1 /*
2  * Copyright (C) 2016 The Android Open Source Project
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  *  * Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  *  * Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in
12  *    the documentation and/or other materials provided with the
13  *    distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
18  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
19  * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
20  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
21  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
22  * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
23  * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
24  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
25  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26  * SUCH DAMAGE.
27  */
28 
29 #include "private/libc_logging.h"
30 
31 #include <poll.h> // For struct pollfd.
32 #include <sys/select.h> // For struct fd_set.
33 
34 //
35 // Common helpers.
36 //
37 
__check_fd_set(const char * fn,int fd,size_t set_size)38 static inline void __check_fd_set(const char* fn, int fd, size_t set_size) {
39   if (__predict_false(fd < 0)) {
40     __fortify_fatal("%s: file descriptor %d < 0", fn, fd);
41   }
42   if (__predict_false(fd >= FD_SETSIZE)) {
43     __fortify_fatal("%s: file descriptor %d >= FD_SETSIZE %zu", fn, fd, set_size);
44   }
45   if (__predict_false(set_size < sizeof(fd_set))) {
46     __fortify_fatal("%s: set size %zu is too small to be an fd_set", fn, set_size);
47   }
48 }
49 
__check_pollfd_array(const char * fn,size_t fds_size,nfds_t fd_count)50 static inline void __check_pollfd_array(const char* fn, size_t fds_size, nfds_t fd_count) {
51   size_t pollfd_array_length = fds_size / sizeof(pollfd);
52   if (__predict_false(pollfd_array_length < fd_count)) {
53     __fortify_fatal("%s: %zu-element pollfd array too small for %u fds",
54                     fn, pollfd_array_length, fd_count);
55   }
56 }
57 
__check_count(const char * fn,const char * identifier,size_t value)58 static inline void __check_count(const char* fn, const char* identifier, size_t value) {
59   if (__predict_false(value > SSIZE_MAX)) {
60     __fortify_fatal("%s: %s %zu > SSIZE_MAX", fn, identifier, value);
61   }
62 }
63 
__check_buffer_access(const char * fn,const char * action,size_t claim,size_t actual)64 static inline void __check_buffer_access(const char* fn, const char* action,
65                                          size_t claim, size_t actual) {
66   if (__predict_false(claim > actual)) {
67     __fortify_fatal("%s: prevented %zu-byte %s %zu-byte buffer", fn, claim, action, actual);
68   }
69 }
70