crypt.h shadow.h and mman.h

2021-07-08 13:08:39 -04:00 · 2021-07-08 13:08:39 -04:00 · 6a057cd9c8
--- a/include/CMakeLists.txt
+++ b/include/CMakeLists.txt
@ -10,6 +10,8 @@
 set(files
  assert_checked.h
  assert.h
+  crypt_checked.h
+  crypt.h
  errno_checked.h
  errno.h
  fcntl.h
@ -28,6 +30,8 @@ set(files
  poll.h
  pwd_checked.h
  pwd.h
+  shadow_checked.h
+  shadow.h
  signal_checked.h
  signal.h
  stdchecked.h
@ -59,6 +63,8 @@ set(posix_arpa_files
  )

 set(posix_sys_files
+  sys/mman_checked.h
+  sys/mman.h
  sys/socket_checked.h
  sys/socket.h
  sys/stat_checked.h
--- a/include/crypt.h
+++ b/include/crypt.h
@ -0,0 +1,32 @@
+//---------------------------------------------------------------------//
+// Wrapper header file that excludes Checked-C-specific declarations   //
+// if the compilation is not for Checked C, or if is for Checked C     //
+// but the implicit inclusion of checked header files is disabled.     //
+/////////////////////////////////////////////////////////////////////////
+
+
+// Uses clang-specific __has_include macro to detect unistd.h
+// which is required by Posix Standard.
+// The Windows environment also may not have unistd.h
+#if defined __has_include_next && __has_include_next(<crypt.h>)
+
+#if !defined __checkedc || defined NO_IMPLICIT_INCLUDE_CHECKED_HDRS
+
+#ifdef __checkedc
+#pragma CHECKED_SCOPE push
+#pragma CHECKED_SCOPE off
+#endif
+
+#include_next <crypt.h>
+
+#ifdef __checkedc
+#pragma CHECKED_SCOPE pop
+#endif
+
+#else // checkedc && implicit include enabled
+#include <crypt_checked.h>
+#endif
+
+#else // doesn't have unistd.h
+#error "cannot include 'crypt.h' because this system does not have the original header, even though Checked C provides a wrapper for it"
+#endif
--- a/include/crypt_checked.h
+++ b/include/crypt_checked.h
@ -0,0 +1,30 @@
+//---------------------------------------------------------------------//
+// Bounds-safe interfaces for functions in crypt.h that               //
+// take pointer arguments.                                             //
+//                                                                     //
+/////////////////////////////////////////////////////////////////////////
+
+#ifdef __checkedc
+#pragma CHECKED_SCOPE push
+#pragma CHECKED_SCOPE off
+#endif
+
+#include_next <crypt.h>
+
+#ifdef __checkedc
+#pragma CHECKED_SCOPE pop
+#endif
+
+#ifdef __checkedc
+#ifndef __CRYPT_CHECKED_H
+#define __CRYPT_CHECKED_H
+
+#pragma CHECKED_SCOPE push
+#pragma CHECKED_SCOPE on
+
+char * crypt(const char *phrase : itype(_Nt_array_ptr<const char>), const char *setting : itype(_Nt_array_ptr<const char>)) : itype(_Nt_array_ptr<char>);
+
+#pragma CHECKED_SCOPE pop
+
+#endif // guard
+#endif // Checked C
--- a/include/shadow.h
+++ b/include/shadow.h
@ -0,0 +1,32 @@
+//---------------------------------------------------------------------//
+// Wrapper header file that excludes Checked-C-specific declarations   //
+// if the compilation is not for Checked C, or if is for Checked C     //
+// but the implicit inclusion of checked header files is disabled.     //
+/////////////////////////////////////////////////////////////////////////
+
+
+// Uses clang-specific __has_include macro to detect unistd.h
+// which is required by Posix Standard.
+// The Windows environment also may not have unistd.h
+#if defined __has_include_next && __has_include_next(<shadow.h>)
+
+#if !defined __checkedc || defined NO_IMPLICIT_INCLUDE_CHECKED_HDRS
+
+#ifdef __checkedc
