIFY_LEVEL > 1)
>=C2=A0 =C2=A0 +#define __ssp_bos0(ptr) __builtin_object_size(ptr, 0)
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define __ssp_check(buf, len, bos) \
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 if (bos(buf) !=3D (size_t)-1 && len > bo=
s(buf)) \
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail()
>=C2=A0 =C2=A0 +#define __ssp_redirect_raw(rtype, fun, symbol, args, call, =
cond, bos) \
>=C2=A0 =C2=A0 +rtype __ssp_real_(fun) args __RENAME(symbol); \
>=C2=A0 =C2=A0 +__ssp_inline rtype fun args __RENAME(__ssp_protected_ ## fu=
n); \
>=C2=A0 =C2=A0 +__ssp_inline rtype fun args { \
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 if (cond) \
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __ssp_check(__buf, __=
len, bos); \
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 return __ssp_real_(fun) call; \
>=C2=A0 =C2=A0 +}
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define __ssp_redirect(rtype, fun, args, call) \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __ssp_redirect_raw(rtype, fun, fun, args, cal=
l, 1, __ssp_bos)
>=C2=A0 =C2=A0 +#define __ssp_redirect0(rtype, fun, args, call) \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __ssp_redirect_raw(rtype, fun, fun, args, cal=
l, 1, __ssp_bos0)
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +__BEGIN_DECLS
>=C2=A0 =C2=A0 +void __stack_chk_fail(void) __dead2;
>=C2=A0 =C2=A0 +void __chk_fail(void) __dead2;
>=C2=A0 =C2=A0 +__END_DECLS
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#endif /* _SSP_SSP_H_ */
>=C2=A0 =C2=A0 diff --git a/include/ssp/stdio.h b/include/ssp/stdio.h
>=C2=A0 =C2=A0 new file mode 100644
>=C2=A0 =C2=A0 index 000000000000..72e3236eac80
>=C2=A0 =C2=A0 --- /dev/null
>=C2=A0 =C2=A0 +++ b/include/ssp/stdio.h
>=C2=A0 =C2=A0 @@ -0,0 +1,93 @@
>=C2=A0 =C2=A0 +/*=C2=A0=C2=A0=C2=A0 $NetBSD: stdio.h,v 1.5 2011/07/17 20:5=
4:34 joerg Exp $=C2=A0=C2=A0=C2=A0 */
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +/*-
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * SPDX-License-Identifier: BSD-2-Clause
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Copyright (c) 2006 The NetBSD Foundation, Inc.
>=C2=A0 =C2=A0 + * All rights reserved.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * This code is derived from software contributed to The Ne=
tBSD
>=C2=A0 =C2=A0 Foundation
>=C2=A0 =C2=A0 + * by Christos Zoulas.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Redistribution and use in source and binary forms, with =
or without
>=C2=A0 =C2=A0 + * modification, are permitted provided that the following =
conditions
>=C2=A0 =C2=A0 + * are met:
>=C2=A0 =C2=A0 + * 1. Redistributions of source code must retain the above =
copyright
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 notice, this list of conditions and the fol=
lowing disclaimer.
>=C2=A0 =C2=A0 + * 2. Redistributions in binary form must reproduce the abo=
ve copyright
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 notice, this list of conditions and the fol=
lowing disclaimer
>=C2=A0 =C2=A0 in the
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 documentation and/or other materials provid=
ed with the
>=C2=A0 =C2=A0 distribution.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC.=
AND
>=C2=A0 =C2=A0 CONTRIBUTORS
>=C2=A0 =C2=A0 + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDI=
NG, BUT
>=C2=A0 =C2=A0 NOT LIMITED
>=C2=A0 =C2=A0 + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNES=
S FOR A
>=C2=A0 =C2=A0 PARTICULAR
>=C2=A0 =C2=A0 + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUN=
DATION OR
>=C2=A0 =C2=A0 CONTRIBUTORS
>=C2=A0 =C2=A0 + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
>=C2=A0 =C2=A0 EXEMPLARY, OR
>=C2=A0 =C2=A0 + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PR=
OCUREMENT OF
>=C2=A0 =C2=A0 + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROF=
ITS; OR
>=C2=A0 =C2=A0 BUSINESS
>=C2=A0 =C2=A0 + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABIL=
ITY,
>=C2=A0 =C2=A0 WHETHER IN
>=C2=A0 =C2=A0 + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENC=
E OR
>=C2=A0 =C2=A0 OTHERWISE)
>=C2=A0 =C2=A0 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN=
IF
>=C2=A0 =C2=A0 ADVISED OF THE
>=C2=A0 =C2=A0 + * POSSIBILITY OF SUCH DAMAGE.
>=C2=A0 =C2=A0 + */
>=C2=A0 =C2=A0 +#ifndef _SSP_STDIO_H_
>=C2=A0 =C2=A0 +#define _SSP_STDIO_H_
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#include <ssp/ssp.h>
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +__BEGIN_DECLS
>=C2=A0 =C2=A0 +int __sprintf_chk(char *__restrict, int, size_t, const char
>=C2=A0 =C2=A0 *__restrict, ...)
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __printflike(4, 5);
>=C2=A0 =C2=A0 +int __vsprintf_chk(char *__restrict, int, size_t, const cha=
r
>=C2=A0 =C2=A0 *__restrict,
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __va_list)
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __printflike(4, 0);
>=C2=A0 =C2=A0 +int __snprintf_chk(char *__restrict, size_t, int, size_t,
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 const char *__restrict, ...)
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __printflike(5, 6);
>=C2=A0 =C2=A0 +int __vsnprintf_chk(char *__restrict, size_t, int, size_t,
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 const char *__restrict, __va_list)
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __printflike(5, 0);
>=C2=A0 =C2=A0 +char *__gets_chk(char *, size_t);
>=C2=A0 =C2=A0 +char *__fgets_chk(char *, int, size_t, FILE *);
>=C2=A0 =C2=A0 +__END_DECLS
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#if __SSP_FORTIFY_LEVEL > 0
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define sprintf(str, ...) ({=C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 char *_ssp_str =3D (str);=C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __builtin___sprintf_chk(_ssp_str, 0, __ssp_bo=
s(_ssp_str),=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 =C2=A0 =C2=A0 __VA_ARGS__); \
>=C2=A0 =C2=A0 +})
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define vsprintf(str, fmt, ap) ({=C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 char *_ssp_str =3D (str);=C2=A0=C2=A0=C2=A0 =
=C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __builtin___vsprintf_chk(_ssp_str, 0, __ssp_b=
os(_ssp_str),
>=C2=A0 =C2=A0 fmt,=C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 =C2=A0 =C2=A0 ap);=C2=A0=C2=A0=C2=A0 =C2=A0=
=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +})
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define snprintf(str, len, ...) ({=C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 char *_ssp_str =3D (str);=C2=A0=C2=A0=C2=A0 =
=C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __builtin___snprintf_chk(_ssp_str, len, 0,
>=C2=A0 =C2=A0 __ssp_bos(_ssp_str),=C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 =C2=A0 =C2=A0 __VA_ARGS__);=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +})
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define vsnprintf(str, len, fmt, ap) ({=C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 char *_ssp_str =3D (str);=C2=A0=C2=A0=C2=A0 =
=C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __builtin___vsnprintf_chk(_ssp_str, len, 0,
>=C2=A0 =C2=A0 __ssp_bos(_ssp_str),=C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 =C2=A0 =C2=A0 fmt, ap);=C2=A0=C2=A0=C2=A0 =C2=
=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +})
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define gets(str) ({=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 =
=C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 char *_ssp_str =3D (str);=C2=A0=C2=A0=C2=A0 =C2=A0=
=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __gets_chk(_ssp_str, __ssp_bos(_ssp_str));=C2=
=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +})
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define fgets(str, len, fp) ({=C2=A0=C2=A0=C2=A0 =C2=A0=C2=
=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 char *_ssp_str =3D (str);=C2=A0=C2=A0=C2=A0 =
=C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __fgets_chk(_ssp_str, len, __ssp_bos(_ssp_str=
), fp);=C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +})
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#endif /* __SSP_FORTIFY_LEVEL > 0 */
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#endif /* _SSP_STDIO_H_ */
>=C2=A0 =C2=A0 diff --git a/include/ssp/string.h b/include/ssp/string.h
>=C2=A0 =C2=A0 new file mode 100644
>=C2=A0 =C2=A0 index 000000000000..996020fda778
>=C2=A0 =C2=A0 --- /dev/null
>=C2=A0 =C2=A0 +++ b/include/ssp/string.h
>=C2=A0 =C2=A0 @@ -0,0 +1,129 @@
>=C2=A0 =C2=A0 +/*=C2=A0=C2=A0=C2=A0 $NetBSD: string.h,v 1.14 2020/09/05 13=
:37:59 mrg Exp $=C2=A0=C2=A0=C2=A0 */
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +/*-
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * SPDX-License-Identifier: BSD-2-Clause
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Copyright (c) 2006 The NetBSD Foundation, Inc.
>=C2=A0 =C2=A0 + * All rights reserved.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * This code is derived from software contributed to The Ne=
tBSD
>=C2=A0 =C2=A0 Foundation
>=C2=A0 =C2=A0 + * by Christos Zoulas.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Redistribution and use in source and binary forms, with =
or without
>=C2=A0 =C2=A0 + * modification, are permitted provided that the following =
conditions
>=C2=A0 =C2=A0 + * are met:
>=C2=A0 =C2=A0 + * 1. Redistributions of source code must retain the above =
copyright
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 notice, this list of conditions and the fol=
lowing disclaimer.
>=C2=A0 =C2=A0 + * 2. Redistributions in binary form must reproduce the abo=
ve copyright
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 notice, this list of conditions and the fol=
lowing disclaimer
>=C2=A0 =C2=A0 in the
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 documentation and/or other materials provid=
ed with the
>=C2=A0 =C2=A0 distribution.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC.=
AND
>=C2=A0 =C2=A0 CONTRIBUTORS
>=C2=A0 =C2=A0 + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDI=
NG, BUT
>=C2=A0 =C2=A0 NOT LIMITED
>=C2=A0 =C2=A0 + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNES=
S FOR A
>=C2=A0 =C2=A0 PARTICULAR
>=C2=A0 =C2=A0 + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUN=
DATION OR
>=C2=A0 =C2=A0 CONTRIBUTORS
>=C2=A0 =C2=A0 + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
>=C2=A0 =C2=A0 EXEMPLARY, OR
>=C2=A0 =C2=A0 + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PR=
OCUREMENT OF
>=C2=A0 =C2=A0 + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROF=
ITS; OR
>=C2=A0 =C2=A0 BUSINESS
>=C2=A0 =C2=A0 + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABIL=
ITY,
>=C2=A0 =C2=A0 WHETHER IN
>=C2=A0 =C2=A0 + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENC=
E OR
>=C2=A0 =C2=A0 OTHERWISE)
>=C2=A0 =C2=A0 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN=
IF
>=C2=A0 =C2=A0 ADVISED OF THE
>=C2=A0 =C2=A0 + * POSSIBILITY OF SUCH DAMAGE.
>=C2=A0 =C2=A0 + */
>=C2=A0 =C2=A0 +#ifndef _SSP_STRING_H_
>=C2=A0 =C2=A0 +#define _SSP_STRING_H_
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#include <ssp/ssp.h>
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +__BEGIN_DECLS
>=C2=A0 =C2=A0 +void *__memcpy_chk(void *, const void *, size_t, size_t);
>=C2=A0 =C2=A0 +void *__memmove_chk(void *, const void *, size_t, size_t);
>=C2=A0 =C2=A0 +void *__memset_chk(void *, int, size_t, size_t);
>=C2=A0 =C2=A0 +char *__stpcpy_chk(char *, const char *, size_t);
>=C2=A0 =C2=A0 +char *__stpncpy_chk(char *, const char *, size_t, size_t);
>=C2=A0 =C2=A0 +char *__strcat_chk(char *, const char *, size_t);
>=C2=A0 =C2=A0 +char *__strcpy_chk(char *, const char *, size_t);
>=C2=A0 =C2=A0 +char *__strncat_chk(char *, const char *, size_t, size_t);
>=C2=A0 =C2=A0 +char *__strncpy_chk(char *, const char *, size_t, size_t);
>=C2=A0 =C2=A0 +__END_DECLS
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#if __SSP_FORTIFY_LEVEL > 0
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define __ssp_bos_check3_typed_var(fun, dsttype, dsrvar, ds=
t,
>=C2=A0 =C2=A0 srctype, srcvar, \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 src, lenvar, len) ({=C2=A0=C2=A0=C2=A0 =C2=A0=
=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 srctype srcvar =3D (src);=C2=A0=C2=A0=C2=A0 =
=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 dsttype dstvar =3D (dst);=C2=A0=C2=A0=C2=A0 =
=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 size_t lenvar =3D (len);=C2=A0=C2=A0=C2=A0 =
=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 ((__ssp_bos0(dstvar) !=3D (size_t)-1) ?=C2=A0=
=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __builtin___ ## fun ## _chk(dstvar, srcvar, l=
envar,=C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 =C2=A0 =C2=A0 __ssp_bos0(dstvar)) :=C2=A0=C2=
=A0=C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __ ## fun ## _ichk(dstvar, srcvar, lenvar));=
=C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +})
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define __ssp_bos_check3_typed(fun, dsttype, dst, srctype, =
src,
>=C2=A0 =C2=A0 len)=C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __ssp_bos_check3_typed_var(fun, dsttype, __ss=
p_var(dstv), dst,=C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 =C2=A0 =C2=A0 srctype, __ssp_var(srcv), src, =
__ssp_var(lenv), len)
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define __ssp_bos_check3(fun, dst, src, len)=C2=A0=C2=A0=C2=
=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __ssp_bos_check3_typed_var(fun, void *, __ssp=
_var(dstv), dst,=C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 =C2=A0 =C2=A0 const void *, __ssp_var(srcv), =
src, __ssp_var(lenv), len)
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define __ssp_bos_check2_var(fun, dstvar, dst, srcvar, src)=
({=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 const void *srcvar =3D (src);=C2=A0=C2=A0=C2=
=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 void *dstvar =3D (dst);=C2=A0=C2=A0=C2=A0 =C2=
=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 ((__ssp_bos0(dstvar) !=3D (size_t)-1) ?=C2=A0=
=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __builtin___ ## fun ## _chk(dstvar, srcvar,=
=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 =C2=A0 =C2=A0 __ssp_bos0(dstvar)) :=C2=A0=C2=
=A0=C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __ ## fun ## _ichk(dstvar, srcvar));=C2=A0=C2=
=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +})
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define __ssp_bos_check2(fun, dst, src)=C2=A0=C2=A0=C2=A0 =
=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __ssp_bos_check2_var(fun, __ssp_var(dstv), ds=
t,
>=C2=A0 =C2=A0 __ssp_var(srcv), src)
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define __ssp_bos_icheck3_restrict(fun, type1, type2) \
>=C2=A0 =C2=A0 +static __inline type1 __ ## fun ## _ichk(type1 __restrict, =
type2
>=C2=A0 =C2=A0 __restrict, size_t); \
>=C2=A0 =C2=A0 +static __inline __attribute__((__always_inline__)) type1 \
>=C2=A0 =C2=A0 +__ ## fun ## _ichk(type1 __restrict dst, type2 __restrict s=
rc,
>=C2=A0 =C2=A0 size_t len) { \
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 return __builtin___ ## fun ## _chk(dst, =
src, len,
>=C2=A0 =C2=A0 __ssp_bos0(dst)); \
>=C2=A0 =C2=A0 +}
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define __ssp_bos_icheck3(fun, type1, type2) \
>=C2=A0 =C2=A0 +static __inline type1 __ ## fun ## _ichk(type1, type2, size=
_t); \
>=C2=A0 =C2=A0 +static __inline __attribute__((__always_inline__)) type1 \
>=C2=A0 =C2=A0 +__ ## fun ## _ichk(type1 dst, type2 src, size_t len) { \
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 return __builtin___ ## fun ## _chk(dst, =
src, len,
>=C2=A0 =C2=A0 __ssp_bos0(dst)); \
>=C2=A0 =C2=A0 +}
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define __ssp_bos_icheck2_restrict(fun, type1, type2) \
>=C2=A0 =C2=A0 +static __inline type1 __ ## fun ## _ichk(type1, type2); \
>=C2=A0 =C2=A0 +static __inline __attribute__((__always_inline__)) type1 \
>=C2=A0 =C2=A0 +__ ## fun ## _ichk(type1 __restrict dst, type2 __restrict s=
rc) { \
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 return __builtin___ ## fun ## _chk(dst, =
src, __ssp_bos0(dst)); \
>=C2=A0 =C2=A0 +}
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +__BEGIN_DECLS
>=C2=A0 =C2=A0 +__ssp_bos_icheck3_restrict(memcpy, void *, const void *)
>=C2=A0 =C2=A0 +__ssp_bos_icheck3(memmove, void *, const void *)
>=C2=A0 =C2=A0 +__ssp_bos_icheck3(memset, void *, int)
>=C2=A0 =C2=A0 +__ssp_bos_icheck2_restrict(stpcpy, char *, const char *)
>=C2=A0 =C2=A0 +__ssp_bos_icheck3_restrict(stpncpy, char *, const char *)
>=C2=A0 =C2=A0 +__ssp_bos_icheck2_restrict(strcpy, char *, const char *)
>=C2=A0 =C2=A0 +__ssp_bos_icheck2_restrict(strcat, char *, const char *)
>=C2=A0 =C2=A0 +__ssp_bos_icheck3_restrict(strncpy, char *, const char *)
>=C2=A0 =C2=A0 +__ssp_bos_icheck3_restrict(strncat, char *, const char *)
>=C2=A0 =C2=A0 +__END_DECLS
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define memcpy(dst, src, len) __ssp_bos_check3(memcpy, dst,=
src, len)
>=C2=A0 =C2=A0 +#define memmove(dst, src, len) __ssp_bos_check3(memmove, ds=
t, src, len)
>=C2=A0 =C2=A0 +#define memset(dst, val, len) \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __ssp_bos_check3_typed(memset, void *, dst, i=
nt, val, len)
>=C2=A0 =C2=A0 +#define stpcpy(dst, src) __ssp_bos_check2(stpcpy, dst, src)
>=C2=A0 =C2=A0 +#define stpncpy(dst, src, len) __ssp_bos_check3(stpncpy, ds=
t, src, len)
>=C2=A0 =C2=A0 +#define strcpy(dst, src) __ssp_bos_check2(strcpy, dst, src)
>=C2=A0 =C2=A0 +#define strcat(dst, src) __ssp_bos_check2(strcat, dst, src)
>=C2=A0 =C2=A0 +#define strncpy(dst, src, len) __ssp_bos_check3(strncpy, ds=
t, src, len)
>=C2=A0 =C2=A0 +#define strncat(dst, src, len) __ssp_bos_check3(strncat, ds=
t, src, len)
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#endif /* __SSP_FORTIFY_LEVEL > 0 */
>=C2=A0 =C2=A0 +#endif /* _SSP_STRING_H_ */
>=C2=A0 =C2=A0 diff --git a/include/ssp/strings.h b/include/ssp/strings.h
>=C2=A0 =C2=A0 new file mode 100644
>=C2=A0 =C2=A0 index 000000000000..06c9c7cc0a09
>=C2=A0 =C2=A0 --- /dev/null
>=C2=A0 =C2=A0 +++ b/include/ssp/strings.h
>=C2=A0 =C2=A0 @@ -0,0 +1,67 @@
>=C2=A0 =C2=A0 +/*=C2=A0=C2=A0=C2=A0 $NetBSD: strings.h,v 1.3 2008/04/28 20=
:22:54 martin Exp $=C2=A0=C2=A0=C2=A0 */
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +/*-
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * SPDX-License-Identifier: BSD-2-Clause
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Copyright (c) 2007 The NetBSD Foundation, Inc.
>=C2=A0 =C2=A0 + * All rights reserved.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * This code is derived from software contributed to The Ne=
tBSD
>=C2=A0 =C2=A0 Foundation
>=C2=A0 =C2=A0 + * by Christos Zoulas.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Redistribution and use in source and binary forms, with =
or without
>=C2=A0 =C2=A0 + * modification, are permitted provided that the following =
conditions
>=C2=A0 =C2=A0 + * are met:
>=C2=A0 =C2=A0 + * 1. Redistributions of source code must retain the above =
copyright
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 notice, this list of conditions and the fol=
lowing disclaimer.
