diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/Makefile | 2 | ||||
| -rw-r--r-- | include/assert.h | 47 | ||||
| -rw-r--r-- | include/paths.h | 1 | ||||
| -rw-r--r-- | include/rpcsvc/yp_prot.h | 5 | ||||
| -rw-r--r-- | include/ssp/stdio.h | 37 | ||||
| -rw-r--r-- | include/unistd.h | 1 |
6 files changed, 78 insertions, 15 deletions
diff --git a/include/Makefile b/include/Makefile index 777529e344f2..3d83556f5238 100644 --- a/include/Makefile +++ b/include/Makefile @@ -51,7 +51,7 @@ LDIRS= geom net net80211 netgraph netinet netinet6 \ LSUBDIRS= dev/acpica dev/agp dev/ciss dev/filemon dev/firewire \ dev/hwpmc dev/hyperv \ - dev/ic dev/iicbus dev/io dev/mfi dev/mmc \ + dev/ic dev/iicbus dev/io dev/mfi dev/mmc dev/ntsync \ dev/ofw dev/pbio dev/pci ${_dev_powermac_nvram} dev/ppbus dev/pwm \ dev/smbus dev/speaker dev/tcp_log dev/veriexec dev/vkbd dev/wg \ fs/devfs fs/fdescfs fs/msdosfs fs/nfs fs/nullfs \ diff --git a/include/assert.h b/include/assert.h index a3dbe933e18f..f1dcf2bb180c 100644 --- a/include/assert.h +++ b/include/assert.h @@ -52,17 +52,44 @@ #define __assert_unreachable() __unreachable() #endif /* __BSD_VISIBLE */ #else -#define _assert(e) assert(e) - -#define assert(e) ((e) ? (void)0 : __assert(__func__, __FILE__, \ - __LINE__, #e)) +#ifdef __cplusplus +#if __cplusplus < 202002L +/* + * C++ modes prior to C++20 cannot simultaneously satisfy all three + * desirable properties of the sanitiser: + * + * Approach No double-eval Lambda support Arity check + * ----------------------------- -------------- -------------- ----------- + * sizeof(cast(expression)) yes no yes + * static_cast<bool>(expression) no yes no + * (void)bool(expression) no yes no + * + * NOTE: C++20 introduced lambdas in unevaluated contexts; see P0315R4. + * + * Since no approach satisfies all three below C++20, the least harmful + * choice is to forgo the check entirely rather than silently break one + * of the remaining guarantees. + * + */ +#define __assert_sanitize(...) ((void)0) +#else +#define __assert_sanitize(...) (void)sizeof(((bool(*)(bool))0)(__VA_ARGS__)) +#endif /* __cplusplus < 202002L */ +#else +#define __assert_sanitize(...) (void)sizeof(((_Bool(*)(_Bool))0)(__VA_ARGS__)) +#endif /* __cplusplus */ +#define assert(...) (__assert_sanitize(__VA_ARGS__), \ + (__VA_ARGS__) ? (void)0 : \ + __assert(__func__, __FILE__, \ + __LINE__, #__VA_ARGS__)) +#define _assert(...) assert(__VA_ARGS__) #if __BSD_VISIBLE #define __assert_unreachable() assert(0 && "unreachable segment reached") #endif /* __BSD_VISIBLE */ #endif /* NDEBUG */ -#ifndef _ASSERT_H_ -#define _ASSERT_H_ +#ifndef __STDC_VERSION_ASSERT_H__ +#define __STDC_VERSION_ASSERT_H__ 202311L /* * Static assertions. In principle we could define static_assert for @@ -72,8 +99,12 @@ * C++ template parameters may contain commas, even if not enclosed in * parentheses, causing the _Static_assert macro to be invoked with more * than two parameters. + * + * C23 defines static_assert and its obsolescent alternative spelling, + * _Static_assert, as keywords. */ -#if __ISO_C_VISIBLE >= 2011 && !defined(__cplusplus) +#if __ISO_C_VISIBLE >= 2011 && !defined(__cplusplus) && \ + __STDC_VERSION__ < 202311L #define static_assert _Static_assert #endif @@ -81,4 +112,4 @@ __BEGIN_DECLS void __assert(const char *, const char *, int, const char *) __dead2; __END_DECLS -#endif /* !