From afa00abb2b68205bee539d7947130d6b1b1ec6e9 Mon Sep 17 00:00:00 2001
From: Marvin Borner
Date: Thu, 1 Apr 2021 19:39:14 +0200
Subject: Hardened entire system
By using the nonnull attribute and replace buffer-overflow-prone
functions like strcpy, strcat and sprintf by strlcpy, strlcat and
snprintf.
---
libs/libc/str.c | 77 +++++++++++++++++++++++++++++++++------------------------
1 file changed, 45 insertions(+), 32 deletions(-)
(limited to 'libs/libc/str.c')
diff --git a/libs/libc/str.c b/libs/libc/str.c
index ba16920..3bc3aaf 100644
--- a/libs/libc/str.c
+++ b/libs/libc/str.c
@@ -5,35 +5,32 @@
#include <mem.h>
#include <str.h>
-u32 strlen(const char *s)
+u32 strlen(const char *str)
{
- const char *ss = s;
- while (*ss)
- ss++;
- return ss - s;
-}
-
-char *strcpy(char *dst, const char *src)
-{
- char *q = dst;
- const char *p = src;
- char ch;
-
- do {
- *q++ = ch = *p++;
- } while (ch);
-
- return dst;
+ const char *s = str;
+ while (*s)
+ s++;
+ return s - str;
}
-char *strncpy(char *dst, const char *src, u32 n)
+u32 strlcpy(char *dst, const char *src, u32 size)
{
- char *q = dst;
-
- while (n-- && (*dst++ = *src++))
- ;
+ const char *orig = src;
+ u32 left = size;
+
+ if (left)
+ while (--left)
+ if (!(*dst++ = *src++))
+ break;
+
+ if (!left) {
+ if (!size)
+ *dst = 0;
+ while (*src++)
+ ;
+ }
- return q;
+ return src - orig - 1;
}
int strcmp(const char *s1, const char *s2)
@@ -91,16 +88,32 @@ char *strrchr(char *s, int c)
return ret;
}
-char *strcat(char *dst, const char *src)
+u32 strlcat(char *dst, const char *src, u32 size)
{
- strcpy(strchr(dst, '\0'), src);
- return dst;
-}
+ const char *orig_dst = dst;
+ const char *orig_src = src;
-char *strncat(char *dst, const char *src, u32 n)
-{
- strncpy(strchr(dst, '\0'), src, n);
- return dst;
+ u32 n = size;
+ while (n-- && *dst)
+ dst++;
+
+ u32 len = dst - orig_dst;
+ n = size - len;
+
+ if (!n--)
+ return len + strlen(src);
+
+ while (*src) {
+ if (n) {
+ *dst++ = *src;
+ n--;
+ }
+ src++;
+ }
+
+ src = 0;
+
+ return len + (src - orig_src);
}
char *strinv(char *s)
--
cgit v1.2.3