>=C2=A0 =C2=A0 + * 2. Redistributions in binary form must reproduce the abo=
ve copyright
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 notice, this list of conditions and the fol=
lowing disclaimer
>=C2=A0 =C2=A0 in the
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 documentation and/or other materials provid=
ed with the
>=C2=A0 =C2=A0 distribution.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC.=
AND
>=C2=A0 =C2=A0 CONTRIBUTORS
>=C2=A0 =C2=A0 + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDI=
NG, BUT
>=C2=A0 =C2=A0 NOT LIMITED
>=C2=A0 =C2=A0 + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNES=
S FOR A
>=C2=A0 =C2=A0 PARTICULAR
>=C2=A0 =C2=A0 + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUN=
DATION OR
>=C2=A0 =C2=A0 CONTRIBUTORS
>=C2=A0 =C2=A0 + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
>=C2=A0 =C2=A0 EXEMPLARY, OR
>=C2=A0 =C2=A0 + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PR=
OCUREMENT OF
>=C2=A0 =C2=A0 + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROF=
ITS; OR
>=C2=A0 =C2=A0 BUSINESS
>=C2=A0 =C2=A0 + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABIL=
ITY,
>=C2=A0 =C2=A0 WHETHER IN
>=C2=A0 =C2=A0 + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENC=
E OR
>=C2=A0 =C2=A0 OTHERWISE)
>=C2=A0 =C2=A0 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN=
IF
>=C2=A0 =C2=A0 ADVISED OF THE
>=C2=A0 =C2=A0 + * POSSIBILITY OF SUCH DAMAGE.
>=C2=A0 =C2=A0 + */
>=C2=A0 =C2=A0 +#ifndef _SSP_STRINGS_H_
>=C2=A0 =C2=A0 +#define _SSP_STRINGS_H_
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#include <ssp/ssp.h>
>=C2=A0 =C2=A0 +#include <string.h>
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#if __SSP_FORTIFY_LEVEL > 0
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define _ssp_bcopy(srcvar, src, dstvar, dst, lenvar,=C2=A0 =
len) ({=C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 const void *srcvar =3D (src);=C2=A0=C2=A0=C2=
=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 void *dstvar =3D (dst);=C2=A0=C2=A0=C2=A0 =C2=
=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 size_t lenvar =3D (len);=C2=A0=C2=A0=C2=A0 =
=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 ((__ssp_bos0(dstvar) !=3D (size_t)-1) ?=C2=A0=
=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __builtin___memmove_chk(dstvar, srcvar, lenva=
r,=C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 =C2=A0 =C2=A0 __ssp_bos0(dstvar)) :=C2=A0=C2=
=A0=C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __memmove_ichk(dstvar, srcvar, lenvar));=C2=
=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +})
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define=C2=A0=C2=A0=C2=A0 bcopy(src, dst, len)=C2=A0=C2=A0=
=C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 _ssp_bcopy(__ssp_var(srcv), src, __ssp_var(ds=
tv), dst,
>=C2=A0 =C2=A0 __ssp_var(lenv), len)
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define _ssp_bzero(dstvar, dst, lenvar, len) ({=C2=A0=C2=A0=
=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 void *dstvar =3D (dst);=C2=A0=C2=A0=C2=A0 =C2=
=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 size_t lenvar =3D (len);=C2=A0=C2=A0=C2=A0 =
=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 ((__ssp_bos0(dstvar) !=3D (size_t)-1) ?=C2=A0=
=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __builtin___memset_chk(dstvar, 0, lenvar,=C2=
=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 =C2=A0 =C2=A0 __ssp_bos0(dstvar)) : \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 __memset_ichk(dstvar, 0, lenvar));=C2=A0=C2=
=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \
>=C2=A0 =C2=A0 +})
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#define=C2=A0=C2=A0=C2=A0 bzero(dst, len)=C2=A0=C2=A0=C2=A0=
_ssp_bzero(__ssp_var(dstv), dst,
>=C2=A0 =C2=A0 __ssp_var(lenv), len)
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#endif /* __SSP_FORTIFY_LEVEL > 0 */
>=C2=A0 =C2=A0 +#endif /* _SSP_STRINGS_H_ */
>=C2=A0 =C2=A0 diff --git a/include/ssp/unistd.h b/include/ssp/unistd.h
>=C2=A0 =C2=A0 new file mode 100644
>=C2=A0 =C2=A0 index 000000000000..2414e2baa96b
>=C2=A0 =C2=A0 --- /dev/null
>=C2=A0 =C2=A0 +++ b/include/ssp/unistd.h
>=C2=A0 =C2=A0 @@ -0,0 +1,54 @@
>=C2=A0 =C2=A0 +/*=C2=A0=C2=A0=C2=A0 $NetBSD: unistd.h,v 1.7 2015/06/25 18:=
41:03 joerg Exp $=C2=A0=C2=A0=C2=A0 */
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +/*-
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * SPDX-License-Identifier: BSD-2-Clause
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Copyright (c) 2006 The NetBSD Foundation, Inc.
>=C2=A0 =C2=A0 + * All rights reserved.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * This code is derived from software contributed to The Ne=
tBSD
>=C2=A0 =C2=A0 Foundation
>=C2=A0 =C2=A0 + * by Christos Zoulas.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Redistribution and use in source and binary forms, with =
or without
>=C2=A0 =C2=A0 + * modification, are permitted provided that the following =
conditions
>=C2=A0 =C2=A0 + * are met:
>=C2=A0 =C2=A0 + * 1. Redistributions of source code must retain the above =
copyright
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 notice, this list of conditions and the fol=
lowing disclaimer.
>=C2=A0 =C2=A0 + * 2. Redistributions in binary form must reproduce the abo=
ve copyright
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 notice, this list of conditions and the fol=
lowing disclaimer
>=C2=A0 =C2=A0 in the
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 documentation and/or other materials provid=
ed with the
>=C2=A0 =C2=A0 distribution.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC.=
AND
>=C2=A0 =C2=A0 CONTRIBUTORS
>=C2=A0 =C2=A0 + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDI=
NG, BUT
>=C2=A0 =C2=A0 NOT LIMITED
>=C2=A0 =C2=A0 + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNES=
S FOR A
>=C2=A0 =C2=A0 PARTICULAR
>=C2=A0 =C2=A0 + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUN=
DATION OR
>=C2=A0 =C2=A0 CONTRIBUTORS
>=C2=A0 =C2=A0 + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
>=C2=A0 =C2=A0 EXEMPLARY, OR
>=C2=A0 =C2=A0 + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PR=
OCUREMENT OF
>=C2=A0 =C2=A0 + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROF=
ITS; OR
>=C2=A0 =C2=A0 BUSINESS
>=C2=A0 =C2=A0 + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABIL=
ITY,
>=C2=A0 =C2=A0 WHETHER IN
>=C2=A0 =C2=A0 + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENC=
E OR
>=C2=A0 =C2=A0 OTHERWISE)
>=C2=A0 =C2=A0 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN=
IF
>=C2=A0 =C2=A0 ADVISED OF THE
>=C2=A0 =C2=A0 + * POSSIBILITY OF SUCH DAMAGE.
>=C2=A0 =C2=A0 + */
>=C2=A0 =C2=A0 +#ifndef _SSP_UNISTD_H_
>=C2=A0 =C2=A0 +#define _SSP_UNISTD_H_
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#include <ssp/ssp.h>
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#if __SSP_FORTIFY_LEVEL > 0
>=C2=A0 =C2=A0 +__BEGIN_DECLS
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +__ssp_redirect0(ssize_t, read, (int __fd, void *__buf, size=
_t __len), \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 (__fd, __buf, __len));
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +__ssp_redirect(ssize_t, readlink, (const char *__restrict _=
_path, \
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 char *__restrict __buf, size_t __len), (__pat=
h, __buf, __len));
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +__ssp_redirect_raw(char *, getcwd, getcwd, (char *__buf, si=
ze_t __len),
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 (__buf, __len), __buf !=3D 0, __ssp_bos);
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +__END_DECLS
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#endif /* __SSP_FORTIFY_LEVEL > 0 */
>=C2=A0 =C2=A0 +#endif /* _SSP_UNISTD_H_ */
>=C2=A0 =C2=A0 diff --git a/lib/libc/secure/Makefile.inc b/lib/libc/secure/=
Makefile.inc
>=C2=A0 =C2=A0 index 8574c5a05dc5..3b1ad879c715 100644
>=C2=A0 =C2=A0 --- a/lib/libc/secure/Makefile.inc
>=C2=A0 =C2=A0 +++ b/lib/libc/secure/Makefile.inc
>=C2=A0 =C2=A0 @@ -3,6 +3,17 @@
>=20
>=C2=A0 =C2=A0 .PATH: ${LIBC_SRCTOP}/secure
>=20
>=C2=A0 =C2=A0 +# _FORTIFY_SOURCE
>=C2=A0 =C2=A0 +SRCS+=3D=C2=A0=C2=A0=C2=A0 gets_chk.c fgets_chk.c memcpy_ch=
k.c memmove_chk.c
>=C2=A0 =C2=A0 memset_chk.c \
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 snprintf_chk.c sprintf_chk.c stpcpy_chk.=
c stpncpy_chk.c \
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 strcat_chk.c strcpy_chk.c strncat_chk.c =
strncpy_chk.c \
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 vsnprintf_chk.c vsprintf_chk.c
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +CFLAGS.snprintf_chk.c+=3D=C2=A0=C2=A0=C2=A0 -Wno-unused-par=
ameter
>=C2=A0 =C2=A0 +CFLAGS.sprintf_chk.c+=3D=C2=A0=C2=A0=C2=A0 -Wno-unused-para=
meter
>=C2=A0 =C2=A0 +CFLAGS.vsnprintf_chk.c+=3D=C2=A0=C2=A0=C2=A0 -Wno-unused-pa=
rameter
>=C2=A0 =C2=A0 +CFLAGS.vsprintf_chk.c+=3D=C2=A0=C2=A0=C2=A0 -Wno-unused-par=
ameter
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 # Sources common to both syscall interfaces:
>=C2=A0 =C2=A0 SRCS+=3D=C2=A0=C2=A0=C2=A0 stack_protector.c \
>=C2=A0 =C2=A0 =C2=A0 =C2=A0=C2=A0=C2=A0 stack_protector_compat.c
>=C2=A0 =C2=A0 diff --git a/lib/libc/secure/Symbol.map b/lib/libc/secure/Sy=
mbol.map
>=C2=A0 =C2=A0 index 641f451b5421..7859fcee3821 100644
>=C2=A0 =C2=A0 --- a/lib/libc/secure/Symbol.map
>=C2=A0 =C2=A0 +++ b/lib/libc/secure/Symbol.map
>=C2=A0 =C2=A0 @@ -3,3 +3,21 @@ FBSD_1.0 {
>=C2=A0 =C2=A0 =C2=A0 =C2=A0=C2=A0=C2=A0 __stack_chk_fail;
>=C2=A0 =C2=A0 =C2=A0 =C2=A0=C2=A0=C2=A0 __stack_chk_guard;
>=C2=A0 =C2=A0 };
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +FBSD_1.8 {
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 __gets_chk;
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 __fgets_chk;
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 __memcpy_chk;
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 __memmove_chk;
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 __memset_chk;
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 __snprintf_chk;
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 __sprintf_chk;
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 __stpcpy_chk;
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 __stpncpy_chk;
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 __strcat_chk;
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 __strcpy_chk;
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 __strncat_chk;
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 __strncpy_chk;
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 __vsnprintf_chk;
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 __vsprintf_chk;
>=C2=A0 =C2=A0 +};
>=C2=A0 =C2=A0 diff --git a/lib/libc/secure/fgets_chk.c b/lib/libc/secure/f=
gets_chk.c
>=C2=A0 =C2=A0 new file mode 100644
>=C2=A0 =C2=A0 index 000000000000..72aa1d816ce1
>=C2=A0 =C2=A0 --- /dev/null
>=C2=A0 =C2=A0 +++ b/lib/libc/secure/fgets_chk.c
>=C2=A0 =C2=A0 @@ -0,0 +1,54 @@
>=C2=A0 =C2=A0 +/*-
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * SPDX-License-Identifier: BSD-2-Clause
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Copyright (c) 2006 The NetBSD Foundation, Inc.
>=C2=A0 =C2=A0 + * All rights reserved.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * This code is derived from software contributed to The Ne=
tBSD
>=C2=A0 =C2=A0 Foundation
>=C2=A0 =C2=A0 + * by Christos Zoulas.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Redistribution and use in source and binary forms, with =
or without
>=C2=A0 =C2=A0 + * modification, are permitted provided that the following =
conditions
>=C2=A0 =C2=A0 + * are met:
>=C2=A0 =C2=A0 + * 1. Redistributions of source code must retain the above =
copyright
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 notice, this list of conditions and the fol=
lowing disclaimer.
>=C2=A0 =C2=A0 + * 2. Redistributions in binary form must reproduce the abo=
ve copyright
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 notice, this list of conditions and the fol=
lowing disclaimer
>=C2=A0 =C2=A0 in the
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 documentation and/or other materials provid=
ed with the
>=C2=A0 =C2=A0 distribution.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC.=
AND
>=C2=A0 =C2=A0 CONTRIBUTORS
>=C2=A0 =C2=A0 + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDI=
NG, BUT
>=C2=A0 =C2=A0 NOT LIMITED
>=C2=A0 =C2=A0 + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNES=
S FOR A
>=C2=A0 =C2=A0 PARTICULAR
>=C2=A0 =C2=A0 + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUN=
DATION OR
>=C2=A0 =C2=A0 CONTRIBUTORS
>=C2=A0 =C2=A0 + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
>=C2=A0 =C2=A0 EXEMPLARY, OR
>=C2=A0 =C2=A0 + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PR=
OCUREMENT OF
>=C2=A0 =C2=A0 + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROF=
ITS; OR
>=C2=A0 =C2=A0 BUSINESS
>=C2=A0 =C2=A0 + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABIL=
ITY,
>=C2=A0 =C2=A0 WHETHER IN
>=C2=A0 =C2=A0 + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENC=
E OR
>=C2=A0 =C2=A0 OTHERWISE)
>=C2=A0 =C2=A0 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN=
IF
>=C2=A0 =C2=A0 ADVISED OF THE
>=C2=A0 =C2=A0 + * POSSIBILITY OF SUCH DAMAGE.
>=C2=A0 =C2=A0 + */
>=C2=A0 =C2=A0 +#include <sys/cdefs.h>
>=C2=A0 =C2=A0 +__RCSID("$NetBSD: fgets_chk.c,v 1.6 2009/02/05 05:41:51 luk=
em Exp $");
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#include <limits.h>
>=C2=A0 =C2=A0 +#include <stdio.h>
>=C2=A0 =C2=A0 +#include <stdlib.h>
>=C2=A0 =C2=A0 +#include <string.h>
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#include <ssp/stdio.h>
>=C2=A0 =C2=A0 +#include <ssp/string.h>
>=C2=A0 =C2=A0 +#undef fgets
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +char *
>=C2=A0 =C2=A0 +__fgets_chk(char * __restrict buf, int len, size_t slen, FI=
LE *fp)
>=C2=A0 =C2=A0 +{
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 if (slen >=3D (size_t)INT_MAX)
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 return (fgets(buf, le=
n, fp));
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 if (len >=3D 0 && (size_t)len > slen)
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail();
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 return (fgets(buf, len, fp));
>=C2=A0 =C2=A0 +}
>=C2=A0 =C2=A0 diff --git a/lib/libc/secure/gets_chk.c b/lib/libc/secure/ge=
ts_chk.c
>=C2=A0 =C2=A0 new file mode 100644
>=C2=A0 =C2=A0 index 000000000000..18c1e2d18f43
>=C2=A0 =C2=A0 --- /dev/null
>=C2=A0 =C2=A0 +++ b/lib/libc/secure/gets_chk.c
>=C2=A0 =C2=A0 @@ -0,0 +1,74 @@
>=C2=A0 =C2=A0 +/*-
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * SPDX-License-Identifier: BSD-2-Clause
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Copyright (c) 2006 The NetBSD Foundation, Inc.
>=C2=A0 =C2=A0 + * All rights reserved.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * This code is derived from software contributed to The Ne=
tBSD
>=C2=A0 =C2=A0 Foundation
>=C2=A0 =C2=A0 + * by Christos Zoulas.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Redistribution and use in source and binary forms, with =
or without
>=C2=A0 =C2=A0 + * modification, are permitted provided that the following =
conditions
>=C2=A0 =C2=A0 + * are met:
>=C2=A0 =C2=A0 + * 1. Redistributions of source code must retain the above =
copyright
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 notice, this list of conditions and the fol=
lowing disclaimer.
>=C2=A0 =C2=A0 + * 2. Redistributions in binary form must reproduce the abo=
ve copyright
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 notice, this list of conditions and the fol=
lowing disclaimer
>=C2=A0 =C2=A0 in the
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 documentation and/or other materials provid=
ed with the
>=C2=A0 =C2=A0 distribution.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC.=
AND
>=C2=A0 =C2=A0 CONTRIBUTORS
>=C2=A0 =C2=A0 + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDI=
NG, BUT
>=C2=A0 =C2=A0 NOT LIMITED
>=C2=A0 =C2=A0 + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNES=
S FOR A
>=C2=A0 =C2=A0 PARTICULAR
>=C2=A0 =C2=A0 + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUN=
DATION OR
>=C2=A0 =C2=A0 CONTRIBUTORS
>=C2=A0 =C2=A0 + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
>=C2=A0 =C2=A0 EXEMPLARY, OR
>=C2=A0 =C2=A0 + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PR=
OCUREMENT OF
>=C2=A0 =C2=A0 + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROF=
ITS; OR
>=C2=A0 =C2=A0 BUSINESS
>=C2=A0 =C2=A0 + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABIL=
ITY,
>=C2=A0 =C2=A0 WHETHER IN
>=C2=A0 =C2=A0 + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENC=
E OR
>=C2=A0 =C2=A0 OTHERWISE)
>=C2=A0 =C2=A0 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN=
IF
>=C2=A0 =C2=A0 ADVISED OF THE
>=C2=A0 =C2=A0 + * POSSIBILITY OF SUCH DAMAGE.
>=C2=A0 =C2=A0 + */
>=C2=A0 =C2=A0 +#include <sys/cdefs.h>
>=C2=A0 =C2=A0 +__RCSID("$NetBSD: gets_chk.c,v 1.7 2013/10/04 20:49:16 chri=
stos Exp
>=C2=A0 =C2=A0 $");
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#include <limits.h>
>=C2=A0 =C2=A0 +#include <stdio.h>
>=C2=A0 =C2=A0 +#include <stdlib.h>
>=C2=A0 =C2=A0 +#include <string.h>
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#include <ssp/stdio.h>
>=C2=A0 =C2=A0 +#include <ssp/string.h>
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +char *__gets_unsafe(char *);
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +char *
>=C2=A0 =C2=A0 +__gets_chk(char * __restrict buf, size_t slen)
>=C2=A0 =C2=A0 +{
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 char *abuf;
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 size_t len;
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 if (slen >=3D (size_t)INT_MAX)
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 return (__gets_unsafe=
(buf));
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 if ((abuf =3D malloc(slen + 1)) =3D=3D N=
ULL)
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 return (__gets_unsafe=
(buf));
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 if (fgets(abuf, (int)(slen + 1), stdin) =
=3D=3D NULL) {
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 free(abuf);
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 return (NULL);
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 }
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 len =3D strlen(abuf);
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 if (len > 0 && abuf[len - 1] =3D=3D '\n'=
)
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 --len;
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 if (len >=3D slen)
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail();
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 (void)memcpy(buf, abuf, len);
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 buf[len] =3D '\0';
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 free(abuf);
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 return (buf);
>=C2=A0 =C2=A0 +}
>=C2=A0 =C2=A0 diff --git a/lib/libc/secure/memcpy_chk.c b/lib/libc/secure/=
memcpy_chk.c
>=C2=A0 =C2=A0 new file mode 100644
>=C2=A0 =C2=A0 index 000000000000..99cf2d5f13ff
>=C2=A0 =C2=A0 --- /dev/null
>=C2=A0 =C2=A0 +++ b/lib/libc/secure/memcpy_chk.c
>=C2=A0 =C2=A0 @@ -0,0 +1,53 @@
>=C2=A0 =C2=A0 +/*-
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * SPDX-License-Identifier: BSD-2-Clause
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Copyright (c) 2006 The NetBSD Foundation, Inc.
>=C2=A0 =C2=A0 + * All rights reserved.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * This code is derived from software contributed to The Ne=
tBSD
>=C2=A0 =C2=A0 Foundation
>=C2=A0 =C2=A0 + * by Christos Zoulas.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Redistribution and use in source and binary forms, with =
or without
>=C2=A0 =C2=A0 + * modification, are permitted provided that the following =
conditions
>=C2=A0 =C2=A0 + * are met:
>=C2=A0 =C2=A0 + * 1. Redistributions of source code must retain the above =
copyright
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 notice, this list of conditions and the fol=
lowing disclaimer.
