Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / bionic / 1c8ea807ebb54c1533040b60c0a6394abc77e339 / . / libc / arch-arm / cortex-a9 / bionic / __strcpy_chk.S
blob: 67eca086ecd54fdc75e419e5938e8595e3efdb61 [file] [log] [blame]
Christopher Ferris5f45d582013-08-07 13:09:51 -0700[diff] [blame]1/*
2 * Copyright (C) 2013 The Android Open Source Project
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in
12 * the documentation and/or other materials provided with the
13 * distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
18 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
19 * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
21 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
22 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
23 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
24 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
25 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 */
28
Elliott Hughes851e68a2014-02-19 16:53:20 -0800[diff] [blame]29#include <private/bionic_asm.h>
30#include <private/libc_events.h>
Christopher Ferris5f45d582013-08-07 13:09:51 -0700[diff] [blame]31
32 .syntax unified
33 .fpu neon
34 .thumb
35 .thumb_func
36
37// Get the length of the source string first, then do a memcpy of the data
38// instead of a strcpy.
39ENTRY(__strcpy_chk)
Christopher Ferris5f45d582013-08-07 13:09:51 -0700[diff] [blame]40 pld [r0, #0]
Christopher Ferris5f45d582013-08-07 13:09:51 -0700[diff] [blame]41 push {r0, lr}
42 .cfi_def_cfa_offset 8
43 .cfi_rel_offset r0, 0
44 .cfi_rel_offset lr, 4
45
46 mov lr, r2
47 mov r0, r1
48
49 ands r3, r0, #7
50 bne .L_align_src
51
52 .p2align 2
53.L_mainloop:
54 ldmia r0!, {r2, r3}
55
56 pld [r0, #64]
57
58 sub ip, r2, #0x01010101
59 bic ip, ip, r2
60 ands ip, ip, #0x80808080
61 bne .L_zero_in_first_register
62
63 sub ip, r3, #0x01010101
64 bic ip, ip, r3
65 ands ip, ip, #0x80808080
66 bne .L_zero_in_second_register
67 b .L_mainloop
68
69.L_zero_in_first_register:
70 sub r3, r0, r1
71 // Check for zero in byte 0.
72 lsls r2, ip, #17
73 beq .L_check_byte1_reg1
74
75 sub r3, r3, #8
76 b .L_check_size
77
78.L_check_byte1_reg1:
79 bcc .L_check_byte2_reg1
80
81 sub r3, r3, #7
82 b .L_check_size
83
84.L_check_byte2_reg1:
85 // Check for zero in byte 2.
86 tst ip, #0x800000
87 it ne
88 subne r3, r3, #6
89 bne .L_check_size
90 sub r3, r3, #5
91 b .L_check_size
92
93.L_zero_in_second_register:
94 sub r3, r0, r1
95 // Check for zero in byte 0.
96 lsls r2, ip, #17
97 beq .L_check_byte1_reg2
98
99 sub r3, r3, #4
100 b .L_check_size
101
102.L_check_byte1_reg2:
103 bcc .L_check_byte2_reg2
104
105 sub r3, r3, #3
106 b .L_check_size
107
108.L_check_byte2_reg2:
109 // Check for zero in byte 2.
110 tst ip, #0x800000
111 it ne
112 subne r3, r3, #2
113 bne .L_check_size
114 sub r3, r3, #1
115 b .L_check_size
116
117.L_align_src:
118 // Align to a double word (64 bits).
119 rsb r3, r3, #8
120 lsls ip, r3, #31
121 beq .L_align_to_32
122
123 ldrb r2, [r0], #1
124 cbz r2, .L_done
125
126.L_align_to_32:
127 bcc .L_align_to_64
128
129 ldrb r2, [r0], #1
130 cbz r2, .L_done
131 ldrb r2, [r0], #1
132 cbz r2, .L_done
133
134.L_align_to_64:
135 tst r3, #4
136 beq .L_mainloop
137 ldr r2, [r0], #4
138
139 sub ip, r2, #0x01010101
140 bic ip, ip, r2
141 ands ip, ip, #0x80808080
142 bne .L_zero_in_second_register
143 b .L_mainloop
144
145.L_done:
146 sub r3, r0, r1
147 sub r3, r3, #1
148
149.L_check_size:
150 pld [r1, #0]
151 pld [r1, #64]
152 ldr r0, [sp]
153 cmp r3, lr
Christopher Ferris16e185c2013-09-10 16:56:34 -0700[diff] [blame]154 bhs __strcpy_chk_fail
Christopher Ferris5f45d582013-08-07 13:09:51 -0700[diff] [blame]155
156 // Add 1 for copy length to get the string terminator.
157 add r2, r3, #1
158
Christopher Ferrisa57c9c02013-08-21 09:41:12 -0700[diff] [blame]159 // Fall through into the memcpy_base function.
160END(__strcpy_chk)
161
162#define MEMCPY_BASE __strcpy_chk_memcpy_base
163#define MEMCPY_BASE_ALIGNED __strcpy_chk_memcpy_base_aligned
164#include "memcpy_base.S"
165
Nick Kralevich32bbf8a2013-10-02 16:54:58 -0700[diff] [blame]166ENTRY_PRIVATE(__strcpy_chk_fail)
Christopher Ferrisa57c9c02013-08-21 09:41:12 -0700[diff] [blame]167 .cfi_def_cfa_offset 8
168 .cfi_rel_offset r0, 0
169 .cfi_rel_offset lr, 4
170
Christopher Ferris5f45d582013-08-07 13:09:51 -0700[diff] [blame]171 ldr r0, error_message
172 ldr r1, error_code
1731:
174 add r0, pc
175 bl __fortify_chk_fail
Christopher Ferrisa57c9c02013-08-21 09:41:12 -0700[diff] [blame]176
Christopher Ferris5f45d582013-08-07 13:09:51 -0700[diff] [blame]177error_code:
178 .word BIONIC_EVENT_STRCPY_BUFFER_OVERFLOW
179error_message:
180 .word error_string-(1b+4)
Christopher Ferrisa57c9c02013-08-21 09:41:12 -0700[diff] [blame]181END(__strcpy_chk_fail)
Christopher Ferris5f45d582013-08-07 13:09:51 -0700[diff] [blame]182
183 .data
184error_string:
Elliott Hughes68b67112013-10-15 17:17:05 -0700[diff] [blame]185 .string "strcpy: prevented write past end of buffer"