fortify_test.cpp revision 409588cdae447a0e58bf136a9ea3a9b8d321fbf3
1/* 2 * Copyright (C) 2013 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#include <gtest/gtest.h> 18#include <signal.h> 19#include <string.h> 20#include <stdarg.h> 21#include <sys/types.h> 22#include <sys/stat.h> 23#include <sys/socket.h> 24#include <malloc.h> 25#include <fcntl.h> 26 27// We have to say "DeathTest" here so gtest knows to run this test (which exits) 28// in its own process. Unfortunately, the C preprocessor doesn't give us an 29// easy way to concatenate strings, so we need to use the complicated method 30// below. *sigh* 31#define DEATHTEST_PASTER(name) name##_DeathTest 32#define DEATHTEST_EVALUATOR(name) DEATHTEST_PASTER(name) 33#define DEATHTEST DEATHTEST_EVALUATOR(TEST_NAME) 34 35#if defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE == 2 36struct foo { 37 char empty[0]; 38 char one[1]; 39 char a[10]; 40 char b[10]; 41}; 42 43#ifndef __clang__ 44// This test is disabled in clang because clang doesn't properly detect 45// this buffer overflow. TODO: Fix clang. 46TEST(DEATHTEST, stpncpy_fortified2) { 47 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 48 foo myfoo; 49 int copy_amt = atoi("11"); 50 ASSERT_EXIT(stpncpy(myfoo.a, "01234567890", copy_amt), 51 testing::KilledBySignal(SIGABRT), ""); 52} 53#endif 54 55#ifndef __clang__ 56// This test is disabled in clang because clang doesn't properly detect 57// this buffer overflow. TODO: Fix clang. 58TEST(DEATHTEST, stpncpy2_fortified2) { 59 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 60 foo myfoo; 61 memset(&myfoo, 0, sizeof(myfoo)); 62 myfoo.one[0] = 'A'; // not null terminated string 63 ASSERT_EXIT(stpncpy(myfoo.b, myfoo.one, sizeof(myfoo.b)), 64 testing::KilledBySignal(SIGABRT), ""); 65} 66#endif 67 68#ifndef __clang__ 69// This test is disabled in clang because clang doesn't properly detect 70// this buffer overflow. TODO: Fix clang. 71TEST(DEATHTEST, strncpy_fortified2) { 72 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 73 foo myfoo; 74 int copy_amt = atoi("11"); 75 ASSERT_EXIT(strncpy(myfoo.a, "01234567890", copy_amt), 76 testing::KilledBySignal(SIGABRT), ""); 77} 78#endif 79 80#ifndef __clang__ 81// This test is disabled in clang because clang doesn't properly detect 82// this buffer overflow. TODO: Fix clang. 83TEST(DEATHTEST, strncpy2_fortified2) { 84 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 85 foo myfoo; 86 memset(&myfoo, 0, sizeof(myfoo)); 87 myfoo.one[0] = 'A'; // not null terminated string 88 ASSERT_EXIT(strncpy(myfoo.b, myfoo.one, sizeof(myfoo.b)), 89 testing::KilledBySignal(SIGABRT), ""); 90} 91#endif 92 93#ifndef __clang__ 94// This test is disabled in clang because clang doesn't properly detect 95// this buffer overflow. TODO: Fix clang. 96TEST(DEATHTEST, sprintf_fortified2) { 97 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 98 foo myfoo; 99 char source_buf[15]; 100 memcpy(source_buf, "12345678901234", 15); 101 ASSERT_EXIT(sprintf(myfoo.a, "%s", source_buf), 102 testing::KilledBySignal(SIGABRT), ""); 103} 104#endif 105 106#ifndef __clang__ 107// This test is disabled in clang because clang doesn't properly detect 108// this buffer overflow. TODO: Fix clang. 109TEST(DEATHTEST, sprintf2_fortified2) { 110 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 111 foo myfoo; 112 ASSERT_EXIT(sprintf(myfoo.a, "0123456789"), 113 testing::KilledBySignal(SIGABRT), ""); 114} 115#endif 116 117#ifndef __clang__ 118// These tests are disabled in clang because clang doesn't properly detect 119// this buffer overflow. TODO: Fix clang. 