>=C2=A0 =C2=A0 + * 2. Redistributions in binary form must reproduce the abo=
ve copyright
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 notice, this list of conditions and the fol=
lowing disclaimer
>=C2=A0 =C2=A0 in the
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 documentation and/or other materials provid=
ed with the
>=C2=A0 =C2=A0 distribution.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC.=
AND
>=C2=A0 =C2=A0 CONTRIBUTORS
>=C2=A0 =C2=A0 + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDI=
NG, BUT
>=C2=A0 =C2=A0 NOT LIMITED
>=C2=A0 =C2=A0 + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNES=
S FOR A
>=C2=A0 =C2=A0 PARTICULAR
>=C2=A0 =C2=A0 + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUN=
DATION OR
>=C2=A0 =C2=A0 CONTRIBUTORS
>=C2=A0 =C2=A0 + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
>=C2=A0 =C2=A0 EXEMPLARY, OR
>=C2=A0 =C2=A0 + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PR=
OCUREMENT OF
>=C2=A0 =C2=A0 + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROF=
ITS; OR
>=C2=A0 =C2=A0 BUSINESS
>=C2=A0 =C2=A0 + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABIL=
ITY,
>=C2=A0 =C2=A0 WHETHER IN
>=C2=A0 =C2=A0 + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENC=
E OR
>=C2=A0 =C2=A0 OTHERWISE)
>=C2=A0 =C2=A0 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN=
IF
>=C2=A0 =C2=A0 ADVISED OF THE
>=C2=A0 =C2=A0 + * POSSIBILITY OF SUCH DAMAGE.
>=C2=A0 =C2=A0 + */
>=C2=A0 =C2=A0 +#include <sys/cdefs.h>
>=C2=A0 =C2=A0 +__RCSID("$NetBSD: memcpy_chk.c,v 1.7 2015/05/13 19:57:16 jo=
erg Exp $");
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#include <string.h>
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#include <ssp/string.h>
>=C2=A0 =C2=A0 +#undef memcpy
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#include "ssp_internal.h"
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +void *
>=C2=A0 =C2=A0 +__memcpy_chk(void * __restrict dst, const void * __restrict=
src,
>=C2=A0 =C2=A0 size_t len,
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 size_t slen)
>=C2=A0 =C2=A0 +{
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 if (len > slen)
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail();
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 if (__ssp_overlap((const char *)src, (co=
nst char *)dst, len))
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail();
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 return (memcpy(dst, src, len));
>=C2=A0 =C2=A0 +}
>=C2=A0 =C2=A0 diff --git a/lib/libc/secure/memmove_chk.c
>=C2=A0 =C2=A0 b/lib/libc/secure/memmove_chk.c
>=C2=A0 =C2=A0 new file mode 100644
>=C2=A0 =C2=A0 index 000000000000..07f965d608fc
>=C2=A0 =C2=A0 --- /dev/null
>=C2=A0 =C2=A0 +++ b/lib/libc/secure/memmove_chk.c
>=C2=A0 =C2=A0 @@ -0,0 +1,47 @@
>=C2=A0 =C2=A0 +/*-
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * SPDX-License-Identifier: BSD-2-Clause
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Copyright (c) 2006 The NetBSD Foundation, Inc.
>=C2=A0 =C2=A0 + * All rights reserved.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * This code is derived from software contributed to The Ne=
tBSD
>=C2=A0 =C2=A0 Foundation
>=C2=A0 =C2=A0 + * by Christos Zoulas.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Redistribution and use in source and binary forms, with =
or without
>=C2=A0 =C2=A0 + * modification, are permitted provided that the following =
conditions
>=C2=A0 =C2=A0 + * are met:
>=C2=A0 =C2=A0 + * 1. Redistributions of source code must retain the above =
copyright
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 notice, this list of conditions and the fol=
lowing disclaimer.
>=C2=A0 =C2=A0 + * 2. Redistributions in binary form must reproduce the abo=
ve copyright
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 notice, this list of conditions and the fol=
lowing disclaimer
>=C2=A0 =C2=A0 in the
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 documentation and/or other materials provid=
ed with the
>=C2=A0 =C2=A0 distribution.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC.=
AND
>=C2=A0 =C2=A0 CONTRIBUTORS
>=C2=A0 =C2=A0 + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDI=
NG, BUT
>=C2=A0 =C2=A0 NOT LIMITED
>=C2=A0 =C2=A0 + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNES=
S FOR A
>=C2=A0 =C2=A0 PARTICULAR
>=C2=A0 =C2=A0 + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUN=
DATION OR
>=C2=A0 =C2=A0 CONTRIBUTORS
>=C2=A0 =C2=A0 + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
>=C2=A0 =C2=A0 EXEMPLARY, OR
>=C2=A0 =C2=A0 + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PR=
OCUREMENT OF
>=C2=A0 =C2=A0 + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROF=
ITS; OR
>=C2=A0 =C2=A0 BUSINESS
>=C2=A0 =C2=A0 + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABIL=
ITY,
>=C2=A0 =C2=A0 WHETHER IN
>=C2=A0 =C2=A0 + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENC=
E OR
>=C2=A0 =C2=A0 OTHERWISE)
>=C2=A0 =C2=A0 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN=
IF
>=C2=A0 =C2=A0 ADVISED OF THE
>=C2=A0 =C2=A0 + * POSSIBILITY OF SUCH DAMAGE.
>=C2=A0 =C2=A0 + */
>=C2=A0 =C2=A0 +#include <sys/cdefs.h>
>=C2=A0 =C2=A0 +__RCSID("$NetBSD: memmove_chk.c,v 1.6 2020/09/05 13:37:59 m=
rg Exp $");
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#include <string.h>
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#include <ssp/string.h>
>=C2=A0 =C2=A0 +#undef memmove
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +void *
>=C2=A0 =C2=A0 +__memmove_chk(void *dst, const void *src, size_t len,
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 size_t slen)
>=C2=A0 =C2=A0 +{
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 if (len > slen)
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail();
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 return (memmove(dst, src, len));
>=C2=A0 =C2=A0 +}
>=C2=A0 =C2=A0 diff --git a/lib/libc/secure/memset_chk.c b/lib/libc/secure/=
memset_chk.c
>=C2=A0 =C2=A0 new file mode 100644
>=C2=A0 =C2=A0 index 000000000000..f337be98b46d
>=C2=A0 =C2=A0 --- /dev/null
>=C2=A0 =C2=A0 +++ b/lib/libc/secure/memset_chk.c
>=C2=A0 =C2=A0 @@ -0,0 +1,46 @@
>=C2=A0 =C2=A0 +/*-
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * SPDX-License-Identifier: BSD-2-Clause
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Copyright (c) 2006 The NetBSD Foundation, Inc.
>=C2=A0 =C2=A0 + * All rights reserved.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * This code is derived from software contributed to The Ne=
tBSD
>=C2=A0 =C2=A0 Foundation
>=C2=A0 =C2=A0 + * by Christos Zoulas.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Redistribution and use in source and binary forms, with =
or without
>=C2=A0 =C2=A0 + * modification, are permitted provided that the following =
conditions
>=C2=A0 =C2=A0 + * are met:
>=C2=A0 =C2=A0 + * 1. Redistributions of source code must retain the above =
copyright
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 notice, this list of conditions and the fol=
lowing disclaimer.
>=C2=A0 =C2=A0 + * 2. Redistributions in binary form must reproduce the abo=
ve copyright
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 notice, this list of conditions and the fol=
lowing disclaimer
>=C2=A0 =C2=A0 in the
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 documentation and/or other materials provid=
ed with the
>=C2=A0 =C2=A0 distribution.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC.=
AND
>=C2=A0 =C2=A0 CONTRIBUTORS
>=C2=A0 =C2=A0 + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDI=
NG, BUT
>=C2=A0 =C2=A0 NOT LIMITED
>=C2=A0 =C2=A0 + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNES=
S FOR A
>=C2=A0 =C2=A0 PARTICULAR
>=C2=A0 =C2=A0 + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUN=
DATION OR
>=C2=A0 =C2=A0 CONTRIBUTORS
>=C2=A0 =C2=A0 + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
>=C2=A0 =C2=A0 EXEMPLARY, OR
>=C2=A0 =C2=A0 + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PR=
OCUREMENT OF
>=C2=A0 =C2=A0 + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROF=
ITS; OR
>=C2=A0 =C2=A0 BUSINESS
>=C2=A0 =C2=A0 + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABIL=
ITY,
>=C2=A0 =C2=A0 WHETHER IN
>=C2=A0 =C2=A0 + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENC=
E OR
>=C2=A0 =C2=A0 OTHERWISE)
>=C2=A0 =C2=A0 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN=
IF
>=C2=A0 =C2=A0 ADVISED OF THE
>=C2=A0 =C2=A0 + * POSSIBILITY OF SUCH DAMAGE.
>=C2=A0 =C2=A0 + */
>=C2=A0 =C2=A0 +#include <sys/cdefs.h>
>=C2=A0 =C2=A0 +__RCSID("$NetBSD: memset_chk.c,v 1.5 2014/09/17 00:39:28 jo=
erg Exp $");
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#include <string.h>
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#include <ssp/string.h>
>=C2=A0 =C2=A0 +#undef memset
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +void *
>=C2=A0 =C2=A0 +__memset_chk(void * __restrict dst, int val, size_t len, si=
ze_t slen)
>=C2=A0 =C2=A0 +{
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 if (len > slen)
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail();
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 return (memset(dst, val, len));
>=C2=A0 =C2=A0 +}
>=C2=A0 =C2=A0 diff --git a/lib/libc/secure/snprintf_chk.c
>=C2=A0 =C2=A0 b/lib/libc/secure/snprintf_chk.c
>=C2=A0 =C2=A0 new file mode 100644
>=C2=A0 =C2=A0 index 000000000000..52ef874ede5b
>=C2=A0 =C2=A0 --- /dev/null
>=C2=A0 =C2=A0 +++ b/lib/libc/secure/snprintf_chk.c
>=C2=A0 =C2=A0 @@ -0,0 +1,56 @@
>=C2=A0 =C2=A0 +/*-
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * SPDX-License-Identifier: BSD-2-Clause
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Copyright (c) 2006 The NetBSD Foundation, Inc.
>=C2=A0 =C2=A0 + * All rights reserved.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * This code is derived from software contributed to The Ne=
tBSD
>=C2=A0 =C2=A0 Foundation
>=C2=A0 =C2=A0 + * by Christos Zoulas.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Redistribution and use in source and binary forms, with =
or without
>=C2=A0 =C2=A0 + * modification, are permitted provided that the following =
conditions
>=C2=A0 =C2=A0 + * are met:
>=C2=A0 =C2=A0 + * 1. Redistributions of source code must retain the above =
copyright
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 notice, this list of conditions and the fol=
lowing disclaimer.
>=C2=A0 =C2=A0 + * 2. Redistributions in binary form must reproduce the abo=
ve copyright
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 notice, this list of conditions and the fol=
lowing disclaimer
>=C2=A0 =C2=A0 in the
>=C2=A0 =C2=A0 + *=C2=A0 =C2=A0 documentation and/or other materials provid=
ed with the
>=C2=A0 =C2=A0 distribution.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC.=
AND
>=C2=A0 =C2=A0 CONTRIBUTORS
>=C2=A0 =C2=A0 + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDI=
NG, BUT
>=C2=A0 =C2=A0 NOT LIMITED
>=C2=A0 =C2=A0 + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNES=
S FOR A
>=C2=A0 =C2=A0 PARTICULAR
>=C2=A0 =C2=A0 + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUN=
DATION OR
>=C2=A0 =C2=A0 CONTRIBUTORS
>=C2=A0 =C2=A0 + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
>=C2=A0 =C2=A0 EXEMPLARY, OR
>=C2=A0 =C2=A0 + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PR=
OCUREMENT OF
>=C2=A0 =C2=A0 + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROF=
ITS; OR
>=C2=A0 =C2=A0 BUSINESS
>=C2=A0 =C2=A0 + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABIL=
ITY,
>=C2=A0 =C2=A0 WHETHER IN
>=C2=A0 =C2=A0 + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENC=
E OR
>=C2=A0 =C2=A0 OTHERWISE)
>=C2=A0 =C2=A0 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN=
IF
>=C2=A0 =C2=A0 ADVISED OF THE
>=C2=A0 =C2=A0 + * POSSIBILITY OF SUCH DAMAGE.
>=C2=A0 =C2=A0 + */
>=C2=A0 =C2=A0 +#include <sys/cdefs.h>
>=C2=A0 =C2=A0 +__RCSID("$NetBSD: snprintf_chk.c,v 1.5 2008/04/28 20:23:00 =
martin
>=C2=A0 =C2=A0 Exp $");
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#include <stdarg.h>
>=C2=A0 =C2=A0 +#include <stdio.h>
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +#include <ssp/stdio.h>
>=C2=A0 =C2=A0 +#undef vsnprintf
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +int
>=C2=A0 =C2=A0 +__snprintf_chk(char * __restrict buf, size_t len, int flags=
, size_t
>=C2=A0 =C2=A0 slen,
>=C2=A0 =C2=A0 +=C2=A0 =C2=A0 const char * __restrict fmt, ...)
>=C2=A0 =C2=A0 +{
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 va_list ap;
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 int rv;
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 if (len > slen)
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail();
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 va_start(ap, fmt);
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 rv =3D vsnprintf(buf, len, fmt, ap);
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 va_end(ap);
>=C2=A0 =C2=A0 +
>=C2=A0 =C2=A0 +=C2=A0=C2=A0=C2=A0 return (rv);
>=C2=A0 =C2=A0 +}
>=C2=A0 =C2=A0 diff --git a/lib/libc/secure/sprintf_chk.c
>=C2=A0 =C2=A0 b/lib/libc/secure/sprintf_chk.c
>=C2=A0 =C2=A0 new file mode 100644
>=C2=A0 =C2=A0 index 000000000000..d4c42ccba3ce
>=C2=A0 =C2=A0 --- /dev/null
>=C2=A0 =C2=A0 +++ b/lib/libc/secure/sprintf_chk.c
>=C2=A0 =C2=A0 @@ -0,0 +1,61 @@
>=C2=A0 =C2=A0 +/*-
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * SPDX-License-Identifier: BSD-2-Clause
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * Copyright (c) 2006 The NetBSD Foundation, Inc.
>=C2=A0 =C2=A0 + * All rights reserved.
>=C2=A0 =C2=A0 + *
>=C2=A0 =C2=A0 + * This code is derived from software contributed to The Ne=
tBSD
>=C2=A0 =C2=A0 Foundation
>=C2=A0 =C2=A0 *** 1063 LINES SKIPPED ***
>=20
>=20
=20
------=_Part_1357399_2058372477.1716093599883
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<html><head></head><body><div class=3D"ydp8924580yahoo-style-wrap" style=3D=
"font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;">=
<div></div>
<div dir=3D"ltr" data-setdir=3D"false">FWIW .. and let me be clear =
I haven't worked on this in ages and I am not planning to retake this eithe=
r...</div><div dir=3D"ltr" data-setdir=3D"false"><br></div><div dir=3D"ltr"=
data-setdir=3D"false">clang just couldn't do the static fortify_sour=
ce <span><span style=3D"color: rgb(0, 0, 0); font-family: Helvetica Neue, H=
elvetica, Arial, sans-serif; font-size: 16px;">checks</span></span> d=
ue to the way llvm uses an intermediate representation; the size just could=
n't be handled in the preprocessor. Google did spend some time adding extra=
attributes to clang to improve the debugging and you can see that implemen=
ted in bionic libc but that was it. musl didn't even try.</div><div dir=3D"=
ltr" data-setdir=3D"false"><br></div><div dir=3D"ltr" data-setdir=3D"false"=
>fortify_source does replace some key libc functions with memory checking a=
lternatives and that turns out to be annoying when debugging. In a way it b=
reaks that principle C programmers once had, where developers are expected =
to know what they are doing, and if the error is caught at runtime by the s=
tack protector anyways it ends up being redundant.</div><div dir=3D"ltr" da=
ta-setdir=3D"false"><br></div><div dir=3D"ltr" data-setdir=3D"false">One mo=
re thing about the static checks. Most of the linux distributions out there=
indeed have built their software packages with GCC and fortify_source >=
=3D2. As a consequence, when we ran an exp-run on the ports tree (with GCC)=
, fortify_source didn't find anything: it was basically a waste of time.</d=
iv><div dir=3D"ltr" data-setdir=3D"false"><br></div><div dir=3D"ltr" data-s=
etdir=3D"false">Another reason for not setting it by default is performance=
. And here I answer Shawn's comment on why not enable stack-protector-all a=
nd safestack and fortify_source at the same time: running unnecessary check=
s over and over again wastes energy and can have some performance hit. The =
later may seem negligible in modern processors, but why do them if they bri=
