r2244 - trunk/gcc

robert at linuxfromscratch.org robert at linuxfromscratch.org
Mon Nov 15 21:36:55 PST 2010


Author: robert
Date: 2010-11-15 22:36:51 -0700 (Mon, 15 Nov 2010)
New Revision: 2244

Added:
   trunk/gcc/gcc-4.5.1-fortify_source-1.patch
Log:
Added gcc-4.5.1-fortify_source-1.patch

Added: trunk/gcc/gcc-4.5.1-fortify_source-1.patch
===================================================================
--- trunk/gcc/gcc-4.5.1-fortify_source-1.patch	                        (rev 0)
+++ trunk/gcc/gcc-4.5.1-fortify_source-1.patch	2010-11-16 05:36:51 UTC (rev 2244)
@@ -0,0 +1,115 @@
+Submitted By: Robert Connolly (robert at linuxfromscratch dot org)
+Date: 2010-11-07
+Initial Package Version: 4.5.1
+Upstream Status: Not submitted - Hack
+Origin: ALT Linux - gcc43-alt-defaults-FORTIFY_SOURCE.patch and
+	gcc44-alt-escalate-always-overflow.patch
+Description: This patch adds "-D_FORTIFY_SOURCE=2" to GCC's default options.
+An extra function is also added to GCC to cause a compiler error when GCC
+detects, at compile time, that a buffer will always overflow.
+
+Disable "-D_FORTIFY_SOURCE=2" with "-U_FORTIFY_SOURCE" or "-D_FORTIFY_SOURCE=0"
+in CPPFLAGS.
+
+Disable the "always overflow error" by setting "GCC_TOLERATE_ALWAYS_OVERFLOW"
+in the shell environment.
+
+diff -Naur gcc-4.5.1.orig/gcc/builtins.c gcc-4.5.1/gcc/builtins.c
+--- gcc-4.5.1.orig/gcc/builtins.c	2010-06-14 16:00:39.000000000 +0000
++++ gcc-4.5.1/gcc/builtins.c	2010-11-08 01:35:53.941651175 +0000
+@@ -11648,6 +11648,31 @@
+   return object_size_type < 2 ? constm1_rtx : const0_rtx;
+ }
+ 
++static void
++report_always_overflow_diagnostic (tree exp)
++{
++  static int tolerate_always_overflow = 0;
++
++  if (tolerate_always_overflow == 0)
++    {
++      const char *p = getenv("GCC_TOLERATE_ALWAYS_OVERFLOW");
++
++      if (p && p[0] == '1')
++	tolerate_always_overflow = 1;
++      else
++	tolerate_always_overflow = -1;
++    }
++
++  if (tolerate_always_overflow > 0)
++    warning_at (tree_nonartificial_location (exp),
++		0, "%Kcall to %D will always overflow destination buffer",
++		exp, get_callee_fndecl (exp));
++  else
++    error_at (tree_nonartificial_location (exp),
++	      "%Kcall to %D will always overflow destination buffer",
++	      exp, get_callee_fndecl (exp));
++}
++
+ /* Expand EXP, a call to the __mem{cpy,pcpy,move,set}_chk builtin.
+    FCODE is the BUILT_IN_* to use.
+    Return NULL_RTX if we failed; the caller should emit a normal call,
+@@ -11681,9 +11706,7 @@
+ 
+       if (! integer_all_onesp (size) && tree_int_cst_lt (size, len))
+ 	{
+-	  warning_at (tree_nonartificial_location (exp),
+-		      0, "%Kcall to %D will always overflow destination buffer",
+-		      exp, get_callee_fndecl (exp));
++	  report_always_overflow_diagnostic (exp);
+ 	  return NULL_RTX;
+ 	}
+ 
+@@ -11834,8 +11857,7 @@
+   else if (! host_integerp (len, 1) || ! tree_int_cst_lt (size, len))
+     return;
+ 
+-  warning_at (loc, 0, "%Kcall to %D will always overflow destination buffer",
+-	      exp, get_callee_fndecl (exp));
++  report_always_overflow_diagnostic (exp);
+ }
+ 
+ /* Emit warning if a buffer overflow is detected at compile time
+@@ -11890,9 +11912,7 @@
+     return;
+ 
+   if (! tree_int_cst_lt (len, size))
+-    warning_at (tree_nonartificial_location (exp),
+-		0, "%Kcall to %D will always overflow destination buffer",
+-		exp, get_callee_fndecl (exp));
++    report_always_overflow_diagnostic (exp);
+ }
+ 
+ /* Emit warning if a free is called with address of a variable.  */
+diff -Naur gcc-4.5.1.orig/gcc/gcc.c gcc-4.5.1/gcc/gcc.c
+--- gcc-4.5.1.orig/gcc/gcc.c	2010-04-18 17:46:08.000000000 +0000
++++ gcc-4.5.1/gcc/gcc.c	2010-11-08 01:36:07.934649041 +0000
+@@ -873,6 +873,7 @@
+  %{!E:%{!M:%{!MM:%{!MT:%{!MQ:%{MD|MMD:%{o*:-MQ %*}}}}}}}\
+  %{remap} %{g3|ggdb3|gstabs3|gcoff3|gxcoff3|gvms3:-dD}\
+  %{H} %C %{D*&U*&A*} %{i*} %Z %i\
++ %{!D_FORTIFY_SOURCE:%{!D_FORTIFY_SOURCE=*:%{!U_FORTIFY_SOURCE:-D_FORTIFY_SOURCE=2}}}\
+  %{fmudflap:-D_MUDFLAP -include mf-runtime.h}\
+  %{fmudflapth:-D_MUDFLAP -D_MUDFLAPTH -include mf-runtime.h}\
+  %{E|M|MM:%W{o*}}";
+diff -Naur gcc-4.5.1.orig/libjava/java/lang/natClass.cc gcc-4.5.1/libjava/java/lang/natClass.cc
+--- gcc-4.5.1.orig/libjava/java/lang/natClass.cc	2010-01-26 18:59:16.000000000 +0000
++++ gcc-4.5.1/libjava/java/lang/natClass.cc	2010-11-08 01:35:53.962649720 +0000
+@@ -1165,7 +1165,7 @@
+ 	int cindex = read_u2 (bytes, last);
+ 	check_constant (pool, cindex, JV_CONSTANT_Double);
+ 	_Jv_word2 word;
+-	memcpy (&word, &pool->data[cindex], 2 * sizeof (_Jv_word));
++	memcpy (&word, &pool->data[cindex], sizeof (word));
+ 	result = Double::valueOf (word.d);
+       }
+       break;
+@@ -1181,7 +1181,7 @@
+ 	int cindex = read_u2 (bytes, last);
+ 	check_constant (pool, cindex, JV_CONSTANT_Long);
+ 	_Jv_word2 word;
+-	memcpy (&word, &pool->data[cindex], 2 * sizeof (_Jv_word));
++	memcpy (&word, &pool->data[cindex], sizeof (word));
+ 	result = Long::valueOf (word.l);
+       }
+       break;




More information about the patches mailing list