diff options
author | Greg McGary <greg@mcgary.org> | 2000-07-07 02:19:06 +0000 |
---|---|---|
committer | Greg McGary <greg@mcgary.org> | 2000-07-07 02:19:06 +0000 |
commit | 4bbb61e414b377b647bcbff13dcd77cc323b3645 (patch) | |
tree | 6e0019e43e58a30861802991cb93f5d2d1f21ecf | |
parent | c0f53cdd08913ef09f9bb66fb1b14cd88598cff9 (diff) | |
download | glibc-4bbb61e414b377b647bcbff13dcd77cc323b3645.zip glibc-4bbb61e414b377b647bcbff13dcd77cc323b3645.tar.gz glibc-4bbb61e414b377b647bcbff13dcd77cc323b3645.tar.bz2 |
* sysdeps/generic/bp-checks.h (CHECK_SIGSET, CHECK_SIGSETopt):
New macros.
* sysdeps/generic/strcpy.c: Add bounds checks.
* sysdeps/unix/fxstat.c: Likewise.
* sysdeps/unix/xstat.c: Likewise.
* sysdeps/unix/common/lxstat.c: Likewise.
* sysdeps/unix/sysv/linux/aio_sigqueue.c: Likewise.
* sysdeps/unix/sysv/linux/execve.c: Likewise.
* sysdeps/unix/sysv/linux/fxstat.c: Likewise.
* sysdeps/unix/sysv/linux/fxstat64.c: Likewise.
* sysdeps/unix/sysv/linux/getcwd.c: Likewise.
* sysdeps/unix/sysv/linux/getdents.c: Likewise.
* sysdeps/unix/sysv/linux/llseek.c: Likewise.
* sysdeps/unix/sysv/linux/lxstat.c: Likewise.
* sysdeps/unix/sysv/linux/lxstat64.c: Likewise.
* sysdeps/unix/sysv/linux/poll.c: Likewise.
* sysdeps/unix/sysv/linux/pread.c: Likewise.
* sysdeps/unix/sysv/linux/pread64.c: Likewise.
* sysdeps/unix/sysv/linux/ptrace.c: Likewise.
* sysdeps/unix/sysv/linux/pwrite.c: Likewise.
* sysdeps/unix/sysv/linux/pwrite64.c: Likewise.
* sysdeps/unix/sysv/linux/readv.c: Likewise.
* sysdeps/unix/sysv/linux/sigaction.c: Likewise.
* sysdeps/unix/sysv/linux/sigpending.c: Likewise.
* sysdeps/unix/sysv/linux/sigprocmask.c: Likewise.
* sysdeps/unix/sysv/linux/sigqueue.c: Likewise.
* sysdeps/unix/sysv/linux/sigsuspend.c: Likewise.
* sysdeps/unix/sysv/linux/sigtimedwait.c: Likewise.
* sysdeps/unix/sysv/linux/sigwaitinfo.c: Likewise.
* sysdeps/unix/sysv/linux/sysctl.c: Likewise.
* sysdeps/unix/sysv/linux/truncate64.c: Likewise.
* sysdeps/unix/sysv/linux/ustat.c: Likewise.
* sysdeps/unix/sysv/linux/writev.c: Likewise.
* sysdeps/unix/sysv/linux/xmknod.c: Likewise.
* sysdeps/unix/sysv/linux/xstat.c: Likewise.
* sysdeps/unix/sysv/linux/xstat64.c: Likewise.
* sysdeps/unix/sysv/linux/arm/sigaction.c: Likewise.
* sysdeps/unix/sysv/linux/i386/brk.c: Likewise.
* sysdeps/unix/sysv/linux/i386/chown.c: Likewise.
* sysdeps/unix/sysv/linux/i386/fxstat.c: Likewise.
* sysdeps/unix/sysv/linux/i386/getgroups.c: Likewise.
* sysdeps/unix/sysv/linux/i386/getresgid.c: Likewise.
* sysdeps/unix/sysv/linux/i386/getresuid.c: Likewise.
* sysdeps/unix/sysv/linux/i386/getrlimit.c: Likewise.
* sysdeps/unix/sysv/linux/i386/lchown.c: Likewise.
* sysdeps/unix/sysv/linux/i386/lxstat.c: Likewise.
* sysdeps/unix/sysv/linux/i386/setgroups.c: Likewise.
* sysdeps/unix/sysv/linux/i386/setrlimit.c: Likewise.
* sysdeps/unix/sysv/linux/i386/sigaction.c: Likewise.
* sysdeps/unix/sysv/linux/i386/xstat.c: Likewise.
* sysdeps/unix/sysv/linux/ia64/fxstat.c: Likewise.
* sysdeps/unix/sysv/linux/ia64/lxstat.c: Likewise.
* sysdeps/unix/sysv/linux/ia64/sigaction.c: Likewise.
* sysdeps/unix/sysv/linux/ia64/sigpending.c: Likewise.
* sysdeps/unix/sysv/linux/ia64/sigprocmask.c: Likewise.
* sysdeps/unix/sysv/linux/ia64/sigsuspend.c: Likewise.
* sysdeps/unix/sysv/linux/ia64/xstat.c: Likewise.
* sysdeps/unix/sysv/linux/m68k/chown.c: Likewise.
* sysdeps/unix/sysv/linux/mips/pread.c: Likewise.
* sysdeps/unix/sysv/linux/mips/pread64.c: Likewise.
* sysdeps/unix/sysv/linux/mips/pwrite.c: Likewise.
* sysdeps/unix/sysv/linux/mips/pwrite64.c: Likewise.
* sysdeps/unix/sysv/linux/mips/truncate64.c: Likewise.
* sysdeps/unix/sysv/linux/mips/ustat.c: Likewise.
* sysdeps/unix/sysv/linux/mips/xmknod.c: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc32/mmap64.c: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/sigaction.c: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/sigpending.c: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/sigprocmask.c: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/sigsuspend.c: Likewise.
* sysdeps/generic/bp-checks.h (CHECK_SIGSET, CHECK_SIGSETopt):
New macros.
* sysdeps/generic/strcpy.c: Add bounds checks.
* sysdeps/unix/fxstat.c: Likewise.
* sysdeps/unix/xstat.c: Likewise.
* sysdeps/unix/common/lxstat.c: Likewise.
* sysdeps/unix/sysv/linux/aio_sigqueue.c: Likewise.
* sysdeps/unix/sysv/linux/execve.c: Likewise.
* sysdeps/unix/sysv/linux/fxstat.c: Likewise.
* sysdeps/unix/sysv/linux/fxstat64.c: Likewise.
* sysdeps/unix/sysv/linux/getcwd.c: Likewise.
* sysdeps/unix/sysv/linux/getdents.c: Likewise.
* sysdeps/unix/sysv/linux/llseek.c: Likewise.
* sysdeps/unix/sysv/linux/lxstat.c: Likewise.
* sysdeps/unix/sysv/linux/lxstat64.c: Likewise.
* sysdeps/unix/sysv/linux/poll.c: Likewise.
* sysdeps/unix/sysv/linux/pread.c: Likewise.
* sysdeps/unix/sysv/linux/pread64.c: Likewise.
* sysdeps/unix/sysv/linux/ptrace.c: Likewise.
* sysdeps/unix/sysv/linux/pwrite.c: Likewise.
* sysdeps/unix/sysv/linux/pwrite64.c: Likewise.
* sysdeps/unix/sysv/linux/readv.c: Likewise.
* sysdeps/unix/sysv/linux/sigaction.c: Likewise.
* sysdeps/unix/sysv/linux/sigpending.c: Likewise.
* sysdeps/unix/sysv/linux/sigprocmask.c: Likewise.
* sysdeps/unix/sysv/linux/sigqueue.c: Likewise.
* sysdeps/unix/sysv/linux/sigsuspend.c: Likewise.
* sysdeps/unix/sysv/linux/sigtimedwait.c: Likewise.
* sysdeps/unix/sysv/linux/sigwaitinfo.c: Likewise.
* sysdeps/unix/sysv/linux/sysctl.c: Likewise.
* sysdeps/unix/sysv/linux/truncate64.c: Likewise.
* sysdeps/unix/sysv/linux/ustat.c: Likewise.
* sysdeps/unix/sysv/linux/writev.c: Likewise.
* sysdeps/unix/sysv/linux/xmknod.c: Likewise.
* sysdeps/unix/sysv/linux/xstat.c: Likewise.
* sysdeps/unix/sysv/linux/xstat64.c: Likewise.
* sysdeps/unix/sysv/linux/arm/sigaction.c: Likewise.
* sysdeps/unix/sysv/linux/i386/brk.c: Likewise.
* sysdeps/unix/sysv/linux/i386/chown.c: Likewise.
* sysdeps/unix/sysv/linux/i386/fxstat.c: Likewise.
* sysdeps/unix/sysv/linux/i386/getgroups.c: Likewise.
* sysdeps/unix/sysv/linux/i386/getresgid.c: Likewise.
* sysdeps/unix/sysv/linux/i386/getresuid.c: Likewise.
* sysdeps/unix/sysv/linux/i386/getrlimit.c: Likewise.
* sysdeps/unix/sysv/linux/i386/lchown.c: Likewise.
* sysdeps/unix/sysv/linux/i386/lxstat.c: Likewise.
* sysdeps/unix/sysv/linux/i386/setgroups.c: Likewise.
* sysdeps/unix/sysv/linux/i386/setrlimit.c: Likewise.
* sysdeps/unix/sysv/linux/i386/sigaction.c: Likewise.
* sysdeps/unix/sysv/linux/i386/xstat.c: Likewise.
* sysdeps/unix/sysv/linux/ia64/fxstat.c: Likewise.
* sysdeps/unix/sysv/linux/ia64/lxstat.c: Likewise.
* sysdeps/unix/sysv/linux/ia64/sigaction.c: Likewise.
* sysdeps/unix/sysv/linux/ia64/sigpending.c: Likewise.
* sysdeps/unix/sysv/linux/ia64/sigprocmask.c: Likewise.
* sysdeps/unix/sysv/linux/ia64/sigsuspend.c: Likewise.
* sysdeps/unix/sysv/linux/ia64/xstat.c: Likewise.
* sysdeps/unix/sysv/linux/m68k/chown.c: Likewise.
* sysdeps/unix/sysv/linux/mips/pread.c: Likewise.
* sysdeps/unix/sysv/linux/mips/pread64.c: Likewise.
* sysdeps/unix/sysv/linux/mips/pwrite.c: Likewise.
* sysdeps/unix/sysv/linux/mips/pwrite64.c: Likewise.
* sysdeps/unix/sysv/linux/mips/truncate64.c: Likewise.
* sysdeps/unix/sysv/linux/mips/ustat.c: Likewise.
* sysdeps/unix/sysv/linux/mips/xmknod.c: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc32/mmap64.c: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/sigaction.c: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/sigpending.c: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/sigprocmask.c: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/sigsuspend.c: Likewise.
70 files changed, 561 insertions, 302 deletions
@@ -38,6 +38,77 @@ 2000-07-06 Greg McGary <greg@mcgary.org> + * sysdeps/generic/bp-checks.h (CHECK_SIGSET, CHECK_SIGSETopt): + New macros. + * sysdeps/generic/strcpy.c: Add bounds checks. + * sysdeps/unix/fxstat.c: Likewise. + * sysdeps/unix/xstat.c: Likewise. + * sysdeps/unix/common/lxstat.c: Likewise. + * sysdeps/unix/sysv/linux/aio_sigqueue.c: Likewise. + * sysdeps/unix/sysv/linux/execve.c: Likewise. + * sysdeps/unix/sysv/linux/fxstat.c: Likewise. + * sysdeps/unix/sysv/linux/fxstat64.c: Likewise. + * sysdeps/unix/sysv/linux/getcwd.c: Likewise. + * sysdeps/unix/sysv/linux/getdents.c: Likewise. + * sysdeps/unix/sysv/linux/llseek.c: Likewise. + * sysdeps/unix/sysv/linux/lxstat.c: Likewise. + * sysdeps/unix/sysv/linux/lxstat64.c: Likewise. + * sysdeps/unix/sysv/linux/poll.c: Likewise. + * sysdeps/unix/sysv/linux/pread.c: Likewise. + * sysdeps/unix/sysv/linux/pread64.c: Likewise. + * sysdeps/unix/sysv/linux/ptrace.c: Likewise. + * sysdeps/unix/sysv/linux/pwrite.c: Likewise. + * sysdeps/unix/sysv/linux/pwrite64.c: Likewise. + * sysdeps/unix/sysv/linux/readv.c: Likewise. + * sysdeps/unix/sysv/linux/sigaction.c: Likewise. + * sysdeps/unix/sysv/linux/sigpending.c: Likewise. + * sysdeps/unix/sysv/linux/sigprocmask.c: Likewise. + * sysdeps/unix/sysv/linux/sigqueue.c: Likewise. + * sysdeps/unix/sysv/linux/sigsuspend.c: Likewise. + * sysdeps/unix/sysv/linux/sigtimedwait.c: Likewise. + * sysdeps/unix/sysv/linux/sigwaitinfo.c: Likewise. + * sysdeps/unix/sysv/linux/sysctl.c: Likewise. + * sysdeps/unix/sysv/linux/truncate64.c: Likewise. + * sysdeps/unix/sysv/linux/ustat.c: Likewise. + * sysdeps/unix/sysv/linux/writev.c: Likewise. + * sysdeps/unix/sysv/linux/xmknod.c: Likewise. + * sysdeps/unix/sysv/linux/xstat.c: Likewise. + * sysdeps/unix/sysv/linux/xstat64.c: Likewise. + * sysdeps/unix/sysv/linux/arm/sigaction.c: Likewise. + * sysdeps/unix/sysv/linux/i386/brk.c: Likewise. + * sysdeps/unix/sysv/linux/i386/chown.c: Likewise. + * sysdeps/unix/sysv/linux/i386/fxstat.c: Likewise. + * sysdeps/unix/sysv/linux/i386/getgroups.c: Likewise. + * sysdeps/unix/sysv/linux/i386/getresgid.c: Likewise. + * sysdeps/unix/sysv/linux/i386/getresuid.c: Likewise. + * sysdeps/unix/sysv/linux/i386/getrlimit.c: Likewise. + * sysdeps/unix/sysv/linux/i386/lchown.c: Likewise. + * sysdeps/unix/sysv/linux/i386/lxstat.c: Likewise. + * sysdeps/unix/sysv/linux/i386/setgroups.c: Likewise. + * sysdeps/unix/sysv/linux/i386/setrlimit.c: Likewise. + * sysdeps/unix/sysv/linux/i386/sigaction.c: Likewise. + * sysdeps/unix/sysv/linux/i386/xstat.c: Likewise. + * sysdeps/unix/sysv/linux/ia64/fxstat.c: Likewise. + * sysdeps/unix/sysv/linux/ia64/lxstat.c: Likewise. + * sysdeps/unix/sysv/linux/ia64/sigaction.c: Likewise. + * sysdeps/unix/sysv/linux/ia64/sigpending.c: Likewise. + * sysdeps/unix/sysv/linux/ia64/sigprocmask.c: Likewise. + * sysdeps/unix/sysv/linux/ia64/sigsuspend.c: Likewise. + * sysdeps/unix/sysv/linux/ia64/xstat.c: Likewise. + * sysdeps/unix/sysv/linux/m68k/chown.c: Likewise. + * sysdeps/unix/sysv/linux/mips/pread.c: Likewise. + * sysdeps/unix/sysv/linux/mips/pread64.c: Likewise. + * sysdeps/unix/sysv/linux/mips/pwrite.c: Likewise. + * sysdeps/unix/sysv/linux/mips/pwrite64.c: Likewise. + * sysdeps/unix/sysv/linux/mips/truncate64.c: Likewise. + * sysdeps/unix/sysv/linux/mips/ustat.c: Likewise. + * sysdeps/unix/sysv/linux/mips/xmknod.c: Likewise. + * sysdeps/unix/sysv/linux/sparc/sparc32/mmap64.c: Likewise. + * sysdeps/unix/sysv/linux/sparc/sparc64/sigaction.c: Likewise. + * sysdeps/unix/sysv/linux/sparc/sparc64/sigpending.c: Likewise. + * sysdeps/unix/sysv/linux/sparc/sparc64/sigprocmask.c: Likewise. + * sysdeps/unix/sysv/linux/sparc/sparc64/sigsuspend.c: Likewise. + * string/endian.h (__LONG_LONG_PAIR): New macro. * sysdeps/unix/sysv/linux/ftruncate64.c: Use it. * sysdeps/unix/sysv/linux/pread.c: Likewise. diff --git a/sysdeps/generic/bp-checks.h b/sysdeps/generic/bp-checks.h index a7c54b4..ea71cf8 100644 --- a/sysdeps/generic/bp-checks.h +++ b/sysdeps/generic/bp-checks.h @@ -68,6 +68,9 @@ extern int __ubp_memchr (const char *__unbounded, int, unsigned); && BOUNDS_VIOLATED), \ __ptrvalue (ARG)) +# define CHECK_SIGSET(SET) CHECK_N ((SET), _NSIG / (8 * sizeof *(SET))) +# define CHECK_SIGSETopt(SET) CHECK_Nopt ((SET), _NSIG / (8 * sizeof *(SET))) + # else /* !__BOUNDED_POINTERS__ */ /* Do nothing if not compiling with -fbounded-pointers. */ @@ -80,6 +83,8 @@ extern int __ubp_memchr (const char *__unbounded, int, unsigned); # define CHECK_N(ARG, N) (ARG) # define CHECK_Nopt(ARG, N) (ARG) # define CHECK_STRING(ARG) (ARG) +# define CHECK_SIGSET(SET) (SET) +# define CHECK_SIGSETopt(SET) (SET) # endif /* !__BOUNDED_POINTERS__ */ diff --git a/sysdeps/generic/strcpy.c b/sysdeps/generic/strcpy.c index cb260cf..2317eba 100644 --- a/sysdeps/generic/strcpy.c +++ b/sysdeps/generic/strcpy.