_ASSERT_H_ */ +#endif /* !__STDC_VERSION_ASSERT_H__ */ diff --git a/include/paths.h b/include/paths.h index 26924bcdba91..9157c17524c7 100644 --- a/include/paths.h +++ b/include/paths.h @@ -54,6 +54,7 @@ #define _PATH_DEFTAPE "/dev/sa0" #define _PATH_DEVGPIOC "/dev/gpioc" #define _PATH_DEVNULL "/dev/null" +#define _PATH_DEVPOWER "/dev/power" #define _PATH_DEVZERO "/dev/zero" #define _PATH_DRUM "/dev/drum" #define _PATH_ESDB "/usr/share/i18n/esdb" diff --git a/include/rpcsvc/yp_prot.h b/include/rpcsvc/yp_prot.h index 091347231c8b..d0ad15bd657c 100644 --- a/include/rpcsvc/yp_prot.h +++ b/include/rpcsvc/yp_prot.h @@ -67,11 +67,6 @@ * YPPROC_MAPLIST takes (char *), returns (struct ypmaplist *). */ -#ifndef BOOL_DEFINED -typedef u_int bool; -#define BOOL_DEFINED -#endif - /* Program and version symbols, magic numbers */ #define YPPROG ((u_long)100004) diff --git a/include/ssp/stdio.h b/include/ssp/stdio.h index 630683951e4b..73c601c408ce 100644 --- a/include/ssp/stdio.h +++ b/include/ssp/stdio.h @@ -36,6 +36,10 @@ #include <ssp/ssp.h> +#if __SSP_FORTIFY_LEVEL > 0 && __EXT1_VISIBLE +#include <sys/stdint.h> +#endif + __BEGIN_DECLS #if __SSP_FORTIFY_LEVEL > 0 #if __POSIX_VISIBLE @@ -51,7 +55,38 @@ __ssp_redirect(size_t, fread, (void *__restrict __buf, size_t __len, __ssp_redirect(size_t, fread_unlocked, (void *__restrict __buf, size_t __len, size_t __nmemb, FILE *__restrict __fp), (__buf, __len, __nmemb, __fp)); #if __EXT1_VISIBLE -__ssp_redirect(char *, gets_s, (char *__buf, rsize_t __len), (__buf, __len)); +__ssp_redirect_raw_impl(char *, gets_s, gets_s, + (char *buf, rsize_t len)) +{ + char *retbuf; + size_t bufsz; + int need_fail = 0; + + /* + * If we would have overwritten our buffer, we want to fail the check + * only if these arguments wouldn't have triggered a constraint + * violation. + */ + bufsz = __ssp_bos(buf); + if (bufsz != (size_t)-1 && (size_t)len > bufsz) { + if (len <= RSIZE_MAX) + __chk_fail(); + need_fail = 1; + } + + retbuf = __ssp_real(gets_s)(buf, len); + + /* + * If the implementation did *not* handle the case correctly, then + * there's a risk that they could have corrupted us into not failing + * here. We have tests that cover this, so we'll just count on finding + * a broken implementation early on in a less hostile environmnt. + */ + if (need_fail && retbuf != NULL) + __chk_fail(); + return (retbuf); +} + #endif /* __EXT1_VISIBLE */ __ssp_redirect_raw(char *, tmpnam, tmpnam, (char *__buf), (__buf), 1, __ssp_bos, L_tmpnam); diff --git a/include/unistd.h b/include/unistd.h index 797eac4c364d..290bcce6a0b3 100644 --- a/include/unistd.h +++ b/include/unistd.h @@ -518,6 +518,7 @@ int execvpe(const char *, char * const *, char * const *); int feature_present(const char *); int fchroot(int); char *fflagstostr(u_long); +ssize_t freadlink(int fd, char *buf, size_t bufsize); int getdomainname(char *, int); int getentropy(void *, size_t); int getgrouplist(const char *, gid_t, gid_t *, int *); |