ng no benefit? (No need to answer ... just left as food for thought)</div><=
div dir=3D"ltr" data-setdir=3D"false"><br></div><div dir=3D"ltr" data-setdi=
r=3D"false">Pedro.</div><div><br></div>
=20
</div><div id=3D"ydp72f18629yahoo_quoted_6991073376" class=3D"ydp72=
f18629yahoo_quoted">
<div style=3D"font-family:'Helvetica Neue', Helvetica, Arial, s=
ans-serif;font-size:13px;color:#26282a;">
=20
<div>
On Saturday, May 18, 2024 at 09:08:52 PM GMT-5, Kyl=
e Evans <kevans@freebsd.org> wrote:
</div>
<div><br></div>
<div><br></div>
=20
=20
<div><div dir=3D"ltr"><br></div><div dir=3D"ltr"><br></div>=
<div dir=3D"ltr">On 5/18/24 20:09, Pedro Giffuni wrote:<br></div><div dir=
=3D"ltr">> (sorry for top posting .. my mailer just sucks)<br></div><div=
dir=3D"ltr">> Hi;<br></div><div dir=3D"ltr">> <br></div><div dir=3D"=
ltr">> I used to like the limited static checking FORTIFY_SOURCE provide=
s and <br></div><div dir=3D"ltr">> when I ran it over FreeBSD it did fin=
d a couple of minor issues. It only <br></div><div dir=3D"ltr">> works f=
or GCC though.<br></div><div dir=3D"ltr">> <br></div><div dir=3D"ltr"><b=
r></div><div dir=3D"ltr">I don't think this is particularly true anymore; I=
haven't found a case <br></div><div dir=3D"ltr">yet where __builtin_object=
_size(3) doesn't give me the correct size <br></div><div dir=3D"ltr">while =
GCC did. I'd welcome counter-examples here, though -- we have <br></d=
iv><div dir=3D"ltr">funding to both finish the project (widen the _FORTIFY_=
SOURCE net to <br></div><div dir=3D"ltr">more of libc/libsys) and add tests=
to demonstrate that it's both <br></div><div dir=3D"ltr">functional and co=
rrect. It would be useful to also document <br></div><div dir=3D"ltr"=
>deficiencies in the tests.<br></div><div dir=3D"ltr"><br></div><div dir=3D=
"ltr">> I guess it doesn't really hurt to have FORTIFY_SOURCE around and=
NetBSD <br></div><div dir=3D"ltr">> had the least intrusive implementat=
ion the last time I checked but I <br></div><div dir=3D"ltr">> would cer=
tainly request it should never be activated by default, <br></div><div dir=
=3D"ltr">> specially with clang. The GCC version has seen more developme=
nt on glibc <br></div><div dir=3D"ltr">> but I still think its a dead en=
d.<br></div><div dir=3D"ltr">> <br></div><div dir=3D"ltr"><br></div><div=
dir=3D"ltr">I don't see a compelling reason to avoid enabling it by defaul=
t; see <br></div><div dir=3D"ltr">above, the functionality that we need in =
clang appears to be just fine <br></div><div dir=3D"ltr">(and, iirc, was al=
so fine when I checked at the beginning of working on <br></div><div dir=3D=
"ltr">this in 2021) and it provides useful<br></div><div dir=3D"ltr"><br></=
div><div dir=3D"ltr">> What I would like to see working on FreeBSD is Sa=
festack as a <br></div><div dir=3D"ltr">> replacement for the stack prot=
ector, which we were so very slow to adopt <br></div><div dir=3D"ltr">> =
even when it was originally developed in FreeBSD. I think other projects <b=
r></div><div dir=3D"ltr">> based on FreeBSD (Chimera and hardenedBSD) ha=
ve been using it but I <br></div><div dir=3D"ltr">> don't know the detai=
ls.<br></div><div dir=3D"ltr">> <br></div><div dir=3D"ltr"><br></div><di=
v dir=3D"ltr">No comment there, though I think Shawn Webb / HardenedBSD had=
been <br></div><div dir=3D"ltr">playing around with SafeStack (and might h=
ave enabled it? I haven't <br></div><div dir=3D"ltr">actually looked in a w=
hile now).<br></div><div dir=3D"ltr"><br></div><div dir=3D"ltr">> This i=
s just all my $0.02<br></div><div dir=3D"ltr">> <br></div><div dir=3D"lt=
r">> Pedro.<br></div><div dir=3D"ltr"><br></div><div dir=3D"ltr">Thanks,=
<br></div><div dir=3D"ltr"><br></div><div dir=3D"ltr">Kyle Evans<br></div><=
div dir=3D"ltr"><br></div><div dir=3D"ltr">> <br></div><div dir=3D"ltr">=
> On Saturday, May 18, 2024 at 05:54:42 PM GMT-5, Kyle Evans <br></div><=
div dir=3D"ltr">> <<a href=3D"mailto:kaevans@fastmail.com" rel=3D"nof=
ollow" target=3D"_blank">kaevans@fastmail.com</a>> wrote:<br></div><div =
dir=3D"ltr">> <br></div><div dir=3D"ltr">> <br></div><div dir=3D"ltr"=
>> <br></div><div dir=3D"ltr">> <br></div><div dir=3D"ltr">> On Ma=
y 18, 2024 13:42, Pedro Giffuni <<a href=3D"mailto:pfg@freebsd.org" rel=
=3D"nofollow" target=3D"_blank">pfg@freebsd.org</a>> wrote:<br></div><di=
v dir=3D"ltr">> <br></div><div dir=3D"ltr">> Oh no .. p=
lease not...<br></div><div dir=3D"ltr">> <br></div><div dir=3D"ltr">>=
We went into that in a GSoC:<br></div><div dir=3D"ltr">> =
<br></div><div dir=3D"ltr">> <a href=3D"https://wiki.freeb=
sd.org/SummerOfCode2015/FreeBSDLibcSecurityExtensions" rel=3D"nofollow" tar=
get=3D"_blank">https://wiki.freebsd.org/SummerOfCode2015/FreeBSDLibcSecurit=
yExtensions</a> <<a href=3D"https://wiki.freebsd.org/SummerOfCode2015/Fr=
eeBSDLibcSecurityExtensions" rel=3D"nofollow" target=3D"_blank">https://wik=
i.freebsd.org/SummerOfCode2015/FreeBSDLibcSecurityExtensions</a>><br></d=
iv><div dir=3D"ltr">> <br></div><div dir=3D"ltr">> <br></div><div dir=
=3D"ltr">> Ultimately it proved to be useless since stack-=
protector-strong.<br></div><div dir=3D"ltr">> <br></div><div dir=3D"ltr"=
>> <br></div><div dir=3D"ltr">> Respectfully, I disagree with your co=
nclusion here:<br></div><div dir=3D"ltr">> <br></div><div dir=3D"ltr">&g=
t; 1.) _FORTIFY_SOURCE provides more granular detection of overflow; I <br>=
</div><div dir=3D"ltr">> don't have to overflow all the way into the can=
ary at the end of the <br></div><div dir=3D"ltr">> frame to be detected,=
so my minor bug now can be caught before something <br></div><div dir=3D"l=
tr">> causes the stack frame to be rearranged and turn it into a securit=
y <br></div><div dir=3D"ltr">> issue later<br></div><div dir=3D"ltr">>=
; <br></div><div dir=3D"ltr">> 2.) __builtin_object_size doesn't work on=
heap objects, but it actually <br></div><div dir=3D"ltr">> can work on =
subobjects from a heap allocation (e.g., &foo->name), so the <br></d=
iv><div dir=3D"ltr">> coverage extends beyond the stack into starting to=
detect other kinds of <br></div><div dir=3D"ltr">> overflow<br></div><d=
iv dir=3D"ltr">> <br></div><div dir=3D"ltr">> While the security valu=
e over stack-protector-strong may be marginal (I <br></div><div dir=3D"ltr"=
>> won't debate this specifically), the feature still has value in gener=
al.<br></div><div dir=3D"ltr">> <br></div><div dir=3D"ltr">> Thanks,<=
br></div><div dir=3D"ltr">> <br></div><div dir=3D"ltr">> Kyle Evans<b=
r></div><div dir=3D"ltr">> <br></div><div dir=3D"ltr">> =
The NetBSD code was not well adapted to clang either.<br></div><div dir=3D=
"ltr">> <br></div><div dir=3D"ltr">> Ask me more if you=
really want to dig into it, but we don't want this.<br></div><div dir=3D"l=
tr">> <br></div><div dir=3D"ltr">> Pedro.<br></div><div=
dir=3D"ltr">> <br></div><div dir=3D"ltr">> <br></div><div dir=3D"ltr=
">> On Monday, May 13, 2024 at 12:24:13 AM GMT-5, Kyle Eva=
ns<br></div><div dir=3D"ltr">> <<a href=3D"mailto:kevan=
s@freebsd.org" rel=3D"nofollow" target=3D"_blank">kevans@freebsd.org</a>>=
; wrote:<br></div><div dir=3D"ltr">> <br></div><div dir=3D"ltr">> <br=
></div><div dir=3D"ltr">> The branch main has been updated=
by kevans:<br></div><div dir=3D"ltr">> <br></div><div dir=3D"ltr">>&=
nbsp; URL:<br></div><div dir=3D"ltr">> <a href=3D"=
https://cgit.FreeBSD.org/src/commit/?id=3Dbe04fec42638f30f50b5b55fd8e3634c0=
fb89928" rel=3D"nofollow" target=3D"_blank">https://cgit.FreeBSD.org/src/co=
mmit/?id=3Dbe04fec42638f30f50b5b55fd8e3634c0fb89928</a> <<a href=3D"http=
s://cgit.FreeBSD.org/src/commit/?id=3Dbe04fec42638f30f50b5b55fd8e3634c0fb89=
928" rel=3D"nofollow" target=3D"_blank">https://cgit.FreeBSD.org/src/commit=
/?id=3Dbe04fec42638f30f50b5b55fd8e3634c0fb89928</a>><br></div><div dir=
=3D"ltr">> <br></div><div dir=3D"ltr">> commit be04fec4=
2638f30f50b5b55fd8e3634c0fb89928<br></div><div dir=3D"ltr">>  =
; Author: Kyle Evans <<a href=3D"mailto:kevans@FreeBSD.org=
" rel=3D"nofollow" target=3D"_blank">kevans@FreeBSD.org</a> <mailto:keva=
ns@FreeBSD.org>><br></div><div dir=3D"ltr">> AuthorD=
ate: 2024-05-13 05:23:49 +0000<br></div><div dir=3D"ltr">> =
Commit: Kyle Evans <<a href=3D"mailto:kevans@FreeBSD.org" =
rel=3D"nofollow" target=3D"_blank">kevans@FreeBSD.org</a> <mailto:kevans=
@FreeBSD.org>><br></div><div dir=3D"ltr">> CommitDat=
e: 2024-05-13 05:23:49 +0000<br></div><div dir=3D"ltr">> <br></div><div =
dir=3D"ltr">> Import _FORTIFY_SOURCE i=
mplementation from NetBSD<br></div><div dir=3D"ltr">> <br></div><div dir=
=3D"ltr">> This is a mostly-unmodified=
copy of the various *_chk<br></div><div dir=3D"ltr">> imp=
lementations<br></div><div dir=3D"ltr">> &nbs=
p; and headers from NetBSD, without yet modifying system headers<br></div><=
div dir=3D"ltr">> to start<br></div><div dir=3D"ltr">>&=
nbsp; actually including them. A future c=
ommit will also apply the<br></div><div dir=3D"ltr">> need=
ed<br></div><div dir=3D"ltr">> bits to=
fix ssp/unistd.h.<br></div><div dir=3D"ltr">> <br></div><div dir=3D"ltr=
">> Reviewed by: imp, pau=
amma_gundo.com (both previous<br></div><div dir=3D"ltr">> =
versions), kib<br></div><div dir=3D"ltr">> &n=
bsp; Sponsored by: Stormshield<br></div><div dir=3D"ltr">> &=
nbsp; Sponsored by: Klara, Inc.<br></div><div di=
r=3D"ltr">> Differential Revision: <a =
href=3D"https://reviews.freebsd.org/D32306" rel=3D"nofollow" target=3D"_bla=
nk">https://reviews.freebsd.org/D32306</a><br></div><div dir=3D"ltr">>&n=
bsp; <<a href=3D"https://reviews.freebsd.org/D32306" rel=3D"nofo=
llow" target=3D"_blank">https://reviews.freebsd.org/D32306</a>><br></div=
><div dir=3D"ltr">> ---<br></div><div dir=3D"ltr">>&nbs=
p; etc/mtree/BSD.include.dist | 2 =
+<br></div><div dir=3D"ltr">> include/Makefile  =
; | 2 +-<br></div><d=
iv dir=3D"ltr">> include/ssp/Makefile =
| 6 ++<br></div><div dir=3D"ltr">>&nbs=
p; include/ssp/ssp.h  =
; | 91 ++++++++++++++++++++++++++<br></div><div dir=3D"=
ltr">> include/ssp/stdio.h &nbs=
p; | 93 ++++++++++++++++++++++++++<br></div><div=
dir=3D"ltr">> include/ssp/string.h &n=
bsp; | 129<br></div><div dir=3D"ltr">> =
++++++++++++++++++++++++++++++++++++<br></div><div dir=3D"ltr">> =
include/ssp/strings.h &nb=
sp; | 67 +++++++++++++++++++<br></div><div dir=3D"ltr">> &nb=
sp; include/ssp/unistd.h |=
54 +++++++++++++++<br></div><div dir=3D"ltr">> lib/=
libc/secure/Makefile.inc | 11 ++++<br></div><div =
dir=3D"ltr">> lib/libc/secure/Symbol.map &nbs=
p; | 18 +++++<br></div><div dir=3D"ltr">> lib=
/libc/secure/fgets_chk.c | 54 ++++++++++++=
+++<br></div><div dir=3D"ltr">> lib/libc/secure/gets_chk.c=
| 74 +++++++++++++++++++++<br></div><div =
dir=3D"ltr">> lib/libc/secure/memcpy_chk.c &n=
bsp; | 53 +++++++++++++++<br></div><div dir=3D"ltr">> =
lib/libc/secure/memmove_chk.c | 47 ++++++++++++=
+<br></div><div dir=3D"ltr">> lib/libc/secure/memset_chk.c=
| 46 +++++++++++++<br></div><div dir=3D"ltr">>=
; lib/libc/secure/snprintf_chk.c | 56 ++++=
++++++++++++<br></div><div dir=3D"ltr">> lib/libc/secure/s=
printf_chk.c | 61 +++++++++++++++++<br></div><div=
dir=3D"ltr">> lib/libc/secure/ssp_internal.h =
| 37 +++++++++++<br></div><div dir=3D"ltr">> lib/li=
bc/secure/stpcpy_chk.c | 55 ++++++++++++++++<br><=
/div><div dir=3D"ltr">> lib/libc/secure/stpncpy_chk.c =
; | 53 +++++++++++++++<br></div><div dir=3D"ltr">>&n=
bsp; lib/libc/secure/strcat_chk.c | 60 ++=
+++++++++++++++<br></div><div dir=3D"ltr">> lib/libc/secur=
e/strcpy_chk.c | 54 +++++++++++++++<br></div><div=
dir=3D"ltr">> lib/libc/secure/strncat_chk.c =
| 70 ++++++++++++++++++++<br></div><div dir=3D"ltr">> =
lib/libc/secure/strncpy_chk.c | 53 +++++=
++++++++++<br></div><div dir=3D"ltr">> lib/libc/secure/vsn=
printf_chk.c | 49 ++++++++++++++<br></div><div dir=3D"lt=
r">> lib/libc/secure/vsprintf_chk.c | 5=
8 ++++++++++++++++<br></div><div dir=3D"ltr">> lib/libssp/=
Makefile | 20 =
+++++-<br></div><div dir=3D"ltr">> lib/libssp/Symbol.map&n=
bsp; | 12 ++--<br></div><di=
v dir=3D"ltr">> lib/libssp/Versions.def  =
; | 5 ++<br></div><div dir=3D"ltr">> &n=
bsp; lib/libssp/__builtin_object_size.3 | 110 ++++++++++++++++++++++++++++=
+++<br></div><div dir=3D"ltr">> lib/libssp/fortify_stubs.c=
| 131<br></div><div dir=3D"ltr">> &nbs=
p; -------------------------------------<br></div><div dir=3D"ltr">>&nb=
sp; lib/libssp/ssp.3  =
; | 130<br></div><div dir=3D"ltr">> ++++++++=
++++++++++++++++++++++++++++<br></div><div dir=3D"ltr">> 3=
2 files changed, 1621 insertions(+), 140 deletions(-)<br></div><div dir=3D"=
ltr">> <br></div><div dir=3D"ltr">> diff --git a/etc/mt=
ree/BSD.include.dist b/etc/mtree/BSD.include.dist<br></div><div dir=3D"ltr"=
>> index a6bd5880bf61..f8c83d6dde7a 100644<br></div><div d=
ir=3D"ltr">> --- a/etc/mtree/BSD.include.dist<br></div><di=
v dir=3D"ltr">> +++ b/etc/mtree/BSD.include.dist<br></div>=
<div dir=3D"ltr">> @@ -372,6 +372,8 @@<br></div><div dir=
=3D"ltr">> mac_veriexec<=
br></div><div dir=3D"ltr">> &nb=
sp; ..<br></div><div dir=3D"ltr">> ..<=
br></div><div dir=3D"ltr">> + ssp<br></div><d=
iv dir=3D"ltr">> + ..<br></div><div dir=3D"lt=
r">> sys<br></div><div dir=3D"ltr">>=
; disk<br></div><div dir=3D=
"ltr">> ..<br></div><div=
dir=3D"ltr">> diff --git a/include/Makefile b/include/Mak=
efile<br></div><div dir=3D"ltr">> index 19e6beb95203..3277=
4419f162 100644<br></div><div dir=3D"ltr">> --- a/include/=
Makefile<br></div><div dir=3D"ltr">> +++ b/include/Makefil=
e<br></div><div dir=3D"ltr">> @@ -4,7 +4,7 @@<br></div><di=
v dir=3D"ltr">> <br></div><div dir=3D"ltr">> PACKAGE=3D=
clibs<br></div><div dir=3D"ltr">> CLEANFILES=3D osreldate.=
h version<br></div><div dir=3D"ltr">> -SUBDIR=3D arpa prot=
ocols rpcsvc rpc xlocale<br></div><div dir=3D"ltr">> +SUBD=
IR=3D arpa protocols rpcsvc rpc ssp xlocale<br></div><div dir=3D"ltr">>&=
nbsp; .if ${MACHINE_CPUARCH} =3D=3D "amd64"<br></div><div dir=3D"lt=
r">> SUBDIR+=3D i386<=
br></div><div dir=3D"ltr">> INCLUDE_SUBDIRS+=3D  =
; i386<br></div><div dir=3D"ltr">> diff --git a/incl=
ude/ssp/Makefile b/include/ssp/Makefile<br></div><div dir=3D"ltr">> =
; new file mode 100644<br></div><div dir=3D"ltr">> =
index 000000000000..dff19f43c920<br></div><div dir=3D"ltr">> &nbs=
p; --- /dev/null<br></div><div dir=3D"ltr">> +++ b/includ=
e/ssp/Makefile<br></div><div dir=3D"ltr">> @@ -0,0 +1,6 @@=
<br></div><div dir=3D"ltr">> +# $FreeBSD$<br></div><div di=
r=3D"ltr">> +<br></div><div dir=3D"ltr">> =
+INCS=3D ssp.h stdio.h string.h strings.h unistd.h<br></=
div><div dir=3D"ltr">> +INCSDIR=3D ${INC=
LUDEDIR}/ssp<br></div><div dir=3D"ltr">> +<br></div><div d=
ir=3D"ltr">> +.include <bsd.prog.mk><br></div><div d=
ir=3D"ltr">> diff --git a/include/ssp/ssp.h b/include/ssp/=
ssp.h<br></div><div dir=3D"ltr">> new file mode 100644<br>=
</div><div dir=3D"ltr">> index 000000000000..35a9aeee02df<=
br></div><div dir=3D"ltr">> --- /dev/null<br></div><div di=
r=3D"ltr">> +++ b/include/ssp/ssp.h<br></div><div dir=3D"l=
tr">> @@ -0,0 +1,91 @@<br></div><div dir=3D"ltr">> =
; +/* $NetBSD: ssp.h,v 1.13 2015/09/03 20:43:47 p=
lunky Exp $ */<br></div><div dir=3D"ltr">>  =
; +<br></div><div dir=3D"ltr">> +/*-<br></div><div dir=3D=
"ltr">> + *<br></div><div dir=3D"ltr">> +=
* SPDX-License-Identifier: BSD-2-Clause<br></div><div dir=3D"ltr">>&nbs=
p; + *<br></div><div dir=3D"ltr">> + * Copyright (=
c) 2006, 2011 The NetBSD Foundation, Inc.<br></div><div dir=3D"ltr">>&nb=
sp; + * All rights reserved.<br></div><div dir=3D"ltr">> &=
nbsp; + *<br></div><div dir=3D"ltr">> + * This code is de=
rived from software contributed to The NetBSD<br></div><div dir=3D"ltr">>=
; Foundation<br></div><div dir=3D"ltr">> + *=
by Christos Zoulas.<br></div><div dir=3D"ltr">> + *<br></=
div><div dir=3D"ltr">> + * Redistribution and use in sourc=
e and binary forms, with or without<br></div><div dir=3D"ltr">> &n=
bsp; + * modification, are permitted provided that the following condition=
s<br></div><div dir=3D"ltr">> + * are met:<br></div><div d=
ir=3D"ltr">> + * 1. Redistributions of source code must re=
tain the above copyright<br></div><div dir=3D"ltr">> + *&n=
bsp; notice, this list of conditions and the following disclaimer.<b=
r></div><div dir=3D"ltr">> + * 2. Redistributions in binar=