120static int vsprintf_helper2(const char *fmt, ...) { 121 foo myfoo; 122 va_list va; 123 int result; 124 125 va_start(va, fmt); 126 result = vsprintf(myfoo.a, fmt, va); // should crash here 127 va_end(va); 128 return result; 129} 130 131TEST(DEATHTEST, vsprintf_fortified2) { 132 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 133 ASSERT_EXIT(vsprintf_helper2("%s", "0123456789"), testing::KilledBySignal(SIGABRT), ""); 134} 135 136TEST(DEATHTEST, vsprintf2_fortified2) { 137 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 138 ASSERT_EXIT(vsprintf_helper2("0123456789"), testing::KilledBySignal(SIGABRT), ""); 139} 140#endif 141 142#ifndef __clang__ 143// These tests are disabled in clang because clang doesn't properly detect 144// this buffer overflow. TODO: Fix clang. 145static int vsnprintf_helper2(const char *fmt, ...) { 146 foo myfoo; 147 va_list va; 148 int result; 149 size_t size = atoi("11"); 150 151 va_start(va, fmt); 152 result = vsnprintf(myfoo.a, size, fmt, va); // should crash here 153 va_end(va); 154 return result; 155} 156 157TEST(DEATHTEST, vsnprintf_fortified2) { 158 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 159 ASSERT_EXIT(vsnprintf_helper2("%s", "0123456789"), testing::KilledBySignal(SIGABRT), ""); 160} 161 162TEST(DEATHTEST, vsnprintf2_fortified2) { 163 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 164 ASSERT_EXIT(vsnprintf_helper2("0123456789"), testing::KilledBySignal(SIGABRT), ""); 165} 166#endif 167 168#ifndef __clang__ 169// zero sized target with "\0" source (should fail) 170// This test is disabled in clang because clang doesn't properly detect 171// this buffer overflow. TODO: Fix clang. 172TEST(DEATHTEST, stpcpy_fortified2) { 173#if defined(__BIONIC__) 174 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 175 foo myfoo; 176 char* src = strdup(""); 177 ASSERT_EXIT(stpcpy(myfoo.empty, src), 178 testing::KilledBySignal(SIGABRT), ""); 179 free(src); 180#else // __BIONIC__ 181 GTEST_LOG_(INFO) << "This test does nothing.\n"; 182#endif // __BIONIC__ 183} 184#endif 185 186#ifndef __clang__ 187// zero sized target with "\0" source (should fail) 188// This test is disabled in clang because clang doesn't properly detect 189// this buffer overflow. TODO: Fix clang. 190TEST(DEATHTEST, strcpy_fortified2) { 191#if defined(__BIONIC__) 192 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 193 foo myfoo; 194 char* src = strdup(""); 195 ASSERT_EXIT(strcpy(myfoo.empty, src), 196 testing::KilledBySignal(SIGABRT), ""); 197 free(src); 198#else // __BIONIC__ 199 GTEST_LOG_(INFO) << "This test does nothing.\n"; 200#endif // __BIONIC__ 201} 202#endif 203 204#ifndef __clang__ 205// zero sized target with longer source (should fail) 206// This test is disabled in clang because clang doesn't properly detect 207// this buffer overflow. TODO: Fix clang. 208TEST(DEATHTEST, strcpy2_fortified2) { 209#if defined(__BIONIC__) 210 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 211 foo myfoo; 212 char* src = strdup("1"); 213 ASSERT_EXIT(strcpy(myfoo.empty, src), 214 testing::KilledBySignal(SIGABRT), ""); 215 free(src); 216#else // __BIONIC__ 217 GTEST_LOG_(INFO) << "This test does nothing.\n"; 218#endif // __BIONIC__ 219} 220#endif 221 222#ifndef __clang__ 223// one byte target with longer source (should fail) 224// This test is disabled in clang because clang doesn't properly detect 225// this buffer overflow. TODO: Fix clang. 226TEST(DEATHTEST, strcpy3_fortified2) { 227#if defined(__BIONIC__) 228 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 229 foo myfoo; 230 char* src = strdup("12"); 231 ASSERT_EXIT(strcpy(myfoo.one, src), 232 testing::KilledBySignal(SIGABRT), ""); 233 free(src); 234#else // __BIONIC__ 235 GTEST_LOG_(INFO) << "This test does nothing.