From 3e85fcb0270c9224ab95dac02c737e6676974c8e Mon Sep 17 00:00:00 2001 From: axtloss Date: Thu, 11 Jul 2024 02:56:56 +0200 Subject: Implement memset_s and improve free_secure --- COPYING | 165 +++++++++++++++++++++++++++++++++++++++++++++++ Makefile | 10 ++- src/constraint_handler.c | 66 +++++++++++++++++++ src/extlib.c | 7 +- src/extlib.h | 20 ++++++ src/memset_s.c | 48 ++++++++++++++ tests/Makefile | 2 +- 7 files changed, 312 insertions(+), 6 deletions(-) create mode 100644 COPYING create mode 100644 src/constraint_handler.c create mode 100644 src/memset_s.c diff --git a/COPYING b/COPYING new file mode 100644 index 0000000..0a04128 --- /dev/null +++ b/COPYING @@ -0,0 +1,165 @@ + GNU LESSER GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + + This version of the GNU Lesser General Public License incorporates +the terms and conditions of version 3 of the GNU General Public +License, supplemented by the additional permissions listed below. + + 0. Additional Definitions. + + As used herein, "this License" refers to version 3 of the GNU Lesser +General Public License, and the "GNU GPL" refers to version 3 of the GNU +General Public License. + + "The Library" refers to a covered work governed by this License, +other than an Application or a Combined Work as defined below. + + An "Application" is any work that makes use of an interface provided +by the Library, but which is not otherwise based on the Library. +Defining a subclass of a class defined by the Library is deemed a mode +of using an interface provided by the Library. + + A "Combined Work" is a work produced by combining or linking an +Application with the Library. The particular version of the Library +with which the Combined Work was made is also called the "Linked +Version". + + The "Minimal Corresponding Source" for a Combined Work means the +Corresponding Source for the Combined Work, excluding any source code +for portions of the Combined Work that, considered in isolation, are +based on the Application, and not on the Linked Version. + + The "Corresponding Application Code" for a Combined Work means the +object code and/or source code for the Application, including any data +and utility programs needed for reproducing the Combined Work from the +Application, but excluding the System Libraries of the Combined Work. + + 1. Exception to Section 3 of the GNU GPL. + + You may convey a covered work under sections 3 and 4 of this License +without being bound by section 3 of the GNU GPL. + + 2. Conveying Modified Versions. + + If you modify a copy of the Library, and, in your modifications, a +facility refers to a function or data to be supplied by an Application +that uses the facility (other than as an argument passed when the +facility is invoked), then you may convey a copy of the modified +version: + + a) under this License, provided that you make a good faith effort to + ensure that, in the event an Application does not supply the + function or data, the facility still operates, and performs + whatever part of its purpose remains meaningful, or + + b) under the GNU GPL, with none of the additional permissions of + this License applicable to that copy. + + 3. Object Code Incorporating Material from Library Header Files. + + The object code form of an Application may incorporate material from +a header file that is part of the Library. You may convey such object +code under terms of your choice, provided that, if the incorporated +material is not limited to numerical parameters, data structure +layouts and accessors, or small macros, inline functions and templates +(ten or fewer lines in length), you do both of the following: + + a) Give prominent notice with each copy of the object code that the + Library is used in it and that the Library and its use are + covered by this License. + + b) Accompany the object code with a copy of the GNU GPL and this license + document. + + 4. Combined Works. + + You may convey a Combined Work under terms of your choice that, +taken together, effectively do not restrict modification of the +portions of the Library contained in the Combined Work and reverse +engineering for debugging such modifications, if you also do each of +the following: + + a) Give prominent notice with each copy of the Combined Work that + the Library is used in it and that the Library and its use are + covered by this License. + + b) Accompany the Combined Work with a copy of the GNU GPL and this license + document. + + c) For a Combined Work that displays copyright notices during + execution, include the