FORTIFY_SOURCE: strlen check. This test is designed to detect code such as: int main() { char buf[10]; memcpy(buf, "1234567890", sizeof(buf)); size_t len = strlen(buf); // segfault here with _FORTIFY_SOURCE printf("%d\n", len); return 0; } or anytime strlen reads beyond an object boundary. This should help address memory leakage vulnerabilities and make other unrelated vulnerabilities harder to exploit. Change-Id: I354b425be7bef4713c85f6bab0e9738445e00182

commit: 260bf8cfe00f83bc579dfe81c78b75bd9973f051 [log] [tgz]
author: Nick Kralevich <nnk@google.com> Fri Jul 13 11:27:06 2012 -0700
committer: Nick Kralevich <nnk@google.com> Fri Jul 13 13:49:59 2012 -0700
tree: b8ff686500d30625cb9d5908ecba4895f20a1467
parent: b2060b027c9eb2748895b53a0d69d40b52371a4e [diff] [blame]
diff --git a/libc/Android.mk b/libc/Android.mk
index 0c4fa6a..4ceb12f 100644
--- a/libc/Android.mk
+++ b/libc/Android.mk

@@ -217,6 +217,7 @@
 	string/__strcpy_chk.c \
 	string/__strlcat_chk.c \
 	string/__strlcpy_chk.c \
+	string/__strlen_chk.c \
 	string/__strncat_chk.c \
 	string/__strncpy_chk.c \
 	wchar/wcpcpy.c \
commit	260bf8cfe00f83bc579dfe81c78b75bd9973f051	[log] [tgz]
author	Nick Kralevich <nnk@google.com>	Fri Jul 13 11:27:06 2012 -0700
committer	Nick Kralevich <nnk@google.com>	Fri Jul 13 13:49:59 2012 -0700
tree	b8ff686500d30625cb9d5908ecba4895f20a1467
parent	b2060b027c9eb2748895b53a0d69d40b52371a4e [diff] [blame]