commit | 260bf8cfe00f83bc579dfe81c78b75bd9973f051 | [log] [tgz] |
---|---|---|
author | Nick Kralevich <nnk@google.com> | Fri Jul 13 11:27:06 2012 -0700 |
committer | Nick Kralevich <nnk@google.com> | Fri Jul 13 13:49:59 2012 -0700 |
tree | b8ff686500d30625cb9d5908ecba4895f20a1467 | |
parent | b2060b027c9eb2748895b53a0d69d40b52371a4e [diff] |
FORTIFY_SOURCE: strlen check. This test is designed to detect code such as: int main() { char buf[10]; memcpy(buf, "1234567890", sizeof(buf)); size_t len = strlen(buf); // segfault here with _FORTIFY_SOURCE printf("%d\n", len); return 0; } or anytime strlen reads beyond an object boundary. This should help address memory leakage vulnerabilities and make other unrelated vulnerabilities harder to exploit. Change-Id: I354b425be7bef4713c85f6bab0e9738445e00182