\n"; 236#endif // __BIONIC__ 237} 238#endif 239 240#ifndef __clang__ 241// This test is disabled in clang because clang doesn't properly detect 242// this buffer overflow. TODO: Fix clang. 243TEST(DEATHTEST, strchr_fortified2) { 244#if defined(__BIONIC__) 245 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 246 foo myfoo; 247 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a)); 248 myfoo.b[0] = '\0'; 249 ASSERT_EXIT(printf("%s", strchr(myfoo.a, 'a')), 250 testing::KilledBySignal(SIGABRT), ""); 251#else // __BIONIC__ 252 GTEST_LOG_(INFO) << "This test does nothing.\n"; 253#endif // __BIONIC__ 254} 255#endif 256 257#ifndef __clang__ 258// This test is disabled in clang because clang doesn't properly detect 259// this buffer overflow. TODO: Fix clang. 260TEST(DEATHTEST, strrchr_fortified2) { 261#if defined(__BIONIC__) 262 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 263 foo myfoo; 264 memcpy(myfoo.a, "0123456789", 10); 265 memcpy(myfoo.b, "01234", 6); 266 ASSERT_EXIT(printf("%s", strrchr(myfoo.a, 'a')), 267 testing::KilledBySignal(SIGABRT), ""); 268#else // __BIONIC__ 269 GTEST_LOG_(INFO) << "This test does nothing.\n"; 270#endif // __BIONIC__ 271} 272#endif 273 274#ifndef __clang__ 275// This test is disabled in clang because clang doesn't properly detect 276// this buffer overflow. TODO: Fix clang. 277TEST(DEATHTEST, strlcpy_fortified2) { 278#if defined(__BIONIC__) 279 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 280 foo myfoo; 281 strcpy(myfoo.a, "01"); 282 size_t n = strlen(myfoo.a); 283 ASSERT_EXIT(strlcpy(myfoo.one, myfoo.a, n), 284 testing::KilledBySignal(SIGABRT), ""); 285#else // __BIONIC__ 286 GTEST_LOG_(INFO) << "This test does nothing.\n"; 287#endif // __BIONIC__ 288} 289#endif 290 291#ifndef __clang__ 292// This test is disabled in clang because clang doesn't properly detect 293// this buffer overflow. TODO: Fix clang. 294TEST(DEATHTEST, strlcat_fortified2) { 295#if defined(__BIONIC__) 296 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 297 foo myfoo; 298 strcpy(myfoo.a, "01"); 299 myfoo.one[0] = '\0'; 300 size_t n = strlen(myfoo.a); 301 ASSERT_EXIT(strlcat(myfoo.one, myfoo.a, n), 302 testing::KilledBySignal(SIGABRT), ""); 303#else // __BIONIC__ 304 GTEST_LOG_(INFO) << "This test does nothing.\n"; 305#endif // __BIONIC__ 306} 307#endif 308 309#ifndef __clang__ 310// This test is disabled in clang because clang doesn't properly detect 311// this buffer overflow. TODO: Fix clang. 312TEST(DEATHTEST, strncat_fortified2) { 313 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 314 foo myfoo; 315 size_t n = atoi("10"); // avoid compiler optimizations 316 strncpy(myfoo.a, "012345678", n); 317 ASSERT_EXIT(strncat(myfoo.a, "9", n), testing::KilledBySignal(SIGABRT), ""); 318} 319#endif 320 321#ifndef __clang__ 322// This test is disabled in clang because clang doesn't properly detect 323// this buffer overflow. TODO: Fix clang. 324TEST(DEATHTEST, strncat2_fortified2) { 325 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 326 foo myfoo; 327 myfoo.a[0] = '\0'; 328 size_t n = atoi("10"); // avoid compiler optimizations 329 ASSERT_EXIT(strncat(myfoo.a, "0123456789", n), testing::KilledBySignal(SIGABRT), ""); 330} 331#endif 332 333TEST(DEATHTEST, strncat3_fortified2) { 334 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 335 foo myfoo; 336 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a)); // unterminated string 337 myfoo.b[0] = '\0'; 338 size_t n = atoi("10"); // avoid compiler optimizations 339 ASSERT_EXIT(strncat(myfoo.b, myfoo.a, n), testing::KilledBySignal(SIGABRT), ""); 340} 341 342#ifndef __clang__ 343// This test is disabled in clang because clang doesn't properly detect 344// this buffer overflow. TODO: Fix clang. 