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1991, 1997 Free Software Foundation, Inc. +/* Copyright (C) 1991, 1997, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -19,6 +19,7 @@ #include <stddef.h> #include <string.h> #include <memcopy.h> +#include <bp-checks.h> #undef strcpy @@ -29,8 +30,9 @@ strcpy (dest, src) const char *src; { reg_char c; - char *s = (char *) src; - const ptrdiff_t off = dest - src - 1; + char *__unbounded s = (char *__unbounded) CHECK_BOUNDS_LOW (src); + const ptrdiff_t off = CHECK_BOUNDS_LOW (dest) - s - 1; + size_t n; do { @@ -39,5 +41,9 @@ strcpy (dest, src) } while (c != '\0'); + n = s - src; + CHECK_BOUNDS_HIGH (src + n); + CHECK_BOUNDS_HIGH (dest + n); + return dest; } diff --git a/sysdeps/unix/common/lxstat.c b/sysdeps/unix/common/lxstat.c index 378af22..e6ceffe 100644 --- a/sysdeps/unix/common/lxstat.c +++ b/sysdeps/unix/common/lxstat.c @@ -1,5 +1,5 @@ /* lxstat using old-style Unix lstat system call. - Copyright (C) 1991, 1995, 1996, 1997 Free Software Foundation, Inc. + Copyright (C) 1991, 1995, 1996, 1997, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -20,8 +20,9 @@ #include <errno.h> #include <stddef.h> #include <sys/stat.h> +#include <bp-checks.h> -extern int __syscall_lstat (const char *, struct stat *); +extern int __syscall_lstat (const char *__unbounded, struct stat *__unbounded); int __lxstat (int vers, const char *file, struct stat *buf) @@ -32,6 +33,6 @@ __lxstat (int vers, const char *file, struct stat *buf) return -1; } - return __syscall_lstat (file, buf); + return __syscall_lstat (CHECK_STRING (file), CHECK_1 (buf)); } weak_alias (__lxstat, _lxstat) diff --git a/sysdeps/unix/fxstat.c b/sysdeps/unix/fxstat.c index 7725768..377d9bb 100644 --- a/sysdeps/unix/fxstat.c +++ b/sysdeps/unix/fxstat.c @@ -1,5 +1,5 @@ /* fxstat using old-style Unix fstat system call. - Copyright (C) 1991, 1995, 1996, 1997 Free Software Foundation, Inc. + Copyright (C) 1991, 1995, 1996, 1997, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -20,8 +20,9 @@ #include <errno.h> #include <stddef.h> #include <sys/stat.h> +#include <bp-checks.h> -extern int __syscall_fstat (int, struct stat *); +extern int __syscall_fstat (int, struct stat *__unbounded); /* Get information about the file descriptor FD in BUF. */ int @@ -32,7 +33,7 @@ __fxstat (int vers, int fd, struct stat *buf) __set_errno (EINVAL); return -1; } - - return __syscall_fstat (fd, buf); + + return __syscall_fstat (fd, CHECK_1 (buf)); } weak_alias (__fxstat, _fxstat) diff --git a/sysdeps/unix/sysv/linux/aio_sigqueue.c b/sysdeps/unix/sysv/linux/aio_sigqueue.c index 6e53f87..5683784 100644 --- a/sysdeps/unix/sysv/linux/aio_sigqueue.c +++ b/sysdeps/unix/sysv/linux/aio_sigqueue.c @@ -28,7 +28,7 @@ #include "aio_misc.h" #ifdef __NR_rt_sigqueueinfo -extern int __syscall_rt_sigqueueinfo (int, int, siginfo_t *); +extern int __syscall_rt_sigqueueinfo (int, int, siginfo_t *__unbounded); /* Return any pending signal or wait for one for the given time. */ @@ -50,7 +50,8 @@ __aio_sigqueue (sig, val, caller_pid) info.si_uid = getuid (); info.si_value = val; - return INLINE_SYSCALL (rt_sigqueueinfo, 3, info.si_pid, sig, &info); + return INLINE_SYSCALL (rt_sigqueueinfo, 3, info.si_pid, + sig, __ptrvalue (&info)); } #else # include <sysdeps/generic/aio_sigqueue.c> diff --git a/sysdeps/unix/sysv/linux/arm/sigaction.c b/sysdeps/unix/sysv/linux/arm/sigaction.c index ae8b7f8..5be2fff 100644 --- a/sysdeps/unix/sysv/linux/arm/sigaction.c +++ b/sysdeps/unix/sysv/linux/arm/sigaction.c @@ -28,10 +28,10 @@ translate it here. */ #include <kernel_sigaction.h> -extern int __syscall_sigaction (int, const struct old_kernel_sigaction *, - struct old_kernel_sigaction *); -extern int __syscall_rt_sigaction (int, const struct kernel_sigaction *, - struct kernel_sigaction *, size_t); +extern int __syscall_sigaction (int, const struct old_kernel_sigaction *__unbounded, + struct old_kernel_sigaction *__unbounded); +extern int __syscall_rt_sigaction (int, const struct kernel_sigaction *__unbounded, + struct kernel_sigaction *__unbounded, size_t); /* The variable is shared between all wrappers around signal handling functions which have RT equivalents. */ @@ -95,8 +95,9 @@ __libc_sigaction (sig, act, oact) /* XXX The size argument hopefully will have to be changed to the real size of the user-level sigset_t. */ - result = INLINE_SYSCALL (rt_sigaction, 4, sig, act ? &kact : NULL, - oact ? &koact : NULL, _NSIG / 8); + result = INLINE_SYSCALL (rt_sigaction, 4, sig, + act ? __ptrvalue (&kact) : NULL, + oact ? __ptrvalue (&koact) : NULL, _NSIG / 8); if (result >= 0 || errno != ENOSYS) { @@ -133,8 +134,9 @@ __libc_sigaction (sig, act, oact) } #endif } - result = INLINE_SYSCALL (sigaction, 3, sig, act ? &k_sigact : NULL, - oact ? &k_osigact : NULL); + result = INLINE_SYSCALL (sigaction, 3, sig, + act ? __ptrvalue (&k_sigact) : NULL, + oact ? __ptrvalue (&k_osigact) : NULL); if (oact && result >= 0) { oact->sa_handler = k_osigact.k_sa_handler; diff --git a/sysdeps/unix/sysv/linux/execve.c b/sysdeps/unix/sysv/linux/execve.c index 89620ed..31277d0 100644 --- a/sysdeps/unix/sysv/linux/execve.c +++ b/sysdeps/unix/sysv/linux/execve.c @@ -21,9 +21,11 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> -extern int __syscall_execve (const char *file, char *const argv[], - char *const envp[]); +extern int __syscall_execve (const char *__unbounded file, + char *__unbounded const *__unbounded argv, + char *__unbounded const *__unbounded envp); extern void __pthread_kill_other_threads_np (void); weak_extern (__pthread_kill_other_threads_np) @@ -37,7 +39,32 @@ __execve (file, argv, envp) /* If this is a threaded application kill all other threads. */ if (__pthread_kill_other_threads_np) __pthread_kill_other_threads_np (); +#if __BOUNDED_POINTERS__ + { + char **v; + int i; + char *__unbounded *__unbounded ubp_argv; + char *__unbounded *__unbounded ubp_envp; + char *__unbounded *__unbounded ubp_v; + for (v = argv; *v; v++) + ; + i = v - argv + 1; + ubp_argv = (char *__unbounded *__unbounded) alloca (sizeof (*ubp_argv) * i); + for (v = argv, ubp_v = ubp_argv; i--; v++, ubp_v++) + *ubp_v = CHECK_STRING (*v); + + for (v = envp; *v; v++) + ; + i = v - envp + 1; + ubp_envp = (char *__unbounded *__unbounded) alloca (sizeof (*ubp_envp) * i); + for (v = envp, ubp_v = ubp_envp; i--; v++, ubp_v++) + *ubp_v = CHECK_STRING (*v); + + return INLINE_SYSCALL (execve, 3, CHECK_STRING (file), ubp_argv, ubp_envp); + } +#else return INLINE_SYSCALL (execve, 3, file, argv, envp); +#endif } weak_alias (__execve, execve) diff --git a/sysdeps/unix/sysv/linux/fxstat.c b/sysdeps/unix/sysv/linux/fxstat.c index 99074f9..a80621f 100644 --- a/sysdeps/unix/sysv/linux/fxstat.c +++ b/sysdeps/unix/sysv/linux/fxstat.c @@ -1,5 +1,5 @@ /* fxstat using old-style Unix fstat system call. - Copyright (C) 1991, 1995, 1996, 1997, 1998 Free Software Foundation, Inc. + Copyright (C) 1991, 1995, 1996, 1997, 1998, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -28,10 +28,11 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #include <xstatconv.c> -extern int __syscall_fstat (int, struct kernel_stat *); +extern int __syscall_fstat (int, struct kernel_stat *__unbounded); /* Get information about the file FD in BUF. */ int @@ -41,11 +42,9 @@ __fxstat (int vers, int fd, struct stat *buf) int result; if (vers == _STAT_VER_KERNEL) - { - return INLINE_SYSCALL (fstat, 2, fd, (struct kernel_stat *) buf); - } + return INLINE_SYSCALL (fstat, 2, fd, CHECK_1 ((struct kernel_stat *) buf)); - result = INLINE_SYSCALL (fstat, 2, fd, &kbuf); + result = INLINE_SYSCALL (fstat, 2, fd, __ptrvalue (&kbuf)); if (result == 0) result = xstat_conv (vers, &kbuf, buf); diff --git a/sysdeps/unix/sysv/linux/fxstat64.c b/sysdeps/unix/sysv/linux/fxstat64.c index 1731818..3cd21d4 100644 --- a/sysdeps/unix/sysv/linux/fxstat64.c +++ b/sysdeps/unix/sysv/linux/fxstat64.c @@ -1,5 +1,5 @@ /* fxstat64 using old-style Unix fstat system call. - Copyright (C) 1997, 1998, 1999 Free Software Foundation, Inc. + Copyright (C) 1997, 1998, 1999, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -24,16 +24,18 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> + #include "kernel-features.h" #if __ASSUME_STAT64_SYSCALL == 0 # include <xstatconv.c> #endif -extern int __syscall_fstat (int, struct kernel_stat *); +extern int __syscall_fstat (int, struct kernel_stat *__unbounded); #ifdef __NR_fstat64 -extern int __syscall_fstat64 (int, struct stat64 *); +extern int __syscall_fstat64 (int, struct stat64 *__unbounded); # if __ASSUME_STAT64_SYSCALL == 0 /* The variable is shared between all wrappers around *stat64 calls. */ extern int __have_no_stat64; @@ -45,7 +47,7 @@ int __fxstat64 (int vers, int fd, struct stat64 *buf) { #if __ASSUME_STAT64_SYSCALL > 0 - return INLINE_SYSCALL (fstat64, 2, fd, buf); + return INLINE_SYSCALL (fstat64, 2, fd, CHECK_1 (buf)); #else int result; struct kernel_stat kbuf; @@ -53,7 +55,7 @@ __fxstat64 (int vers, int fd, struct stat64 *buf) if (! __have_no_stat64) { int saved_errno = errno; - result = INLINE_SYSCALL (fstat64, 2, fd, buf); + result = INLINE_SYSCALL (fstat64, 2, fd, CHECK_1 (buf)); if (result != -1 || errno != ENOSYS) return result; @@ -62,7 +64,7 @@ __fxstat64 (int vers, int fd, struct stat64 *buf) __have_no_stat64 = 1; } # endif - result = INLINE_SYSCALL (fstat, 2, fd, &kbuf); + result = INLINE_SYSCALL (fstat, 2, fd, __ptrvalue (&kbuf)); if (result == 0) result = xstat64_conv (vers, &kbuf, buf); diff --git a/sysdeps/unix/sysv/linux/getcwd.c b/sysdeps/unix/sysv/linux/getcwd.c index cc7b987..6c68955 100644 --- a/sysdeps/unix/sysv/linux/getcwd.c +++ b/sysdeps/unix/sysv/linux/getcwd.c @@ -1,5 +1,5 @@ /* Determine current working directory. Linux version. - Copyright (C) 1997, 1998, 1999 Free Software Foundation, Inc. + Copyright (C) 1997, 1998, 1999, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Ulrich Drepper <drepper@cygnus.com>, 1997. @@ -26,6 +26,7 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #include "kernel-features.h" @@ -34,7 +35,7 @@ /* Kernel 2.1.92 introduced a third way to get the current working directory: a syscall. We've got to be careful that even when compiling under 2.1.92+ the libc still runs under older kernels. */ -extern int __syscall_getcwd (char *buf, unsigned long size); +extern int __syscall_getcwd (char *__unbounded buf, unsigned long size); # define no_syscall_getcwd 0 # define have_new_dcache 1 /* This is a trick since we don't define generic_getcwd. */ @@ -51,7 +52,7 @@ static char *generic_getcwd (char *buf, size_t size) internal_function; /* Kernel 2.1.92 introduced a third way to get the current working directory: a syscall. We've got to be careful that even when compiling under 2.1.92+ the libc still runs under older kernels. */ -extern int __syscall_getcwd (char *buf, unsigned long size); +extern int __syscall_getcwd (char *__unbounded buf, unsigned long size); static int no_syscall_getcwd; static int have_new_dcache; # else @@ -99,7 +100,7 @@ __getcwd (char *buf, size_t size) { int retval; - retval = INLINE_SYSCALL (getcwd, 2, path, alloc_size); + retval = INLINE_SYSCALL (getcwd, 2, CHECK_STRING (path), alloc_size); if (retval >= 0) { if (buf == NULL) diff --git a/sysdeps/unix/sysv/linux/getdents.c b/sysdeps/unix/sysv/linux/getdents.c index 5f1e7c1..0f16683 100644 --- a/sysdeps/unix/sysv/linux/getdents.c +++ b/sysdeps/unix/sysv/linux/getdents.c @@ -28,13 +28,13 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #include <linux/posix_types.h> #define offsetof(TYPE, MEMBER) ((size_t) &((TYPE *)0)->MEMBER) - -extern int __syscall_getdents (int fd, char *buf, size_t nbytes); +extern int __syscall_getdents (int fd, char *__unbounded buf, size_t nbytes); /* For Linux we need a special version of this file since the definition of `struct dirent' is not the same for the kernel and @@ -84,7 +84,8 @@ __getdents (int fd, char *buf, size_t nbytes) dp = (struct dirent *) buf; skdp = kdp = __alloca (red_nbytes); - retval = INLINE_SYSCALL (getdents, 3, fd, (char *) kdp, red_nbytes); + retval = INLINE_SYSCALL (getdents, 3, fd, + CHECK_N ((char *) kdp, red_nbytes), red_nbytes); if (retval == -1) return -1; diff --git a/sysdeps/unix/sysv/linux/i386/brk.c b/sysdeps/unix/sysv/linux/i386/brk.c index 5bb9d59..e528b9b 100644 --- a/sysdeps/unix/sysv/linux/i386/brk.c +++ b/sysdeps/unix/sysv/linux/i386/brk.c @@ -1,5 +1,5 @@ /* brk system call for Linux/i386. - Copyright (C) 1995, 1996 Free Software Foundation, Inc. + Copyright (C) 1995, 1996, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -21,6 +21,8 @@ #include <unistd.h> #include <sysdep.h> +#include <bp-checks.h> + /* This must be initialized data because commons can't have aliases. */ void *__curbrk = 0; @@ -32,14 +34,14 @@ weak_alias (__curbrk, ___brk_addr) int __brk (void *addr) { - void *newbrk, *scratch; + void *__unbounded newbrk, *__unbounded scratch; asm ("movl %%ebx, %1\n" /* Save %ebx in scratch register. */ "movl %3, %%ebx\n" /* Put ADDR in %ebx to be syscall arg. */ "int $0x80 # %2\n" /* Perform the system call. */ "movl %1, %%ebx\n" /* Restore %ebx from scratch register. */ : "=a" (newbrk), "=r" (scratch) - : "0" (SYS_ify (brk)), "g" (addr)); + : "0" (SYS_ify (brk)), "g" (__ptrvalue (addr))); __curbrk = newbrk; diff --git a/sysdeps/unix/sysv/linux/i386/chown.c b/sysdeps/unix/sysv/linux/i386/chown.c index 1dce314..ce44338 100644 --- a/sysdeps/unix/sysv/linux/i386/chown.c +++ b/sysdeps/unix/sysv/linux/i386/chown.c @@ -21,11 +21,11 @@ #include <sysdep.h> #include <sys/syscall.h> - -#include <kernel-features.h> -#include <linux/posix_types.h> #include <shlib-compat.h> +#include <bp-checks.h> +#include <linux/posix_types.h> +#include "kernel-features.h" /* In Linux 2.1.x the chown functions have been changed. A new function lchown @@ -68,7 +68,7 @@ __real_chown (const char *file, uid_t owner, gid_t group) int result; int saved_errno = errno; - result = INLINE_SYSCALL (chown32, 3, file, owner, group); + result = INLINE_SYSCALL (chown32, 3, CHECK_STRING (file), owner, group); if (result == 0 || errno != ENOSYS) return result; @@ -83,7 +83,7 @@ __real_chown (const char *file, uid_t owner, gid_t group) return -1; } - result = INLINE_SYSCALL (chown, 3, file, owner, group); + result = INLINE_SYSCALL (chown, 3, CHECK_STRING (file), owner, group); if (result >= 0 || errno != ENOSYS) return result; @@ -95,7 +95,7 @@ __real_chown (const char *file, uid_t owner, gid_t group) return __lchown (file, owner, group); # elif __ASSUME_32BITUIDS /* This implies __ASSUME_LCHOWN_SYSCALL. */ - return INLINE_SYSCALL (chown32, 3, file, owner, group); + return INLINE_SYSCALL (chown32, 3, CHECK_STRING (file), owner, group); # else /* !__ASSUME_32BITUIDS && ASSUME_LCHOWN_SYSCALL */ # ifdef __NR_chown32 @@ -104,7 +104,7 @@ __real_chown (const char *file, uid_t owner, gid_t group) int result; int saved_errno = errno; - result = INLINE_SYSCALL (chown32, 3, file, owner, group); + result = INLINE_SYSCALL (chown32, 3, CHECK_STRING (file), owner, group); if (result == 0 || errno != ENOSYS) return result; @@ -119,7 +119,7 @@ __real_chown (const char *file, uid_t owner, gid_t group) return -1; } - return INLINE_SYSCALL (chown, 3, file, owner, group); + return INLINE_SYSCALL (chown, 3, CHECK_STRING (file), owner, group); # endif } #endif @@ -130,7 +130,7 @@ __real_chown (const char *file, uid_t owner, gid_t group) int __chown_is_lchown (const char *file, uid_t owner, gid_t group) { - return INLINE_SYSCALL (chown, 3, file, owner, group); + return INLINE_SYSCALL (chown, 3, CHECK_STRING (file), owner, group); } #elif SHLIB_COMPAT (libc, GLIBC_2_0, GLIBC_2_1) /* Compiling for compatibiity. */ diff --git a/sysdeps/unix/sysv/linux/i386/fxstat.c b/sysdeps/unix/sysv/linux/i386/fxstat.c index c4e24cf..e88570c6 100644 --- a/sysdeps/unix/sysv/linux/i386/fxstat.c +++ b/sysdeps/unix/sysv/linux/i386/fxstat.c @@ -28,14 +28,16 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> + #include "kernel-features.h" #include <xstatconv.c> -extern int __syscall_fstat (int, struct kernel_stat *); +extern int __syscall_fstat (int, struct kernel_stat *__unbounded); #ifdef __NR_stat64 -extern int __syscall_fstat64 (int, struct stat64 *); +extern int __syscall_fstat64 (int, struct stat64 *__unbounded); # if __ASSUME_STAT64_SYSCALL == 0 /* The variable is shared between all wrappers around *stat64 calls. */ extern int __have_no_stat64; @@ -52,14 +54,13 @@ __fxstat (int vers, int fd, struct stat *buf) int result; if (vers == _STAT_VER_KERNEL) - { - return INLINE_SYSCALL (fstat, 2, fd, (struct kernel_stat *) buf); - } + return INLINE_SYSCALL (fstat, 2, fd, CHECK_1 ((struct kernel_stat *) buf)); + #if __ASSUME_STAT64_SYSCALL > 0 { struct stat64 buf64; - result = INLINE_SYSCALL (fstat64, 2, fd, &buf64); + result = INLINE_SYSCALL (fstat64, 2, fd, __ptrvalue (&buf64)); if (result == 0) result = xstat32_conv (vers, &buf64, buf); return result; @@ -73,19 +74,19 @@ __fxstat (int vers, int fd, struct stat *buf) { struct stat64 buf64; - result = INLINE_SYSCALL (fstat64, 2, fd, &buf64); + result = INLINE_SYSCALL (fstat64, 2, fd, __ptrvalue (&buf64)); if (result == 0) result = xstat32_conv (vers, &buf64, buf); - + if (result != -1 || errno != ENOSYS) return result; __have_no_stat64 = 1; } -# endif +# endif - result = INLINE_SYSCALL (fstat, 2, fd, &kbuf); + result = INLINE_SYSCALL (fstat, 2, fd, __ptrvalue (&kbuf)); if (result == 0) result = xstat_conv (vers, &kbuf, buf); diff --git a/sysdeps/unix/sysv/linux/i386/getgroups.c b/sysdeps/unix/sysv/linux/i386/getgroups.c index 071be4f..2efe341 100644 --- a/sysdeps/unix/sysv/linux/i386/getgroups.c +++ b/sysdeps/unix/sysv/linux/i386/getgroups.c @@ -23,14 +23,16 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> + #include <linux/posix_types.h> #include <kernel-features.h> -extern int __syscall_getgroups(int, __kernel_gid_t *); +extern int __syscall_getgroups (int, __kernel_gid_t *__unbounded); #ifdef __NR_getgroups32 -extern int __syscall_getgroups32 (int, __kernel_gid32_t *); +extern int __syscall_getgroups32 (int, __kernel_gid32_t *__unbounded); # if __ASSUME_32BITUIDS == 0 /* This variable is shared with all files that need to check for 32bit uids. */ @@ -51,7 +53,7 @@ __getgroups (int n, gid_t *groups) else { #if __ASSUME_32BITUIDS > 0 - return INLINE_SYSCALL (getgroups32, 2, n, groups); + return INLINE_SYSCALL (getgroups32, 2, n, CHECK_N (groups, n)); #else int i, ngids; __kernel_gid_t kernel_groups[n = MIN (n, __sysconf (_SC_NGROUPS_MAX))]; @@ -61,7 +63,7 @@ __getgroups (int n, gid_t *groups) int result; int saved_errno = errno; - result = INLINE_SYSCALL (getgroups32, 2, n, groups); + result = INLINE_SYSCALL (getgroups32, 2, n, CHECK_N (groups, n)); if (result == 0 || errno != ENOSYS) return result; @@ -70,11 +72,10 @@ __getgroups (int n, gid_t *groups) } # endif /* __NR_getgroups32 */ - ngids = INLINE_SYSCALL (getgroups, 2, n, kernel_groups); + ngids = INLINE_SYSCALL (getgroups, 2, n, CHECK_N (kernel_groups, n)); if (n != 0 && ngids > 0) for (i = 0; i < ngids; i++) - groups[i] = kernel_groups[i]; - + (__ptrvalue (groups))[i] = kernel_groups[i]; return ngids; #endif } diff --git a/sysdeps/unix/sysv/linux/i386/getresgid.c b/sysdeps/unix/sysv/linux/i386/getresgid.c index f4bd14d..da07372 100644 --- a/sysdeps/unix/sysv/linux/i386/getresgid.c +++ b/sysdeps/unix/sysv/linux/i386/getresgid.c @@ -24,16 +24,20 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> + #include "kernel-features.h" #ifdef __NR_getresgid -extern int __syscall_getresgid (__kernel_gid_t *rgid, __kernel_gid_t *egid, - __kernel_gid_t *sgid); +extern int __syscall_getresgid (__kernel_gid_t *__unbounded rgid, + __kernel_gid_t *__unbounded egid, + __kernel_gid_t *__unbounded sgid); # ifdef __NR_getresgid32 -extern int __syscall_getresgid32 (__kernel_gid32_t *rgid, __kernel_gid32_t *egid, - __kernel_gid32_t *sgid); +extern int __syscall_getresgid32 (__kernel_gid32_t *__unbounded rgid, + __kernel_gid32_t *__unbounded egid, + __kernel_gid32_t *__unbounded sgid); # if __ASSUME_32BITUIDS == 0 /* This variable is shared with all files that need to check for 32bit @@ -47,8 +51,9 @@ int getresgid (gid_t *rgid, gid_t *egid, gid_t *sgid) { # if __ASSUME_32BITUIDS > 0 - return INLINE_SYSCALL (getresgid32, 3, rgid, egid, sgid); -# else + return INLINE_SYSCALL (getresgid32, 3, CHECK_1 (rgid), + CHECK_1 (egid), CHECK_1 (sgid)); +# else __kernel_gid_t k_rgid, k_egid, k_sgid; int result; # ifdef __NR_getresgid32 @@ -57,7 +62,8 @@ getresgid (gid_t *rgid, gid_t *egid, gid_t *sgid) int r; int saved_errno = errno; - r = INLINE_SYSCALL (getresgid32, 3, rgid, egid, sgid); + r = INLINE_SYSCALL (getresgid32, 3, CHECK_1 (rgid), + CHECK_1 (egid), CHECK_1 (sgid)); if (r == 0 || errno != ENOSYS) return r; @@ -66,7 +72,8 @@ getresgid (gid_t *rgid, gid_t *egid, gid_t *sgid) } # endif /* __NR_getresgid32 */ - result = INLINE_SYSCALL (getresgid, 3, &k_rgid, &k_egid, &k_sgid); + result = INLINE_SYSCALL (getresgid, 3, __ptrvalue (&k_rgid), + __ptrvalue (&k_egid), __ptrvalue (&k_sgid)); if (result == 0) { diff --git a/sysdeps/unix/sysv/linux/i386/getresuid.c b/sysdeps/unix/sysv/linux/i386/getresuid.c index 27eca40..0f9c064 100644 --- a/sysdeps/unix/sysv/linux/i386/getresuid.c +++ b/sysdeps/unix/sysv/linux/i386/getresuid.c @@ -24,17 +24,20 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #include "kernel-features.h" #ifdef __NR_getresuid -extern int __syscall_getresuid (__kernel_uid_t *ruid, __kernel_uid_t *euid, - __kernel_uid_t *suid); +extern int __syscall_getresuid (__kernel_uid_t *__unbounded ruid, + __kernel_uid_t *__unbounded euid, + __kernel_uid_t *__unbounded suid); # ifdef __NR_getresuid32 -extern int __syscall_getresuid32 (__kernel_uid32_t *ruid, __kernel_uid32_t *euid, - __kernel_uid32_t *suid); +extern int __syscall_getresuid32 (__kernel_uid32_t *__unbounded ruid, + __kernel_uid32_t *__unbounded euid, + __kernel_uid32_t *__unbounded suid); # if __ASSUME_32BITUIDS == 0 /* This variable is shared with all files that need to check for 32bit uids. */ @@ -46,7 +49,8 @@ int getresuid (uid_t *ruid, uid_t *euid, uid_t *suid) { # if __ASSUME_32BITUIDS > 0 - return INLINE_SYSCALL (getresuid32, 3, ruid, euid, suid); + return INLINE_SYSCALL (getresuid32, 3, CHECK_1 (ruid), + CHECK_1 (euid), CHECK_1 (suid)); # else __kernel_uid_t k_ruid, k_euid, k_suid; int result; @@ -56,7 +60,8 @@ getresuid (uid_t *ruid, uid_t *euid, uid_t *suid) int r; int saved_errno = errno; - r = INLINE_SYSCALL (getresuid32, 3, ruid, euid, suid); + r = INLINE_SYSCALL (getresuid32, 3, CHECK_1 (ruid), + CHECK_1 (euid), CHECK_1 (suid)); if (r == 0 || errno != ENOSYS) return r; @@ -65,7 +70,8 @@ getresuid (uid_t *ruid, uid_t *euid, uid_t *suid) } # endif /* __NR_getresuid32 */ - result = INLINE_SYSCALL (getresuid, 3, &k_ruid, &k_euid, &k_suid); + result = INLINE_SYSCALL (getresuid, 3, __ptrvalue (&k_ruid), + __ptrvalue (&k_euid), __ptrvalue (&k_suid)); if (result == 0) { diff --git a/sysdeps/unix/sysv/linux/i386/getrlimit.c b/sysdeps/unix/sysv/linux/i386/getrlimit.c index c1af81b..33d011a 100644 --- a/sysdeps/unix/sysv/linux/i386/getrlimit.c +++ b/sysdeps/unix/sysv/linux/i386/getrlimit.c @@ -22,11 +22,14 @@ #include <sysdep.h> #include <sys/syscall.h> #include <shlib-compat.h> +#include <bp-checks.h> + #include "kernel-features.h" extern int __syscall_ugetrlimit (unsigned int resource, - struct rlimit *rlimits); -extern int __syscall_getrlimit (unsigned int resource, struct rlimit *rlimits); + struct rlimit *__unbounded rlimits); +extern int __syscall_getrlimit (unsigned int resource, + struct rlimit *__unbounded rlimits); /* Linux 2.3.25 introduced a new system call since the types used for the limits are now unsigned. */ @@ -38,14 +41,14 @@ int __new_getrlimit (enum __rlimit_resource resource, struct rlimit *rlimits) { #ifdef __ASSUME_NEW_GETRLIMIT_SYSCALL - return INLINE_SYSCALL (ugetrlimit, 2, resource, rlimits); + return INLINE_SYSCALL (ugetrlimit, 2, resource, CHECK_1 (rlimits)); #else int result; # ifdef __NR_ugetrlimit if (__have_no_new_getrlimit <= 0) { - result = INLINE_SYSCALL (ugetrlimit, 2, resource, rlimits); + result = INLINE_SYSCALL (ugetrlimit, 2, resource, CHECK_1 (rlimits)); /* If the system call is available remember this fact and return. */ if (result != -1 || errno != ENOSYS) @@ -60,7 +63,7 @@ __new_getrlimit (enum __rlimit_resource resource, struct rlimit *rlimits) # endif /* Fall back to the old system call. */ - result = INLINE_SYSCALL (getrlimit, 2, resource, rlimits); + result = INLINE_SYSCALL (getrlimit, 2, resource, CHECK_1 (rlimits)); if (result == -1) return result; diff --git a/sysdeps/unix/sysv/linux/i386/lchown.c b/sysdeps/unix/sysv/linux/i386/lchown.c index 6e2bb9d..848978e 100644 --- a/sysdeps/unix/sysv/linux/i386/lchown.c +++ b/sysdeps/unix/sysv/linux/i386/lchown.c @@ -21,16 +21,17 