y form must reproduce the above copyright<br></div><div dir=3D"ltr">>&nb=
sp; + * notice, this list of conditions and the follow=
ing disclaimer<br></div><div dir=3D"ltr">> in the<br></div=
><div dir=3D"ltr">> + * documentation and/or =
other materials provided with the<br></div><div dir=3D"ltr">> &nbs=
p; distribution.<br></div><div dir=3D"ltr">> + *<br></div=
><div dir=3D"ltr">> + * THIS SOFTWARE IS PROVIDED BY THE N=
ETBSD FOUNDATION, INC. AND<br></div><div dir=3D"ltr">> CON=
TRIBUTORS<br></div><div dir=3D"ltr">> + * ``AS IS'' AND AN=
Y EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT<br></div><div dir=3D"ltr">&=
gt; NOT LIMITED<br></div><div dir=3D"ltr">> =
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A<br></di=
v><div dir=3D"ltr">> PARTICULAR<br></div><div dir=3D"ltr">=
> + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE =
FOUNDATION OR<br></div><div dir=3D"ltr">> CONTRIBUTORS<br>=
</div><div dir=3D"ltr">> + * BE LIABLE FOR ANY DIRECT, IND=
IRECT, INCIDENTAL, SPECIAL,<br></div><div dir=3D"ltr">> EX=
EMPLARY, OR<br></div><div dir=3D"ltr">> + * CONSEQUENTIAL =
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF<br></div><div dir=3D=
"ltr">> + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DAT=
A, OR PROFITS; OR<br></div><div dir=3D"ltr">> BUSINESS<br>=
</div><div dir=3D"ltr">> + * INTERRUPTION) HOWEVER CAUSED =
AND ON ANY THEORY OF LIABILITY,<br></div><div dir=3D"ltr">> =
WHETHER IN<br></div><div dir=3D"ltr">> + * CONTRACT, STR=
ICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR<br></div><div dir=3D"ltr">&=
gt; OTHERWISE)<br></div><div dir=3D"ltr">> +=
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF<br></div><di=
v dir=3D"ltr">> ADVISED OF THE<br></div><div dir=3D"ltr">&=
gt; + * POSSIBILITY OF SUCH DAMAGE.<br></div><div dir=3D"ltr"=
>> + */<br></div><div dir=3D"ltr">> +#ifn=
def _SSP_SSP_H_<br></div><div dir=3D"ltr">> +#define _SSP_=
SSP_H_<br></div><div dir=3D"ltr">> +<br></div><div dir=3D"=
ltr">> +#include <sys/cdefs.h><br></div><div dir=3D"=
ltr">> +<br></div><div dir=3D"ltr">> +#if=
!defined(__cplusplus)<br></div><div dir=3D"ltr">> +# if d=
efined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE > 0 && \<br><=
/div><div dir=3D"ltr">> + (__OPTIMIZE__ > =
0 || defined(__clang__))<br></div><div dir=3D"ltr">> +#&nb=
sp; if _FORTIFY_SOURCE > 1<br></div><div dir=3D"ltr">> =
+# define __SSP_FORTIFY_LEVEL 2<br></div><div dir=3D"ltr">> =
+# else<br></div><div dir=3D"ltr">> +# =
define __SSP_FORTIFY_LEVEL 1<br></div><div dir=3D"ltr">> =
+# endif<br></div><div dir=3D"ltr">> +# else<br></di=
v><div dir=3D"ltr">> +# define __SSP_FORTIFY_LEVEL 0=
<br></div><div dir=3D"ltr">> +# endif<br></div><div dir=3D=
"ltr">> +#else<br></div><div dir=3D"ltr">> =
+# define __SSP_FORTIFY_LEVEL 0<br></div><div dir=3D"ltr">> &nbs=
p; +#endif<br></div><div dir=3D"ltr">> +<br></div><div di=
r=3D"ltr">> +#define __ssp_var(type)&nbs=
p; __CONCAT(__ssp_ ## type, __COUNTER__)<br></div><div dir=3D"l=
tr">> +<br></div><div dir=3D"ltr">> +/* _=
_ssp_real is used by the implementation in libc */<br></div><div dir=3D"ltr=
">> +#if __SSP_FORTIFY_LEVEL =3D=3D 0<br></div><div dir=3D=
"ltr">> +#define __ssp_real_(fun) fun<br=
></div><div dir=3D"ltr">> +#else<br></div><div dir=3D"ltr"=
>> +#define __ssp_real_(fun) __ssp_real_=
## fun<br></div><div dir=3D"ltr">> +#endif<br></div><div =
dir=3D"ltr">> +#define __ssp_real(fun) &=
nbsp; __ssp_real_(fun)<br></div><div dir=3D"ltr">> &nb=
sp; +<br></div><div dir=3D"ltr">> +#define __ssp_inline s=
tatic __inline __attribute__((__always_inline__))<br></div><div dir=3D"ltr"=
>> +<br></div><div dir=3D"ltr">> +#define=
__ssp_bos(ptr) __builtin_object_size(ptr,<br></div><div dir=3D"ltr">>&n=
bsp; __SSP_FORTIFY_LEVEL > 1)<br></div><div dir=3D"ltr">>&nbs=
p; +#define __ssp_bos0(ptr) __builtin_object_size(ptr, 0)<br></div>=
<div dir=3D"ltr">> +<br></div><div dir=3D"ltr">> =
+#define __ssp_check(buf, len, bos) \<br></div><div dir=3D"ltr">>=
; + if (bos(buf) !=3D (size_t)-1 &&=
len > bos(buf)) \<br></div><div dir=3D"ltr">> + &=
nbsp; __chk_fail()<br></div><div dir=3D"ltr">>&=
nbsp; +#define __ssp_redirect_raw(rtype, fun, symbol, args, call, c=
ond, bos) \<br></div><div dir=3D"ltr">> +rtype __ssp_real_=
(fun) args __RENAME(symbol); \<br></div><div dir=3D"ltr">> =
+__ssp_inline rtype fun args __RENAME(__ssp_protected_ ## fun); \<br></div=
><div dir=3D"ltr">> +__ssp_inline rtype fun args { \<br></=
div><div dir=3D"ltr">> + if (cond) \<br>=
</div><div dir=3D"ltr">> + &=
nbsp; __ssp_check(__buf, __len, bos); \<br></div><div dir=3D"ltr">> =
; + return __ssp_real_(fun) call; \<br></div><div=
dir=3D"ltr">> +}<br></div><div dir=3D"ltr">> &nb=
sp; +<br></div><div dir=3D"ltr">> +#define __ssp_redirect=
(rtype, fun, args, call) \<br></div><div dir=3D"ltr">> +&n=
bsp; __ssp_redirect_raw(rtype, fun, fun, args, call, 1, __ssp_bos)<b=
r></div><div dir=3D"ltr">> +#define __ssp_redirect0(rtype,=
fun, args, call) \<br></div><div dir=3D"ltr">> + &n=
bsp; __ssp_redirect_raw(rtype, fun, fun, args, call, 1, __ssp_bos0)<br></di=
v><div dir=3D"ltr">> +<br></div><div dir=3D"ltr">> =
; +__BEGIN_DECLS<br></div><div dir=3D"ltr">> +void=
__stack_chk_fail(void) __dead2;<br></div><div dir=3D"ltr">>  =
; +void __chk_fail(void) __dead2;<br></div><div dir=3D"ltr">> &nb=
sp; +__END_DECLS<br></div><div dir=3D"ltr">> +<br></div><=
div dir=3D"ltr">> +#endif /* _SSP_SSP_H_ */<br></div><div =
dir=3D"ltr">> diff --git a/include/ssp/stdio.h b/include/s=
sp/stdio.h<br></div><div dir=3D"ltr">> new file mode 10064=
4<br></div><div dir=3D"ltr">> index 000000000000..72e3236e=
ac80<br></div><div dir=3D"ltr">> --- /dev/null<br></div><d=
iv dir=3D"ltr">> +++ b/include/ssp/stdio.h<br></div><div d=
ir=3D"ltr">> @@ -0,0 +1,93 @@<br></div><div dir=3D"ltr">&g=
t; +/* $NetBSD: stdio.h,v 1.5 2011/07/17 20=
:54:34 joerg Exp $ */<br></div><div dir=3D"ltr">> =
; +<br></div><div dir=3D"ltr">> +/*-<br></div><div=
dir=3D"ltr">> + *<br></div><div dir=3D"ltr">> &n=
bsp; + * SPDX-License-Identifier: BSD-2-Clause<br></div><div dir=3D"ltr">&=
gt; + *<br></div><div dir=3D"ltr">> + * Copy=
right (c) 2006 The NetBSD Foundation, Inc.<br></div><div dir=3D"ltr">>&n=
bsp; + * All rights reserved.<br></div><div dir=3D"ltr">> =
+ *<br></div><div dir=3D"ltr">> + * This code is d=
erived from software contributed to The NetBSD<br></div><div dir=3D"ltr">&g=
t; Foundation<br></div><div dir=3D"ltr">> + =
* by Christos Zoulas.<br></div><div dir=3D"ltr">> + *<br><=
/div><div dir=3D"ltr">> + * Redistribution and use in sour=
ce and binary forms, with or without<br></div><div dir=3D"ltr">> &=
nbsp; + * modification, are permitted provided that the following conditio=
ns<br></div><div dir=3D"ltr">> + * are met:<br></div><div =
dir=3D"ltr">> + * 1. Redistributions of source code must r=
etain the above copyright<br></div><div dir=3D"ltr">> + *&=
nbsp; notice, this list of conditions and the following disclaimer.<=
br></div><div dir=3D"ltr">> + * 2. Redistributions in bina=
ry form must reproduce the above copyright<br></div><div dir=3D"ltr">>&n=
bsp; + * notice, this list of conditions and the follo=
wing disclaimer<br></div><div dir=3D"ltr">> in the<br></di=
v><div dir=3D"ltr">> + * documentation and/or=
other materials provided with the<br></div><div dir=3D"ltr">> &nb=
sp; distribution.<br></div><div dir=3D"ltr">> + *<br></di=
v><div dir=3D"ltr">> + * THIS SOFTWARE IS PROVIDED BY THE =
NETBSD FOUNDATION, INC. AND<br></div><div dir=3D"ltr">> CO=
NTRIBUTORS<br></div><div dir=3D"ltr">> + * ``AS IS'' AND A=
NY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT<br></div><div dir=3D"ltr">=
> NOT LIMITED<br></div><div dir=3D"ltr">> =
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A<br></d=
iv><div dir=3D"ltr">> PARTICULAR<br></div><div dir=3D"ltr"=
>> + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE=
FOUNDATION OR<br></div><div dir=3D"ltr">> CONTRIBUTORS<br=
></div><div dir=3D"ltr">> + * BE LIABLE FOR ANY DIRECT, IN=
DIRECT, INCIDENTAL, SPECIAL,<br></div><div dir=3D"ltr">> E=
XEMPLARY, OR<br></div><div dir=3D"ltr">> + * CONSEQUENTIAL=
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF<br></div><div dir=
=3D"ltr">> + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, =
DATA, OR PROFITS; OR<br></div><div dir=3D"ltr">> BUSINESS<=
br></div><div dir=3D"ltr">> + * INTERRUPTION) HOWEVER CAUS=
ED AND ON ANY THEORY OF LIABILITY,<br></div><div dir=3D"ltr">> &nb=
sp; WHETHER IN<br></div><div dir=3D"ltr">> + * CONTRACT, =
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR<br></div><div dir=3D"ltr=
">> OTHERWISE)<br></div><div dir=3D"ltr">> =
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF<br></div>=
<div dir=3D"ltr">> ADVISED OF THE<br></div><div dir=3D"ltr=
">> + * POSSIBILITY OF SUCH DAMAGE.<br></div><div dir=3D"l=
tr">> + */<br></div><div dir=3D"ltr">> +#=
ifndef _SSP_STDIO_H_<br></div><div dir=3D"ltr">> +#define =
_SSP_STDIO_H_<br></div><div dir=3D"ltr">> +<br></div><div =
dir=3D"ltr">> +#include <ssp/ssp.h><br></div><div di=
r=3D"ltr">> +<br></div><div dir=3D"ltr">> =
+__BEGIN_DECLS<br></div><div dir=3D"ltr">> +int __sprintf=
_chk(char *__restrict, int, size_t, const char<br></div><div dir=3D"ltr">&g=
t; *__restrict, ...)<br></div><div dir=3D"ltr">> &nb=
sp; + __printflike(4, 5);<br></div><div dir=3D"ltr">> =
; +int __vsprintf_chk(char *__restrict, int, size_t, const char<br>=
</div><div dir=3D"ltr">> *__restrict,<br></div><div dir=3D=
"ltr">> + __va_list)<br></div><div dir=3D"ltr=
">> + __printflike(4, 0);<br></div><div dir=
=3D"ltr">> +int __snprintf_chk(char *__restrict, size_t, i=
nt, size_t,<br></div><div dir=3D"ltr">> + con=
st char *__restrict, ...)<br></div><div dir=3D"ltr">> +&nb=
sp; __printflike(5, 6);<br></div><div dir=3D"ltr">> =
+int __vsnprintf_chk(char *__restrict, size_t, int, size_t,<br></div><div =
dir=3D"ltr">> + const char *__restrict, __va_=
list)<br></div><div dir=3D"ltr">> + __printfl=
ike(5, 0);<br></div><div dir=3D"ltr">> +char *__gets_chk(c=
har *, size_t);<br></div><div dir=3D"ltr">> +char *__fgets=
_chk(char *, int, size_t, FILE *);<br></div><div dir=3D"ltr">> &nb=
sp; +__END_DECLS<br></div><div dir=3D"ltr">> +<br></div><=
div dir=3D"ltr">> +#if __SSP_FORTIFY_LEVEL > 0<br></div=
><div dir=3D"ltr">> +<br></div><div dir=3D"ltr">> =
+#define sprintf(str, ...) ({ \<br></div><div di=
r=3D"ltr">> + char *_ssp_str =3D (str); =
\<br></div><div dir=3D"ltr">> + =
__builtin___sprintf_chk(_ssp_str, 0, __ssp_bos(_ssp_str), =
\<br></div><div dir=3D"ltr">> + =
__VA_ARGS__); \<br></div><div dir=3D"ltr">> &=
nbsp; +})<br></div><div dir=3D"ltr">> +<br></div><div dir=
=3D"ltr">> +#define vsprintf(str, fmt, ap) ({ &=
nbsp; \<br></div><div dir=3D"ltr">> + char *_=
ssp_str =3D (str); \<br></div><div dir=
=3D"ltr">> + __builtin___vsprintf_chk(_ssp_st=
r, 0, __ssp_bos(_ssp_str),<br></div><div dir=3D"ltr">> fmt=
, \<br></div><div dir=3D"ltr">> + =
ap); =
\<br></div><div dir=3D"ltr">> +}=
)<br></div><div dir=3D"ltr">> +<br></div><div dir=3D"ltr">=
> +#define snprintf(str, len, ...) ({ \<=
br></div><div dir=3D"ltr">> + char *_ssp_str =
=3D (str); \<br></div><div dir=3D"ltr"=
>> + __builtin___snprintf_chk(_ssp_str, len, =
0,<br></div><div dir=3D"ltr">> __ssp_bos(_ssp_str), &=
nbsp; \<br></div><div dir=3D"ltr">> + &=
nbsp; __VA_ARGS__);  =
; \<br></div><div dir=3D"ltr">> +})<br></div><div di=
r=3D"ltr">> +<br></div><div dir=3D"ltr">> =
+#define vsnprintf(str, len, fmt, ap) ({ \<br></div><div=
dir=3D"ltr">> + char *_ssp_str =3D (str);&nb=
sp; \<br></div><div dir=3D"ltr">> &=
nbsp; + __builtin___vsnprintf_chk(_ssp_str, len, 0,<br></div>=
<div dir=3D"ltr">> __ssp_bos(_ssp_str), =
\<br></div><div dir=3D"ltr">> + =
fmt, ap); \<br></d=
iv><div dir=3D"ltr">> +})<br></div><div dir=3D"ltr">>&n=
bsp; +<br></div><div dir=3D"ltr">> +#define gets(s=
tr) ({ \<br></div><=
div dir=3D"ltr">> + char *_ssp_str =3D (str); &=
nbsp; \<br></div><div dir=3D"ltr">>  =
; + __gets_chk(_ssp_str, __ssp_bos(_ssp_str)); &nb=
sp; \<br></div><div dir=3D"ltr">> +})<br></div><div dir=3D=
"ltr">> +<br></div><div dir=3D"ltr">> +#d=
efine fgets(str, len, fp) ({ \<br></di=
v><div dir=3D"ltr">> + char *_ssp_str =3D (st=
r); \<br></div><div dir=3D"ltr">>&n=
bsp; + __fgets_chk(_ssp_str, len, __ssp_bos(_ssp_str),=
fp); \<br></div><div dir=3D"ltr">> +})<=
br></div><div dir=3D"ltr">> +<br></div><div dir=3D"ltr">&g=
t; +#endif /* __SSP_FORTIFY_LEVEL > 0 */<br></div><div dir=
=3D"ltr">> +<br></div><div dir=3D"ltr">> =
+#endif /* _SSP_STDIO_H_ */<br></div><div dir=3D"ltr">> di=
ff --git a/include/ssp/string.h b/include/ssp/string.h<br></div><div dir=3D=
"ltr">> new file mode 100644<br></div><div dir=3D"ltr">>=
; index 000000000000..996020fda778<br></div><div dir=3D"ltr">=
> --- /dev/null<br></div><div dir=3D"ltr">>  =
; +++ b/include/ssp/string.h<br></div><div dir=3D"ltr">> =
@@ -0,0 +1,129 @@<br></div><div dir=3D"ltr">> +/* &nb=
sp; $NetBSD: string.h,v 1.14 2020/09/05 13:37:59 mrg Exp $  =
; */<br></div><div dir=3D"ltr">> +<br></div><div dir=
=3D"ltr">> +/*-<br></div><div dir=3D"ltr">>  =
; + *<br></div><div dir=3D"ltr">> + * SPDX-License-Identi=
fier: BSD-2-Clause<br></div><div dir=3D"ltr">> + *<br></di=
v><div dir=3D"ltr">> + * Copyright (c) 2006 The NetBSD Fou=
ndation, Inc.<br></div><div dir=3D"ltr">> + * All rights r=
eserved.<br></div><div dir=3D"ltr">> + *<br></div><div dir=
=3D"ltr">> + * This code is derived from software contribu=
ted to The NetBSD<br></div><div dir=3D"ltr">> Foundation<b=
r></div><div dir=3D"ltr">> + * by Christos Zoulas.<br></di=
v><div dir=3D"ltr">> + *<br></div><div dir=3D"ltr">>&nb=
sp; + * Redistribution and use in source and binary forms, with or =
without<br></div><div dir=3D"ltr">> + * modification, are =
permitted provided that the following conditions<br></div><div dir=3D"ltr">=
> + * are met:<br></div><div dir=3D"ltr">> =
+ * 1. Redistributions of source code must retain the above copyright<br>=
</div><div dir=3D"ltr">> + * notice, this lis=
t of conditions and the following disclaimer.<br></div><div dir=3D"ltr">>=
; + * 2. Redistributions in binary form must reproduce the ab=
ove copyright<br></div><div dir=3D"ltr">> + * =
notice, this list of conditions and the following disclaimer<br></div><div=
dir=3D"ltr">> in the<br></div><div dir=3D"ltr">> =
+ * documentation and/or other materials provided wit=
h the<br></div><div dir=3D"ltr">> distribution.<br></div><=
div dir=3D"ltr">> + *<br></div><div dir=3D"ltr">> =
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND<b=
r></div><div dir=3D"ltr">> CONTRIBUTORS<br></div><div dir=
=3D"ltr">> + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRAN=
TIES, INCLUDING, BUT<br></div><div dir=3D"ltr">> NOT LIMIT=
ED<br></div><div dir=3D"ltr">> + * TO, THE IMPLIED WARRANT=
IES OF MERCHANTABILITY AND FITNESS FOR A<br></div><div dir=3D"ltr">>&nbs=
p; PARTICULAR<br></div><div dir=3D"ltr">> + * PURP=
OSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR<br></div><div=
dir=3D"ltr">> CONTRIBUTORS<br></div><div dir=3D"ltr">>=
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,=
<br></div><div dir=3D"ltr">> EXEMPLARY, OR<br></div><div d=
ir=3D"ltr">> + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT=
LIMITED TO, PROCUREMENT OF<br></div><div dir=3D"ltr">> + =
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR<br></div>=
<div dir=3D"ltr">> BUSINESS<br></div><div dir=3D"ltr">>=
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABIL=
ITY,<br></div><div dir=3D"ltr">> WHETHER IN<br></div><div =
dir=3D"ltr">> + * CONTRACT, STRICT LIABILITY, OR TORT (INC=
LUDING NEGLIGENCE OR<br></div><div dir=3D"ltr">> OTHERWISE=
)<br></div><div dir=3D"ltr">> + * ARISING IN ANY WAY OUT O=
F THE USE OF THIS SOFTWARE, EVEN IF<br></div><div dir=3D"ltr">> &n=
bsp; ADVISED OF THE<br></div><div dir=3D"ltr">> + * POSSI=
BILITY OF SUCH DAMAGE.<br></div><div dir=3D"ltr">> + */<br=
></div><div dir=3D"ltr">> +#ifndef _SSP_STRING_H_<br></div=
><div dir=3D"ltr">> +#define _SSP_STRING_H_<br></div><div =
dir=3D"ltr">> +<br></div><div dir=3D"ltr">>  =
; +#include <ssp/ssp.h><br></div><div dir=3D"ltr">> =
+<br></div><div dir=3D"ltr">> +__BEGIN_DECLS<br></div><di=
v dir=3D"ltr">> +void *__memcpy_chk(void *, const void *, =