345TEST(DEATHTEST, strcat_fortified2) { 346 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 347 char src[11]; 348 strcpy(src, "0123456789"); 349 foo myfoo; 350 myfoo.a[0] = '\0'; 351 ASSERT_EXIT(strcat(myfoo.a, src), testing::KilledBySignal(SIGABRT), ""); 352} 353#endif 354 355TEST(DEATHTEST, strcat2_fortified2) { 356 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 357 foo myfoo; 358 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a)); // unterminated string 359 myfoo.b[0] = '\0'; 360 ASSERT_EXIT(strcat(myfoo.b, myfoo.a), testing::KilledBySignal(SIGABRT), ""); 361} 362 363TEST(DEATHTEST, snprintf_fortified2) { 364 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 365 foo myfoo; 366 strcpy(myfoo.a, "012345678"); 367 size_t n = strlen(myfoo.a) + 2; 368 ASSERT_EXIT(snprintf(myfoo.b, n, "a%s", myfoo.a), testing::KilledBySignal(SIGABRT), ""); 369} 370 371TEST(DEATHTEST, bzero_fortified2) { 372 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 373 foo myfoo; 374 memcpy(myfoo.b, "0123456789", sizeof(myfoo.b)); 375 size_t n = atoi("11"); 376 ASSERT_EXIT(bzero(myfoo.b, n), testing::KilledBySignal(SIGABRT), ""); 377} 378 379#endif /* defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE=2 */ 380 381// multibyte target where we over fill (should fail) 382TEST(DEATHTEST, strcpy_fortified) { 383#if defined(__BIONIC__) 384 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 385 char buf[10]; 386 char *orig = strdup("0123456789"); 387 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), ""); 388 free(orig); 389#else // __BIONIC__ 390 GTEST_LOG_(INFO) << "This test does nothing.\n"; 391#endif // __BIONIC__ 392} 393 394// zero sized target with "\0" source (should fail) 395TEST(DEATHTEST, strcpy2_fortified) { 396#if defined(__BIONIC__) 397 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 398 char buf[0]; 399 char *orig = strdup(""); 400 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), ""); 401 free(orig); 402#else // __BIONIC__ 403 GTEST_LOG_(INFO) << "This test does nothing.\n"; 404#endif // __BIONIC__ 405} 406 407// zero sized target with longer source (should fail) 408TEST(DEATHTEST, strcpy3_fortified) { 409#if defined(__BIONIC__) 410 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 411 char buf[0]; 412 char *orig = strdup("1"); 413 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), ""); 414 free(orig); 415#else // __BIONIC__ 416 GTEST_LOG_(INFO) << "This test does nothing.\n"; 417#endif // __BIONIC__ 418} 419 420// one byte target with longer source (should fail) 421TEST(DEATHTEST, strcpy4_fortified) { 422#if defined(__BIONIC__) 423 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 424 char buf[1]; 425 char *orig = strdup("12"); 426 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), ""); 427 free(orig); 428#else // __BIONIC__ 429 GTEST_LOG_(INFO) << "This test does nothing.\n"; 430#endif // __BIONIC__ 431} 432 433TEST(DEATHTEST, strlen_fortified) { 434#if defined(__BIONIC__) 435 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 436 char buf[10]; 437 memcpy(buf, "0123456789", sizeof(buf)); 438 ASSERT_EXIT(printf("%zd", strlen(buf)), testing::KilledBySignal(SIGABRT), ""); 439#else // __BIONIC__ 440 GTEST_LOG_(INFO) << "This test does nothing.\n"; 441#endif // __BIONIC__ 442} 443 444TEST(DEATHTEST, strchr_fortified) { 445#if defined(__BIONIC__) 446 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 447 char buf[10]; 448 memcpy(buf, "0123456789", sizeof(buf)); 449 ASSERT_EXIT(printf("%s", strchr(buf, 'a')), testing::KilledBySignal(SIGABRT), ""); 450#else // __BIONIC__ 451 GTEST_LOG_(INFO) << "This test does nothing.