)]}' { "log": [ { "commit": "141b917018048c5fda567785740dfaaf38e66f1e", "tree": "144416c96d8e3d1406ed78d8221a72a174317d80", "parents": [ "999d82e51d8b96c622ecb63c69b56e7e7753e47d" ], "author": { "name": "Elliott Hughes", "email": "enh@google.com", "time": "Fri Apr 09 17:13:09 2021 -0700" }, "committer": { "name": "Elliott Hughes", "email": "enh@google.com", "time": "Mon Apr 12 10:01:20 2021 -0700" }, "message": "Switch to libbase SilentDeathTest.\n\nBug: http://b/184955378\nTest: treehugger\nChange-Id: Ie0849224074da92203340a741a86a24a4a3702c2\n" }, { "commit": "61d070650780e13f2e9326d1b8f40f6968ea5de3", "tree": "b89b464ecdaaf451a6bda3af0fd915d19606f75c", "parents": [ "332065d57e734b65f56474d136d22d767e36cbcd" ], "author": { "name": "Elliott Hughes", "email": "enh@google.com", "time": "Thu Feb 18 17:17:27 2021 -0800" }, "committer": { "name": "Elliott Hughes", "email": "enh@google.com", "time": "Thu Feb 18 17:17:27 2021 -0800" }, "message": "Use death tests correctly.\n\nThe existing attempt at a death test wrapper wasn\u0027t functional (because\nthe tests were TEST rather than TEST_F), and the code in that class\ndoesn\u0027t work anyway. Since I don\u0027t understand the intent behind the\nfailing dup2() calls, I\u0027ve just removed this and replaced it with\nBionicDeathTest which we do need to suppress all the debuggerd work\nwhich caused this bug to be filed.\n\nBug: http://b/180605583\nTest: treehugger\nChange-Id: I7717f7ae2620452656cf07db299774dadef55766\n" }, { "commit": "cfd8f581fabdc88ec836c3b0804b0493a8b20ab8", "tree": "b27292e87a89d9f2f2fa73d1a78e8ae6caa96970", "parents": [ "c79ea239415963d4a38752d0f3efe50531c8e04f" ], "author": { "name": "Elliott Hughes", "email": "enh@google.com", "time": "Thu Jul 23 13:40:39 2020 -0700" }, "committer": { "name": "Elliott Hughes", "email": "enh@google.com", "time": "Thu Jul 23 13:41:53 2020 -0700" }, "message": "Cleanup for #inclusivefixit.\n\nThe comment and pragma for GCC genuinely don\u0027t seem to be needed for\nClang.\n\nClarify the comment about the two ways in which clang_fortify_tests.cpp\nis used.\n\nTest: treehugger\nChange-Id: Icb48a5848c005104ab2d2456da3978bbaf7e158c\n" }, { "commit": "ae1745d37550de264b600b08c13242513116b8ac", "tree": "679460a899e7bd794918518d57b66b3f82e9f37f", "parents": [ "23ec1421b539128ec9941deadfc4b30babf6e1b6" ], "author": { "name": "Yabin Cui", "email": "yabinc@google.com", "time": "Thu Apr 16 15:07:28 2020 -0700" }, "committer": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Fri Apr 17 19:07:36 2020 +0000" }, "message": "Fix foritfy test for clang update.\n\nWhen doing checkbuild for make_fortify_compile_test.mk:\nbionic/tests/clang_fortify_tests.cpp\nerror: \u0027error\u0027 diagnostics seen but not expected:\n Line 171: \u0027mempcpy\u0027 will always overflow; destination buffer has size 8, but size argument is 9\n1 error generated.\n\nBug: 149839606\nTest: run checkbuild.\nChange-Id: I97371600f6183b5cee8c2a6b976f5bf33e1f781d\n" }, { "commit": "8a4414ef9c819f8000b567f3b976d39ee87d7cf2", "tree": "f702f29b5e7ca3f9b028d0504e3b1fc757dccdd1", "parents": [ "1db8fdb76e1334fc2ba2da701c403ae7f32f0a0d" ], "author": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Thu Sep 19 15:22:55 2019 -0700" }, "committer": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Thu Sep 19 15:23:45 2019 -0700" }, "message": "fortify: remove `pragma diagnostic error` from tests\n\nThis was necessary because we weren\u0027t doing -Werror\u003dfortify-source\neverywhere. As of I2715ea411ef067f801534dab4d306fef5431f290, we should\nbe doing this.