override memcpy and perform size checks

SkewedZeppelin · SkewedZeppelin · commit b2fbe6e83a52 · 2025-03-21T20:30:19.000-04:00
Signed-off-by: Tavi &lt;tavi@divested.dev&gt;
diff --git a/h_malloc.c b/h_malloc.c
@@ -1874,6 +1874,27 @@ EXPORT size_t h_malloc_object_size_fast(const void *p) {
     return SIZE_MAX;
 }
 
+EXPORT void *h_memcpy(void *dst, const void *src, size_t len) {
+    if (len > malloc_object_size(src)) {
+        fatal_error("memcpy read overflow");
+    }
+    if (len > malloc_object_size(dst)) {
+        fatal_error("memcpy buffer overflow");
+    }
+
+    if (dst == src) {
+        return dst;
+    }
+
+    char *d = (char *)dst;
+    const char *s = (const char *)src;
+    for (size_t i = 0; i < len; ++i) {
+        d[i] = s[i];
+    }
+
+    return dst;
+}
+
 EXPORT int h_mallopt(UNUSED int param, UNUSED int value) {
 #ifdef __ANDROID__
     if (param == M_PURGE) {
diff --git a/include/h_malloc.h b/include/h_malloc.h
@@ -15,6 +15,7 @@ extern "C" {
 #define h_realloc realloc
 #define h_aligned_alloc aligned_alloc
 #define h_free free
+#define h_memcpy memcpy
 
 #define h_posix_memalign posix_memalign
 
@@ -54,6 +55,7 @@ __attribute__((alloc_size(2))) void *h_realloc(void *ptr, size_t size);
 __attribute__((malloc)) __attribute__((alloc_size(2))) __attribute__((alloc_align(1)))
 void *h_aligned_alloc(size_t alignment, size_t size);
 void h_free(void *ptr);
+void *h_memcpy(void *dstpp, const void *srcpp, size_t len);
 
 // POSIX
 int h_posix_memalign(void **memptr, size_t alignment, size_t size);