\n"; 452#endif // __BIONIC__ 453} 454 455TEST(DEATHTEST, strrchr_fortified) { 456#if defined(__BIONIC__) 457 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 458 char buf[10]; 459 memcpy(buf, "0123456789", sizeof(buf)); 460 ASSERT_EXIT(printf("%s", strrchr(buf, 'a')), testing::KilledBySignal(SIGABRT), ""); 461#else // __BIONIC__ 462 GTEST_LOG_(INFO) << "This test does nothing.\n"; 463#endif // __BIONIC__ 464} 465 466TEST(DEATHTEST, strlcpy_fortified) { 467#if defined(__BIONIC__) 468 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 469 char bufa[15]; 470 char bufb[10]; 471 strcpy(bufa, "01234567890123"); 472 size_t n = strlen(bufa); 473 ASSERT_EXIT(strlcpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), ""); 474#else // __BIONIC__ 475 GTEST_LOG_(INFO) << "This test does nothing.\n"; 476#endif // __BIONIC__ 477} 478 479TEST(DEATHTEST, strlcat_fortified) { 480#if defined(__BIONIC__) 481 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 482 char bufa[15]; 483 char bufb[10]; 484 bufb[0] = '\0'; 485 strcpy(bufa, "01234567890123"); 486 size_t n = strlen(bufa); 487 ASSERT_EXIT(strlcat(bufb, bufa, n), testing::KilledBySignal(SIGABRT), ""); 488#else // __BIONIC__ 489 GTEST_LOG_(INFO) << "This test does nothing.\n"; 490#endif // __BIONIC__ 491} 492 493TEST(DEATHTEST, sprintf_fortified) { 494 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 495 char buf[10]; 496 char source_buf[15]; 497 memcpy(source_buf, "12345678901234", 15); 498 ASSERT_EXIT(sprintf(buf, "%s", source_buf), testing::KilledBySignal(SIGABRT), ""); 499} 500 501#ifndef __clang__ 502// This test is disabled in clang because clang doesn't properly detect 503// this buffer overflow. TODO: Fix clang. 504TEST(DEATHTEST, sprintf_malloc_fortified) { 505 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 506 char* buf = (char *) malloc(10); 507 char source_buf[11]; 508 memcpy(source_buf, "1234567890", 11); 509 ASSERT_EXIT(sprintf(buf, "%s", source_buf), testing::KilledBySignal(SIGABRT), ""); 510 free(buf); 511} 512#endif 513 514TEST(DEATHTEST, sprintf2_fortified) { 515 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 516 char buf[5]; 517 ASSERT_EXIT(sprintf(buf, "aaaaa"), testing::KilledBySignal(SIGABRT), ""); 518} 519 520static int vsprintf_helper(const char *fmt, ...) { 521 char buf[10]; 522 va_list va; 523 int result; 524 525 va_start(va, fmt); 526 result = vsprintf(buf, fmt, va); // should crash here 527 va_end(va); 528 return result; 529} 530 531TEST(DEATHTEST, vsprintf_fortified) { 532 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 533 ASSERT_EXIT(vsprintf_helper("%s", "0123456789"), testing::KilledBySignal(SIGABRT), ""); 534} 535 536TEST(DEATHTEST, vsprintf2_fortified) { 537 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 538 ASSERT_EXIT(vsprintf_helper("0123456789"), testing::KilledBySignal(SIGABRT), ""); 539} 540 541static int vsnprintf_helper(const char *fmt, ...) { 542 char buf[10]; 543 va_list va; 544 int result; 545 size_t size = atoi("11"); 546 547 va_start(va, fmt); 548 result = vsnprintf(buf, size, fmt, va); // should crash here 549 va_end(va); 550 return result; 551} 552 553TEST(DEATHTEST, vsnprintf_fortified) { 554 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 555 ASSERT_EXIT(vsnprintf_helper("%s", "0123456789"), testing::KilledBySignal(SIGABRT), ""); 556} 557 558TEST(DEATHTEST, vsnprintf2_fortified) { 559 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 560 