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #include <linux/posix_types.h> #include "kernel-features.h" #ifdef __NR_lchown -extern int __syscall_lchown (const char *__file, +extern int __syscall_lchown (const char *__unbounded __file, __kernel_uid_t __owner, __kernel_gid_t __group); # ifdef __NR_lchown32 -extern int __syscall_lchown32 (const char *__file, +extern int __syscall_lchown32 (const char *__unbounded __file, __kernel_uid32_t __owner, __kernel_gid32_t __group); # if __ASSUME_32BITUIDS == 0 /* This variable is shared with all files that need to check for 32bit @@ -43,7 +44,7 @@ int __lchown (const char *file, uid_t owner, gid_t group) { # if __ASSUME_32BITUIDS > 0 - return INLINE_SYSCALL (lchown32, 3, file, owner, group); + return INLINE_SYSCALL (lchown32, 3, CHECK_STRING (file), owner, group); # else # ifdef __NR_lchown32 if (__libc_missing_32bit_uids <= 0) @@ -51,7 +52,7 @@ __lchown (const char *file, uid_t owner, gid_t group) int result; int saved_errno = errno; - result = INLINE_SYSCALL (lchown32, 3, file, owner, group); + result = INLINE_SYSCALL (lchown32, 3, CHECK_STRING (file), owner, group); if (result == 0 || errno != ENOSYS) return result; @@ -67,7 +68,7 @@ __lchown (const char *file, uid_t owner, gid_t group) return -1; } - return INLINE_SYSCALL (lchown, 3, file, owner, group); + return INLINE_SYSCALL (lchown, 3, CHECK_STRING (file), owner, group); # endif } diff --git a/sysdeps/unix/sysv/linux/i386/lxstat.c b/sysdeps/unix/sysv/linux/i386/lxstat.c index ee89ec1..e42dcfe 100644 --- a/sysdeps/unix/sysv/linux/i386/lxstat.c +++ b/sysdeps/unix/sysv/linux/i386/lxstat.c @@ -28,14 +28,18 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> + #include "kernel-features.h" #include <xstatconv.c> -extern int __syscall_lstat (const char *, struct kernel_stat *); +extern int __syscall_lstat (const char *__unbounded, + struct kernel_stat *__unbounded); #ifdef __NR_stat64 -extern int __syscall_lstat64 (const char *, struct stat64 *); +extern int __syscall_lstat64 (const char *__unbounded, + struct stat64 *__unbounded); # if __ASSUME_STAT64_SYSCALL == 0 /* The variable is shared between all wrappers around *stat64 calls. */ extern int __have_no_stat64; @@ -53,15 +57,13 @@ __lxstat (int vers, const char *name, struct stat *buf) int result; if (vers == _STAT_VER_KERNEL) - { - return INLINE_SYSCALL (lstat, 2, name, (struct kernel_stat *) buf); - } + return INLINE_SYSCALL (lstat, 2, CHECK_STRING (name), CHECK_1 ((struct kernel_stat *) buf)); #if __ASSUME_STAT64_SYSCALL > 0 { struct stat64 buf64; - result = INLINE_SYSCALL (lstat64, 2, name, &buf64); + result = INLINE_SYSCALL (lstat64, 2, CHECK_STRING (name), __ptrvalue (&buf64)); if (result == 0) result = xstat32_conv (vers, &buf64, buf); return result; @@ -74,7 +76,7 @@ __lxstat (int vers, const char *name, struct stat *buf) if (! __have_no_stat64) { struct stat64 buf64; - result = INLINE_SYSCALL (lstat64, 2, name, &buf64); + result = INLINE_SYSCALL (lstat64, 2, CHECK_STRING (name), __ptrvalue (&buf64)); if (result == 0) result = xstat32_conv (vers, &buf64, buf); @@ -84,9 +86,9 @@ __lxstat (int vers, const char *name, struct stat *buf) __have_no_stat64 = 1; } -# endif - - result = INLINE_SYSCALL (lstat, 2, name, &kbuf); +# endif + + result = INLINE_SYSCALL (lstat, 2, CHECK_STRING (name), __ptrvalue (&kbuf)); if (result == 0) result = xstat_conv (vers, &kbuf, buf); diff --git a/sysdeps/unix/sysv/linux/i386/setgroups.c b/sysdeps/unix/sysv/linux/i386/setgroups.c index 5e73352..a2553b6 100644 --- a/sysdeps/unix/sysv/linux/i386/setgroups.c +++ b/sysdeps/unix/sysv/linux/i386/setgroups.c @@ -23,14 +23,16 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> + #include <linux/posix_types.h> #include "kernel-features.h" -extern int __syscall_setgroups (int, const __kernel_gid_t *); +extern int __syscall_setgroups (int, const __kernel_gid_t *__unbounded); #ifdef __NR_setgroups32 -extern int __syscall_setgroups32 (int, const __kernel_gid32_t *); +extern int __syscall_setgroups32 (int, const __kernel_gid32_t *__unbounded); # if __ASSUME_32BITUIDS == 0 /* This variable is shared with all files that need to check for 32bit uids. */ @@ -52,17 +54,18 @@ setgroups (size_t n, const gid_t *groups) else { #if __ASSUME_32BITUIDS > 0 - return INLINE_SYSCALL (setgroups32, 2, n, groups); + return INLINE_SYSCALL (setgroups32, 2, n, CHECK_N (groups, n)); #else size_t i; __kernel_gid_t kernel_groups[n]; + # ifdef __NR_setgroups32 if (__libc_missing_32bit_uids <= 0) { int result; int saved_errno = errno; - result = INLINE_SYSCALL (setgroups32, 2, n, groups); + result = INLINE_SYSCALL (setgroups32, 2, n, CHECK_N (groups, n)); if (result == 0 || errno != ENOSYS) return result; @@ -72,7 +75,7 @@ setgroups (size_t n, const gid_t *groups) # endif /* __NR_setgroups32 */ for (i = 0; i < n; i++) { - kernel_groups[i] = groups[i]; + kernel_groups[i] = (__ptrvalue (groups))[i]; if (groups[i] != (gid_t) ((__kernel_gid_t) groups[i])) { __set_errno (EINVAL); @@ -80,7 +83,7 @@ setgroups (size_t n, const gid_t *groups) } } - return INLINE_SYSCALL (setgroups, 2, n, kernel_groups); + return INLINE_SYSCALL (setgroups, 2, n, CHECK_N (kernel_groups, n)); #endif } } diff --git a/sysdeps/unix/sysv/linux/i386/setrlimit.c b/sysdeps/unix/sysv/linux/i386/setrlimit.c index 5ceae60..04b55d1 100644 --- a/sysdeps/unix/sysv/linux/i386/setrlimit.c +++ b/sysdeps/unix/sysv/linux/i386/setrlimit.c @@ -22,14 +22,15 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <shlib-compat.h> +#include <bp-checks.h> #include "kernel-features.h" -#include <shlib-compat.h> extern int __syscall_setrlimit (unsigned int resource, - const struct rlimit *rlimits); + const struct rlimit *__unbounded rlimits); extern int __syscall_ugetrlimit (unsigned int resource, - const struct rlimit *rlimits); + const struct rlimit *__unbounded rlimits); /* Linux 2.3.25 introduced a new system call since the types used for the limits are now unsigned. */ @@ -41,7 +42,7 @@ int __new_setrlimit (enum __rlimit_resource resource, const struct rlimit *rlimits) { #ifdef __ASSUME_NEW_GETRLIMIT_SYSCALL - return INLINE_SYSCALL (setrlimit, 2, resource, rlimits); + return INLINE_SYSCALL (setrlimit, 2, resource, CHECK_1 (rlimits)); #else struct rlimit rlimits_small; @@ -51,7 +52,7 @@ __new_setrlimit (enum __rlimit_resource resource, const struct rlimit *rlimits) /* Check if the new ugetrlimit syscall exists. We must do this first because older kernels don't reject negative rlimit values in setrlimit. */ - int result = INLINE_SYSCALL (ugetrlimit, 2, resource, &rlimits_small); + int result = INLINE_SYSCALL (ugetrlimit, 2, resource, __ptrvalue (&rlimits_small)); if (result != -1 || errno != ENOSYS) /* The syscall exists. */ __have_no_new_getrlimit = -1; @@ -60,7 +61,7 @@ __new_setrlimit (enum __rlimit_resource resource, const struct rlimit *rlimits) __have_no_new_getrlimit = 1; } if (__have_no_new_getrlimit < 0) - return INLINE_SYSCALL (setrlimit, 2, resource, rlimits); + return INLINE_SYSCALL (setrlimit, 2, resource, CHECK_1 (rlimits)); # endif /* We might have to correct the limits values. Since the old values @@ -71,7 +72,7 @@ __new_setrlimit (enum __rlimit_resource resource, const struct rlimit *rlimits) RLIM_INFINITY >> 1); /* Use the adjusted values. */ - return INLINE_SYSCALL (setrlimit, 2, resource, &rlimits_small); + return INLINE_SYSCALL (setrlimit, 2, resource, __ptrvalue (&rlimits_small)); #endif } diff --git a/sysdeps/unix/sysv/linux/i386/sigaction.c b/sysdeps/unix/sysv/linux/i386/sigaction.c index c7493de..faa9afa 100644 --- a/sysdeps/unix/sysv/linux/i386/sigaction.c +++ b/sysdeps/unix/sysv/linux/i386/sigaction.c @@ -37,8 +37,8 @@ #define SA_RESTORER 0x04000000 -extern int __syscall_rt_sigaction (int, const struct kernel_sigaction *, - struct kernel_sigaction *, size_t); +extern int __syscall_rt_sigaction (int, const struct kernel_sigaction *__unbounded, + struct kernel_sigaction *__unbounded, size_t); #if __ASSUME_REALTIME_SIGNALS == 0 /* The variable is shared between all wrappers around signal handling @@ -86,8 +86,9 @@ __libc_sigaction (int sig, const struct sigaction *act, struct sigaction *oact) /* XXX The size argument hopefully will have to be changed to the real size of the user-level sigset_t. */ - result = INLINE_SYSCALL (rt_sigaction, 4, sig, act ? &kact : NULL, - oact ? &koact : NULL, _NSIG / 8); + result = INLINE_SYSCALL (rt_sigaction, 4, + sig, act ? __ptrvalue (&kact) : NULL, + oact ? __ptrvalue (&koact) : NULL, _NSIG / 8); # if __ASSUME_REALTIME_SIGNALS == 0 if (result >= 0 || errno != ENOSYS) @@ -126,7 +127,8 @@ __libc_sigaction (int sig, const struct sigaction *act, struct sigaction *oact) "popl %%ebx" : "=a" (result) : "0" (SYS_ify (sigaction)), "r" (sig), - "c" (act ? &k_newact : 0), "d" (oact ? &k_oldact : 0)); + "c" (act ? __ptrvalue (&k_newact) : 0), + "d" (oact ? __ptrvalue (&k_oldact) : 0)); if (result < 0) { diff --git a/sysdeps/unix/sysv/linux/i386/xstat.c b/sysdeps/unix/sysv/linux/i386/xstat.c index 7f71a11..54b0876 100644 --- a/sysdeps/unix/sysv/linux/i386/xstat.c +++ b/sysdeps/unix/sysv/linux/i386/xstat.c @@ -28,15 +28,19 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> + #include "kernel-features.h" #include <xstatconv.c> -extern int __syscall_stat (const char *, struct kernel_stat *); +extern int __syscall_stat (const char *__unbounded, + struct kernel_stat *__unbounded); #ifdef __NR_stat64 -extern int __syscall_stat64 (const char *, struct stat64 *); -# if __ASSUME_STAT64_SYSCALL == 0 +extern int __syscall_stat64 (const char *__unbounded, + struct stat64 *__unbounded); +# if __ASSUME_STAT64_SYSCALL == 0 /* The variable is shared between all wrappers around *stat64 calls. */ extern int __have_no_stat64; # endif @@ -53,14 +57,13 @@ __xstat (int vers, const char *name, struct stat *buf) int result; if (vers == _STAT_VER_KERNEL) - { - return INLINE_SYSCALL (stat, 2, name, (struct kernel_stat *) buf); - } + return INLINE_SYSCALL (stat, 2, CHECK_STRING (name), CHECK_1 ((struct kernel_stat *) buf)); + #if __ASSUME_STAT64_SYSCALL > 0 { struct stat64 buf64; - result = INLINE_SYSCALL (stat64, 2, name, &buf64); + result = INLINE_SYSCALL (stat64, 2, CHECK_STRING (name), __ptrvalue (&buf64)); if (result == 0) result = xstat32_conv (vers, &buf64, buf); return result; @@ -73,7 +76,7 @@ __xstat (int vers, const char *name, struct stat *buf) { struct stat64 buf64; - result = INLINE_SYSCALL (stat64, 2, name, &buf64); + result = INLINE_SYSCALL (stat64, 2, CHECK_STRING (name), __ptrvalue (&buf64)); if (result == 0) result = xstat32_conv (vers, &buf64, buf); @@ -83,8 +86,8 @@ __xstat (int vers, const char *name, struct stat *buf) __have_no_stat64 = 1; } -# endif - result = INLINE_SYSCALL (stat, 2, name, &kbuf); +# endif + result = INLINE_SYSCALL (stat, 2, CHECK_STRING (name), __ptrvalue (&kbuf)); if (result == 0) result = xstat_conv (vers, &kbuf, buf); @@ -94,6 +97,6 @@ __xstat (int vers, const char *name, struct stat *buf) weak_alias (__xstat, _xstat); #ifdef XSTAT_IS_XSTAT64 -#undef __xstat64 +# undef __xstat64 strong_alias (__xstat, __xstat64); #endif diff --git a/sysdeps/unix/sysv/linux/ia64/fxstat.c b/sysdeps/unix/sysv/linux/ia64/fxstat.c index bbf3a2a..2b30bfb 100644 --- a/sysdeps/unix/sysv/linux/ia64/fxstat.c +++ b/sysdeps/unix/sysv/linux/ia64/fxstat.c @@ -27,14 +27,15 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> -extern int __syscall_fstat (int, struct stat *); +extern int __syscall_fstat (int, struct stat *__unbounded); /* Get information about the file FD in BUF. */ int __fxstat (int vers, int fd, struct stat *buf) { - return INLINE_SYSCALL (fstat, 2, fd, buf); + return INLINE_SYSCALL (fstat, 2, fd, CHECK_1 (buf)); } weak_alias (__fxstat, _fxstat); diff --git a/sysdeps/unix/sysv/linux/ia64/lxstat.c b/sysdeps/unix/sysv/linux/ia64/lxstat.c index 463239c..772bb25 100644 --- a/sysdeps/unix/sysv/linux/ia64/lxstat.c +++ b/sysdeps/unix/sysv/linux/ia64/lxstat.c @@ -27,14 +27,15 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> -extern int __syscall_lstat (const char *, struct stat *); +extern int __syscall_lstat (const char *__unbounded, struct stat *__unbounded); /* Get information about the file FD in BUF. */ int __lxstat (int vers, const char *name, struct stat *buf) { - return INLINE_SYSCALL (lstat, 2, name, buf); + return INLINE_SYSCALL (lstat, 2, CHECK_STRING (name), CHECK_1 (buf)); } weak_alias (__lxstat, _lxstat); diff --git a/sysdeps/unix/sysv/linux/ia64/sigaction.c