From dc75f2edd86f73e698634c38fa9cf387d14fa843 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dag-Erling=20Sm=C3=B8rgrav?= Date: Sun, 15 Feb 2015 09:18:18 +0000 Subject: [PATCH] Add a memset_s() implementation (cf. C11 / WG14 N1381) --- configure.ac | 5 ++ lib/core/Makefile.am | 1 + lib/core/cryb_memset_s.c | 56 +++++++++++++++ t/Makefile.am | 3 +- t/t_memset_s.c | 147 +++++++++++++++++++++++++++++++++++++++ 5 files changed, 211 insertions(+), 1 deletion(-) create mode 100644 lib/core/cryb_memset_s.c create mode 100644 t/t_memset_s.c diff --git a/configure.ac b/configure.ac index d358ec2..07e5865 100644 --- a/configure.ac +++ b/configure.ac @@ -54,6 +54,11 @@ AC_CHECK_HEADERS([sys/uio.h sys/ktrace.h], [], [], [[ ]]) AC_CHECK_FUNCS([utrace]) +# C11 features +# XXX our version has an incorrect prototype due to the lack of a test +# for the existence of rsize_t and RSIZE_MAX. +AC_CHECK_FUNCS([memset_s]) + ############################################################################ # # Extra libraries diff --git a/lib/core/Makefile.am b/lib/core/Makefile.am index d56473f..c9a9f4c 100644 --- a/lib/core/Makefile.am +++ b/lib/core/Makefile.am @@ -4,6 +4,7 @@ lib_LTLIBRARIES = libcryb-core.la libcryb_core_la_SOURCES = \ cryb_core.c \ + cryb_memset_s.c \ string.c \ cryb_strlcat.c \ cryb_strlcpy.c \ diff --git a/lib/core/cryb_memset_s.c b/lib/core/cryb_memset_s.c new file mode 100644 index 0000000..7a1750b --- /dev/null +++ b/lib/core/cryb_memset_s.c @@ -0,0 +1,56 @@ +/*- + * Copyright (c) 2015 The University of Oslo + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#if HAVE_CONFIG_H +#include "config.h" +#endif + +#include +#include +#include + +#include + +/* + * Like memset(), but checks for overflow and guarantees that the buffer + * is overwritten even if the data will never be read. + */ +int +cryb_memset_s(void *s, size_t smax, int c, size_t n) +{ + unsigned int i; + + if (s == NULL) + return (EINVAL); + for (i = 0; i < n && i < smax; ++i) + ((volatile unsigned char *)s)[i] = (unsigned char)c; + if (n > smax) + return (EOVERFLOW); + return (0); +} diff --git a/t/Makefile.am b/t/Makefile.am index d0f6165..83f50a8 100644 --- a/t/Makefile.am +++ b/t/Makefile.am @@ -36,11 +36,12 @@ endif TESTS = # libcryb-core -TESTS += t_ctype t_endian t_strlcat t_strlcmp t_strlcpy +TESTS += t_ctype t_endian t_memset_s t_strlcat t_strlcmp t_strlcpy TESTS += t_string t_wstring EXTRA_DIST += t__string.c t_ctype_LDADD = $(libt) $(libcore) t_endian_LDADD = $(libt) $(libcore) +t_memset_s_LDADD = $(libt) $(libcore) t_strlcat_LDADD = $(libt) $(libcore) t_strlcmp_LDADD = $(libt) $(libcore) t_strlcpy_LDADD = $(libt) $(libcore) diff --git a/t/t_memset_s.c b/t/t_memset_s.c new file mode 100644 index 0000000..e8fb269 --- /dev/null +++ b/t/t_memset_s.c @@ -0,0 +1,147 @@ +/*- + * Copyright (c) 2015 The University of Oslo + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "cryb/impl.h" + +#include +#include +#include + +#undef HAVE_MEMSET_S +#include + +#include "t.h" + +#define T_BUF_LEN 32 + +struct t_case { + const char *desc; + const char in[T_BUF_LEN]; + size_t smax; + int c; + size_t len; + const char out[T_BUF_LEN]; + size_t outlen; + int ret; +}; + +/*************************************************************************** + * Test cases + */ +static struct t_case t_cases[] = { + { + .desc = "zero", + .in = "squeamish ossifrage", + .smax = sizeof "squeamish ossifrage" - 1, + .c = 'x', + .len = 0, + .out = "squeamish ossifrage", + .ret = 0, + }, + { + .desc = "short", + .in = "squeamish ossifrage", + .smax = sizeof "squeamish ossifrage" - 1, + .c = 'x', + .len = 9, + .out = "xxxxxxxxx ossifrage", + .ret = 0, + }, + { + .desc = "exact", + .in = "squeamish ossifrage", + .smax = sizeof "squeamish ossifrage" - 1, + .c = 'x', + .len = sizeof "squeamish ossifrage" - 1, + .out = "xxxxxxxxxxxxxxxxxxx", + .ret = 0, + }, + { + .desc = "long", + .in = "squeamish ossifrage", + .smax = sizeof "squeamish ossifrage" - 1, + .c = 'x', + .len = sizeof "squeamish ossifrage" + 1, + .out = "xxxxxxxxxxxxxxxxxxx", + .ret = EOVERFLOW, + }, +}; + +/*************************************************************************** + * Test function + */ +static int +t_memset_s(char **desc CRYB_UNUSED, void *arg) +{ + struct t_case *t = arg; + char buf[T_BUF_LEN]; + int ret; + + memcpy(buf, t->in, T_BUF_LEN); + ret = memset_s(buf, t->smax, t->c, t->len); + return (t_compare_i(t->ret, ret) & + t_compare_mem(t->out, buf, T_BUF_LEN)); +} + +/*************************************************************************** + * Test function (NULL) + */ +static int +t_memset_s_null(char **desc CRYB_UNUSED, void *arg) +{ + int ret; + + (void)arg; + ret = memset_s(NULL, 1, 0, 1); + return (t_compare_i(EINVAL, ret)); +} + + +/*************************************************************************** + * Boilerplate + */ + +int +t_prepare(int argc, char *argv[]) +{ + int i, n; + + (void)argc; + (void)argv; + t_add_test(t_memset_s_null, NULL, "null"); + n = sizeof t_cases / sizeof t_cases[0]; + for (i = 0; i < n; ++i) + t_add_test(t_memset_s, &t_cases[i], t_cases[i].desc); + return (0); +} + +void +t_cleanup(void) +{ +}