size_t, size_t);<br></div><div dir=3D"ltr">> +void *__memm=
ove_chk(void *, const void *, size_t, size_t);<br></div><div dir=3D"ltr">&g=
t; +void *__memset_chk(void *, int, size_t, size_t);<br></div=
><div dir=3D"ltr">> +char *__stpcpy_chk(char *, const char=
*, size_t);<br></div><div dir=3D"ltr">> +char *__stpncpy_=
chk(char *, const char *, size_t, size_t);<br></div><div dir=3D"ltr">>&n=
bsp; +char *__strcat_chk(char *, const char *, size_t);<br></div><d=
iv dir=3D"ltr">> +char *__strcpy_chk(char *, const char *,=
size_t);<br></div><div dir=3D"ltr">> +char *__strncat_chk=
(char *, const char *, size_t, size_t);<br></div><div dir=3D"ltr">> =
; +char *__strncpy_chk(char *, const char *, size_t, size_t);<br></=
div><div dir=3D"ltr">> +__END_DECLS<br></div><div dir=3D"l=
tr">> +<br></div><div dir=3D"ltr">> +#if =
__SSP_FORTIFY_LEVEL > 0<br></div><div dir=3D"ltr">> +<b=
r></div><div dir=3D"ltr">> +#define __ssp_bos_check3_typed=
_var(fun, dsttype, dsrvar, dst,<br></div><div dir=3D"ltr">> =
srctype, srcvar, \<br></div><div dir=3D"ltr">> + &=
nbsp; src, lenvar, len) ({  =
; \<br></div><div dir=3D"ltr">> +=
srctype srcvar =3D (src);  =
; \<br></div><div dir=3D"ltr">>&nb=
sp; + dsttype dstvar =3D (dst); &nbs=
p; \<br></div><div dir=3D=
"ltr">> + size_t lenvar =3D (len);  =
; \<br></div=
><div dir=3D"ltr">> + ((__ssp_bos0(dstvar) !=
=3D (size_t)-1) ? \<br></div><div dir=
=3D"ltr">> + __builtin___ ## fun ## _chk(dstv=
ar, srcvar, lenvar, \<br></div><div dir=3D"ltr">> =
; + __ssp_bos0(dstvar)) : &nb=
sp; \<br></div><di=
v dir=3D"ltr">> + __ ## fun ## _ichk(dstvar, =
srcvar, lenvar)); \<br></div><div dir=3D"ltr">> =
+})<br></div><div dir=3D"ltr">> +<br></div><div di=
r=3D"ltr">> +#define __ssp_bos_check3_typed(fun, dsttype, =
dst, srctype, src,<br></div><div dir=3D"ltr">> len) &=
nbsp; \<br></div><div dir=3D"ltr">> + _=
_ssp_bos_check3_typed_var(fun, dsttype, __ssp_var(dstv), dst, &n=
bsp; \<br></div><div dir=3D"ltr">> + &=
nbsp; srctype, __ssp_var(srcv), src, __ssp_var(lenv), len)<br></div><div di=
r=3D"ltr">> +<br></div><div dir=3D"ltr">> =
+#define __ssp_bos_check3(fun, dst, src, len) &nbs=
p; \<br></div><div dir=3D"ltr">> + __ss=
p_bos_check3_typed_var(fun, void *, __ssp_var(dstv), dst, =
\<br></div><div dir=3D"ltr">> +  =
; const void *, __ssp_var(srcv), src, __ssp_var(lenv), len)<br></div><div d=
ir=3D"ltr">> +<br></div><div dir=3D"ltr">> =
+#define __ssp_bos_check2_var(fun, dstvar, dst, srcvar, src) ({ &nbs=
p; \<br></div><div dir=3D"ltr">> =
+ const void *srcvar =3D (src); =
\<br></div><div dir=3D"ltr">&g=
t; + void *dstvar =3D (dst); &=
nbsp; \<br></div><div dir=
=3D"ltr">> + ((__ssp_bos0(dstvar) !=3D (size_=
t)-1) ? \<br></div><div dir=3D"ltr">&g=
t; + __builtin___ ## fun ## _chk(dstvar, srcvar,=
\<br></div><div dir=3D"ltr">> =
; + __ssp_bos0(dstvar)) : &nb=
sp; \<br></div><di=
v dir=3D"ltr">> + __ ## fun ## _ichk(dstvar, =
srcvar)); \<br></div><div dir=3D"ltr">=
> +})<br></div><div dir=3D"ltr">> +<br></=
div><div dir=3D"ltr">> +#define __ssp_bos_check2(fun, dst,=
src) \<br></div><d=
iv dir=3D"ltr">> + __ssp_bos_check2_var(fun, =
__ssp_var(dstv), dst,<br></div><div dir=3D"ltr">> __ssp_va=
r(srcv), src)<br></div><div dir=3D"ltr">> +<br></div><div =
dir=3D"ltr">> +#define __ssp_bos_icheck3_restrict(fun, typ=
e1, type2) \<br></div><div dir=3D"ltr">> +static __inline =
type1 __ ## fun ## _ichk(type1 __restrict, type2<br></div><div dir=3D"ltr">=
> __restrict, size_t); \<br></div><div dir=3D"ltr">>&nb=
sp; +static __inline __attribute__((__always_inline__)) type1 \<br>=
</div><div dir=3D"ltr">> +__ ## fun ## _ichk(type1 __restr=
ict dst, type2 __restrict src,<br></div><div dir=3D"ltr">> =
size_t len) { \<br></div><div dir=3D"ltr">> + =
return __builtin___ ## fun ## _chk(dst, src, len,<br></div><div dir=
=3D"ltr">> __ssp_bos0(dst)); \<br></div><div dir=3D"ltr">&=
gt; +}<br></div><div dir=3D"ltr">> +<br></di=
v><div dir=3D"ltr">> +#define __ssp_bos_icheck3(fun, type1=
, type2) \<br></div><div dir=3D"ltr">> +static __inline ty=
pe1 __ ## fun ## _ichk(type1, type2, size_t); \<br></div><div dir=3D"ltr">&=
gt; +static __inline __attribute__((__always_inline__)) type1=
\<br></div><div dir=3D"ltr">> +__ ## fun ## _ichk(type1 d=
st, type2 src, size_t len) { \<br></div><div dir=3D"ltr">> =
+ return __builtin___ ## fun ## _chk(dst, src, len,<br><=
/div><div dir=3D"ltr">> __ssp_bos0(dst)); \<br></div><div =
dir=3D"ltr">> +}<br></div><div dir=3D"ltr">> &nbs=
p; +<br></div><div dir=3D"ltr">> +#define __ssp_bos_ichec=
k2_restrict(fun, type1, type2) \<br></div><div dir=3D"ltr">>  =
; +static __inline type1 __ ## fun ## _ichk(type1, type2); \<br></div><div=
dir=3D"ltr">> +static __inline __attribute__((__always_in=
line__)) type1 \<br></div><div dir=3D"ltr">> +__ ## fun ##=
_ichk(type1 __restrict dst, type2 __restrict src) { \<br></div><div dir=3D=
"ltr">> + return __builtin___ ## fun ## =
_chk(dst, src, __ssp_bos0(dst)); \<br></div><div dir=3D"ltr">> &nb=
sp; +}<br></div><div dir=3D"ltr">> +<br></div><div dir=3D=
"ltr">> +__BEGIN_DECLS<br></div><div dir=3D"ltr">> =
; +__ssp_bos_icheck3_restrict(memcpy, void *, const void *)<br></di=
v><div dir=3D"ltr">> +__ssp_bos_icheck3(memmove, void *, c=
onst void *)<br></div><div dir=3D"ltr">> +__ssp_bos_icheck=
3(memset, void *, int)<br></div><div dir=3D"ltr">> +__ssp_=
bos_icheck2_restrict(stpcpy, char *, const char *)<br></div><div dir=3D"ltr=
">> +__ssp_bos_icheck3_restrict(stpncpy, char *, const cha=
r *)<br></div><div dir=3D"ltr">> +__ssp_bos_icheck2_restri=
ct(strcpy, char *, const char *)<br></div><div dir=3D"ltr">>  =
; +__ssp_bos_icheck2_restrict(strcat, char *, const char *)<br></div><div =
dir=3D"ltr">> +__ssp_bos_icheck3_restrict(strncpy, char *,=
const char *)<br></div><div dir=3D"ltr">> +__ssp_bos_iche=
ck3_restrict(strncat, char *, const char *)<br></div><div dir=3D"ltr">>&=
nbsp; +__END_DECLS<br></div><div dir=3D"ltr">> +<b=
r></div><div dir=3D"ltr">> +#define memcpy(dst, src, len) =
__ssp_bos_check3(memcpy, dst, src, len)<br></div><div dir=3D"ltr">> =
; +#define memmove(dst, src, len) __ssp_bos_check3(memmove, dst, sr=
c, len)<br></div><div dir=3D"ltr">> +#define memset(dst, v=
al, len) \<br></div><div dir=3D"ltr">> + __ss=
p_bos_check3_typed(memset, void *, dst, int, val, len)<br></div><div dir=3D=
"ltr">> +#define stpcpy(dst, src) __ssp_bos_check2(stpcpy,=
dst, src)<br></div><div dir=3D"ltr">> +#define stpncpy(ds=
t, src, len) __ssp_bos_check3(stpncpy, dst, src, len)<br></div><div dir=3D"=
ltr">> +#define strcpy(dst, src) __ssp_bos_check2(strcpy, =
dst, src)<br></div><div dir=3D"ltr">> +#define strcat(dst,=
src) __ssp_bos_check2(strcat, dst, src)<br></div><div dir=3D"ltr">>&nbs=
p; +#define strncpy(dst, src, len) __ssp_bos_check3(strncpy, dst, s=
rc, len)<br></div><div dir=3D"ltr">> +#define strncat(dst,=
src, len) __ssp_bos_check3(strncat, dst, src, len)<br></div><div dir=3D"lt=
r">> +<br></div><div dir=3D"ltr">> +#endi=
f /* __SSP_FORTIFY_LEVEL > 0 */<br></div><div dir=3D"ltr">> &nb=
sp; +#endif /* _SSP_STRING_H_ */<br></div><div dir=3D"ltr">> &nbs=
p; diff --git a/include/ssp/strings.h b/include/ssp/strings.h<br></div><di=
v dir=3D"ltr">> new file mode 100644<br></div><div dir=3D"=
ltr">> index 000000000000..06c9c7cc0a09<br></div><div dir=
=3D"ltr">> --- /dev/null<br></div><div dir=3D"ltr">>&nb=
sp; +++ b/include/ssp/strings.h<br></div><div dir=3D"ltr">> =
; @@ -0,0 +1,67 @@<br></div><div dir=3D"ltr">> +/*=
$NetBSD: strings.h,v 1.3 2008/04/28 20:22:54 martin Exp =
$ */<br></div><div dir=3D"ltr">> +<br></=
div><div dir=3D"ltr">> +/*-<br></div><div dir=3D"ltr">>=
+ *<br></div><div dir=3D"ltr">> + * SPDX-Li=
cense-Identifier: BSD-2-Clause<br></div><div dir=3D"ltr">> =
+ *<br></div><div dir=3D"ltr">> + * Copyright (c) 2007 Th=
e NetBSD Foundation, Inc.<br></div><div dir=3D"ltr">> + * =
All rights reserved.<br></div><div dir=3D"ltr">> + *<br></=
div><div dir=3D"ltr">> + * This code is derived from softw=
are contributed to The NetBSD<br></div><div dir=3D"ltr">> =
Foundation<br></div><div dir=3D"ltr">> + * by Christos Zou=
las.<br></div><div dir=3D"ltr">> + *<br></div><div dir=3D"=
ltr">> + * Redistribution and use in source and binary for=
ms, with or without<br></div><div dir=3D"ltr">> + * modifi=
cation, are permitted provided that the following conditions<br></div><div =
dir=3D"ltr">> + * are met:<br></div><div dir=3D"ltr">>&=
nbsp; + * 1. Redistributions of source code must retain the above c=
opyright<br></div><div dir=3D"ltr">> + * noti=
ce, this list of conditions and the following disclaimer.<br></div><div dir=
=3D"ltr">> + * 2. Redistributions in binary form must repr=
oduce the above copyright<br></div><div dir=3D"ltr">> + *&=
nbsp; notice, this list of conditions and the following disclaimer<b=
r></div><div dir=3D"ltr">> in the<br></div><div dir=3D"ltr=
">> + * documentation and/or other materials =
provided with the<br></div><div dir=3D"ltr">> distribution=
.<br></div><div dir=3D"ltr">> + *<br></div><div dir=3D"ltr=
">> + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION=
, INC. AND<br></div><div dir=3D"ltr">> CONTRIBUTORS<br></d=
iv><div dir=3D"ltr">> + * ``AS IS'' AND ANY EXPRESS OR IMP=
LIED WARRANTIES, INCLUDING, BUT<br></div><div dir=3D"ltr">> =
NOT LIMITED<br></div><div dir=3D"ltr">> + * TO, THE IMPL=
IED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A<br></div><div dir=3D"lt=
r">> PARTICULAR<br></div><div dir=3D"ltr">>  =
; + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR<br=
></div><div dir=3D"ltr">> CONTRIBUTORS<br></div><div dir=
=3D"ltr">> + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDEN=
TAL, SPECIAL,<br></div><div dir=3D"ltr">> EXEMPLARY, OR<br=
></div><div dir=3D"ltr">> + * CONSEQUENTIAL DAMAGES (INCLU=
DING, BUT NOT LIMITED TO, PROCUREMENT OF<br></div><div dir=3D"ltr">>&nbs=
p; + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;=
OR<br></div><div dir=3D"ltr">> BUSINESS<br></div><div dir=
=3D"ltr">> + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THE=
ORY OF LIABILITY,<br></div><div dir=3D"ltr">> WHETHER IN<b=
r></div><div dir=3D"ltr">> + * CONTRACT, STRICT LIABILITY,=
OR TORT (INCLUDING NEGLIGENCE OR<br></div><div dir=3D"ltr">> &nbs=
p; OTHERWISE)<br></div><div dir=3D"ltr">> + * ARISING IN =
ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF<br></div><div dir=3D"ltr">=
> ADVISED OF THE<br></div><div dir=3D"ltr">> &nbs=
p; + * POSSIBILITY OF SUCH DAMAGE.<br></div><div dir=3D"ltr">> &n=
bsp; + */<br></div><div dir=3D"ltr">> +#ifndef _SSP_STRIN=
GS_H_<br></div><div dir=3D"ltr">> +#define _SSP_STRINGS_H_=
<br></div><div dir=3D"ltr">> +<br></div><div dir=3D"ltr">&=
gt; +#include <ssp/ssp.h><br></div><div dir=3D"ltr">>=
; +#include <string.h><br></div><div dir=3D"ltr">>&n=
bsp; +<br></div><div dir=3D"ltr">> +#if __SSP_FORT=
IFY_LEVEL > 0<br></div><div dir=3D"ltr">> +<br></div><d=
iv dir=3D"ltr">> +#define _ssp_bcopy(srcvar, src, dstvar, =
dst, lenvar, len) ({ \<br></div><div dir=3D"ltr">&g=
t; + const void *srcvar =3D (src); &n=
bsp; \<br></div><div dir=3D"ltr">>=
+ void *dstvar =3D (dst); &nb=
sp; \<br></div><div dir=3D"ltr">> &=
nbsp; + size_t lenvar =3D (len); &nbs=
p; \<br></div><div dir=3D"ltr">> =
+ ((__ssp_bos0(dstvar) !=3D (size_t)-1) ? \<=
br></div><div dir=3D"ltr">> + __builtin___mem=
move_chk(dstvar, srcvar, lenvar, \<br></div><div dir=3D"l=
tr">> + __ssp_bos0(dstvar)) :&n=
bsp; \<br></div><div dir=
=3D"ltr">> + __memmove_ichk(dstvar, srcvar, l=
envar)); \<br></div><div dir=3D"ltr">> +=
})<br></div><div dir=3D"ltr">> +<br></div><div dir=3D"ltr"=
>> +#define bcopy(src, dst, len) &n=
bsp; \<br></div><div dir=3D"ltr=
">> + _ssp_bcopy(__ssp_var(srcv), src, __ssp_=
var(dstv), dst,<br></div><div dir=3D"ltr">> __ssp_var(lenv=
), len)<br></div><div dir=3D"ltr">> +<br></div><div dir=3D=
"ltr">> +#define _ssp_bzero(dstvar, dst, lenvar, len) ({&n=
bsp; \<br></div><div dir=3D"ltr">> =
+ void *dstvar =3D (dst); &nbs=
p; \<br></div><div dir=3D"ltr">> =
+ size_t lenvar =3D (len);  =
; \<br></div><div dir=3D"ltr">> + =
((__ssp_bos0(dstvar) !=3D (size_t)-1) ? \<br></di=
v><div dir=3D"ltr">> + __builtin___memset_chk=
(dstvar, 0, lenvar, \<br></div><div dir=3D"ltr">> =
; + __ssp_bos0(dstvar)) : \<br></div><di=
v dir=3D"ltr">> + __memset_ichk(dstvar, 0, le=
nvar)); \<br></div><div dir=3D"ltr">&g=
t; +})<br></div><div dir=3D"ltr">> +<br></di=
v><div dir=3D"ltr">> +#define bzero(dst,=
len) _ssp_bzero(__ssp_var(dstv), dst,<br></div><div dir=
=3D"ltr">> __ssp_var(lenv), len)<br></div><div dir=3D"ltr"=
>> +<br></div><div dir=3D"ltr">> +#endif =
/* __SSP_FORTIFY_LEVEL > 0 */<br></div><div dir=3D"ltr">>  =
; +#endif /* _SSP_STRINGS_H_ */<br></div><div dir=3D"ltr">>  =
; diff --git a/include/ssp/unistd.h b/include/ssp/unistd.h<br></div><div d=
ir=3D"ltr">> new file mode 100644<br></div><div dir=3D"ltr=
">> index 000000000000..2414e2baa96b<br></div><div dir=3D"=
ltr">> --- /dev/null<br></div><div dir=3D"ltr">> =
+++ b/include/ssp/unistd.h<br></div><div dir=3D"ltr">> &nb=
sp; @@ -0,0 +1,54 @@<br></div><div dir=3D"ltr">> +/* =
; $NetBSD: unistd.h,v 1.7 2015/06/25 18:41:03 joerg Exp $ =
*/<br></div><div dir=3D"ltr">> +<br></div><di=
v dir=3D"ltr">> +/*-<br></div><div dir=3D"ltr">> =
+ *<br></div><div dir=3D"ltr">> + * SPDX-License-I=
dentifier: BSD-2-Clause<br></div><div dir=3D"ltr">> + *<br=
></div><div dir=3D"ltr">> + * Copyright (c) 2006 The NetBS=
D Foundation, Inc.<br></div><div dir=3D"ltr">> + * All rig=
hts reserved.<br></div><div dir=3D"ltr">> + *<br></div><di=
v dir=3D"ltr">> + * This code is derived from software con=
tributed to The NetBSD<br></div><div dir=3D"ltr">> Foundat=
ion<br></div><div dir=3D"ltr">> + * by Christos Zoulas.<br=
></div><div dir=3D"ltr">> + *<br></div><div dir=3D"ltr">&g=
t; + * Redistribution and use in source and binary forms, wit=
h or without<br></div><div dir=3D"ltr">> + * modification,=
are permitted provided that the following conditions<br></div><div dir=3D"=
ltr">> + * are met:<br></div><div dir=3D"ltr">> &=
nbsp; + * 1. Redistributions of source code must retain the above copyrigh=
t<br></div><div dir=3D"ltr">> + * notice, thi=
s list of conditions and the following disclaimer.<br></div><div dir=3D"ltr=
">> + * 2. Redistributions in binary form must reproduce t=
he above copyright<br></div><div dir=3D"ltr">> + * &=
nbsp; notice, this list of conditions and the following disclaimer<br></div=
><div dir=3D"ltr">> in the<br></div><div dir=3D"ltr">>&=
nbsp; + * documentation and/or other materials provide=
d with the<br></div><div dir=3D"ltr">> distribution.<br></=
div><div dir=3D"ltr">> + *<br></div><div dir=3D"ltr">>&=
nbsp; + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. =
AND<br></div><div dir=3D"ltr">> CONTRIBUTORS<br></div><div=
dir=3D"ltr">> + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WA=
RRANTIES, INCLUDING, BUT<br></div><div dir=3D"ltr">> NOT L=
IMITED<br></div><div dir=3D"ltr">> + * TO, THE IMPLIED WAR=
RANTIES OF MERCHANTABILITY AND FITNESS FOR A<br></div><div dir=3D"ltr">>=
PARTICULAR<br></div><div dir=3D"ltr">> + * =
PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR<br></div>=
<div dir=3D"ltr">> CONTRIBUTORS<br></div><div dir=3D"ltr">=
> + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPEC=
IAL,<br></div><div dir=3D"ltr">> EXEMPLARY, OR<br></div><d=
iv dir=3D"ltr">> + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT=
NOT LIMITED TO, PROCUREMENT OF<br></div><div dir=3D"ltr">> =
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR<br></=
div><div dir=3D"ltr">> BUSINESS<br></div><div dir=3D"ltr">=
> + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LI=
ABILITY,<br></div><div dir=3D"ltr">> WHETHER IN<br></div><=
div dir=3D"ltr">> + * CONTRACT, STRICT LIABILITY, OR TORT =
(INCLUDING NEGLIGENCE OR<br></div><div dir=3D"ltr">> OTHER=
WISE)<br></div><div dir=3D"ltr">> + * ARISING IN ANY WAY O=
UT OF THE USE OF THIS SOFTWARE, EVEN IF<br></div><div dir=3D"ltr">> =
; ADVISED OF THE<br></div><div dir=3D"ltr">> + * P=
OSSIBILITY OF SUCH DAMAGE.<br></div><div dir=3D"ltr">> + *=
/<br></div><div dir=3D"ltr">> +#ifndef _SSP_UNISTD_H_<br><=
/div><div dir=3D"ltr">> +#define _SSP_UNISTD_H_<br></div><=
div dir=3D"ltr">> +<br></div><div dir=3D"ltr">> &=