b/sysdeps/unix/sysv/linux/ia64/sigaction.c index 3769abf..6a43c12 100644 --- a/sysdeps/unix/sysv/linux/ia64/sigaction.c +++ b/sysdeps/unix/sysv/linux/ia64/sigaction.c @@ -27,9 +27,10 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> -extern int __syscall_rt_sigaction (int, const struct sigaction *, - struct sigaction *, size_t); +extern int __syscall_rt_sigaction (int, const struct sigaction *__unbounded, + struct sigaction *__unbounded, size_t); /* The variable is shared between all wrappers around signal handling functions which have RT equivalents. This is the definition. */ @@ -45,7 +46,8 @@ __libc_sigaction (sig, act, oact) { /* XXX The size argument hopefully will have to be changed to the real size of the user-level sigset_t. */ - return INLINE_SYSCALL (rt_sigaction, 4, sig, act, oact, _NSIG / 8); + return INLINE_SYSCALL (rt_sigaction, 4, sig, + CHECK_1opt (act), CHECK_1opt (oact), _NSIG / 8); } strong_alias (__libc_sigaction, __sigaction) diff --git a/sysdeps/unix/sysv/linux/ia64/sigpending.c b/sysdeps/unix/sysv/linux/ia64/sigpending.c index 9b56b4d..4e80ac7 100644 --- a/sysdeps/unix/sysv/linux/ia64/sigpending.c +++ b/sysdeps/unix/sysv/linux/ia64/sigpending.c @@ -25,8 +25,9 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> -extern int __syscall_rt_sigpending (sigset_t *, size_t); +extern int __syscall_rt_sigpending (sigset_t *__unbounded, size_t); /* Change the set of blocked signals to SET, @@ -37,5 +38,5 @@ sigpending (set) { /* XXX The size argument hopefully will have to be changed to the real size of the user-level sigset_t. */ - return INLINE_SYSCALL (rt_sigpending, 2, set, _NSIG / 8); + return INLINE_SYSCALL (rt_sigpending, 2, CHECK_SIGSET (set), _NSIG / 8); } diff --git a/sysdeps/unix/sysv/linux/ia64/sigprocmask.c b/sysdeps/unix/sysv/linux/ia64/sigprocmask.c index bcbbbe8..293a327 100644 --- a/sysdeps/unix/sysv/linux/ia64/sigprocmask.c +++ b/sysdeps/unix/sysv/linux/ia64/sigprocmask.c @@ -27,9 +27,10 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> -extern int __syscall_rt_sigprocmask (int, const sigset_t *, sigset_t *, - size_t); +extern int __syscall_rt_sigprocmask (int, const sigset_t *__unbounded, + sigset_t *__unbounded, size_t); /* Get and/or change the set of blocked signals. */ int @@ -41,6 +42,7 @@ __sigprocmask (how, set, oset) /* XXX The size argument hopefully will have to be changed to the real size of the user-level sigset_t. */ - return INLINE_SYSCALL (rt_sigprocmask, 4, how, set, oset, _NSIG / 8); + return INLINE_SYSCALL (rt_sigprocmask, 4, how, CHECK_SIGSET (set), + CHECK_SIGSETopt (oset), _NSIG / 8); } weak_alias (__sigprocmask, sigprocmask) diff --git a/sysdeps/unix/sysv/linux/ia64/sigsuspend.c b/sysdeps/unix/sysv/linux/ia64/sigsuspend.c index 5eb4c62..477ca6c 100644 --- a/sysdeps/unix/sysv/linux/ia64/sigsuspend.c +++ b/sysdeps/unix/sysv/linux/ia64/sigsuspend.c @@ -22,8 +22,9 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> -extern int __syscall_rt_sigsuspend (const sigset_t *, size_t); +extern int __syscall_rt_sigsuspend (const sigset_t *__unbounded, size_t); /* Change the set of blocked signals to SET, @@ -34,6 +35,6 @@ __sigsuspend (set) { /* XXX The size argument hopefully will have to be changed to the real size of the user-level sigset_t. */ - return INLINE_SYSCALL (rt_sigsuspend, 2, set, _NSIG / 8); + return INLINE_SYSCALL (rt_sigsuspend, 2, CHECK_SIGSET (set), _NSIG / 8); } weak_alias (__sigsuspend, sigsuspend) diff --git a/sysdeps/unix/sysv/linux/ia64/xstat.c b/sysdeps/unix/sysv/linux/ia64/xstat.c index 99ab5b6..d3ffe56 100644 --- a/sysdeps/unix/sysv/linux/ia64/xstat.c +++ b/sysdeps/unix/sysv/linux/ia64/xstat.c @@ -27,14 +27,15 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> -extern int __syscall_stat (const char *, struct stat *); +extern int __syscall_stat (const char *__unbounded, struct stat *__unbounded); /* Get information about the file NAME in BUF. */ int __xstat (int vers, const char *name, struct stat *buf) { - return INLINE_SYSCALL (stat, 2, name, buf); + return INLINE_SYSCALL (stat, 2, name, CHECK_1 (buf)); } weak_alias (__xstat, _xstat); diff --git a/sysdeps/unix/sysv/linux/llseek.c b/sysdeps/unix/sysv/linux/llseek.c index 136eda7..280f83d 100644 --- a/sysdeps/unix/sysv/linux/llseek.c +++ b/sysdeps/unix/sysv/linux/llseek.c @@ -24,7 +24,7 @@ #include <sys/syscall.h> extern int __syscall__llseek (int fd, off_t offset_hi, off_t offset_lo, - loff_t *result, int whence); + loff_t *__unbounded result, int whence); /* Seek to OFFSET on FD, starting from WHENCE. */ loff_t @@ -34,7 +34,7 @@ __llseek (int fd, loff_t offset, int whence) return (loff_t) (INLINE_SYSCALL (_llseek, 5, fd, (off_t) (offset >> 32), (off_t) (offset & 0xffffffff), - &result, whence) ?: result); + __ptrvalue (&result), whence) ?: result); } weak_alias (__llseek, llseek) strong_alias (__llseek, __libc_lseek64) diff --git a/sysdeps/unix/sysv/linux/lxstat.c b/sysdeps/unix/sysv/linux/lxstat.c index 50aa4f9..503fc27 100644 --- a/sysdeps/unix/sysv/linux/lxstat.c +++ b/sysdeps/unix/sysv/linux/lxstat.c @@ -1,5 +1,5 @@ /* lxstat using old-style Unix lstat system call. - Copyright (C) 1991, 1995, 1996, 1997, 1998 Free Software Foundation, Inc. + Copyright (C) 1991, 1995, 1996, 1997, 1998, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -28,10 +28,11 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #include <xstatconv.c> -extern int __syscall_lstat (const char *, struct kernel_stat *); +extern int __syscall_lstat (const char *__unbounded, struct kernel_stat *__unbounded); /* Get information about the file NAME in BUF. */ int @@ -41,11 +42,10 @@ __lxstat (int vers, const char *name, struct stat *buf) int result; if (vers == _STAT_VER_KERNEL) - { - return INLINE_SYSCALL (lstat, 2, name, (struct kernel_stat *) buf); - } + return INLINE_SYSCALL (lstat, 2, CHECK_STRING (name), + CHECK_1 ((struct kernel_stat *) buf)); - result = INLINE_SYSCALL (lstat, 2, name, &kbuf); + result = INLINE_SYSCALL (lstat, 2, CHECK_STRING (name), __ptrvalue (&kbuf)); if (result == 0) result = xstat_conv (vers, &kbuf, buf); diff --git a/sysdeps/unix/sysv/linux/lxstat64.c b/sysdeps/unix/sysv/linux/lxstat64.c index 4becf6e..4409765 100644 --- a/sysdeps/unix/sysv/linux/lxstat64.c +++ b/sysdeps/unix/sysv/linux/lxstat64.c @@ -1,5 +1,5 @@ /* lxstat64 using old-style Unix lstat system call. - Copyright (C) 1997, 1998, 1999 Free Software Foundation, Inc. + Copyright (C) 1997, 1998, 1999, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -24,16 +24,18 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> + #include "kernel-features.h" #if __ASSUME_STAT64_SYSCALL == 0 # include <xstatconv.c> #endif -extern int __syscall_lstat (const char *, struct kernel_stat *); +extern int __syscall_lstat (const char *__unbounded, struct kernel_stat *__unbounded); #ifdef __NR_lstat64 -extern int __syscall_lstat64 (const char *, struct stat64 *); +extern int __syscall_lstat64 (const char *__unbounded, struct stat64 *__unbounded); # if __ASSUME_STAT64_SYSCALL == 0 /* The variable is shared between all wrappers around *stat64 calls. */ extern int __have_no_stat64; @@ -45,7 +47,7 @@ int __lxstat64 (int vers, const char *name, struct stat64 *buf) { #ifdef __ASSUME_STAT64_SYSCALL - return INLINE_SYSCALL (lstat64, 2, name, buf); + return INLINE_SYSCALL (lstat64, 2, CHECK_STRING (name), CHECK_1 (buf)); #else struct kernel_stat kbuf; int result; @@ -53,7 +55,7 @@ __lxstat64 (int vers, const char *name, struct stat64 *buf) if (! __have_no_stat64) { int saved_errno = errno; - result = INLINE_SYSCALL (lstat64, 2, name, buf); + result = INLINE_SYSCALL (lstat64, 2, CHECK_STRING (name), CHECK_1 (buf)); if (result != -1 || errno != ENOSYS) return result; @@ -62,7 +64,7 @@ __lxstat64 (int vers, const char *name, struct stat64 *buf) __have_no_stat64 = 1; } # endif - result = INLINE_SYSCALL (lstat, 2, name, &kbuf); + result = INLINE_SYSCALL (lstat, 2, CHECK_STRING (name), __ptrvalue (&kbuf)); if (result == 0) result = xstat64_conv (vers, &kbuf, buf); diff --git a/sysdeps/unix/sysv/linux/m68k/chown.c b/sysdeps/unix/sysv/linux/m68k/chown.c index 79701ee..e97c148 100644 --- a/sysdeps/unix/sysv/linux/m68k/chown.c +++ b/sysdeps/unix/sysv/linux/m68k/chown.c @@ -21,14 +21,15 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #include <linux/posix_types.h> -extern int __syscall_chown (const char *__file, +extern int __syscall_chown (const char *__unbounded __file, __kernel_uid_t __owner, __kernel_gid_t __group); #ifdef __NR_chown32 -extern int __syscall_chown32 (const char *__file, +extern int __syscall_chown32 (const char *__unbounded __file, __kernel_uid32_t owner, __kernel_gid32_t group); # if __ASSUME_32BITUIDS == 0 @@ -42,7 +43,7 @@ int __chown (const char *file, uid_t owner, gid_t group) { #if __ASSUME_32BITUIDS - return INLINE_SYSCALL (chown32, 3, file, owner, group); + return INLINE_SYSCALL (chown32, 3, CHECK_STRING (file), owner, group); #else # ifdef __NR_chown32 if (__libc_missing_32bit_uids <= 0) @@ -50,7 +51,7 @@ __chown (const char *file, uid_t owner, gid_t group) int result; int saved_errno = errno; - result = INLINE_SYSCALL (chown32, 3, file, owner, group); + result = INLINE_SYSCALL (chown32, 3, CHECK_STRING (file), owner, group); if (result == 0 || errno != ENOSYS) return result; @@ -66,7 +67,7 @@ __chown (const char *file, uid_t owner, gid_t group) return -1; } - return INLINE_SYSCALL (chown, 3, file, owner, group); + return INLINE_SYSCALL (chown, 3, CHECK_STRING (file), owner, group); #endif } weak_alias (__chown, chown) diff --git a/sysdeps/unix/sysv/linux/mips/pread.c b/sysdeps/unix/sysv/linux/mips/pread.c index dd1e5d8..93f19f4 100644 --- a/sysdeps/unix/sysv/linux/mips/pread.c +++ b/sysdeps/unix/sysv/linux/mips/pread.c @@ -23,6 +23,7 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #include <kernel-features.h> @@ -32,8 +33,8 @@ static ssize_t __emulate_pread (int fd, void *buf, size_t count, off_t offset) internal_function; # endif -extern ssize_t __syscall_pread (int fd, void *buf, size_t count, int dummy, - off_t offset_hi, off_t offset_lo); +extern ssize_t __syscall_pread (int fd, void *__unbounded buf, size_t count, + int dummy, off_t offset_hi, off_t offset_lo); @@ -47,7 +48,7 @@ __libc_pread (fd, buf, count, offset) ssize_t result; /* First try the syscall. */ - result = INLINE_SYSCALL (pread, 6, fd, buf, count, 0, + result = INLINE_SYSCALL (pread, 6, fd, CHECK_N (buf, count), count, 0, __LONG_LONG_PAIR (0, offset)); # if __ASSUME_PREAD_SYSCALL == 0 if (result == -1 && errno == ENOSYS) diff --git a/sysdeps/unix/sysv/linux/mips/pread64.c b/sysdeps/unix/sysv/linux/mips/pread64.c index 06a992e..6482ce4 100644 --- a/sysdeps/unix/sysv/linux/mips/pread64.c +++ b/sysdeps/unix/sysv/linux/mips/pread64.c @@ -23,6 +23,7 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #include <kernel-features.h> @@ -33,8 +34,8 @@ static ssize_t __emulate_pread64 (int fd, void *buf, size_t count, off64_t offset) internal_function; # endif -extern ssize_t __syscall_pread (int fd, void *buf, size_t count, int dummy, - off_t offset_hi, off_t offset_lo); +extern ssize_t __syscall_pread (int fd, void *__unbounded buf, size_t count, + int dummy, off_t offset_hi, off_t offset_lo); @@ -48,7 +49,7 @@ __libc_pread64 (fd, buf, count, offset) ssize_t result; /* First try the syscall. */ - result = INLINE_SYSCALL (pread, 6, fd, buf, count, 0, + result = INLINE_SYSCALL (pread, 6, fd, CHECK_N (buf, count), count, 0, __LONG_LONG_PAIR ((off_t) (offset >> 32), (off_t) (offset & 0xffffffff))); # if __ASSUME_PREAD_SYSCALL == 0 diff --git a/sysdeps/unix/sysv/linux/mips/pwrite.c b/sysdeps/unix/sysv/linux/mips/pwrite.c index b45bb84..8283896 100644 --- a/sysdeps/unix/sysv/linux/mips/pwrite.c +++ b/sysdeps/unix/sysv/linux/mips/pwrite.c @@ -23,12 +23,13 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #include <kernel-features.h> #if defined __NR_pwrite || __ASSUME_PWRITE_SYSCALL > 0 -extern ssize_t __syscall_pwrite (int fd, const void *buf, size_t count, +extern ssize_t __syscall_pwrite (int fd, const void *__unbounded buf, size_t count, int dummy, off_t offset_hi, off_t offset_lo); # if __ASSUME_PWRITE_SYSCALL == 0 @@ -46,7 +47,7 @@ __libc_pwrite (fd, buf, count, offset) ssize_t result; /* First try the syscall. */ - result = INLINE_SYSCALL (pwrite, 6, fd, buf, count, 0, + result = INLINE_SYSCALL (pwrite, 6, fd, CHECK_N (buf, count), count, 0, __LONG_LONG_PAIR (0, offset)); # if __ASSUME_PWRITE_SYSCALL == 0 if (result == -1 && errno == ENOSYS) diff --git a/sysdeps/unix/sysv/linux/mips/pwrite64.c b/sysdeps/unix/sysv/linux/mips/pwrite64.c index 0481064..af07f60 100644 --- a/sysdeps/unix/sysv/linux/mips/pwrite64.c +++ b/sysdeps/unix/sysv/linux/mips/pwrite64.c @@ -23,12 +23,13 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #include <kernel-features.h> #if defined __NR_pwrite || __ASSUME_PWRITE_SYSCALL > 0 -extern ssize_t __syscall_pwrite (int fd, const void *buf, size_t count, +extern ssize_t __syscall_pwrite (int fd, const void *__unbounded buf, size_t count, int dummy, off_t offset_hi, off_t offset_lo); # if __ASSUME_PWRITE_SYSCALL == 0 @@ -46,7 +47,7 @@ __libc_pwrite64 (fd, buf, count, offset) ssize_t result; /* First try the syscall. */ - result = INLINE_SYSCALL (pwrite, 6, fd, buf, count, 0, + result = INLINE_SYSCALL (pwrite, 6, fd, CHECK_N (buf, count), count, 0, __LONG_LONG_PAIR ((off_t) (offset >> 32), (off_t) (offset & 0xffffffff))); # if __ASSUME_PWRITE_SYSCALL == 0 diff --git a/sysdeps/unix/sysv/linux/mips/truncate64.c b/sysdeps/unix/sysv/linux/mips/truncate64.c index 7a44619..09a2755 100644 --- a/sysdeps/unix/sysv/linux/mips/truncate64.c +++ b/sysdeps/unix/sysv/linux/mips/truncate64.c @@ -23,6 +23,7 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #include "kernel-features.h" @@ -33,7 +34,7 @@ int __have_no_truncate64; #endif /* The order of hight, low depends on endianness. */ -extern int __syscall_truncate64 (const char *path, int dummy, +extern int __syscall_truncate64 (const char *__unbounded path, int dummy, int high_length, int low_length); @@ -50,7 +51,7 @@ truncate64 (const char *path, off64_t length) #ifndef __ASSUME_TRUNCATE64_SYSCALL int saved_errno = errno; #endif - int result = INLINE_SYSCALL (truncate64, 3, path, 0, + int result = INLINE_SYSCALL (truncate64, 3, CHECK_STRING (path), 0, __LONG_LONG_PAIR (high, low)); #ifndef __ASSUME_TRUNCATE64_SYSCALL if (result != -1 || errno != ENOSYS) diff --git a/sysdeps/unix/sysv/linux/mips/ustat.c b/sysdeps/unix/sysv/linux/mips/ustat.c index 63eb68c..2afc3e7 100644 --- a/sysdeps/unix/sysv/linux/mips/ustat.c +++ b/sysdeps/unix/sysv/linux/mips/ustat.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1997, 1998 Free Software Foundation, Inc. +/* Copyright (C) 1997, 1998, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Ulrich Drepper <drepper@cygnus.com>, 1997. @@ -23,8 +23,9 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> -extern int __syscall_ustat (unsigned long dev, struct ustat *ubuf); +extern int __syscall_ustat (unsigned long dev, struct ustat *__unbounded ubuf); int ustat (dev_t dev, struct ustat *ubuf) @@ -34,5 +35,5 @@ ustat (dev_t dev, struct ustat *ubuf) /* We must convert the value to dev_t type used by the kernel. */ k_dev = ((major (dev) & 0xff) << 8) | (minor (dev) & 0xff); - return INLINE_SYSCALL (ustat, 2, k_dev, ubuf); + return INLINE_SYSCALL (ustat, 2, k_dev, CHECK_1 (ubuf)); } diff --git a/sysdeps/unix/sysv/linux/mips/xmknod.c b/sysdeps/unix/sysv/linux/mips/xmknod.c index ba1b468..2fed00d 100644 --- a/sysdeps/unix/sysv/linux/mips/xmknod.c +++ b/sysdeps/unix/sysv/linux/mips/xmknod.c @@ -1,5 +1,5 @@ /* xmknod call using old-style Unix mknod system call. - Copyright (C) 1991, 93, 95, 96, 97, 98 Free Software Foundation, Inc. + Copyright (C) 1991, 93, 95, 96, 97, 98, 00 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -24,8 +24,9 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> -extern int __syscall_mknod (const char *, unsigned long, unsigned int); +extern int __syscall_mknod (const char *__unbounded, unsigned long, unsigned int); /* Create a device file named PATH, with permission and special bits MODE and device number DEV (which can be constructed from major and minor @@ -44,7 +45,7 @@ __xmknod (int vers, const char *path, mode_t mode, dev_t *dev) /* We must convert the value to dev_t type used by the kernel. */ k_dev = ((major (*dev) & 0xff) << 8) | (minor (*dev) & 0xff); - return INLINE_SYSCALL (mknod, 3, path, mode, k_dev); + return INLINE_SYSCALL (mknod, 3, CHECK_STRING (path), mode, k_dev); } weak_alias (__xmknod, _xmknod) diff --git a/sysdeps/unix/sysv/linux/poll.c b/sysdeps/unix/sysv/linux/poll.c index ba81416..9f831c8 100644 --- a/sysdeps/unix/sysv/linux/poll.c +++ b/sysdeps/unix/sysv/linux/poll.c @@ -22,13 +22,14 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #include "kernel-features.h" #if defined __NR_poll || __ASSUME_POLL_SYSCALL > 0 -extern int __syscall_poll (struct pollfd *fds, unsigned int nfds, - int timeout); +extern int __syscall_poll (struct pollfd *__unbounded fds, + unsigned int nfds, int timeout); # if __ASSUME_POLL_SYSCALL == 0 static int __emulate_poll (struct pollfd *fds, unsigned long int nfds, @@ -48,7 +49,7 @@ __poll (fds, nfds, timeout) if (!must_emulate) { int errno_saved = errno; - int retval = INLINE_SYSCALL (poll, 3, fds, nfds, timeout); + int retval = INLINE_SYSCALL (poll, 3, CHECK_N (fds, nfds), nfds, timeout); if (retval >= 0 || errno != ENOSYS) return retval; @@ -59,7 +60,7 @@ __poll (fds, nfds, timeout) return __emulate_poll (fds, nfds, timeout); # else - return INLINE_SYSCALL (poll, 3, fds, nfds, timeout); + return INLINE_SYSCALL (poll, 3, CHECK_N (fds, nfds), nfds, timeout); # endif } weak_alias (__poll, poll) diff --git a/sysdeps/unix/sysv/linux/pread.c b/sysdeps/unix/sysv/linux/pread.c index 08faa28..317f43b 100644 --- a/sysdeps/unix/sysv/linux/pread.c +++ b/sysdeps/unix/sysv/linux/pread.c @@ -23,13 +23,14 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #include "kernel-features.h" #if defined __NR_pread || __ASSUME_PREAD_SYSCALL > 0 /* The order of hi, lo depends on endianness. */ -extern ssize_t __syscall_pread (int fd, void *buf, size_t count, +extern ssize_t __syscall_pread (int fd, void *__unbounded buf, size_t count, off_t offset_hi, off_t offset_lo); # if __ASSUME_PREAD_SYSCALL == 0 @@ -48,9 +49,8 @@ __libc_pread (fd, buf, count, offset) ssize_t result; /* First try the syscall. */ - result = INLINE_SYSCALL (pread, 5, fd, buf, count, + result = INLINE_SYSCALL (pread, 5, fd, CHECK_N (buf, count), count, __LONG_LONG_PAIR (0, offset)); - # if __ASSUME_PREAD_SYSCALL == 0 if (result == -1 && errno == ENOSYS) /* No system call available. Use the emulation. */ diff --git a/sysdeps/unix/sysv/linux/pread64.c b/sysdeps/unix/sysv/linux/pread64.c index 479f483..706de34 100644 --- a/sysdeps/unix/sysv/linux/pread64.c +++ b/sysdeps/unix/sysv/linux/pread64.c @@ -23,12 +23,13 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #include "kernel-features.h" #if defined __NR_pread || __ASSUME_PREAD_SYSCALL > 0 -extern ssize_t __syscall_pread (int fd, void *buf, size_t count, +extern ssize_t __syscall_pread (int fd, void *__unbounded buf, size_t count, off_t offset_hi, off_t offset_lo); # if __ASSUME_PREAD_SYSCALL == 0 @@ -47,10 +48,9 @@ __libc_pread64 (fd, buf, count, offset) ssize_t result; /* First try the syscall. */ - result = INLINE_SYSCALL (pread, 5, fd, buf, count, + result = INLINE_SYSCALL (pread, 5, fd, CHECK_N (buf, count), count, __LONG_LONG_PAIR ((off_t) (offset >> 32), (off_t) (offset & 0xffffffff))); - # if __ASSUME_PREAD_SYSCALL == 0 if (result == -1 && errno == ENOSYS) /* No system call available. Use the emulation. */ diff --git a/sysdeps/unix/sysv/linux/ptrace.c b/sysdeps/unix/sysv/linux/ptrace.c index 109191e..3ed1af6 100644 --- a/sysdeps/unix/sysv/linux/ptrace.c +++ b/sysdeps/unix/sysv/linux/ptrace.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1995, 1996, 1997, 1998 Free Software Foundation, Inc. +/* Copyright (C) 1995, 1996, 1997, 1998, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -19,12 +19,15 @@ #include <errno.h> #include <sys/types.h> #include <sys/ptrace.h> +#include <sys/user.h> #include <stdarg.h> #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> -extern long int __syscall_ptrace (int, pid_t, void *, void *); +extern long int __syscall_ptrace (int, pid_t, void *__unbounded, + void *__unbounded); long int ptrace (enum __ptrace_request request, ...) @@ -43,7 +46,56 @@ ptrace (enum __ptrace_request request, ...) if (request > 0 && request < 4) data = &ret; - res = INLINE_SYSCALL (ptrace, 4, request, pid, addr, data); +#if __BOUNDED_POINTERS__ + switch (request) + { + case PTRACE_PEEKTEXT: + case PTRACE_PEEKDATA: + case PTRACE_PEEKUSER: + case PTRACE_POKETEXT: + case PTRACE_POKEDATA: + case PTRACE_POKEUSER: + CHECK_1 ((int *) addr); + CHECK_1 ((int *) data); + break; + + case PTRACE_GETREGS: + case PTRACE_SETREGS: +#ifdef __i386__ + CHECK_1 ((struct user_regs_struct *) data); +#else + /* We don't know the size of data, so the best we can do is ensure + that `data' is valid for at least one word. */ + CHECK_1 ((int *) data); +#endif + break; + + case PTRACE_GETFPREGS: + case PTRACE_SETFPREGS: +#ifdef __i386__ + CHECK_1 ((struct user_fpregs_struct *) data); +#else + /* We don't know the size of data, so the best we can do is ensure + that `data' is valid for at least one word. */ + CHECK_1 ((int *) data); +#endif + break; + + case PTRACE_GETFPXREGS: + case PTRACE_SETFPXREGS: +#ifdef __i386__ + CHECK_1 ((struct user_fpxregs_struct *) data); +#else + /* We don't know the size of data, so the best we can do is ensure + that `data' is valid for at least one word. */ + CHECK_1 ((int *) data); +#endif + break; + }; +#endif + + res = INLINE_SYSCALL (ptrace, 4, request, pid, + __ptrvalue (addr), __ptrvalue (data)); if (res >= 0 && request > 0 && request < 4) { __set_errno (0); diff --git a/sysdeps/unix/sysv/linux/pwrite.c b/sysdeps/unix/sysv/linux/pwrite.c index dab46dc..4aa91df 100644 --- a/sysdeps/unix/sysv/linux/pwrite.c +++ b/sysdeps/unix/sysv/linux/pwrite.c @@ -23,13 +23,14 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #include "kernel-features.h" #if defined __NR_pwrite || __ASSUME_PWRITE_SYSCALL > 0 /* The order of hi, lo depends on endianness. */ -extern ssize_t __syscall_pwrite (int fd, const void *buf, size_t count, +extern ssize_t __syscall_pwrite (int fd, const void *__unbounded buf, size_t count, off_t offset_hi, off_t offset_lo); # if __ASSUME_PWRITE_SYSCALL == 0 @@ -48,7 +49,7 @@ __libc_pwrite (fd, buf, count, offset) ssize_t result; /* First try the syscall. */ - result = INLINE_SYSCALL (pwrite, 5, fd, buf, count, + result = INLINE_SYSCALL (pwrite, 5, fd, CHECK_N (buf, count), count, __LONG_LONG_PAIR (0, offset)); # if __ASSUME_PWRITE_SYSCALL == 0 if (result == -1 && errno == ENOSYS) diff --git a/sysdeps/unix/sysv/linux/pwrite64.c b/sysdeps/unix/sysv/linux/pwrite64.c index b1039f0..2ce244c 100644 --- a/sysdeps/unix/sysv/linux/pwrite64.c +++ b/sysdeps/unix/sysv/linux/pwrite64.c @@ -23,12 +23,13 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #include "kernel-features.h" #if defined __NR_pwrite || __ASSUME_PWRITE_SYSCALL > 0 -extern ssize_t __syscall_pwrite (int fd, const void *buf, size_t count, +extern ssize_t __syscall_pwrite (int fd, const void *__unbounded buf, size_t count, off_t offset_hi, off_t offset_lo); # if __ASSUME_PWRITE_SYSCALL == 0 @@ -47,7 +48,7 @@ __libc_pwrite64 (fd, buf, count, offset) ssize_t result; /* First try the syscall. */ - result = INLINE_SYSCALL (pwrite, 5, fd, buf, count, + result = INLINE_SYSCALL (pwrite, 5, fd, CHECK_N (buf, count), count, __LONG_LONG_PAIR ((off_t) (offset >> 32), (off_t) (offset & 0xffffffff))); # if __ASSUME_PWRITE_SYSCALL == 0 diff --git a/sysdeps/unix/sysv/linux/readv.c b/sysdeps/unix/sysv/linux/readv.c index 63fd237..6b3b6f3 100644 --- a/sysdeps/unix/sysv/linux/readv.c +++ b/sysdeps/unix/sysv/linux/readv.c @@ -24,8 +24,9 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> -extern ssize_t __syscall_readv (int, __const struct iovec *, int); +extern ssize_t __syscall_readv (int, __const struct iovec *__unbounded, int); static ssize_t __atomic_readv_replacement (int, __const struct iovec *, int) internal_function; @@ -47,7 +48,7 @@ __readv (fd, vector, count) int errno_saved = errno; ssize_t bytes_read; - bytes_read = INLINE_SYSCALL (readv, 3, fd, vector, count); + bytes_read = INLINE_SYSCALL (readv, 3, fd, CHECK_N (vector, count), count); if (bytes_read >= 0 || errno != EINVAL || count <= UIO_FASTIOV) return bytes_read; diff --git a/sysdeps/unix/sysv/linux/sigaction.c b/sysdeps/unix/sysv/linux/sigaction.c index d97b8bf..fc66d3d 100644 --- a/sysdeps/unix/sysv/linux/sigaction.c +++ b/sysdeps/unix/sysv/linux/sigaction.c @@ -35,11 +35,11 @@ functions which have RT equivalents. This is the definition. */ int __libc_missing_rt_sigs; -extern int __syscall_sigaction (int, const struct old_kernel_sigaction *, - struct old_kernel_sigaction *); +extern int __syscall_sigaction (int, const struct old_kernel_sigaction *__unbounded, + struct old_kernel_sigaction *__unbounded); #endif -extern int __syscall_rt_sigaction (int, const struct kernel_sigaction *, - struct kernel_sigaction *, size_t); +extern int __syscall_rt_sigaction (int, const struct kernel_sigaction *__unbounded, + struct kernel_sigaction *__unbounded, size_t); /* If ACT is not NULL, change the action for SIG to *ACT. @@ -80,8 +80,9 @@ __libc_sigaction (sig, act, oact) /* XXX The size argument hopefully will have to be changed to the real size of the user-level sigset_t. */ - result = INLINE_SYSCALL (rt_sigaction, 4, sig, act ? &kact : NULL, - oact ? &koact : NULL, _NSIG / 8); + result = INLINE_SYSCALL (rt_sigaction, 4, sig, + act ? __ptrvalue (&kact) : NULL, + oact ? __ptrvalue (&koact) : NULL, _NSIG / 8); # if __ASSUME_REALTIME_SIGNALS == 0 if (result >= 0 || errno != ENOSYS) @@ -116,8 +117,9 @@ __libc_sigaction (sig, act, oact) k_sigact.sa_restorer = act->sa_restorer; # endif } - result = INLINE_SYSCALL (sigaction, 3, sig, act ? &k_sigact : NULL, - oact ? &k_osigact : NULL); + result = INLINE_SYSCALL (sigaction, 3, sig, + act ? __ptrvalue (&k_sigact) : NULL, + oact ? __ptrvalue (&k_osigact) : NULL); if (oact && result >= 0) { oact->sa_handler = k_osigact.k_sa_handler; diff --git a/sysdeps/unix/sysv/linux/sigpending.c b/sysdeps/unix/sysv/linux/sigpending.c index 9323145..d84abb8 100644 --- a/sysdeps/unix/sysv/linux/sigpending.c +++ b/sysdeps/unix/sysv/linux/sigpending.