ASSERT_EXIT(vsnprintf_helper("0123456789"), testing::KilledBySignal(SIGABRT), ""); 561} 562 563TEST(DEATHTEST, strncat_fortified) { 564 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 565 char buf[10]; 566 size_t n = atoi("10"); // avoid compiler optimizations 567 strncpy(buf, "012345678", n); 568 ASSERT_EXIT(strncat(buf, "9", n), testing::KilledBySignal(SIGABRT), ""); 569} 570 571TEST(DEATHTEST, strncat2_fortified) { 572 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 573 char buf[10]; 574 buf[0] = '\0'; 575 size_t n = atoi("10"); // avoid compiler optimizations 576 ASSERT_EXIT(strncat(buf, "0123456789", n), testing::KilledBySignal(SIGABRT), ""); 577} 578 579TEST(DEATHTEST, strcat_fortified) { 580 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 581 char src[11]; 582 strcpy(src, "0123456789"); 583 char buf[10]; 584 buf[0] = '\0'; 585 ASSERT_EXIT(strcat(buf, src), testing::KilledBySignal(SIGABRT), ""); 586} 587 588TEST(DEATHTEST, memmove_fortified) { 589 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 590 char buf[20]; 591 strcpy(buf, "0123456789"); 592 size_t n = atoi("10"); 593 ASSERT_EXIT(memmove(buf + 11, buf, n), testing::KilledBySignal(SIGABRT), ""); 594} 595 596TEST(DEATHTEST, memcpy_fortified) { 597 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 598 char bufa[10]; 599 char bufb[10]; 600 strcpy(bufa, "012345678"); 601 size_t n = atoi("11"); 602 ASSERT_EXIT(memcpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), ""); 603} 604 605TEST(DEATHTEST, stpncpy_fortified) { 606 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 607 char bufa[15]; 608 char bufb[10]; 609 strcpy(bufa, "01234567890123"); 610 size_t n = strlen(bufa); 611 ASSERT_EXIT(stpncpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), ""); 612} 613 614TEST(DEATHTEST, stpncpy2_fortified) { 615 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 616 char dest[11]; 617 char src[10]; 618 memcpy(src, "0123456789", sizeof(src)); // src is not null terminated 619 ASSERT_EXIT(stpncpy(dest, src, sizeof(dest)), testing::KilledBySignal(SIGABRT), ""); 620} 621 622TEST(DEATHTEST, strncpy_fortified) { 623 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 624 char bufa[15]; 625 char bufb[10]; 626 strcpy(bufa, "01234567890123"); 627 size_t n = strlen(bufa); 628 ASSERT_EXIT(strncpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), ""); 629} 630 631 632TEST(DEATHTEST, strncpy2_fortified) { 633 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 634 char dest[11]; 635 char src[10]; 636 memcpy(src, "0123456789", sizeof(src)); // src is not null terminated 637 ASSERT_EXIT(strncpy(dest, src, sizeof(dest)), testing::KilledBySignal(SIGABRT), ""); 638} 639 640TEST(DEATHTEST, snprintf_fortified) { 641 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 642 char bufa[15]; 643 char bufb[10]; 644 strcpy(bufa, "0123456789"); 645 size_t n = strlen(bufa) + 1; 646 ASSERT_EXIT(snprintf(bufb, n, "%s", bufa), testing::KilledBySignal(SIGABRT), ""); 647} 648 649TEST(DEATHTEST, bzero_fortified) { 650 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 651 char buf[10]; 652 memcpy(buf, "0123456789", sizeof(buf)); 653 size_t n = atoi("11"); 654 ASSERT_EXIT(bzero(buf, n), testing::KilledBySignal(SIGABRT), ""); 655} 656 657TEST(DEATHTEST, umask_fortified) { 658 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 659 mode_t mask = atoi("1023"); // 01777 in octal 660 ASSERT_EXIT(umask(mask), testing::KilledBySignal(SIGABRT), ""); 661} 662 663TEST(DEATHTEST, recv_fortified) { 664 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 665 size_t data_len = atoi("11"); // suppress compiler optimizations 666 char