Merge "_FORTIFY_SOURCE: simplify memset() fortification." into main
diff --git a/libc/include/bits/fortify/string.h b/libc/include/bits/fortify/string.h
index 0b4b70b..d5ae46e 100644
--- a/libc/include/bits/fortify/string.h
+++ b/libc/include/bits/fortify/string.h
@@ -59,6 +59,14 @@
__overloadable {
return __builtin___memmove_chk(dst, src, len, __bos0(dst));
}
+
+/* No diag -- clang diagnoses misuses of this on its own. */
+__BIONIC_FORTIFY_INLINE
+void* _Nonnull memset(void* _Nonnull const s __pass_object_size0, int c, size_t n)
+ __diagnose_as_builtin(__builtin_memset, 1, 2, 3)
+ __overloadable {
+ return __builtin___memset_chk(s, c, n, __bos0(s));
+}
#endif
#if defined(__USE_GNU)
@@ -127,19 +135,6 @@
}
#endif
-/* No diag -- clang diagnoses misuses of this on its own. */
-__BIONIC_FORTIFY_INLINE
-void* _Nonnull memset(void* _Nonnull const s __pass_object_size0, int c, size_t n) __overloadable
- __diagnose_as_builtin(__builtin_memset, 1, 2, 3)
- /* If you're a user who wants this warning to go away: use `(&memset)(foo, bar, baz)`. */
- __clang_warning_if(c && !n, "'memset' will set 0 bytes; maybe the arguments got flipped?") {
-#if __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
- return __builtin___memset_chk(s, c, n, __bos0(s));
-#else
- return __builtin_memset(s, c, n);
-#endif
-}
-
#if __ANDROID_API__ >= 23 && __BIONIC_FORTIFY_RUNTIME_CHECKS_ENABLED
__BIONIC_FORTIFY_INLINE
void* _Nullable memchr(const void* _Nonnull const s __pass_object_size, int c, size_t n) __overloadable {
diff --git a/tests/Android.bp b/tests/Android.bp
index 51afa55..804884a 100644
--- a/tests/Android.bp
+++ b/tests/Android.bp
@@ -636,7 +636,6 @@
"-Wno-format-security",
"-Wno-format-zero-length",
"-Wno-fortify-source",
- "-Wno-memset-transposed-args",
"-Wno-strlcpy-strlcat-size",
"-Wno-strncat-size",
],
diff --git a/tests/clang_fortify_tests.cpp b/tests/clang_fortify_tests.cpp
index da7926d..0b2985d 100644
--- a/tests/clang_fortify_tests.cpp
+++ b/tests/clang_fortify_tests.cpp
@@ -170,8 +170,10 @@
EXPECT_FORTIFY_DEATH(mempcpy(small_buffer, large_buffer, sizeof(large_buffer)));
// expected-error@+1{{will always overflow}}
EXPECT_FORTIFY_DEATH(memset(small_buffer, 0, sizeof(large_buffer)));
- // expected-warning@+1{{arguments got flipped?}}
- EXPECT_NO_DEATH(memset(small_buffer, sizeof(small_buffer), 0));
+#ifdef COMPILATION_TESTS
+ // expected-error@+1{{did you mean to transpose the last two arguments?}}
+ memset(small_buffer, sizeof(small_buffer), 0);
+#endif
// expected-error@+1{{size bigger than buffer}}
EXPECT_FORTIFY_DEATH(bcopy(large_buffer, small_buffer, sizeof(large_buffer)));
// expected-error@+1{{size bigger than buffer}}