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1997, 1998, 1999 Free Software Foundation, Inc. +/* Copyright (C) 1997, 1998, 1999, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -22,11 +22,12 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #include "kernel-features.h" -extern int __syscall_sigpending (sigset_t *); -extern int __syscall_rt_sigpending (sigset_t *, size_t); +extern int __syscall_sigpending (sigset_t *__unbounded); +extern int __syscall_rt_sigpending (sigset_t *__unbounded, size_t); /* The variable is shared between all wrappers around signal handling @@ -41,7 +42,7 @@ sigpending (set) sigset_t *set; { #if __ASSUME_REALTIME_SIGNALS > 0 - return INLINE_SYSCALL (rt_sigpending, 2, set, _NSIG / 8); + return INLINE_SYSCALL (rt_sigpending, 2, CHECK_SIGSET (set), _NSIG / 8); #else # ifdef __NR_rt_pending /* First try the RT signals. */ @@ -50,7 +51,7 @@ sigpending (set) /* XXX The size argument hopefully will have to be changed to the real size of the user-level sigset_t. */ int saved_errno = errno; - int result = INLINE_SYSCALL (rt_sigpending, 2, set, _NSIG / 8); + int result = INLINE_SYSCALL (rt_sigpending, 2, CHECK_SIGSET (set), _NSIG / 8); if (result >= 0 || errno != ENOSYS) return result; @@ -60,6 +61,6 @@ sigpending (set) } # endif - return INLINE_SYSCALL (sigpending, 1, set); + return INLINE_SYSCALL (sigpending, 1, CHECK_SIGSET (set)); #endif } diff --git a/sysdeps/unix/sysv/linux/sigprocmask.c b/sysdeps/unix/sysv/linux/sigprocmask.c index 3e0719a..7590071 100644 --- a/sysdeps/unix/sysv/linux/sigprocmask.c +++ b/sysdeps/unix/sysv/linux/sigprocmask.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1997, 1998, 1999 Free Software Foundation, Inc. +/* Copyright (C) 1997, 1998, 1999, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -22,13 +22,15 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #include "kernel-features.h" -extern int __syscall_sigprocmask (int, const sigset_t *, sigset_t *); -extern int __syscall_rt_sigprocmask (int, const sigset_t *, sigset_t *, - size_t); +extern int __syscall_sigprocmask (int, const sigset_t *__unbounded, + sigset_t *__unbounded); +extern int __syscall_rt_sigprocmask (int, const sigset_t *__unbounded, + sigset_t *__unbounded, size_t); /* The variable is shared between all wrappers around signal handling functions which have RT equivalents. The definition is in sigaction.c. */ @@ -43,7 +45,8 @@ __sigprocmask (how, set, oset) sigset_t *oset; { #if __ASSUME_REALTIME_SIGNALS > 0 - return INLINE_SYSCALL (rt_sigprocmask, 4, how, set, oset, _NSIG / 8); + return INLINE_SYSCALL (rt_sigprocmask, 4, how, CHECK_SIGSET (set), + CHECK_SIGSETopt (oset), _NSIG / 8); #else # ifdef __NR_rt_sigprocmask /* First try the RT signals. */ @@ -52,8 +55,8 @@ __sigprocmask (how, set, oset) /* XXX The size argument hopefully will have to be changed to the real size of the user-level sigset_t. */ int saved_errno = errno; - int result = INLINE_SYSCALL (rt_sigprocmask, 4, how, set, oset, - _NSIG / 8); + int result = INLINE_SYSCALL (rt_sigprocmask, 4, how, CHECK_SIGSET (set), + CHECK_SIGSETopt (oset), _NSIG / 8); if (result >= 0 || errno != ENOSYS) return result; @@ -63,7 +66,8 @@ __sigprocmask (how, set, oset) } # endif - return INLINE_SYSCALL (sigprocmask, 3, how, set, oset); + return INLINE_SYSCALL (sigprocmask, 3, how, + CHECK_SIGSET (set), CHECK_SIGSETopt (oset)); #endif } weak_alias (__sigprocmask, sigprocmask) diff --git a/sysdeps/unix/sysv/linux/sigqueue.c b/sysdeps/unix/sysv/linux/sigqueue.c index a37435c..4b465ff 100644 --- a/sysdeps/unix/sysv/linux/sigqueue.c +++ b/sysdeps/unix/sysv/linux/sigqueue.c @@ -24,7 +24,7 @@ #include <sysdep.h> #include <sys/syscall.h> -extern int __syscall_rt_sigqueueinfo (int, int, siginfo_t *); +extern int __syscall_rt_sigqueueinfo (int, int, siginfo_t *__unbounded); #ifdef __NR_rt_sigqueueinfo /* Return any pending signal or wait for one for the given time. */ @@ -46,7 +46,7 @@ __sigqueue (pid, sig, val) info.si_uid = __getuid (); info.si_value = val; - return INLINE_SYSCALL (rt_sigqueueinfo, 3, pid, sig, &info); + return INLINE_SYSCALL (rt_sigqueueinfo, 3, pid, sig, __ptrvalue (&info)); } weak_alias (__sigqueue, sigqueue) #else diff --git a/sysdeps/unix/sysv/linux/sigsuspend.c b/sysdeps/unix/sysv/linux/sigsuspend.c index da74339..51c5e87 100644 --- a/sysdeps/unix/sysv/linux/sigsuspend.c +++ b/sysdeps/unix/sysv/linux/sigsuspend.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1996, 1997, 1998, 1999 Free Software Foundation, Inc. +/* Copyright (C) 1996, 1997, 1998, 1999, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -22,11 +22,12 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #include "kernel-features.h" extern int __syscall_sigsuspend (int, unsigned long int, unsigned long int); -extern int __syscall_rt_sigsuspend (const sigset_t *, size_t); +extern int __syscall_rt_sigsuspend (const sigset_t *__unbounded, size_t); /* The variable is shared between all wrappers around signal handling @@ -41,7 +42,7 @@ __sigsuspend (set) const sigset_t *set; { #if __ASSUME_REALTIME_SIGNALS - return INLINE_SYSCALL (rt_sigsuspend, 2, set, _NSIG / 8); + return INLINE_SYSCALL (rt_sigsuspend, 2, CHECK_SIGSET (set), _NSIG / 8); #else # ifdef __NR_rt_sigsuspend /* First try the RT signals. */ @@ -50,8 +51,8 @@ __sigsuspend (set) /* XXX The size argument hopefully will have to be changed to the real size of the user-level sigset_t. */ int saved_errno = errno; - int result = INLINE_SYSCALL (rt_sigsuspend, 2, set, _NSIG / 8); - + int result = INLINE_SYSCALL (rt_sigsuspend, 2, + CHECK_SIGSET (set), _NSIG / 8); if (result >= 0 || errno != ENOSYS) return result; diff --git a/sysdeps/unix/sysv/linux/sigtimedwait.c b/sysdeps/unix/sysv/linux/sigtimedwait.c index 4bb7396..e7459b1 100644 --- a/sysdeps/unix/sysv/linux/sigtimedwait.c +++ b/sysdeps/unix/sysv/linux/sigtimedwait.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1997, 1998 Free Software Foundation, Inc. +/* Copyright (C) 1997, 1998, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -21,10 +21,11 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #ifdef __NR_rt_sigtimedwait -extern int __syscall_rt_sigtimedwait (const sigset_t *, siginfo_t *, - const struct timespec *, size_t); +extern int __syscall_rt_sigtimedwait (const sigset_t *__unbounded, siginfo_t *__unbounded, + const struct timespec *__unbounded, size_t); /* Return any pending signal or wait for one for the given time. */ @@ -36,7 +37,8 @@ __sigtimedwait (set, info, timeout) { /* XXX The size argument hopefully will have to be changed to the real size of the user-level sigset_t. */ - return INLINE_SYSCALL (rt_sigtimedwait, 4, set, info, timeout, _NSIG / 8); + return INLINE_SYSCALL (rt_sigtimedwait, 4, CHECK_SIGSET (set), + CHECK_1 (info), timeout, _NSIG / 8); } weak_alias (__sigtimedwait, sigtimedwait) #else diff --git a/sysdeps/unix/sysv/linux/sigwaitinfo.c b/sysdeps/unix/sysv/linux/sigwaitinfo.c index ae51275..12a2ba3 100644 --- a/sysdeps/unix/sysv/linux/sigwaitinfo.c +++ b/sysdeps/unix/sysv/linux/sigwaitinfo.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1997, 1998 Free Software Foundation, Inc. +/* Copyright (C) 1997, 1998, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -23,10 +23,11 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #ifdef __NR_rt_sigtimedwait -extern int __syscall_rt_sigtimedwait (const sigset_t *, siginfo_t *, - const struct timespec *, size_t); +extern int __syscall_rt_sigtimedwait (const sigset_t *__unbounded, siginfo_t *__unbounded, + const struct timespec *__unbounded, size_t); /* Return any pending signal or wait for one for the given time. */ @@ -37,7 +38,8 @@ __sigwaitinfo (set, info) { /* XXX The size argument hopefully will have to be changed to the real size of the user-level sigset_t. */ - return INLINE_SYSCALL (rt_sigtimedwait, 4, set, info, NULL, _NSIG / 8); + return INLINE_SYSCALL (rt_sigtimedwait, 4, CHECK_SIGSET (set), + CHECK_1 (info), NULL, _NSIG / 8); } weak_alias (__sigwaitinfo, sigwaitinfo) #else diff --git a/sysdeps/unix/sysv/linux/sparc/sparc32/mmap64.c b/sysdeps/unix/sysv/linux/sparc/sparc32/mmap64.c index 1218f9d..673aecf 100644 --- a/sysdeps/unix/sysv/linux/sparc/sparc32/mmap64.c +++ b/sysdeps/unix/sysv/linux/sparc/sparc32/mmap64.c @@ -19,19 +19,20 @@ #include <errno.h> #include <unistd.h> +#include <sys/mman.h> #include <sysdep.h> #include <sys/syscall.h> - -#include <sys/mman.h> +#include <bp-checks.h> #include "kernel-features.h" #ifdef __NR_mmap2 -extern __ptr_t __syscall_mmap2(__ptr_t, size_t, int, int, int, off_t); -#ifndef __ASSUME_MMAP2_SYSCALL +extern void *__unbounded __syscall_mmap2 (void *__unbounded, size_t, + int, int, int, off_t); +# ifndef __ASSUME_MMAP2_SYSCALL static int have_no_mmap2; -#endif +# endif #endif __ptr_t @@ -39,28 +40,32 @@ __mmap64 (__ptr_t addr, size_t len, int prot, int flags, int fd, off64_t offset) { #ifdef __NR_mmap2 if ( -#ifndef __ASSUME_MMAP2_SYSCALL +# ifndef __ASSUME_MMAP2_SYSCALL ! have_no_mmap2 && -#endif +# endif ! (offset & 4095)) { -#ifndef __ASSUME_MMAP2_SYSCALL +# ifndef __ASSUME_MMAP2_SYSCALL int saved_errno = errno; -#endif +# endif /* This will be always 12, no matter what page size is. */ - __ptr_t result = - (__ptr_t) INLINE_SYSCALL (mmap2, 6, addr, len, prot, flags, - fd, (off_t) (offset >> 12)); - -#ifndef __ASSUME_MMAP2_SYSCALL + __ptr_t result; + __ptrvalue (result) = + (void *__unbounded) INLINE_SYSCALL (mmap2, 6, addr, len, prot, flags, + fd, (off_t) (offset >> 12)); +# if __BOUNDED_POINTERS__ + __ptrlow (result) = __ptrvalue (result); + __ptrhigh (result) = __ptrvalue (result) + len; +# endif +# ifndef __ASSUME_MMAP2_SYSCALL if (result != (__ptr_t) -1 || errno != ENOSYS) -#endif +# endif return result; -#ifndef __ASSUME_MMAP2_SYSCALL +# ifndef __ASSUME_MMAP2_SYSCALL __set_errno (saved_errno); have_no_mmap2 = 1; -#endif +# endif } #endif if (offset != (off_t) offset || (offset + len) != (off_t) (offset + len)) diff --git a/sysdeps/unix/sysv/linux/sparc/sparc64/sigaction.c b/sysdeps/unix/sysv/linux/sparc/sparc64/sigaction.c index 3fba97f..86b6e55 100644 --- a/sysdeps/unix/sysv/linux/sparc/sparc64/sigaction.c +++ b/sysdeps/unix/sysv/linux/sparc/sparc64/sigaction.c @@ -24,6 +24,7 @@ #include <sysdep.h> #include <sys/signal.h> #include <errno.h> + #include <kernel_sigaction.h> /* SPARC 64bit userland requires a kernel that has rt signals anyway. */ @@ -48,8 +49,9 @@ __libc_sigaction (int sig, __const struct sigaction *act, /* XXX The size argument hopefully will have to be changed to the real size of the user-level sigset_t. */ - ret = INLINE_SYSCALL (rt_sigaction, 5, sig, act ? &kact : 0, - oact ? &koact : 0, stub, _NSIG / 8); + ret = INLINE_SYSCALL (rt_sigaction, 5, sig, + act ? __ptrvalue (&kact) : 0, + oact ? __ptrvalue (&koact) : 0, stub, _NSIG / 8); if (oact && ret >= 0) { diff --git a/sysdeps/unix/sysv/linux/sparc/sparc64/sigpending.c b/sysdeps/unix/sysv/linux/sparc/sparc64/sigpending.c index 45ed655..38fab1c 100644 --- a/sysdeps/unix/sysv/linux/sparc/sparc64/sigpending.c +++ b/sysdeps/unix/sysv/linux/sparc/sparc64/sigpending.