diff options
| author | Allen Webb <allenwebb@google.com> | 2018-08-17 14:56:33 -0700 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2018-09-07 18:36:33 -0700 |
| commit | 6a9a3a62732ff31e247a9eb61a5f4e7c53154ee5 (patch) | |
| tree | 32a71c89e7266301206cc4dd242332bd5b835892 /include | |
| parent | 09d4918f464b69390f0c2d12cdd8c6aeafcb2cae (diff) | |
| download | chrome-ec-6a9a3a62732ff31e247a9eb61a5f4e7c53154ee5.tar.gz | |
fuzz: Hide conflicts with cstdlib and use clang++ for linking.
This creates a build target called libec.a by setting the visibility
of functions that conflict with cstdlib to hidden. It then links
those symbols locally into one large object file that makes up libec.a
Fuzzing targets are linked against libec.a so that they can invoke ec
functionality while depending on outside libraries that need cstdlib.
When linking a particular object against cstdlib, to avoid conflicting
function declarations put the following before any includes from the
ec codebase:
#define __stdlib_compat(...)
The fuzzing targets are now linked using clang++, so that c++ libraries
and objects can be used as part of the fuzzers.
BRANCH=none
BUG=chromium:876582
TEST=make -j buildfuzztests &&
./build/host/host_command_fuzz/host_command_fuzz.exe
Change-Id: Ifdfdc6a51c6ef23b4e192b013ca993bf48a4411b
Signed-off-by: Allen Webb <allenwebb@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1180401
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Diffstat (limited to 'include')
| -rw-r--r-- | include/common.h | 11 | ||||
| -rw-r--r-- | include/trng.h | 5 | ||||
| -rw-r--r-- | include/util.h | 50 |
3 files changed, 43 insertions, 23 deletions
diff --git a/include/common.h b/include/common.h index dac0bf2f00..f6bf9b1308 100644 --- a/include/common.h +++ b/include/common.h @@ -215,6 +215,17 @@ enum ec_error_list { #define test_export_static static #endif +/* + * Mark functions that collide with stdlib so they can be hidden when linking + * against libraries that require stdlib. HIDE_EC_STDLIB should be defined + * before including common.h from code that links to cstdlib. + */ +#ifdef TEST_FUZZ +#define __stdlib_compat __attribute__((visibility("hidden"))) +#else /* TEST_FUZZ */ +#define __stdlib_compat +#endif /* TEST_FUZZ */ + /* find the most significant bit. Not defined in n == 0. */ #define __fls(n) (31 - __builtin_clz(n)) diff --git a/include/trng.h b/include/trng.h index ec56829e54..e50b12a2a6 100644 --- a/include/trng.h +++ b/include/trng.h @@ -5,6 +5,7 @@ #ifndef __EC_INCLUDE_TRNG_H #define __EC_INCLUDE_TRNG_H +#include <common.h> #include <stddef.h> #include <stdint.h> @@ -30,7 +31,9 @@ void exit_trng(void); * * Not supported on all platforms. **/ -uint32_t rand(void); +#ifndef HIDE_EC_STDLIB +__stdlib_compat uint32_t rand(void); +#endif /** * Output len random bytes into buffer. diff --git a/include/util.h b/include/util.h index c8ae09db93..4d5c263182 100644 --- a/include/util.h +++ b/include/util.h @@ -56,31 +56,31 @@ #define DIV_ROUND_UP(x, y) (((x) + ((y) - 1)) / (y)) #define DIV_ROUND_NEAREST(x, y) (((x) + ((y) / 2)) / (y)) +#ifndef HIDE_EC_STDLIB /* Standard library functions */ -int atoi(const char *nptr); -int isdigit(int c); -int isspace(int c); -int isalpha(int c); -int isprint(int c); -int memcmp(const void *s1, const void *s2, size_t len); -int safe_memcmp(const void *s1, const void *s2, size_t len); -void *memcpy(void *dest, const void *src, size_t len); -__visible void *memset(void *dest, int c, size_t len); -void *memmove(void *dest, const void *src, size_t len); -void *memchr(const void *buffer, int c, size_t n); -int strcasecmp(const char *s1, const char *s2); -int strncasecmp(const char *s1, const char *s2, size_t size); -size_t strlen(const char *s); -size_t strnlen(const char *s, size_t maxlen); -char *strncpy(char *dest, const char *src, size_t n); -int strncmp(const char *s1, const char *s2, size_t n); +__stdlib_compat int atoi(const char *nptr); +__stdlib_compat int isdigit(int c); +__stdlib_compat int isspace(int c); +__stdlib_compat int isalpha(int c); +__stdlib_compat int isprint(int c); +__stdlib_compat int memcmp(const void *s1, const void *s2, size_t len); +__stdlib_compat void *memcpy(void *dest, const void *src, size_t len); +__stdlib_compat __visible void *memset(void *dest, int c, size_t len); +__stdlib_compat void *memmove(void *dest, const void *src, size_t len); +__stdlib_compat void *memchr(const void *buffer, int c, size_t n); +__stdlib_compat int strcasecmp(const char *s1, const char *s2); +__stdlib_compat int strncasecmp(const char *s1, const char *s2, size_t size); +__stdlib_compat size_t strlen(const char *s); +__stdlib_compat size_t strnlen(const char *s, size_t maxlen); +__stdlib_compat char *strncpy(char *dest, const char *src, size_t n); +__stdlib_compat int strncmp(const char *s1, const char *s2, size_t n); /* Like strtol(), but for integers. */ -int strtoi(const char *nptr, char **endptr, int base); -uint64_t strtoul(const char *nptr, char **endptr, int base); +__stdlib_compat int strtoi(const char *nptr, char **endptr, int base); +__stdlib_compat uint64_t strtoul(const char *nptr, char **endptr, int base); /* Like strncpy(), but guarantees null termination. */ -char *strzcpy(char *dest, const char *src, int len); +__stdlib_compat char *strzcpy(char *dest, const char *src, int len); /** * Parses a boolean option from a string. @@ -99,9 +99,15 @@ char *strzcpy(char *dest, const char *src, int len); * * Other strings return 0 and leave *dest unchanged. */ -int parse_bool(const char *s, int *dest); +__stdlib_compat int parse_bool(const char *s, int *dest); + +__stdlib_compat int tolower(int c); +#endif /* !HIDE_EC_STDLIB */ -int tolower(int c); +/** + * Constant time implementation of memcmp to avoid timing side channels. + */ +int safe_memcmp(const void *s1, const void *s2, size_t len); /* 64-bit divide-and-modulo. Does the equivalent of: * |