src/lib/libc/secure, branch main FreeBSD source tree https://cgit-dev.freebsd.org/src/atom?h=main 2024-09-30T03:34:18Z libmd, kern, stand: consolidate md5 implementations (NFC) 2024-09-30T03:34:18Z Kyle Evans kevans@FreeBSD.org 2022-03-08T15:39:52Z urn:sha1:e7a629c851d747772cc138efcb0418809ecdea55 Reduce the number of md5c.c between the three of these from two to one by just reaching into the kernel build for both userland builds. The precedent for this already exists for sha2 in both cases. _libmd_ symbol privatization bits have been moved to sys/md5.h and md5.h remains to #include <sys/md5.h> for compatibility. This stops exporting MD5Pad() in the process because the kernel stopped exporting it in 502a35d60f4c. soversion is bumped accordingly. This also renames the libc version of stack_protector.c; it previously only worked by coincidence because .PATH ordering worked out such that we got the right one, but this is not the case anymore. Remove the landmine. PR: 280784 (exp-run) Reviewed by: allanjude, delphij Differential Revision: https://reviews.freebsd.org/D34497 include: ssp: don't shadow the mempcpy builtin 2024-07-16T05:12:28Z Kyle Evans kevans@FreeBSD.org 2024-07-16T05:12:28Z urn:sha1:0c47b9c211ede221629914ae0c5553586e772109 GCC emits a warning about shadowing a builtin with our mempcpy declaration, so switch it to using the same model as memcpy() and use the apparently-existing __builtin___mempcpy_chk(). Reviewed by: kib (earlier version), markj Sponsored by: Klara, Inc. Sponsored by: Stormshield Differential Revision: https://reviews.freebsd.org/D45976 include: ssp: round out fortification of current set of headers 2024-07-13T05:16:24Z Kyle Evans kevans@FreeBSD.org 2024-07-13T05:16:10Z urn:sha1:cf8e5289a110954600f135024d1515a77d0ae34d ssp/ssp.h needed some improvements: - `len` isn't always a size_t, it may need casted - In some cases we may want to use a len that isn't specified as a parameter (e.g., L_ctermid), so __ssp_redirect() should be more flexible. - In other cases we may want additional checking, so pull all of the declaration bits out of __ssp_redirect_raw() so that some functions can implement the body themselves. strlcat/strlcpy should be the last of the fortified functions that get their own __*_chk symbols, and these cases are only done to be consistent with the rest of the str*() set. Reviewed by: markj Sponsored by: Klara, Inc. Sponsored by: Stormshield Differential Revision: https://reviews.freebsd.org/D45679 include: de-macro __ssp_overlap(), improve semantics and checking 2024-07-13T05:16:23Z Kyle Evans kevans@FreeBSD.org 2024-07-13T05:16:10Z urn:sha1:c10d567ea022de8705fb23f8563c4726f2d09ca0 Switch away from pointer arithmetic to provide more obvious semantics for checking overlap on pointer ranges. This lets us remove some casts that need not exist and removes some possible fragility in its use. While we're here, check for overflow just in case; sometimes we use a caller-supplied size if __builtin_object_size(3) can't deduce the buffer size, and we should fail the check if the size is nonsensical for the provided buffers. Reviewed by: markj Sponsored by: Klara, Inc. Sponsored by: Stormshield libc: move __ssp_overlap back out into <ssp/ssp.h> 2024-07-13T05:16:23Z Kyle Evans kevans@FreeBSD.org 2024-07-13T05:16:09Z urn:sha1:4719366192d306a76e8e86bf926387f1c4122fd3 We'll be using it in some upcoming definitions in headers, so move it back now but slap a warning on it. Our upcoming uses will all be inside of inline functions, so we're not overly concerned about double evaluation immediately. Reviewed by: markj Sponsored by: Klara, Inc. Sponsored by: Stormshield Differential Revision: https://reviews.freebsd.org/D45677 Fix the GCC build after _FORTIFY_SOURCE import 2024-05-13T16:21:38Z Kyle Evans kevans@FreeBSD.org 2024-05-13T16:13:51Z urn:sha1:8b0682644e2da9c595d9249c9a0c8eb499421b5e We haven't exposed gets(3) in a long time, rip out __gets_chk before it's too late and something builds a gets(3) user with it enabled. Import _FORTIFY_SOURCE implementation from NetBSD 2024-05-13T05:23:49Z Kyle Evans kevans@FreeBSD.org 2024-05-13T05:23:49Z urn:sha1:be04fec42638f30f50b5b55fd8e3634c0fb89928 This is a mostly-unmodified copy of the various *_chk implementations and headers from NetBSD, without yet modifying system headers to start actually including them. A future commit will also apply the needed bits to fix ssp/unistd.h. Reviewed by: imp, pauamma_gundo.com (both previous versions), kib Sponsored by: Stormshield Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D32306 libc: Remove empty comments in Symbol.map 2023-11-15T17:51:03Z Brooks Davis brooks@FreeBSD.org 2023-11-15T17:51:03Z urn:sha1:1ca63a8219b88b752b064d19bd3428c61dbcf1f9 These were left over from $FreeBSD$ removal. Reviewed by: emaste Differential Revision: https://reviews.freebsd.org/D42612 libc: Purge unneeded cdefs.h 2023-11-01T22:44:30Z Warner Losh imp@FreeBSD.org 2023-11-01T22:43:37Z urn:sha1:559a218c9b257775fb249b67945fe4a05b7a6b9f These sys/cdefs.h are not needed. Purge them. They are mostly left-over from the $FreeBSD$ removal. A few in libc are still required for macros that cdefs.h defines. Keep those. Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D42385 Remove $FreeBSD$: one-line sh pattern 2023-08-16T17:55:03Z Warner Losh imp@FreeBSD.org 2023-08-16T17:55:03Z urn:sha1:d0b2dbfa0ecf2bbc9709efc5e20baf8e4b44bbbf Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/