copyright notice for the Library among + these notices, as well as a reference directing the user to the + copies of the GNU GPL and this license document. + + d) Do one of the following: + + 0) Convey the Minimal Corresponding Source under the terms of this + License, and the Corresponding Application Code in a form + suitable for, and under terms that permit, the user to + recombine or relink the Application with a modified version of + the Linked Version to produce a modified Combined Work, in the + manner specified by section 6 of the GNU GPL for conveying + Corresponding Source. + + 1) Use a suitable shared library mechanism for linking with the + Library. A suitable mechanism is one that (a) uses at run time + a copy of the Library already present on the user's computer + system, and (b) will operate properly with a modified version + of the Library that is interface-compatible with the Linked + Version. + + e) Provide Installation Information, but only if you would otherwise + be required to provide such information under section 6 of the + GNU GPL, and only to the extent that such information is + necessary to install and execute a modified version of the + Combined Work produced by recombining or relinking the + Application with a modified version of the Linked Version. (If + you use option 4d0, the Installation Information must accompany + the Minimal Corresponding Source and Corresponding Application + Code. If you use option 4d1, you must provide the Installation + Information in the manner specified by section 6 of the GNU GPL + for conveying Corresponding Source.) + + 5. Combined Libraries. + + You may place library facilities that are a work based on the +Library side by side in a single library together with other library +facilities that are not Applications and are not covered by this +License, and convey such a combined library under terms of your +choice, if you do both of the following: + + a) Accompany the combined library with a copy of the same work based + on the Library, uncombined with any other library facilities, + conveyed under the terms of this License. + + b) Give prominent notice with the combined library that part of it + is a work based on the Library, and explaining where to find the + accompanying uncombined form of the same work. + + 6. Revised Versions of the GNU Lesser General Public License. + + The Free Software Foundation may publish revised and/or new versions +of the GNU Lesser General Public License from time to time. Such new +versions will be similar in spirit to the present version, but may +differ in detail to address new problems or concerns. + + Each version is given a distinguishing version number. If the +Library as you received it specifies that a certain numbered version +of the GNU Lesser General Public License "or any later version" +applies to it, you have the option of following the terms and +conditions either of that published version or of any later version +published by the Free Software Foundation. If the Library as you +received it does not specify a version number of the GNU Lesser +General Public License, you may choose any version of the GNU Lesser +General Public License ever published by the Free Software Foundation. + + If the Library as you received it specifies that a proxy can decide +whether future versions of the GNU Lesser General Public License shall +apply, that proxy's public statement of acceptance of any version is +permanent authorization for you to choose that version for the +Library. diff --git a/Makefile b/Makefile index 5a2eaaf..4934e3c 100644 --- a/Makefile +++ b/Makefile @@ -8,8 +8,8 @@ TESTCFLAGS!=pkg-config --cflags extlib TESTCFLAGS+=-g -fsanitize=undefined,address TESTLDFLAGS!=pkg-config --libs extlib -extlib: extlib.o extstring.o - $(CC) src/extlib.o src/extstring.o $(CFLAGS) -shared -fPIC -o libextlib.so +extlib: extlib.o extstring.o constraint_handler.o memset_s.o + $(CC) src/extlib.o src/extstring.o src/constraint_handler.o src/memset_s.o $(CFLAGS) -shared -fPIC -o libextlib.so extlib.pc: extlib.pc.in sed 's|@prefix@|$(PREFIX)|g' extlib.pc.in > extlib.pc @@ -23,6 +23,12 @@ extlib.o: extstring.o: $(CC) src/extstring.c $(CFLAGS) -c -fPIC -o src/extstring.o +constraint_handler.o: + $(CC) src/constraint_handler.c $(CFLAGS) -c -fPIC -o src/constraint_handler.o + +memset_s.o: + $(CC) src/memset_s.c $(CFLAGS) -c -fPIC -o src/memset_s.o + clean: rm -r src/extlib.o src/exststring.o libextlib.so extlib.pc test diff --git a/src/constraint_handler.c b/src/constraint_handler.c new file mode 