+#pragma CHECKED_SCOPE push
+#pragma CHECKED_SCOPE off
+#endif
+
+#include_next <shadow.h>
+
+#ifdef __checkedc
+#pragma CHECKED_SCOPE pop
+#endif
+
+#else // checkedc && implicit include enabled
+#include <shadow_checked.h>
+#endif
+
+#else // doesn't have unistd.h
+#error "cannot include 'shadow.h' because this system does not have the original header, even though Checked C provides a wrapper for it"
+#endif
--- a/include/shadow_checked.h
+++ b/include/shadow_checked.h
@ -0,0 +1,30 @@
+//---------------------------------------------------------------------//
+// Bounds-safe interfaces for functions in shadow.h that               //
+// take pointer arguments.                                             //
+//                                                                     //
+/////////////////////////////////////////////////////////////////////////
+
+#ifdef __checkedc
+#pragma CHECKED_SCOPE push
+#pragma CHECKED_SCOPE off
+#endif
+
+#include_next <shadow.h>
+
+#ifdef __checkedc
+#pragma CHECKED_SCOPE pop
+#endif
+
+#ifdef __checkedc
+#ifndef __SHADOW_CHECKED_H
+#define __SHADOW_CHECKED_H
+
+#pragma CHECKED_SCOPE push
+#pragma CHECKED_SCOPE on
+
+struct spwd *getspnam(const char *name : itype(_Nt_array_ptr<const char>)) : itype(_Ptr<struct spwd>);
+
+#pragma CHECKED_SCOPE pop
+
+#endif // guard
+#endif // Checked C
--- a/include/sys/mman.h
+++ b/include/sys/mman.h
@ -0,0 +1,23 @@
+//---------------------------------------------------------------------//
+// Wrapper header file that excludes Checked-C-specific declarations   //
+// if the compilation is not for Checked C, or if is for Checked C     //
+// but the implicit inclusion of checked header files is disabled.     //
+/////////////////////////////////////////////////////////////////////////
+
+
+#if !defined __checkedc || defined NO_IMPLICIT_INCLUDE_CHECKED_HDRS
+
+#ifdef __checkedc
+#pragma CHECKED_SCOPE push
+#pragma CHECKED_SCOPE off
+#endif
+
+#include_next <sys/mman.h>
+
+#ifdef __checkedc
+#pragma CHECKED_SCOPE pop
+#endif
+
+#else // checkedc && implicit include enabled
+#include <sys/mman_checked.h>
+#endif
--- a/include/sys/mman_checked.h
+++ b/include/sys/mman_checked.h
@ -0,0 +1,33 @@
+//---------------------------------------------------------------------//
+// Bounds-safe interfaces for functions in sys/mman.h that             //
+// take pointer arguments.                                             //
+//                                                                     //
+/////////////////////////////////////////////////////////////////////////
+
+#ifdef __checkedc
+#pragma CHECKED_SCOPE push
+#pragma CHECKED_SCOPE off
+#endif
+
+#include_next <sys/mman.h>
+
+#ifdef __checkedc
+#pragma CHECKED_SCOPE pop
+#endif
+
+#ifdef __checkedc
+#ifndef __MMAN_CHECKED_H
+#define __MMAN_CHECKED_H
+
+#pragma CHECKED_SCOPE push
+#pragma CHECKED_SCOPE on
+
+_Itype_for_any(T) void *
+mmap(void *addr : itype(_Array_ptr<T>) byte_count(0),
+     size_t length, int prot, int flags, int fd, off_t offset) 
+  : itype(_Array_ptr<T>) byte_count(length);
+
+#pragma CHECKED_SCOPE pop
+
+#endif // guard
+#endif // Checked C
--- a/include/unistd_checked.h
+++ b/include/unistd_checked.h
@ -68,6 +68,8 @@ extern int execve(const char *pathname : itype(_Nt_array_ptr<const char>),
 // Caution: Does not null-terminate `name` on overflow.
 int gethostname(char *name : count(len), size_t len);

+extern char *getusershell(void) : itype(_Nt_array_ptr<char>);
+
 #endif

 #pragma CHECKED_SCOPE pop