buf[10]; 667 ASSERT_EXIT(recv(0, buf, data_len, 0), testing::KilledBySignal(SIGABRT), ""); 668} 669 670TEST(DEATHTEST, FD_ISSET_fortified) { 671#ifdef __BIONIC__ // glibc catches this at compile-time. 672 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 673 fd_set set; 674 memset(&set, 0, sizeof(set)); 675 ASSERT_EXIT(FD_ISSET(-1, &set), testing::KilledBySignal(SIGABRT), ""); 676#endif 677} 678 679TEST(DEATHTEST, FD_ISSET_2_fortified) { 680 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 681 char buf[1]; 682 fd_set* set = (fd_set*) buf; 683 ASSERT_EXIT(FD_ISSET(0, set), testing::KilledBySignal(SIGABRT), ""); 684} 685 686// gtest's ASSERT_EXIT needs a valid expression, but glibc has a do-while macro. 687static void FD_ZERO_function(fd_set* s) { FD_ZERO(s); } 688 689TEST(DEATHTEST, FD_ZERO_fortified) { 690 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 691 char buf[1]; 692 fd_set* set = (fd_set*) buf; 693 ASSERT_EXIT(FD_ZERO_function(set), testing::KilledBySignal(SIGABRT), ""); 694} 695 696TEST(DEATHTEST, read_fortified) { 697 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 698 char buf[1]; 699 size_t ct = atoi("2"); // prevent optimizations 700 int fd = open("/dev/null", O_RDONLY); 701 ASSERT_EXIT(read(fd, buf, ct), testing::KilledBySignal(SIGABRT), ""); 702 close(fd); 703} 704 705extern "C" char* __strncat_chk(char*, const char*, size_t, size_t); 706extern "C" char* __strcat_chk(char*, const char*, size_t); 707 708TEST(TEST_NAME, strncat) { 709 char buf[10]; 710 memset(buf, 'A', sizeof(buf)); 711 buf[0] = 'a'; 712 buf[1] = '\0'; 713 char* res = __strncat_chk(buf, "01234", sizeof(buf) - strlen(buf) - 1, sizeof(buf)); 714 ASSERT_EQ(buf, res); 715 ASSERT_EQ('a', buf[0]); 716 ASSERT_EQ('0', buf[1]); 717 ASSERT_EQ('1', buf[2]); 718 ASSERT_EQ('2', buf[3]); 719 ASSERT_EQ('3', buf[4]); 720 ASSERT_EQ('4', buf[5]); 721 ASSERT_EQ('\0', buf[6]); 722 ASSERT_EQ('A', buf[7]); 723 ASSERT_EQ('A', buf[8]); 724 ASSERT_EQ('A', buf[9]); 725} 726 727TEST(TEST_NAME, strncat2) { 728 char buf[10]; 729 memset(buf, 'A', sizeof(buf)); 730 buf[0] = 'a'; 731 buf[1] = '\0'; 732 char* res = __strncat_chk(buf, "0123456789", 5, sizeof(buf)); 733 ASSERT_EQ(buf, res); 734 ASSERT_EQ('a', buf[0]); 735 ASSERT_EQ('0', buf[1]); 736 ASSERT_EQ('1', buf[2]); 737 ASSERT_EQ('2', buf[3]); 738 ASSERT_EQ('3', buf[4]); 739 ASSERT_EQ('4', buf[5]); 740 ASSERT_EQ('\0', buf[6]); 741 ASSERT_EQ('A', buf[7]); 742 ASSERT_EQ('A', buf[8]); 743 ASSERT_EQ('A', buf[9]); 744} 745 746TEST(TEST_NAME, strncat3) { 747 char buf[10]; 748 memset(buf, 'A', sizeof(buf)); 749 buf[0] = '\0'; 750 char* res = __strncat_chk(buf, "0123456789", 5, sizeof(buf)); 751 ASSERT_EQ(buf, res); 752 ASSERT_EQ('0', buf[0]); 753 ASSERT_EQ('1', buf[1]); 754 ASSERT_EQ('2', buf[2]); 755 ASSERT_EQ('3', buf[3]); 756 ASSERT_EQ('4', buf[4]); 757 ASSERT_EQ('\0', buf[5]); 758 ASSERT_EQ('A', buf[6]); 759 ASSERT_EQ('A', buf[7]); 760 ASSERT_EQ('A', buf[8]); 761 ASSERT_EQ('A', buf[9]); 762} 763 764TEST(TEST_NAME, strncat4) { 765 char buf[10]; 766 memset(buf, 'A', sizeof(buf)); 767 buf[9] = '\0'; 768 char* res = __strncat_chk(buf, "", 5, sizeof(buf)); 769 ASSERT_EQ(buf, res); 770 ASSERT_EQ('A', buf[0]); 771 ASSERT_EQ('A', buf[1]); 772 ASSERT_EQ('A', buf[2]); 773 ASSERT_EQ('A', buf[3]); 774 ASSERT_EQ('A', buf[4]); 775 ASSERT_EQ('A', buf[5]); 776 ASSERT_EQ('A', buf[6]); 777 ASSERT_EQ('A', buf[7]); 778 ASSERT_EQ('A', buf[8]); 779 ASSERT_EQ('\0', buf[9]); 780} 781 782TEST(TEST_NAME, strncat5) { 783 char buf[10]; 784 memset(buf, 'A', sizeof(buf)); 785 buf[0] = 'a'; 786 buf[1] = '\0'; 787 char* res = __strncat_chk(buf, "01234567", 8, sizeof(buf)); 788 