Enable FORTIFY and FORMAT SECURITY compile flags

1. Enable below 2 defenses in Makefile "-O2 -D_FORTIFY_SOURCE=2" "-Wformat -Wformat-security" 2. Update related source code impacted by above 2 flags Change-Id: Ib42214848f030b4cf508cd7c52a7e3cc809435d9 Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
2025-09-01 00:47:23 +00:00 · 2018-03-13 17:02:51 +08:00
parent 155be81dbf
commit b6d73be1a6
9 changed files with 81 additions and 37 deletions
--- a/devicemodel/core/consport.c
+++ b/devicemodel/core/consport.c
@@ -84,17 +84,20 @@ ttyread(void)
 	char rb;

 	if (tty_char_available()) {
-		read(STDIN_FILENO, &rb, 1);
-		return (rb & 0xff);
-	} else {
-		return -1;
+		if (read(STDIN_FILENO, &rb, 1) > 0)
+			return (rb & 0xff);
 	}
+	return -1;
 }

-static void
+
+static	int
 ttywrite(unsigned char wb)
 {
-	(void) write(STDOUT_FILENO, &wb, 1);
+	if (write(STDOUT_FILENO, &wb, 1) > 0)
+		return 1;
+
+	return -1;
 }

 static int
--- a/devicemodel/core/mevent.c
+++ b/devicemodel/core/mevent.c
@@ -109,7 +109,8 @@ mevent_pipe_read(int fd, enum ev_type type, void *param)
 	} while (status == MEVENT_MAX);
 }

-void
+/*On error, -1 is returned, else return zero*/
+int
 mevent_notify(void)
 {
 	char c;
@@ -119,7 +120,9 @@ mevent_notify(void)
 	 * pipe to force the i/o thread to exit the blocking epoll call.
 	 */
 	if (mevent_pipefd[1] != 0 && pthread_self() != mevent_tid)
-		write(mevent_pipefd[1], &c, 1);
+		if (write(mevent_pipefd[1], &c, 1) <= 0)
+			return -1;
+	return 0;
 }

 static int