\n\nBug: 131861088\nTest: mma\nChange-Id: I00d499938ae24c3870760470576d6be603fbecd1\n" }, { "commit": "36926f4ca8183375e96c81db879a6f185ef92dff", "tree": "2b22fd43d22e35b49298fbea3216e63c0aeaf371", "parents": [ "1ffee0cfc1e3a7fddf4cbe633694be91e72265a1" ], "author": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Sun Sep 15 16:57:00 2019 -0700" }, "committer": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Mon Sep 16 12:48:04 2019 -0700" }, "message": "fortify: account for new clang diagnostics\n\nClang recently grew its own diagnostics for memcpy and such. These are\ngenerally higher-quality than what we can do with diagnose_if, since\nclang is happy to include e.g., sizes of things per-callsite. Move to\nthose instead where applicable.\n\nBug: 131861088, 123644155\nTest: blueline internal-master checkbuild; treehugger\nChange-Id: I701f5a8b247ba2948ca47fdc60ff5198b564c03e\n" }, { "commit": "bf67ea54267fc07d3dd528ead69767b27af61e80", "tree": "20f4ab84465259473bdc31a1c8a7b78b2abe7f8a", "parents": [ "fd56f554190bfa1ad8c58bc0d8cae14510864973" ], "author": { "name": "Yi Kong", "email": "yikong@google.com", "time": "Sat Aug 03 18:26:05 2019 -0700" }, "committer": { "name": "Yi Kong", "email": "yikong@google.com", "time": "Mon Aug 05 11:48:47 2019 -0700" }, "message": "Adapt tests due to the new Clang fortify-source warning\n\nhttps://reviews.llvm.org/D58797 added several new compile time\n_FORTIFY_SOURCE diagnostics. This broke clang_fortify_tests:\n\nFAILED: out/target/product/walleye/obj/STATIC_LIBRARIES/bionic-compile-time-tests2-clang++_intermediates/clang_fortify_tests.o\nerror: \u0027warning\u0027 diagnostics seen but not expected:\n Line 159: \u0027memcpy\u0027 will always overflow; destination buffer has size 8, but size argument is 9\n Line 161: \u0027memmove\u0027 will always overflow; destination buffer has size 8, but size argument is 9\n Line 165: \u0027memset\u0027 will always overflow; destination buffer has size 8, but size argument is 9\n Line 183: \u0027strncpy\u0027 size argument is too large; destination buffer has size 8, but size argument is 9\n Line 185: \u0027stpncpy\u0027 size argument is too large; destination buffer has size 8, but size argument is 9\n Line 189: \u0027strncat\u0027 size argument is too large; destination buffer has size 8, but size argument is 9\n Line 227: \u0027strncpy\u0027 size argument is too large; destination buffer has size 4, but size argument is 5\n Line 232: \u0027stpncpy\u0027 size argument is too large; destination buffer has size 4, but size argument is 5\n Line 242: \u0027strncat\u0027 size argument is too large; destination buffer has size 4, but size argument is 5\n Line 490: \u0027snprintf\u0027 size argument is too large; destination buffer has size 8, but size argument is 9\n Line 495: \u0027vsnprintf\u0027 size argument is too large; destination buffer has size 8, but size argument is 9\nerror: \u0027note\u0027 diagnostics seen but not expected:\n File bionic/libc/include/bits/fortify/fcntl.h Line 50: \u0027open\u0027 has been explicitly marked unavailable here\n File bionic/libc/include/bits/fortify/fcntl.h Line 102: \u0027open64\u0027 has been explicitly marked unavailable here\n File bionic/libc/include/bits/fortify/fcntl.h Line 75: \u0027openat\u0027 has been explicitly marked unavailable here\n File bionic/libc/include/bits/fortify/fcntl.h Line 121: \u0027openat64\u0027 has been explicitly marked unavailable here\n File bionic/libc/include/bits/fortify/stdio.h Line 68: \u0027sprintf\u0027 has been explicitly marked unavailable here\n16 errors generated.