On Thu, Apr 28, 2016 at 9:47 AM, One Thousand Gnomes
<gno...@lxorguk.ukuu.org.uk> wrote:
> O> For example, this is what I've got currently:
>>
>> /* Detect and warn about potential overlaps. */
>> void *memcpy(void *dest, const void *src, size_t n)
>> {
>> if (dest > src && dest - src < n)
>> warn("Potentially unsafe overlapping memcpy detected!");
>> return __memcpy(dest, src, n);
>> }
>>
>> Does that seem okay? If so, I'll send the patch...
>
> Probably useful for debug, but instead of relying on __memcpy
> happening to handle overlaps - which isn't portable you could instead
> debug all platforms by doing
>
> if (...) {
> warn(...)
> memmove()
> } else
> __memcpy
>
Yeah, that's kind of where we started (but without the warning). I
prefer this, since we don't run the risk of MAYBE breaking. We warn,
but we remain safe.
-Kees
--
Kees Cook
Chrome OS & Brillo Security