nbsp; +#include <ssp/ssp.h><br></div><div dir=3D"ltr">> &nb=
sp; +<br></div><div dir=3D"ltr">> +#if __SSP_FORTIFY_LEVE=
L > 0<br></div><div dir=3D"ltr">> +__BEGIN_DECLS<br></d=
iv><div dir=3D"ltr">> +<br></div><div dir=3D"ltr">>&nbs=
p; +__ssp_redirect0(ssize_t, read, (int __fd, void *__buf, size_t _=
_len), \<br></div><div dir=3D"ltr">> + (__fd,=
__buf, __len));<br></div><div dir=3D"ltr">> +<br></div><d=
iv dir=3D"ltr">> +__ssp_redirect(ssize_t, readlink, (const=
char *__restrict __path, \<br></div><div dir=3D"ltr">> +&=
nbsp; char *__restrict __buf, size_t __len), (__path, __buf, __len))=
;<br></div><div dir=3D"ltr">> +<br></div><div dir=3D"ltr">=
> +__ssp_redirect_raw(char *, getcwd, getcwd, (char *__buf=
, size_t __len),<br></div><div dir=3D"ltr">> +  =
; (__buf, __len), __buf !=3D 0, __ssp_bos);<br></div><div dir=3D"ltr">>&=
nbsp; +<br></div><div dir=3D"ltr">> +__END_DECLS<b=
r></div><div dir=3D"ltr">> +<br></div><div dir=3D"ltr">>=
; +#endif /* __SSP_FORTIFY_LEVEL > 0 */<br></div><div dir=
=3D"ltr">> +#endif /* _SSP_UNISTD_H_ */<br></div><div dir=
=3D"ltr">> diff --git a/lib/libc/secure/Makefile.inc b/lib=
/libc/secure/Makefile.inc<br></div><div dir=3D"ltr">> inde=
x 8574c5a05dc5..3b1ad879c715 100644<br></div><div dir=3D"ltr">> &n=
bsp; --- a/lib/libc/secure/Makefile.inc<br></div><div dir=3D"ltr">>&nbs=
p; +++ b/lib/libc/secure/Makefile.inc<br></div><div dir=3D"ltr">>=
; @@ -3,6 +3,17 @@<br></div><div dir=3D"ltr">> <br></div><=
div dir=3D"ltr">> .PATH: ${LIBC_SRCTOP}/secure<br></div><d=
iv dir=3D"ltr">> <br></div><div dir=3D"ltr">> +# _FORTI=
FY_SOURCE<br></div><div dir=3D"ltr">> +SRCS+=3D  =
; gets_chk.c fgets_chk.c memcpy_chk.c memmove_chk.c<br></div><div dir=
=3D"ltr">> memset_chk.c \<br></div><div dir=3D"ltr">>&n=
bsp; + snprintf_chk.c sprintf_chk.c stpcpy_chk.c =
stpncpy_chk.c \<br></div><div dir=3D"ltr">> + &=
nbsp; strcat_chk.c strcpy_chk.c strncat_chk.c strncpy_chk.c \<br></div><div=
dir=3D"ltr">> + vsnprintf_chk.c vsprint=
f_chk.c<br></div><div dir=3D"ltr">> +<br></div><div dir=3D=
"ltr">> +CFLAGS.snprintf_chk.c+=3D -Wno-=
unused-parameter<br></div><div dir=3D"ltr">> +CFLAGS.sprin=
tf_chk.c+=3D -Wno-unused-parameter<br></div><div dir=3D"l=
tr">> +CFLAGS.vsnprintf_chk.c+=3D -Wno-u=
nused-parameter<br></div><div dir=3D"ltr">> +CFLAGS.vsprin=
tf_chk.c+=3D -Wno-unused-parameter<br></div><div dir=3D"l=
tr">> +<br></div><div dir=3D"ltr">> # Sou=
rces common to both syscall interfaces:<br></div><div dir=3D"ltr">> =
; SRCS+=3D stack_protector.c \<br></div><div dir=
=3D"ltr">> stack_protector_compat=
.c<br></div><div dir=3D"ltr">> diff --git a/lib/libc/secur=
e/Symbol.map b/lib/libc/secure/Symbol.map<br></div><div dir=3D"ltr">>&nb=
sp; index 641f451b5421..7859fcee3821 100644<br></div><div dir=3D"lt=
r">> --- a/lib/libc/secure/Symbol.map<br></div><div dir=3D=
"ltr">> +++ b/lib/libc/secure/Symbol.map<br></div><div dir=
=3D"ltr">> @@ -3,3 +3,21 @@ FBSD_1.0 {<br></div><div dir=
=3D"ltr">> __stack_chk_fail;<br><=
/div><div dir=3D"ltr">> __stack_c=
hk_guard;<br></div><div dir=3D"ltr">> };<br></div><div dir=
=3D"ltr">> +<br></div><div dir=3D"ltr">> =
+FBSD_1.8 {<br></div><div dir=3D"ltr">> +  =
; __gets_chk;<br></div><div dir=3D"ltr">> + &nb=
sp; __fgets_chk;<br></div><div dir=3D"ltr">> + =
__memcpy_chk;<br></div><div dir=3D"ltr">> + &n=
bsp; __memmove_chk;<br></div><div dir=3D"ltr">> +&nb=
sp; __memset_chk;<br></div><div dir=3D"ltr">> =
+ __snprintf_chk;<br></div><div dir=3D"ltr">> &n=
bsp; + __sprintf_chk;<br></div><div dir=3D"ltr">>&nbs=
p; + __stpcpy_chk;<br></div><div dir=3D"ltr">>=
+ __stpncpy_chk;<br></div><div dir=3D"ltr"=
>> + __strcat_chk;<br></div><div dir=3D"=
ltr">> + __strcpy_chk;<br></div><div dir=
=3D"ltr">> + __strncat_chk;<br></div><di=
v dir=3D"ltr">> + __strncpy_chk;<br></di=
v><div dir=3D"ltr">> + __vsnprintf_chk;<=
br></div><div dir=3D"ltr">> + __vsprintf=
_chk;<br></div><div dir=3D"ltr">> +};<br></div><div dir=3D=
"ltr">> diff --git a/lib/libc/secure/fgets_chk.c b/lib/lib=
c/secure/fgets_chk.c<br></div><div dir=3D"ltr">> new file =
mode 100644<br></div><div dir=3D"ltr">> index 000000000000=
..72aa1d816ce1<br></div><div dir=3D"ltr">> --- /dev/null<b=
r></div><div dir=3D"ltr">> +++ b/lib/libc/secure/fgets_chk=
.c<br></div><div dir=3D"ltr">> @@ -0,0 +1,54 @@<br></div><=
div dir=3D"ltr">> +/*-<br></div><div dir=3D"ltr">> =
; + *<br></div><div dir=3D"ltr">> + * SPDX-License=
-Identifier: BSD-2-Clause<br></div><div dir=3D"ltr">> + *<=
br></div><div dir=3D"ltr">> + * Copyright (c) 2006 The Net=
BSD Foundation, Inc.<br></div><div dir=3D"ltr">> + * All r=
ights reserved.<br></div><div dir=3D"ltr">> + *<br></div><=
div dir=3D"ltr">> + * This code is derived from software c=
ontributed to The NetBSD<br></div><div dir=3D"ltr">> Found=
ation<br></div><div dir=3D"ltr">> + * by Christos Zoulas.<=
br></div><div dir=3D"ltr">> + *<br></div><div dir=3D"ltr">=
> + * Redistribution and use in source and binary forms, w=
ith or without<br></div><div dir=3D"ltr">> + * modificatio=
n, are permitted provided that the following conditions<br></div><div dir=
=3D"ltr">> + * are met:<br></div><div dir=3D"ltr">>&nbs=
p; + * 1. Redistributions of source code must retain the above copy=
right<br></div><div dir=3D"ltr">> + * notice,=
this list of conditions and the following disclaimer.<br></div><div dir=3D=
"ltr">> + * 2. Redistributions in binary form must reprodu=
ce the above copyright<br></div><div dir=3D"ltr">> + *&nbs=
p; notice, this list of conditions and the following disclaimer<br><=
/div><div dir=3D"ltr">> in the<br></div><div dir=3D"ltr">&=
gt; + * documentation and/or other materials pro=
vided with the<br></div><div dir=3D"ltr">> distribution.<b=
r></div><div dir=3D"ltr">> + *<br></div><div dir=3D"ltr">&=
gt; + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, I=
NC. AND<br></div><div dir=3D"ltr">> CONTRIBUTORS<br></div>=
<div dir=3D"ltr">> + * ``AS IS'' AND ANY EXPRESS OR IMPLIE=
D WARRANTIES, INCLUDING, BUT<br></div><div dir=3D"ltr">> N=
OT LIMITED<br></div><div dir=3D"ltr">> + * TO, THE IMPLIED=
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A<br></div><div dir=3D"ltr">=
> PARTICULAR<br></div><div dir=3D"ltr">> =
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR<br></=
div><div dir=3D"ltr">> CONTRIBUTORS<br></div><div dir=3D"l=
tr">> + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, =
SPECIAL,<br></div><div dir=3D"ltr">> EXEMPLARY, OR<br></di=
v><div dir=3D"ltr">> + * CONSEQUENTIAL DAMAGES (INCLUDING,=
BUT NOT LIMITED TO, PROCUREMENT OF<br></div><div dir=3D"ltr">> &n=
bsp; + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR<b=
r></div><div dir=3D"ltr">> BUSINESS<br></div><div dir=3D"l=
tr">> + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY O=
F LIABILITY,<br></div><div dir=3D"ltr">> WHETHER IN<br></d=
iv><div dir=3D"ltr">> + * CONTRACT, STRICT LIABILITY, OR T=
ORT (INCLUDING NEGLIGENCE OR<br></div><div dir=3D"ltr">> O=
THERWISE)<br></div><div dir=3D"ltr">> + * ARISING IN ANY W=
AY OUT OF THE USE OF THIS SOFTWARE, EVEN IF<br></div><div dir=3D"ltr">>&=
nbsp; ADVISED OF THE<br></div><div dir=3D"ltr">> +=
* POSSIBILITY OF SUCH DAMAGE.<br></div><div dir=3D"ltr">> =
+ */<br></div><div dir=3D"ltr">> +#include <sys/cdefs.=
h><br></div><div dir=3D"ltr">> +__RCSID("$NetBSD: fgets=
_chk.c,v 1.6 2009/02/05 05:41:51 lukem Exp $");<br></div><div dir=3D"ltr">&=
gt; +<br></div><div dir=3D"ltr">> +#include =
<limits.h><br></div><div dir=3D"ltr">> +#include <=
;stdio.h><br></div><div dir=3D"ltr">> +#include <std=
lib.h><br></div><div dir=3D"ltr">> +#include <string=
.h><br></div><div dir=3D"ltr">> +<br></div><div dir=3D"=
ltr">> +#include <ssp/stdio.h><br></div><div dir=3D"=
ltr">> +#include <ssp/string.h><br></div><div dir=3D=
"ltr">> +#undef fgets<br></div><div dir=3D"ltr">> =
+<br></div><div dir=3D"ltr">> +char *<br></div><d=
iv dir=3D"ltr">> +__fgets_chk(char * __restrict buf, int l=
en, size_t slen, FILE *fp)<br></div><div dir=3D"ltr">> +{<=
br></div><div dir=3D"ltr">> + if (slen &=
gt;=3D (size_t)INT_MAX)<br></div><div dir=3D"ltr">> + =
; return (fgets(buf, len, fp));<br></div><di=
v dir=3D"ltr">> +<br></div><div dir=3D"ltr">> &nb=
sp; + if (len >=3D 0 && (size_t)len > slen=
)<br></div><div dir=3D"ltr">> + &n=
bsp; __chk_fail();<br></div><div dir=3D"ltr">> +<br>=
</div><div dir=3D"ltr">> + return (fgets=
(buf, len, fp));<br></div><div dir=3D"ltr">> +}<br></div><=
div dir=3D"ltr">> diff --git a/lib/libc/secure/gets_chk.c =
b/lib/libc/secure/gets_chk.c<br></div><div dir=3D"ltr">> n=
ew file mode 100644<br></div><div dir=3D"ltr">> index 0000=
00000000..18c1e2d18f43<br></div><div dir=3D"ltr">> --- /de=
v/null<br></div><div dir=3D"ltr">> +++ b/lib/libc/secure/g=
ets_chk.c<br></div><div dir=3D"ltr">> @@ -0,0 +1,74 @@<br>=
</div><div dir=3D"ltr">> +/*-<br></div><div dir=3D"ltr">&g=
t; + *<br></div><div dir=3D"ltr">> + * SPDX-=
License-Identifier: BSD-2-Clause<br></div><div dir=3D"ltr">>  =
; + *<br></div><div dir=3D"ltr">> + * Copyright (c) 2006 =
The NetBSD Foundation, Inc.<br></div><div dir=3D"ltr">> + =
* All rights reserved.<br></div><div dir=3D"ltr">> + *<br>=
</div><div dir=3D"ltr">> + * This code is derived from sof=
tware contributed to The NetBSD<br></div><div dir=3D"ltr">> =
Foundation<br></div><div dir=3D"ltr">> + * by Christos Z=
oulas.<br></div><div dir=3D"ltr">> + *<br></div><div dir=
=3D"ltr">> + * Redistribution and use in source and binary=
forms, with or without<br></div><div dir=3D"ltr">> + * mo=
dification, are permitted provided that the following conditions<br></div><=
div dir=3D"ltr">> + * are met:<br></div><div dir=3D"ltr">&=
gt; + * 1. Redistributions of source code must retain the abo=
ve copyright<br></div><div dir=3D"ltr">> + * =
notice, this list of conditions and the following disclaimer.<br></div><div=
dir=3D"ltr">> + * 2. Redistributions in binary form must =
reproduce the above copyright<br></div><div dir=3D"ltr">> =
+ * notice, this list of conditions and the following disclaim=
er<br></div><div dir=3D"ltr">> in the<br></div><div dir=3D=
"ltr">> + * documentation and/or other materi=
als provided with the<br></div><div dir=3D"ltr">> distribu=
tion.<br></div><div dir=3D"ltr">> + *<br></div><div dir=3D=
"ltr">> + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDA=
TION, INC. AND<br></div><div dir=3D"ltr">> CONTRIBUTORS<br=
></div><div dir=3D"ltr">> + * ``AS IS'' AND ANY EXPRESS OR=
IMPLIED WARRANTIES, INCLUDING, BUT<br></div><div dir=3D"ltr">> &n=
bsp; NOT LIMITED<br></div><div dir=3D"ltr">> + * TO, THE =
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A<br></div><div dir=
=3D"ltr">> PARTICULAR<br></div><div dir=3D"ltr">> =
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION=
OR<br></div><div dir=3D"ltr">> CONTRIBUTORS<br></div><div=
dir=3D"ltr">> + * BE LIABLE FOR ANY DIRECT, INDIRECT, INC=
IDENTAL, SPECIAL,<br></div><div dir=3D"ltr">> EXEMPLARY, O=
R<br></div><div dir=3D"ltr">> + * CONSEQUENTIAL DAMAGES (I=
NCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF<br></div><div dir=3D"ltr">>=
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROF=
ITS; OR<br></div><div dir=3D"ltr">> BUSINESS<br></div><div=
dir=3D"ltr">> + * INTERRUPTION) HOWEVER CAUSED AND ON ANY=
THEORY OF LIABILITY,<br></div><div dir=3D"ltr">> WHETHER =
IN<br></div><div dir=3D"ltr">> + * CONTRACT, STRICT LIABIL=
ITY, OR TORT (INCLUDING NEGLIGENCE OR<br></div><div dir=3D"ltr">> =
OTHERWISE)<br></div><div dir=3D"ltr">> + * ARISING=
IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF<br></div><div dir=3D"l=
tr">> ADVISED OF THE<br></div><div dir=3D"ltr">> =
+ * POSSIBILITY OF SUCH DAMAGE.<br></div><div dir=3D"ltr">> =
; + */<br></div><div dir=3D"ltr">> +#include <s=
ys/cdefs.h><br></div><div dir=3D"ltr">> +__RCSID("$NetB=
SD: gets_chk.c,v 1.7 2013/10/04 20:49:16 christos Exp<br></div><div dir=3D"=
ltr">> $");<br></div><div dir=3D"ltr">> +=
<br></div><div dir=3D"ltr">> +#include <limits.h><br=
></div><div dir=3D"ltr">> +#include <stdio.h><br></d=
iv><div dir=3D"ltr">> +#include <stdlib.h><br></div>=
<div dir=3D"ltr">> +#include <string.h><br></div><di=
v dir=3D"ltr">> +<br></div><div dir=3D"ltr">> &nb=
sp; +#include <ssp/stdio.h><br></div><div dir=3D"ltr">> &nb=
sp; +#include <ssp/string.h><br></div><div dir=3D"ltr">> &n=
bsp; +<br></div><div dir=3D"ltr">> +char *__gets_unsafe(c=
har *);<br></div><div dir=3D"ltr">> +<br></div><div dir=3D=
"ltr">> +char *<br></div><div dir=3D"ltr">>  =
; +__gets_chk(char * __restrict buf, size_t slen)<br></div><div dir=3D"ltr=
">> +{<br></div><div dir=3D"ltr">> + =
; char *abuf;<br></div><div dir=3D"ltr">> +&nb=
sp; size_t len;<br></div><div dir=3D"ltr">> +<=
br></div><div dir=3D"ltr">> + if (slen &=
gt;=3D (size_t)INT_MAX)<br></div><div dir=3D"ltr">> + =
; return (__gets_unsafe(buf));<br></div><div=
dir=3D"ltr">> +<br></div><div dir=3D"ltr">> &nbs=
p; + if ((abuf =3D malloc(slen + 1)) =3D=3D NULL)<br></d=
iv><div dir=3D"ltr">> + &nbs=
p; return (__gets_unsafe(buf));<br></div><div dir=3D"ltr">> =
+<br></div><div dir=3D"ltr">> + if (fg=
ets(abuf, (int)(slen + 1), stdin) =3D=3D NULL) {<br></div><div dir=3D"ltr">=
> + free(abuf);<br></=
div><div dir=3D"ltr">> + &nb=
sp; return (NULL);<br></div><div dir=3D"ltr">> + &nbs=
p; }<br></div><div dir=3D"ltr">> +<br></div><div dir=
=3D"ltr">> + len =3D strlen(abuf);<br></=
div><div dir=3D"ltr">> + if (len > 0 =
&& abuf[len - 1] =3D=3D '\n')<br></div><div dir=3D"ltr">> =
+ --len;<br></div><div dir=3D"=
ltr">> +<br></div><div dir=3D"ltr">> +&nb=
sp; if (len >=3D slen)<br></div><div dir=3D"ltr">> =
+ __chk_fail();<br></div><div =
dir=3D"ltr">> +<br></div><div dir=3D"ltr">>  =
; + (void)memcpy(buf, abuf, len);<br></div><div dir=3D"l=
tr">> +<br></div><div dir=3D"ltr">> +&nbs=
p; buf[len] =3D '\0';<br></div><div dir=3D"ltr">> &nbs=
p; + free(abuf);<br></div><div dir=3D"ltr">> &n=
bsp; + return (buf);<br></div><div dir=3D"ltr">> =
; +}<br></div><div dir=3D"ltr">> diff --git a/lib/=
libc/secure/memcpy_chk.c b/lib/libc/secure/memcpy_chk.c<br></div><div dir=
=3D"ltr">> new file mode 100644<br></div><div dir=3D"ltr">=
> index 000000000000..99cf2d5f13ff<br></div><div dir=3D"lt=
r">> --- /dev/null<br></div><div dir=3D"ltr">> &n=
bsp; +++ b/lib/libc/secure/memcpy_chk.c<br></div><div dir=3D"ltr">>&nbs=
p; @@ -0,0 +1,53 @@<br></div><div dir=3D"ltr">> +/=
*-<br></div><div dir=3D"ltr">> + *<br></div><div dir=3D"lt=
r">> + * SPDX-License-Identifier: BSD-2-Clause<br></div><d=
iv dir=3D"ltr">> + *<br></div><div dir=3D"ltr">> =
+ * Copyright (c) 2006 The NetBSD Foundation, Inc.<br></div><div di=
r=3D"ltr">> + * All rights reserved.<br></div><div dir=3D"=
ltr">> + *<br></div><div dir=3D"ltr">> + =
* This code is derived from software contributed to The NetBSD<br></div><di=
v dir=3D"ltr">> Foundation<br></div><div dir=3D"ltr">>&=
nbsp; + * by Christos Zoulas.<br></div><div dir=3D"ltr">> =
+ *<br></div><div dir=3D"ltr">> + * Redistribution=
and use in source and binary forms, with or without<br></div><div dir=3D"l=
tr">> + * modification, are permitted provided that the fo=
llowing conditions<br></div><div dir=3D"ltr">> + * are met=
:<br></div><div dir=3D"ltr">> + * 1. Redistributions of so=
urce code must retain the above copyright<br></div><div dir=3D"ltr">>&nb=
sp; + * notice, this list of conditions and the follow=
ing disclaimer.<br></div><div dir=3D"ltr">> + * 2. Redistr=
ibutions in binary form must reproduce the above copyright<br></div><div di=
r=3D"ltr">> + * notice, this list of conditio=
ns and the following disclaimer<br></div><div dir=3D"ltr">> =
in the<br></div><div dir=3D"ltr">> + * docu=
mentation and/or other materials provided with the<br></div><div dir=3D"ltr=
">> distribution.<br></div><div dir=3D"ltr">> &nb=
sp; + *<br></div><div dir=3D"ltr">> + * THIS SOFTWARE IS =
PROVIDED BY THE NETBSD FOUNDATION, INC. AND<br></div><div dir=3D"ltr">>&=
nbsp; CONTRIBUTORS<br></div><div dir=3D"ltr">> + *=
``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT<br></div><=
div dir=3D"ltr">> NOT LIMITED<br></div><div dir=3D"ltr">&g=
t; + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITN=
ESS FOR A<br></div><div dir=3D"ltr">> PARTICULAR<br></div>=
<div dir=3D"ltr">> + * PURPOSE ARE DISCLAIMED. IN NO=