\n\nBug: 131328001\nBug: 138701853\nTest: Build with r365631 toolchain\nChange-Id: I103ecb7b3abcf4b5cfc4f36ccab69e03d0976275\n" }, { "commit": "261b7f4867f623f3f31609e7574411df43c409e2", "tree": "8eeaa7fbbcf467c6bf7f5ce4e595faeb54946beb", "parents": [ "849c0b9f51b65da9f3ac7a3222da9ae00893acfd" ], "author": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Mon Jun 10 16:32:07 2019 -0700" }, "committer": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Thu Jun 20 13:05:23 2019 -0700" }, "message": "fortify: replace bzero/bcmp defines\n\n__builtin_*_chk will emit warnings when things are trivially broken.\nEmitting errors instead is probably better (and we can be a bit smarter\nabout how we emit code for trivially safe cases.)\n\nBug: 131861088\nTest: checkbuild + bionic-unit-tests on blueline\nChange-Id: I33957ad419922d0760304758ecb9bc8ad33e0b64\n" }, { "commit": "849c0b9f51b65da9f3ac7a3222da9ae00893acfd", "tree": "1b118a1406ebeddc7786d35a4f06ebfa5b38b42e", "parents": [ "74519e7aa58a19c0ed352b660f2e732148ae2f8a" ], "author": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Mon Jun 10 16:22:09 2019 -0700" }, "committer": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Thu Jun 13 23:29:37 2019 -0700" }, "message": "fortify: add __mempcpy_chk\n\nBug: 131861088\nTest: mma + bionic-unit-tests on blueline\nChange-Id: I02f8f87d5db0ba5fecec410da32f6ffa2c98ef57\n" }, { "commit": "74519e7aa58a19c0ed352b660f2e732148ae2f8a", "tree": "453ed154af17c6a52f33c86f4835c02cbc8bc437", "parents": [ "26d25a22e27fff4c23669d0dd66e3a09d869857d" ], "author": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Thu Jun 06 17:54:00 2019 -0700" }, "committer": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Thu Jun 13 23:26:02 2019 -0700" }, "message": "fortify: fix overflow checks in unistd\n\nWe should only be calling _real versions of the functions that use this\nif the input size is verifiably \u003c\u003d SSIZE_MAX. Otherwise, just fall\nthrough to _chk and let that handle it.\n\nBug: 131861088\nTest: mma \u0026\u0026 bionic-unit-tests\nChange-Id: Iba04e486ef91ea1b3539ab6df6260429264e66b4\n" }, { "commit": "26d25a22e27fff4c23669d0dd66e3a09d869857d", "tree": "011652aa9deaa56d906ec40c46046af980443883", "parents": [ "8c0ec114c58a76efcc1c195a03a36675b0967e39" ], "author": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Thu Jun 06 17:45:05 2019 -0700" }, "committer": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Thu Jun 13 23:26:02 2019 -0700" }, "message": "fortify: add even more warnings\n\nBug: 131861088\nTest: mma\nChange-Id: I557309b3e25b54321ee1fe0207f18b6e840bf76e\n" }, { "commit": "8c0ec114c58a76efcc1c195a03a36675b0967e39", "tree": "4af082b223bc257266533c0bee0a6ceb4a68b2cf", "parents": [ "2356c93d391c1948b3abb7602da3d97bd8b289f2" ], "author": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Thu Jun 06 17:23:32 2019 -0700" }, "committer": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Thu Jun 13 23:26:02 2019 -0700" }, "message": "fortify: fix up a few diagnostics; add __wur to realpath\n\nAs it says on the box.\n\nSince realpath isn\u0027t a function definition, any attributes it provides\nhere just add to the \"regular\" realpath.\n\n__wur is being added to realpath because it returns NULL on failure, and\nthe contents of the input buffer are undefined in that case. A blueline\ncheckbuild showed 0 complaints about this new __wur, so it seems\nharmless to add.