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1997, 1998, 1999 Free Software Foundation, Inc. +/* Copyright (C) 1997, 1998, 1999, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -22,8 +22,9 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> -extern int __syscall_rt_sigpending (sigset_t *, size_t); +extern int __syscall_rt_sigpending (sigset_t *__unbounded, size_t); /* Change the set of blocked signals to SET, @@ -34,5 +35,5 @@ sigpending (set) { /* XXX The size argument hopefully will have to be changed to the real size of the user-level sigset_t. */ - return INLINE_SYSCALL (rt_sigpending, 2, set, _NSIG / 8); + return INLINE_SYSCALL (rt_sigpending, 2, CHECK_SIGSET (set), _NSIG / 8); } diff --git a/sysdeps/unix/sysv/linux/sparc/sparc64/sigprocmask.c b/sysdeps/unix/sysv/linux/sparc/sparc64/sigprocmask.c index dc3634b..cb0b275 100644 --- a/sysdeps/unix/sysv/linux/sparc/sparc64/sigprocmask.c +++ b/sysdeps/unix/sysv/linux/sparc/sparc64/sigprocmask.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1997, 1998, 1999 Free Software Foundation, Inc. +/* Copyright (C) 1997, 1998, 1999, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -22,9 +22,10 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> -extern int __syscall_rt_sigprocmask (int, const sigset_t *, sigset_t *, - size_t); +extern int __syscall_rt_sigprocmask (int, const sigset_t *__unbounded, + sigset_t *__unbounded, size_t); /* Get and/or change the set of blocked signals. */ int @@ -35,6 +36,7 @@ __sigprocmask (how, set, oset) { /* XXX The size argument hopefully will have to be changed to the real size of the user-level sigset_t. */ - return INLINE_SYSCALL (rt_sigprocmask, 4, how, set, oset, _NSIG / 8); + return INLINE_SYSCALL (rt_sigprocmask, 4, how, CHECK_SIGSET (set), + CHECK_SIGSETopt (oset), _NSIG / 8); } weak_alias (__sigprocmask, sigprocmask) diff --git a/sysdeps/unix/sysv/linux/sparc/sparc64/sigsuspend.c b/sysdeps/unix/sysv/linux/sparc/sparc64/sigsuspend.c index 9294662..184a6ed 100644 --- a/sysdeps/unix/sysv/linux/sparc/sparc64/sigsuspend.c +++ b/sysdeps/unix/sysv/linux/sparc/sparc64/sigsuspend.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1996, 1997, 1998, 1999 Free Software Foundation, Inc. +/* Copyright (C) 1996, 1997, 1998, 1999, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -22,8 +22,9 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> -extern int __syscall_rt_sigsuspend (const sigset_t *, size_t); +extern int __syscall_rt_sigsuspend (const sigset_t *__unbounded, size_t); /* Change the set of blocked signals to SET, wait until a signal arrives, and restore the set of blocked signals. */ @@ -33,6 +34,6 @@ __sigsuspend (set) { /* XXX The size argument hopefully will have to be changed to the real size of the user-level sigset_t. */ - return INLINE_SYSCALL (rt_sigsuspend, 2, set, _NSIG / 8); + return INLINE_SYSCALL (rt_sigsuspend, 2, CHECK_SIGSET (set), _NSIG / 8); } weak_alias (__sigsuspend, sigsuspend) diff --git a/sysdeps/unix/sysv/linux/sysctl.c b/sysdeps/unix/sysv/linux/sysctl.c index b131820..d2f5170 100644 --- a/sysdeps/unix/sysv/linux/sysctl.c +++ b/sysdeps/unix/sysv/linux/sysctl.c @@ -1,5 +1,5 @@ /* Read or write system information. Linux version. - Copyright (C) 1996, 1997, 1998, 1999 Free Software Foundation, Inc. + Copyright (C) 1996, 1997, 1998, 1999, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -22,13 +22,15 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> -extern int __syscall__sysctl (struct __sysctl_args *args); +extern int __syscall__sysctl (struct __sysctl_args *__unbounded args); int __sysctl (int *name, int nlen, void *oldval, size_t *oldlenp, void *newval, size_t newlen) { + /* GKM FIXME: force __sysctl_args decl to have unbounded pointers. */ struct __sysctl_args args = { name: name, @@ -38,7 +40,10 @@ __sysctl (int *name, int nlen, void *oldval, size_t *oldlenp, newval: newval, newlen: newlen }; + CHECK_N (name, nlen); + CHECK_N (oldval, *oldlenp); + CHECK_N (newval, newlen); - return INLINE_SYSCALL (_sysctl, 1, &args); + return INLINE_SYSCALL (_sysctl, 1, __ptrvalue (&args)); } weak_alias (__sysctl, sysctl) diff --git a/sysdeps/unix/sysv/linux/truncate64.c b/sysdeps/unix/sysv/linux/truncate64.c index f0f49e1..6108438 100644 --- a/sysdeps/unix/sysv/linux/truncate64.c +++ b/sysdeps/unix/sysv/linux/truncate64.c @@ -23,6 +23,7 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #include "kernel-features.h" @@ -33,8 +34,8 @@ int __have_no_truncate64; #endif /* The order of hight, low depends on endianness. */ -extern int __syscall_truncate64 (const char *path, int high_length, int low_length); - +extern int __syscall_truncate64 (const char *__unbounded path, + int high_length, int low_length); /* Truncate the file FD refers to to LENGTH bytes. */ int @@ -49,9 +50,8 @@ truncate64 (const char *path, off64_t length) #ifndef __ASSUME_TRUNCATE64_SYSCALL int saved_errno = errno; #endif - int result = INLINE_SYSCALL (truncate64, 3, path, + int result = INLINE_SYSCALL (truncate64, 3, CHECK_STRING (path), __LONG_LONG_PAIR (high, low)); - #ifndef __ASSUME_TRUNCATE64_SYSCALL if (result != -1 || errno != ENOSYS) #endif diff --git a/sysdeps/unix/sysv/linux/ustat.c b/sysdeps/unix/sysv/linux/ustat.c index fdf2032..da54de2 100644 --- a/sysdeps/unix/sysv/linux/ustat.c +++ b/sysdeps/unix/sysv/linux/ustat.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1997, 1998 Free Software Foundation, Inc. +/* Copyright (C) 1997, 1998, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Ulrich Drepper <drepper@cygnus.com>, 1997. @@ -23,8 +23,9 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> -extern int __syscall_ustat (unsigned short int dev, struct ustat *ubuf); +extern int __syscall_ustat (unsigned short int, struct ustat *__unbounded); int ustat (dev_t dev, struct ustat *ubuf) @@ -34,5 +35,5 @@ ustat (dev_t dev, struct ustat *ubuf) /* We must convert the value to dev_t type used by the kernel. */ k_dev = ((major (dev) & 0xff) << 8) | (minor (dev) & 0xff); - return INLINE_SYSCALL (ustat, 2, k_dev, ubuf); + return INLINE_SYSCALL (ustat, 2, k_dev, CHECK_1 (ubuf)); } diff --git a/sysdeps/unix/sysv/linux/writev.c b/sysdeps/unix/sysv/linux/writev.c index 0d17d77..91576e5 100644 --- a/sysdeps/unix/sysv/linux/writev.c +++ b/sysdeps/unix/sysv/linux/writev.c @@ -24,8 +24,9 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> -extern ssize_t __syscall_writev (int, const struct iovec *, int); +extern ssize_t __syscall_writev (int, const struct iovec *__unbounded, int); static ssize_t __atomic_writev_replacement (int, const struct iovec *, int) internal_function; @@ -47,7 +48,7 @@ __writev (fd, vector, count) int errno_saved = errno; ssize_t bytes_written; - bytes_written = INLINE_SYSCALL (writev, 3, fd, vector, count); + bytes_written = INLINE_SYSCALL (writev, 3, fd, CHECK_N (vector, count), count); if (bytes_written >= 0 || errno != EINVAL || count <= UIO_FASTIOV) return bytes_written; diff --git a/sysdeps/unix/sysv/linux/xmknod.c b/sysdeps/unix/sysv/linux/xmknod.c index d58da28..c31a15f 100644 --- a/sysdeps/unix/sysv/linux/xmknod.c +++ b/sysdeps/unix/sysv/linux/xmknod.c @@ -1,5 +1,5 @@ /* xmknod call using old-style Unix mknod system call. - Copyright (C) 1991, 93, 95, 96, 97, 98 Free Software Foundation, Inc. + Copyright (C) 1991, 93, 95, 96, 97, 98, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -24,8 +24,9 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> -extern int __syscall_mknod (const char *, unsigned short int, +extern int __syscall_mknod (const char *__unbounded, unsigned short int, unsigned short int); /* Create a device file named PATH, with permission and special bits MODE @@ -45,7 +46,7 @@ __xmknod (int vers, const char *path, mode_t mode, dev_t *dev) /* We must convert the value to dev_t type used by the kernel. */ k_dev = ((major (*dev) & 0xff) << 8) | (minor (*dev) & 0xff); - return INLINE_SYSCALL (mknod, 3, path, mode, k_dev); + return INLINE_SYSCALL (mknod, 3, CHECK_STRING (path), mode, k_dev); } weak_alias (__xmknod, _xmknod) diff --git a/sysdeps/unix/sysv/linux/xstat.c b/sysdeps/unix/sysv/linux/xstat.c index 79759fe..11760b7 100644 --- a/sysdeps/unix/sysv/linux/xstat.c +++ b/sysdeps/unix/sysv/linux/xstat.c @@ -1,5 +1,5 @@ /* xstat using old-style Unix stat system call. - Copyright (C) 1991, 1995, 1996, 1997, 1998 Free Software Foundation, Inc. + Copyright (C) 1991, 1995, 1996, 1997, 1998, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -28,10 +28,11 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> #include <xstatconv.c> -extern int __syscall_stat (const char *, struct kernel_stat *); +extern int __syscall_stat (const char *__unbounded, struct kernel_stat *__unbounded); /* Get information about the file NAME in BUF. */ int @@ -41,11 +42,11 @@ __xstat (int vers, const char *name, struct stat *buf) int result; if (vers == _STAT_VER_KERNEL) - { - return INLINE_SYSCALL (stat, 2, name, (struct kernel_stat *) buf); - } + return INLINE_SYSCALL (stat, 2, CHECK_STRING (name), + CHECK_1 ((struct kernel_stat *) buf)); - result = INLINE_SYSCALL (stat, 2, name, &kbuf); + result = INLINE_SYSCALL (stat, 2, CHECK_STRING (name), + __ptrvalue (&kbuf)); if (result == 0) result = xstat_conv (vers, &kbuf, buf); diff --git a/sysdeps/unix/sysv/linux/xstat64.c b/sysdeps/unix/sysv/linux/xstat64.c index 1a5dab4..55d4bea 100644 --- a/sysdeps/unix/sysv/linux/xstat64.c +++ b/sysdeps/unix/sysv/linux/xstat64.c @@ -1,5 +1,5 @@ /* xstat64 using old-style Unix stat system call. - Copyright (C) 1991, 95, 96, 97, 98, 99 Free Software Foundation, Inc. + Copyright (C) 1991, 95, 96, 97, 98, 99, 00 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -24,16 +24,18 @@ #include <sysdep.h> #include <sys/syscall.h> +#include <bp-checks.h> + #include "kernel-features.h" #if __ASSUME_STAT64_SYSCALL == 0 # include <xstatconv.c> #endif -extern int __syscall_stat (const char *, struct kernel_stat *); +extern int __syscall_stat (const char *__unbounded, struct kernel_stat *__unbounded); #ifdef __NR_stat64 -extern int __syscall_stat64 (const char *, struct stat64 *); +extern int __syscall_stat64 (const char *__unbounded, struct stat64 *__unbounded); # if __ASSUME_STAT64_SYSCALL == 0 /* The variable is shared between all wrappers around *stat64 calls. This is the definition. */ @@ -47,7 +49,7 @@ int __xstat64 (int vers, const char *name, struct stat64 *buf) { #if __ASSUME_STAT64_SYSCALL > 0 - return INLINE_SYSCALL (stat64, 2, name, buf); + return INLINE_SYSCALL (stat64, 2, CHECK_STRING (name), CHECK_1 (buf)); #else struct kernel_stat kbuf; int result; @@ -55,7 +57,7 @@ __xstat64 (int vers, const char *name, struct stat64 *buf) if (! __have_no_stat64) { int saved_errno = errno; - result = INLINE_SYSCALL (stat64, 2, name, buf); + result = INLINE_SYSCALL (stat64, 2, CHECK_STRING (name), CHECK_1 (buf)); if (result != -1 || errno != ENOSYS) return result; @@ -65,7 +67,7 @@ __xstat64 (int vers, const char *name, struct stat64 *buf) } # endif - result = INLINE_SYSCALL (stat, 2, name, &kbuf); + result = INLINE_SYSCALL (stat, 2, CHECK_STRING (name), __ptrvalue (&kbuf)); if (result == 0) result = xstat64_conv (vers, &kbuf, buf); diff --git a/sysdeps/unix/xstat.c b/sysdeps/unix/xstat.c index f025015..b444457 100644 --- a/sysdeps/unix/xstat.c +++ b/sysdeps/unix/xstat.c @@ -1,5 +1,5 @@ /* xstat using old-style Unix stat system call. - Copyright (C) 1991, 1995, 1996, 1997 Free Software Foundation, Inc. + Copyright (C) 1991, 1995, 1996, 1997, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -20,8 +20,9 @@ #include <errno.h> #include <stddef.h> #include <sys/stat.h> +#include <bp-checks.h> -extern int __syscall_stat (const char *, struct stat *); +extern int __syscall_stat (const char *__unbounded, struct stat *__unbounded); int __xstat (int vers, const char *file, struct stat *buf) @@ -32,6 +33,6 @@ __xstat (int vers, const char *file, struct stat *buf) return -1; } - return __syscall_stat (file, buf); + return __syscall_stat (CHECK_STRING (file), CHECK_1 (buf)); } weak_alias (__xstat, _xstat) |