Lines Matching +full:run +full:- +full:time
1 /* SPDX-License-Identifier: GPL-2.0 */
26 size_t __p_len = __p_size - 1; \
72 * unsafe_memcpy - memcpy implementation with no FORTIFY bounds checking
77 * @justification: Free-form text or comment describing why the use is needed
104 * strncpy - Copy a string to memory with non-guaranteed NUL padding
107 * @q: pointer to NUL-terminated source string to copy
111 * and @p will NOT be NUL-terminated
117 * over-reads of @q, it cannot defend against writing unterminated
122 * +--------------------+-----------------+------------+
125 * | NUL-terminated | strscpy_pad() | strscpy() |
126 * +--------------------+-----------------+------------+
127 * | not NUL-terminated | strtomem_pad() | strtomem() |
128 * +--------------------+-----------------+------------+
166 /* We can take compile-time actions when maxlen is const. */ in strnlen()
168 /* If p is const, we can use its compile-time-known len. */ in strnlen()
182 * possible for strlen() to be used on compile-time strings for use in
215 len = (q_len >= size) ? size - 1 : q_len; in strlcpy()
244 * If size can be known at compile time and is greater than in strscpy()
245 * p_size, generate a compile time write overflow error. in strscpy()
257 * -E2BIG being returned. in strscpy()
303 * can perform compile-time bounds checking where in fortify_memset_chk()
304 * buffer sizes are also known at compile time. in fortify_memset_chk()
318 * so run-time bounds checking can be done where buffer sizes are in fortify_memset_chk()
320 * be compile-time warnings, and we want to still warn for run-time in fortify_memset_chk()
342 * evaluating argument side-effects further into the macro layers.
359 * +-------+-------+-------+-------+
360 * | Compile time | Run time |
362 * dest source length +-------+-------+-------+-------+
371 * +-------+-------+-------+-------+
373 * y = perform deterministic compile-time bounds checking
374 * n = cannot perform deterministic compile-time bounds checking
375 * n/a = no run-time bounds checking needed since compile-time deterministic
376 * B = can perform run-time bounds checking (currently unimplemented)
377 * V = vulnerable to run-time overflow (will need refactoring to solve)
390 * can perform compile-time bounds checking where in fortify_memcpy_chk()
391 * buffer sizes are also known at compile time. in fortify_memcpy_chk()
406 * Warn for source field over-read when building with W=1 in fortify_memcpy_chk()
407 * or when an over-write happened, so both can be fixed at in fortify_memcpy_chk()
408 * the same time. in fortify_memcpy_chk()
417 * so run-time bounds checking can be done where buffer sizes are in fortify_memcpy_chk()
419 * be compile-time warnings, and we want to still warn for run-time in fortify_memcpy_chk()
436 * We must ignore p_size_field == 0 for existing 0-element in fortify_memcpy_chk()
443 * that will appear at run-time, without a way for them to be in fortify_memcpy_chk()
444 * detected at compile-time (as can be done when the destination in fortify_memcpy_chk()
465 #op ": detected field-spanning write (size %zu) of single %s (size %zu)\n", \
473 * Notes about compile-time buffer size detection:
494 * - the size of ptr's object (seemingly by design, gcc & clang fail):
496 * - the size of flexible arrays in ptr's obj (by design, dynamic size):
497 * __builtin_object_size(ptr->flex_buf, 1) == SIZE_MAX
498 * - the size of ANY array at the end of ptr's obj (gcc and clang bug):
499 * __builtin_object_size(ptr->end_buf, 1) == SIZE_MAX
503 * - the size of non-array members within ptr's object:
504 * __builtin_object_size(ptr->a, 1) == 2
505 * - the size of non-flexible-array in the middle of ptr's obj:
506 * __builtin_object_size(ptr->middle_buf, 1) == 16
512 * evaluating argument side-effects further into the macro layers.
602 /* Compile-time check for const size overflow. */ in strcpy()
605 /* Run-time check for dynamic size overflow. */ in strcpy()