| |
|
|
|
|
|
|
|
|
|
|
| |
wrapper .h files and asm labels to let internal calls resolve directly and
not be overridable or use the PLT. Then, apply that framework to most of
the functions in stdio.h, string.h, err.h, and wchar.h. Delete the
should-have-been-hidden-all-along _v?(err|warn)[cx]? symbols while here.
tests clean on i386, amd64, sparc64, powerpc, and mips64
naming feedback from kettenis@ and millert@
ok kettenis@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Modern compiler toolchains are capable of optimizing even across
translation unit boundaries, so simply moving the memory clearing into
a separate function is not guaranteed to clear memory.
To avoid this, we take advantage of ELF weak symbol semantics, and
insert a call to an empty, weakly named function. The semantics of
calling this function aren't determinable until load time, so the
compiler and linker need to keep the memset() call.
There are still ways a toolchain might defeat this trick (e.g.,
optimistically expecting the weak symbol to not be overloaded, and
only calling memset() if it is; promoting weak symbols to strong
symbols at link-time when emitting a static binary because they won't
be interposed; implementing load-time optimizations). But at least
for the foreseeable future, these seem unlikely.
ok deraadt
|