\n\nBug: 131861088\nTest: mma\nChange-Id: If5f47e0e290d86df69c0888711e29775c390fca4\n" }, { "commit": "2356c93d391c1948b3abb7602da3d97bd8b289f2", "tree": "a490fc205ecbbd2f21b93f0102a806ccc1a075de", "parents": [ "77f99aaf58b944b23f2cfb38fce08a98feabe93f" ], "author": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Thu Jun 06 17:18:13 2019 -0700" }, "committer": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Thu Jun 13 23:26:02 2019 -0700" }, "message": "fortify: add bit checking for open(at)?64 functions\n\nThis also adds _2-variants for these functions, for extra glorious\nchecking\n\nBug: 131861088\nTest: mma\nChange-Id: I80475ff4bb220c0c47894e9532426f53412f176f\n" }, { "commit": "77f99aaf58b944b23f2cfb38fce08a98feabe93f", "tree": "ddcadad346c394fa7d1d7b15d488e988e5feaaf0", "parents": [ "1eb5976d7505f299754040e19792a0de94abccbc" ], "author": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Thu Jun 06 14:14:52 2019 -0700" }, "committer": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Thu Jun 13 23:26:02 2019 -0700" }, "message": "fortify: add diagnostics for str* functions\n\nThis CL allows us to diagnose string functions that get an explicit size\npassed into them, and string functions that are trivially misused.\n\nBug: 131861088\nTest: mma\nChange-Id: I894aec99420a75c6474cfd7d5010f0cf2f10ab21\n" }, { "commit": "06bb4ce8dea5ef11ff29012c08e81b9110796f35", "tree": "dffe532c644d7820c6a9b36aaf891d8a1e279868", "parents": [ "9894ec459637c5c805b8e03d0a0a7f3ff5d6c1d3" ], "author": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Thu Jun 13 15:13:02 2019 -0700" }, "committer": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Thu Jun 13 15:18:16 2019 -0700" }, "message": "fortify: fix tests on x86_64\n\nMy declval hack failed on x86_64 with:\n\n```\nsubstitution failure [with T \u003d __va_list_tag [1]]: function cannot\nreturn array type \u0027__va_list_tag [1]\u0027\n```\n\n...Because the type of va_list is compiler magic, it\u0027s fine for it to be\nwhatever the compiler wants it to be. Thankfully, pointers to arrays can\nbe returned, so let\u0027s use those instead.\n\nBug: 135210098\nTest: mma on aosp_blueline-eng and aosp_x86_64-eng; the latter was\n failing before this patch.\n\nChange-Id: Iefd57c0f8e823653fd70633fb6ee75cfc0022430\n" }, { "commit": "9a2741010a93bfa08cc03e8d92c20c47d7e65abc", "tree": "9bf61dd85fff4981603b991e74ac3c6d86c1abab", "parents": [ "b8dace7339b1ef6a5dcaa0384947a287a0f9cf20" ], "author": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Tue Jun 04 15:39:52 2019 -0700" }, "committer": { "name": "George Burgess IV", "email": "gbiv@google.com", "time": "Mon Jun 10 12:46:49 2019 -0700" }, "message": "fortify: import tests from Chrome OS\n\nChrome OS has a fairly extensive FORTIFY test suite for both\ncompile-time and run-time diagnostics. It covers tons of edge cases, and\nconveniently centralizes diagnostic and death testing.\n\nA fair amount of it has been ifdef\u0027ed out, since Bionic doesn\u0027t yet\ndiagnose (or crash on) some of these things. The intent is to explicitly\ndeclare defeat on the things we don\u0027t care to FORTIFY, and slowly fix\nthe rest in easier-to-digest CLs.\n\nOnce that\u0027s done, we might be able to look into retiring some of the\nFORTIFY testing that we don\u0027t share with the CrOS folks.\n\nBug: 131861088\nTest: mma + bionic-unit-tests on blueline\n\nChange-Id: I16734ea0769e03cf658ef10532d64f28fdb36a89\n" } ] }