EVENT SHALL THE FOUNDATION OR<br></div><div dir=3D"ltr">> =
CONTRIBUTORS<br></div><div dir=3D"ltr">> + * BE LIABLE FO=
R ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,<br></div><div dir=3D"ltr">>=
EXEMPLARY, OR<br></div><div dir=3D"ltr">> +=
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF<br>=
</div><div dir=3D"ltr">> + * SUBSTITUTE GOODS OR SERVICES;=
LOSS OF USE, DATA, OR PROFITS; OR<br></div><div dir=3D"ltr">> &nb=
sp; BUSINESS<br></div><div dir=3D"ltr">> + * INTERRUPTION=
) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,<br></div><div dir=3D"ltr">=
> WHETHER IN<br></div><div dir=3D"ltr">> =
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR<br></div><=
div dir=3D"ltr">> OTHERWISE)<br></div><div dir=3D"ltr">>=
; + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVE=
N IF<br></div><div dir=3D"ltr">> ADVISED OF THE<br></div><=
div dir=3D"ltr">> + * POSSIBILITY OF SUCH DAMAGE.<br></div=
><div dir=3D"ltr">> + */<br></div><div dir=3D"ltr">>&nb=
sp; +#include <sys/cdefs.h><br></div><div dir=3D"ltr">>&nb=
sp; +__RCSID("$NetBSD: memcpy_chk.c,v 1.7 2015/05/13 19:57:16 joerg=
Exp $");<br></div><div dir=3D"ltr">> +<br></div><div dir=
=3D"ltr">> +#include <string.h><br></div><div dir=3D=
"ltr">> +<br></div><div dir=3D"ltr">> +#i=
nclude <ssp/string.h><br></div><div dir=3D"ltr">> +#=
undef memcpy<br></div><div dir=3D"ltr">> +<br></div><div d=
ir=3D"ltr">> +#include "ssp_internal.h"<br></div><div dir=
=3D"ltr">> +<br></div><div dir=3D"ltr">> =
+void *<br></div><div dir=3D"ltr">> +__memcpy_chk(void * _=
_restrict dst, const void * __restrict src,<br></div><div dir=3D"ltr">>&=
nbsp; size_t len,<br></div><div dir=3D"ltr">> +&nb=
sp; size_t slen)<br></div><div dir=3D"ltr">> +{<br>=
</div><div dir=3D"ltr">> + if (len > =
slen)<br></div><div dir=3D"ltr">> + &nbs=
p; __chk_fail();<br></div><div dir=3D"ltr">> +=
<br></div><div dir=3D"ltr">> + if (__ssp=
_overlap((const char *)src, (const char *)dst, len))<br></div><div dir=3D"l=
tr">> + __chk_fail();=
<br></div><div dir=3D"ltr">> +<br></div><div dir=3D"ltr">&=
gt; + return (memcpy(dst, src, len));<br></=
div><div dir=3D"ltr">> +}<br></div><div dir=3D"ltr">>&n=
bsp; diff --git a/lib/libc/secure/memmove_chk.c<br></div><div dir=
=3D"ltr">> b/lib/libc/secure/memmove_chk.c<br></div><div d=
ir=3D"ltr">> new file mode 100644<br></div><div dir=3D"ltr=
">> index 000000000000..07f965d608fc<br></div><div dir=3D"=
ltr">> --- /dev/null<br></div><div dir=3D"ltr">> =
+++ b/lib/libc/secure/memmove_chk.c<br></div><div dir=3D"ltr">>&=
nbsp; @@ -0,0 +1,47 @@<br></div><div dir=3D"ltr">> =
+/*-<br></div><div dir=3D"ltr">> + *<br></div><div dir=3D=
"ltr">> + * SPDX-License-Identifier: BSD-2-Clause<br></div=
><div dir=3D"ltr">> + *<br></div><div dir=3D"ltr">>&nbs=
p; + * Copyright (c) 2006 The NetBSD Foundation, Inc.<br></div><div=
dir=3D"ltr">> + * All rights reserved.<br></div><div dir=
=3D"ltr">> + *<br></div><div dir=3D"ltr">> =
+ * This code is derived from software contributed to The NetBSD<br></div=
><div dir=3D"ltr">> Foundation<br></div><div dir=3D"ltr">&=
gt; + * by Christos Zoulas.<br></div><div dir=3D"ltr">>&nb=
sp; + *<br></div><div dir=3D"ltr">> + * Redistribu=
tion and use in source and binary forms, with or without<br></div><div dir=
=3D"ltr">> + * modification, are permitted provided that t=
he following conditions<br></div><div dir=3D"ltr">> + * ar=
e met:<br></div><div dir=3D"ltr">> + * 1. Redistributions =
of source code must retain the above copyright<br></div><div dir=3D"ltr">&g=
t; + * notice, this list of conditions and the f=
ollowing disclaimer.<br></div><div dir=3D"ltr">> + * 2. Re=
distributions in binary form must reproduce the above copyright<br></div><d=
iv dir=3D"ltr">> + * notice, this list of con=
ditions and the following disclaimer<br></div><div dir=3D"ltr">> &=
nbsp; in the<br></div><div dir=3D"ltr">> + * =
documentation and/or other materials provided with the<br></div><div dir=
=3D"ltr">> distribution.<br></div><div dir=3D"ltr">>&nb=
sp; + *<br></div><div dir=3D"ltr">> + * THIS SOFTW=
ARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND<br></div><div dir=3D"ltr=
">> CONTRIBUTORS<br></div><div dir=3D"ltr">> &nbs=
p; + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT<br>=
</div><div dir=3D"ltr">> NOT LIMITED<br></div><div dir=3D"=
ltr">> + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY A=
ND FITNESS FOR A<br></div><div dir=3D"ltr">> PARTICULAR<br=
></div><div dir=3D"ltr">> + * PURPOSE ARE DISCLAIMED. =
; IN NO EVENT SHALL THE FOUNDATION OR<br></div><div dir=3D"ltr">> =
CONTRIBUTORS<br></div><div dir=3D"ltr">> + * BE LI=
ABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,<br></div><div dir=3D"lt=
r">> EXEMPLARY, OR<br></div><div dir=3D"ltr">> &n=
bsp; + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT=
OF<br></div><div dir=3D"ltr">> + * SUBSTITUTE GOODS OR SE=
RVICES; LOSS OF USE, DATA, OR PROFITS; OR<br></div><div dir=3D"ltr">>&nb=
sp; BUSINESS<br></div><div dir=3D"ltr">> + * INTER=
RUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,<br></div><div dir=
=3D"ltr">> WHETHER IN<br></div><div dir=3D"ltr">> =
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR<b=
r></div><div dir=3D"ltr">> OTHERWISE)<br></div><div dir=3D=
"ltr">> + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFT=
WARE, EVEN IF<br></div><div dir=3D"ltr">> ADVISED OF THE<b=
r></div><div dir=3D"ltr">> + * POSSIBILITY OF SUCH DAMAGE.=
<br></div><div dir=3D"ltr">> + */<br></div><div dir=3D"ltr=
">> +#include <sys/cdefs.h><br></div><div dir=3D"ltr=
">> +__RCSID("$NetBSD: memmove_chk.c,v 1.6 2020/09/05 13:3=
7:59 mrg Exp $");<br></div><div dir=3D"ltr">> +<br></div><=
div dir=3D"ltr">> +#include <string.h><br></div><div=
dir=3D"ltr">> +<br></div><div dir=3D"ltr">> &nbs=
p; +#include <ssp/string.h><br></div><div dir=3D"ltr">> &nb=
sp; +#undef memmove<br></div><div dir=3D"ltr">> +<br></di=
v><div dir=3D"ltr">> +void *<br></div><div dir=3D"ltr">>=
; +__memmove_chk(void *dst, const void *src, size_t len,<br><=
/div><div dir=3D"ltr">> + size_t slen)<br></d=
iv><div dir=3D"ltr">> +{<br></div><div dir=3D"ltr">>&nb=
sp; + if (len > slen)<br></div><div dir=3D"ltr=
">> + __chk_fail();<b=
r></div><div dir=3D"ltr">> + return (mem=
move(dst, src, len));<br></div><div dir=3D"ltr">> +}<br></=
div><div dir=3D"ltr">> diff --git a/lib/libc/secure/memset=
_chk.c b/lib/libc/secure/memset_chk.c<br></div><div dir=3D"ltr">> =
new file mode 100644<br></div><div dir=3D"ltr">> i=
ndex 000000000000..f337be98b46d<br></div><div dir=3D"ltr">> =
--- /dev/null<br></div><div dir=3D"ltr">> +++ b/lib/libc=
/secure/memset_chk.c<br></div><div dir=3D"ltr">> @@ -0,0 +=
1,46 @@<br></div><div dir=3D"ltr">> +/*-<br></div><div dir=
=3D"ltr">> + *<br></div><div dir=3D"ltr">> =
+ * SPDX-License-Identifier: BSD-2-Clause<br></div><div dir=3D"ltr">>&=
nbsp; + *<br></div><div dir=3D"ltr">> + * Copyrigh=
t (c) 2006 The NetBSD Foundation, Inc.<br></div><div dir=3D"ltr">> =
+ * All rights reserved.<br></div><div dir=3D"ltr">> &nbs=
p; + *<br></div><div dir=3D"ltr">> + * This code is deriv=
ed from software contributed to The NetBSD<br></div><div dir=3D"ltr">>&n=
bsp; Foundation<br></div><div dir=3D"ltr">> + * by=
Christos Zoulas.<br></div><div dir=3D"ltr">> + *<br></div=
><div dir=3D"ltr">> + * Redistribution and use in source a=
nd binary forms, with or without<br></div><div dir=3D"ltr">>  =
; + * modification, are permitted provided that the following conditions<b=
r></div><div dir=3D"ltr">> + * are met:<br></div><div dir=
=3D"ltr">> + * 1. Redistributions of source code must reta=
in the above copyright<br></div><div dir=3D"ltr">> + *&nbs=
p; notice, this list of conditions and the following disclaimer.<br>=
</div><div dir=3D"ltr">> + * 2. Redistributions in binary =
form must reproduce the above copyright<br></div><div dir=3D"ltr">> =
; + * notice, this list of conditions and the followin=
g disclaimer<br></div><div dir=3D"ltr">> in the<br></div><=
div dir=3D"ltr">> + * documentation and/or ot=
her materials provided with the<br></div><div dir=3D"ltr">> =
distribution.<br></div><div dir=3D"ltr">> + *<br></div><=
div dir=3D"ltr">> + * THIS SOFTWARE IS PROVIDED BY THE NET=
BSD FOUNDATION, INC. AND<br></div><div dir=3D"ltr">> CONTR=
IBUTORS<br></div><div dir=3D"ltr">> + * ``AS IS'' AND ANY =
EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT<br></div><div dir=3D"ltr">>=
; NOT LIMITED<br></div><div dir=3D"ltr">> + =
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A<br></div>=
<div dir=3D"ltr">> PARTICULAR<br></div><div dir=3D"ltr">&g=
t; + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FO=
UNDATION OR<br></div><div dir=3D"ltr">> CONTRIBUTORS<br></=
div><div dir=3D"ltr">> + * BE LIABLE FOR ANY DIRECT, INDIR=
ECT, INCIDENTAL, SPECIAL,<br></div><div dir=3D"ltr">> EXEM=
PLARY, OR<br></div><div dir=3D"ltr">> + * CONSEQUENTIAL DA=
MAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF<br></div><div dir=3D"l=
tr">> + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,=
OR PROFITS; OR<br></div><div dir=3D"ltr">> BUSINESS<br></=
div><div dir=3D"ltr">> + * INTERRUPTION) HOWEVER CAUSED AN=
D ON ANY THEORY OF LIABILITY,<br></div><div dir=3D"ltr">> =
WHETHER IN<br></div><div dir=3D"ltr">> + * CONTRACT, STRIC=
T LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR<br></div><div dir=3D"ltr">>=
; OTHERWISE)<br></div><div dir=3D"ltr">> + *=
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF<br></div><div =
dir=3D"ltr">> ADVISED OF THE<br></div><div dir=3D"ltr">>=
; + * POSSIBILITY OF SUCH DAMAGE.<br></div><div dir=3D"ltr">&=
gt; + */<br></div><div dir=3D"ltr">> +#inclu=
de <sys/cdefs.h><br></div><div dir=3D"ltr">> +__RCSI=
D("$NetBSD: memset_chk.c,v 1.5 2014/09/17 00:39:28 joerg Exp $");<br></div>=
<div dir=3D"ltr">> +<br></div><div dir=3D"ltr">> =
+#include <string.h><br></div><div dir=3D"ltr">> &nb=
sp; +<br></div><div dir=3D"ltr">> +#include <ssp/strin=
g.h><br></div><div dir=3D"ltr">> +#undef memset<br></di=
v><div dir=3D"ltr">> +<br></div><div dir=3D"ltr">> =
; +void *<br></div><div dir=3D"ltr">> +__memset_ch=
k(void * __restrict dst, int val, size_t len, size_t slen)<br></div><div di=
r=3D"ltr">> +{<br></div><div dir=3D"ltr">> =
+ if (len > slen)<br></div><div dir=3D"ltr">>&nbs=
p; + __chk_fail();<br></div><d=
iv dir=3D"ltr">> + return (memset(dst, v=
al, len));<br></div><div dir=3D"ltr">> +}<br></div><div di=
r=3D"ltr">> diff --git a/lib/libc/secure/snprintf_chk.c<br=
></div><div dir=3D"ltr">> b/lib/libc/secure/snprintf_chk.c=
<br></div><div dir=3D"ltr">> new file mode 100644<br></div=
><div dir=3D"ltr">> index 000000000000..52ef874ede5b<br></=
div><div dir=3D"ltr">> --- /dev/null<br></div><div dir=3D"=
ltr">> +++ b/lib/libc/secure/snprintf_chk.c<br></div><div =
dir=3D"ltr">> @@ -0,0 +1,56 @@<br></div><div dir=3D"ltr">&=
gt; +/*-<br></div><div dir=3D"ltr">> + *<br>=
</div><div dir=3D"ltr">> + * SPDX-License-Identifier: BSD-=
2-Clause<br></div><div dir=3D"ltr">> + *<br></div><div dir=
=3D"ltr">> + * Copyright (c) 2006 The NetBSD Foundation, I=
nc.<br></div><div dir=3D"ltr">> + * All rights reserved.<b=
r></div><div dir=3D"ltr">> + *<br></div><div dir=3D"ltr">&=
gt; + * This code is derived from software contributed to The=
NetBSD<br></div><div dir=3D"ltr">> Foundation<br></div><d=
iv dir=3D"ltr">> + * by Christos Zoulas.<br></div><div dir=
=3D"ltr">> + *<br></div><div dir=3D"ltr">> =
+ * Redistribution and use in source and binary forms, with or without<br=
></div><div dir=3D"ltr">> + * modification, are permitted =
provided that the following conditions<br></div><div dir=3D"ltr">> =
+ * are met:<br></div><div dir=3D"ltr">> + * 1. R=
edistributions of source code must retain the above copyright<br></div><div=
dir=3D"ltr">> + * notice, this list of condi=
tions and the following disclaimer.<br></div><div dir=3D"ltr">> &n=
bsp; + * 2. Redistributions in binary form must reproduce the above copyri=
ght<br></div><div dir=3D"ltr">> + * notice, t=
his list of conditions and the following disclaimer<br></div><div dir=3D"lt=
r">> in the<br></div><div dir=3D"ltr">> +=
* documentation and/or other materials provided with the<br><=
/div><div dir=3D"ltr">> distribution.<br></div><div dir=3D=
"ltr">> + *<br></div><div dir=3D"ltr">> +=
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND<br></div><d=
iv dir=3D"ltr">> CONTRIBUTORS<br></div><div dir=3D"ltr">&g=
t; + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLU=
DING, BUT<br></div><div dir=3D"ltr">> NOT LIMITED<br></div=
><div dir=3D"ltr">> + * TO, THE IMPLIED WARRANTIES OF MERC=
HANTABILITY AND FITNESS FOR A<br></div><div dir=3D"ltr">> =
PARTICULAR<br></div><div dir=3D"ltr">> + * PURPOSE ARE DIS=
CLAIMED. IN NO EVENT SHALL THE FOUNDATION OR<br></div><div dir=3D"ltr=
">> CONTRIBUTORS<br></div><div dir=3D"ltr">> &nbs=
p; + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,<br></div><=
div dir=3D"ltr">> EXEMPLARY, OR<br></div><div dir=3D"ltr">=
> + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO=
, PROCUREMENT OF<br></div><div dir=3D"ltr">> + * SUBSTITUT=
E GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR<br></div><div dir=3D=
"ltr">> BUSINESS<br></div><div dir=3D"ltr">> &nbs=
p; + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,<br></d=
iv><div dir=3D"ltr">> WHETHER IN<br></div><div dir=3D"ltr"=
>> + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGL=
IGENCE OR<br></div><div dir=3D"ltr">> OTHERWISE)<br></div>=
<div dir=3D"ltr">> + * ARISING IN ANY WAY OUT OF THE USE O=
F THIS SOFTWARE, EVEN IF<br></div><div dir=3D"ltr">> ADVIS=
ED OF THE<br></div><div dir=3D"ltr">> + * POSSIBILITY OF S=
UCH DAMAGE.<br></div><div dir=3D"ltr">> + */<br></div><div=
dir=3D"ltr">> +#include <sys/cdefs.h><br></div><div=
dir=3D"ltr">> +__RCSID("$NetBSD: snprintf_chk.c,v 1.5 200=
8/04/28 20:23:00 martin<br></div><div dir=3D"ltr">> Exp $"=
);<br></div><div dir=3D"ltr">> +<br></div><div dir=3D"ltr"=
>> +#include <stdarg.h><br></div><div dir=3D"ltr">&g=
t; +#include <stdio.h><br></div><div dir=3D"ltr">>&n=
bsp; +<br></div><div dir=3D"ltr">> +#include <s=
sp/stdio.h><br></div><div dir=3D"ltr">> +#undef vsnprin=
tf<br></div><div dir=3D"ltr">> +<br></div><div dir=3D"ltr"=
>> +int<br></div><div dir=3D"ltr">> +__sn=
printf_chk(char * __restrict buf, size_t len, int flags, size_t<br></div><d=
iv dir=3D"ltr">> slen,<br></div><div dir=3D"ltr">> =
; + const char * __restrict fmt, ...)<br></div><div di=
r=3D"ltr">> +{<br></div><div dir=3D"ltr">> =
+ va_list ap;<br></div><div dir=3D"ltr">> &nbs=
p; + int rv;<br></div><div dir=3D"ltr">> =
+<br></div><div dir=3D"ltr">> + if (le=
n > slen)<br></div><div dir=3D"ltr">> + &nbs=
p; __chk_fail();<br></div><div dir=3D"ltr">> &n=
bsp; +<br></div><div dir=3D"ltr">> + va=
_start(ap, fmt);<br></div><div dir=3D"ltr">> + =
rv =3D vsnprintf(buf, len, fmt, ap);<br></div><div dir=3D"ltr">>&=
nbsp; + va_end(ap);<br></div><div dir=3D"ltr">>=
; +<br></div><div dir=3D"ltr">> +  =
; return (rv);<br></div><div dir=3D"ltr">> +}<br></d=
iv><div dir=3D"ltr">> diff --git a/lib/libc/secure/sprintf=
_chk.c<br></div><div dir=3D"ltr">> b/lib/libc/secure/sprin=
tf_chk.c<br></div><div dir=3D"ltr">> new file mode 100644<=
br></div><div dir=3D"ltr">> index 000000000000..d4c42ccba3=
ce<br></div><div dir=3D"ltr">> --- /dev/null<br></div><div=
dir=3D"ltr">> +++ b/lib/libc/secure/sprintf_chk.c<br></di=
v><div dir=3D"ltr">> @@ -0,0 +1,61 @@<br></div><div dir=3D=
"ltr">> +/*-<br></div><div dir=3D"ltr">> =
+ *<br></div><div dir=3D"ltr">> + * SPDX-License-Identifie=
r: BSD-2-Clause<br></div><div dir=3D"ltr">> + *<br></div><=
div dir=3D"ltr">> + * Copyright (c) 2006 The NetBSD Founda=
tion, Inc.<br></div><div dir=3D"ltr">> + * All rights rese=
rved.<br></div><div dir=3D"ltr">> + *<br></div><div dir=3D=
"ltr">> + * This code is derived from software contributed=
to The NetBSD<br></div><div dir=3D"ltr">> Foundation<br><=
/div><div dir=3D"ltr">> *** 1063 LINES SKIPPED ***<br></di=
v><div dir=3D"ltr">> <br></div><div dir=3D"ltr">> <br></div></div>
</div>
</div></body></html>
------=_Part_1357399_2058372477.1716093599883--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1413980952.1357400.1716093599901>