100644 index 0000000..ca4e9d2 --- /dev/null +++ b/src/constraint_handler.c @@ -0,0 +1,66 @@ +/* constraint_handler.c + * + * Copyright 2024 axtlos + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program. If not, see . + * + * SPDX-License-Identifier: LGPL-3.0-only + */ + + +#define __STDC_WANT_LIB_EXT1__ 1 +#include "extlib.h" + +static constraint_handler_t *_cnstrnt_handler = NULL; + +constraint_handler_t +set_constraint_handler_s (constraint_handler_t handler) +{ + constraint_handler_t *new, *old, ret; + + new = malloc (sizeof (constraint_handler_t)); + if (!new) return NULL; + *new = handler; + old = _cnstrnt_handler; + _cnstrnt_handler = new; + if (!old) + ret = NULL; + else { + ret = *old; + free (old); + } + return ret; +} + +void +throw_constraint_handler_s (const char * restrict msg, errno_t error) +{ + constraint_handler_t ch; + ch = _cnstrnt_handler != NULL ? *_cnstrnt_handler : NULL; + if (ch != NULL) + ch (msg, NULL, error); +} + +void +abort_handler_s (const char *restrict msg, void * restrict ptr, errno_t error) +{ + static const char abrt_msg[] = "abort_handler: "; + + fprintf (stderr, "%s", abrt_msg); + fprintf (stderr, "%s\n", msg); + abort (); +} + +void +ignore_handler_s (const char * restrict msg, void * restrict ptr, errno_t error) +{} diff --git a/src/extlib.c b/src/extlib.c index 4fa7213..107e8b4 100644 --- a/src/extlib.c +++ b/src/extlib.c @@ -20,13 +20,14 @@ #define _XOPEN_SOURCE 500 #define USE_SECURE_MEM +#define __STDC_WANT_LIB_EXT1__ 1 #include #include "extlib.h" #include #include #include - +#include #undef free #undef malloc @@ -34,7 +35,7 @@ void free_secure(void **__ptr, size_t ptrlen) { - memset (*__ptr, 0, ptrlen); + memset_s (*__ptr, ptrlen+1, 0, ptrlen); free (*__ptr); *__ptr = NULL; return; @@ -43,7 +44,7 @@ free_secure(void **__ptr, size_t ptrlen) void * malloc_secure (size_t len) { - void *mem = calloc (0, len); + void *mem = calloc (1, len); return mem; } diff --git a/src/extlib.h b/src/extlib.h index 87948f5..fc7a3d2 100644 --- a/src/extlib.h +++ b/src/extlib.h @@ -20,6 +20,7 @@ #include #include #include +#include #ifdef USE_SECURE_MEM #define free(x) error - use free_secure @@ -32,6 +33,25 @@ void free_secure (void **__ptr, size_t ptrlen); void *malloc_secure (size_t len); #endif +#if (__STDC_WANT_LIB_EXT1__ == 1) +#define RSIZE_MAX SIZE_MAX +typedef int errno_t; +typedef size_t rsize_t; + +typedef void (*constraint_handler_t) (const char *__restrict, void *__restrict, errno_t); +/// Copy the value of c (converted to an unsigned char) into each of the first n +/// characters of the object pointed to by s. +/// Conforms to ISO/IEC 9899:2011 K.3.7.4.1 +errno_t memset_s (void *s, rsize_t max, int c, rsize_t n); + +constraint_handler_t set_constraint_handler_s (constraint_handler_t handler); +void throw_constraint_handler_s (const char *restrict msg, errno_t error); +_Noreturn void abort_handler_s (const char * __restrict, void * __restrict, + errno_t); +void ignore_handler_s (const char *__restrict, void *__restrict, errno_t); +#endif + + /// Copy the data of one filestream to another */ void fcopy(FILE *f1, FILE *f2); diff --git a/src/memset_s.c b/src/memset_s.c new file mode 100644 index 0000000..deda5d7 --- /dev/null +++ b/src/memset_s.c @@ -0,0 +1,48 @@ +/* memset_s.c + * + * Copyright 2024 axtlos + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program. If not, see . + * + * SPDX-License-Identifier: LGPL-3.0-only + */ + + +#define __STDC_WANT_LIB_EXT1__ 1 +#include "extlib.h" +#include + + +errno_t +memset_s(void *s, rsize_t smax, int c, rsize_t n) +{ + volatile unsigned char *dest = (unsigned char *) s; + errno_t ret = EINVAL; + rsize_t limit = n < smax ? n : smax; + + if (!s) + throw_constraint_handler_s("memset_s: s = NULL", ret); + else if (n > RSIZE_MAX) + throw_constraint_handler_s("memset_s: n > RSIZE_MAX", ret); + else if (smax > RSIZE_MAX) + throw_constraint_handler_s("memset_s: smax > RSIZE_MAX", ret); + else if (n > smax) + throw_constraint_handler_s("memset_s: n > smax", ret); + else { + while (limit > 0) + dest[--limit] = (unsigned char)c; + ret = 0; + } + return ret; +} + diff --git a/tests/Makefile b/tests/Makefile index 660a20f..b4ed98e 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -4,7 +4,7 @@ CC = cc CFLAGS = -g -fsanitize=address,undefined test: FORCE - $(CC) test.c ../src/extlib.c ../src/extstring.c $(CFLAGS) -o test + $(CC) test.c ../src/extlib.c ../src/extstring.c ../src/constraint_handler.c ../src/memset_s.c $(CFLAGS) -o test ./test FORCE: ; # PHONY is a non standard extension -- cgit v1.2.3