ASSERT_EQ(buf, res); 789 ASSERT_EQ('a', buf[0]); 790 ASSERT_EQ('0', buf[1]); 791 ASSERT_EQ('1', buf[2]); 792 ASSERT_EQ('2', buf[3]); 793 ASSERT_EQ('3', buf[4]); 794 ASSERT_EQ('4', buf[5]); 795 ASSERT_EQ('5', buf[6]); 796 ASSERT_EQ('6', buf[7]); 797 ASSERT_EQ('7', buf[8]); 798 ASSERT_EQ('\0', buf[9]); 799} 800 801TEST(TEST_NAME, strncat6) { 802 char buf[10]; 803 memset(buf, 'A', sizeof(buf)); 804 buf[0] = 'a'; 805 buf[1] = '\0'; 806 char* res = __strncat_chk(buf, "01234567", 9, sizeof(buf)); 807 ASSERT_EQ(buf, res); 808 ASSERT_EQ('a', buf[0]); 809 ASSERT_EQ('0', buf[1]); 810 ASSERT_EQ('1', buf[2]); 811 ASSERT_EQ('2', buf[3]); 812 ASSERT_EQ('3', buf[4]); 813 ASSERT_EQ('4', buf[5]); 814 ASSERT_EQ('5', buf[6]); 815 ASSERT_EQ('6', buf[7]); 816 ASSERT_EQ('7', buf[8]); 817 ASSERT_EQ('\0', buf[9]); 818} 819 820 821TEST(TEST_NAME, strcat) { 822 char buf[10]; 823 memset(buf, 'A', sizeof(buf)); 824 buf[0] = 'a'; 825 buf[1] = '\0'; 826 char* res = __strcat_chk(buf, "01234", sizeof(buf)); 827 ASSERT_EQ(buf, res); 828 ASSERT_EQ('a', buf[0]); 829 ASSERT_EQ('0', buf[1]); 830 ASSERT_EQ('1', buf[2]); 831 ASSERT_EQ('2', buf[3]); 832 ASSERT_EQ('3', buf[4]); 833 ASSERT_EQ('4', buf[5]); 834 ASSERT_EQ('\0', buf[6]); 835 ASSERT_EQ('A', buf[7]); 836 ASSERT_EQ('A', buf[8]); 837 ASSERT_EQ('A', buf[9]); 838} 839 840TEST(TEST_NAME, strcat2) { 841 char buf[10]; 842 memset(buf, 'A', sizeof(buf)); 843 buf[0] = 'a'; 844 buf[1] = '\0'; 845 char* res = __strcat_chk(buf, "01234567", sizeof(buf)); 846 ASSERT_EQ(buf, res); 847 ASSERT_EQ('a', buf[0]); 848 ASSERT_EQ('0', buf[1]); 849 ASSERT_EQ('1', buf[2]); 850 ASSERT_EQ('2', buf[3]); 851 ASSERT_EQ('3', buf[4]); 852 ASSERT_EQ('4', buf[5]); 853 ASSERT_EQ('5', buf[6]); 854 ASSERT_EQ('6', buf[7]); 855 ASSERT_EQ('7', buf[8]); 856 ASSERT_EQ('\0', buf[9]); 857} 858 859TEST(TEST_NAME, stpncpy) { 860 char src[10]; 861 char dst[10]; 862 memcpy(src, "0123456789", sizeof(src)); // non null terminated string 863 stpncpy(dst, src, sizeof(dst)); 864 ASSERT_EQ('0', dst[0]); 865 ASSERT_EQ('1', dst[1]); 866 ASSERT_EQ('2', dst[2]); 867 ASSERT_EQ('3', dst[3]); 868 ASSERT_EQ('4', dst[4]); 869 ASSERT_EQ('5', dst[5]); 870 ASSERT_EQ('6', dst[6]); 871 ASSERT_EQ('7', dst[7]); 872 ASSERT_EQ('8', dst[8]); 873 ASSERT_EQ('9', dst[9]); 874} 875 876TEST(TEST_NAME, stpncpy2) { 877 char src[10]; 878 char dst[15]; 879 memcpy(src, "012345678\0", sizeof(src)); 880 stpncpy(dst, src, sizeof(dst)); 881 ASSERT_EQ('0', dst[0]); 882 ASSERT_EQ('1', dst[1]); 883 ASSERT_EQ('2', dst[2]); 884 ASSERT_EQ('3', dst[3]); 885 ASSERT_EQ('4', dst[4]); 886 ASSERT_EQ('5', dst[5]); 887 ASSERT_EQ('6', dst[6]); 888 ASSERT_EQ('7', dst[7]); 889 ASSERT_EQ('8', dst[8]); 890 ASSERT_EQ('\0', dst[9]); 891 ASSERT_EQ('\0', dst[10]); 892 ASSERT_EQ('\0', dst[11]); 893 ASSERT_EQ('\0', dst[12]); 894 ASSERT_EQ('\0', dst[13]); 895 ASSERT_EQ('\0', dst[14]); 896} 897 898TEST(TEST_NAME, strncpy) { 899 char src[10]; 900 char dst[10]; 901 memcpy(src, "0123456789", sizeof(src)); // non null terminated string 902 strncpy(dst, src, sizeof(dst)); 903 ASSERT_EQ('0', dst[0]); 904 ASSERT_EQ('1', dst[1]); 905 ASSERT_EQ('2', dst[2]); 906 ASSERT_EQ('3', dst[3]); 907 ASSERT_EQ('4', dst[4]); 908 ASSERT_EQ('5', dst[5]); 909 ASSERT_EQ('6', dst[6]); 910 ASSERT_EQ('7', dst[7]); 911 ASSERT_EQ('8', dst[8]); 912 ASSERT_EQ('9', dst[9]); 913} 914 915TEST(TEST_NAME, strncpy2) { 916 char src[10]; 917 char dst[15]; 918 memcpy(src, "012345678\0", sizeof(src)); 919 strncpy(dst, src, sizeof(dst)); 920 ASSERT_EQ('0', dst[0]); 921 ASSERT_EQ('1', dst[1]); 922 ASSERT_EQ('2', dst[2]); 923 ASSERT_EQ('3', dst[3]); 924 ASSERT_EQ('4', dst[4]); 925 ASSERT_EQ('5', dst[5]); 926 ASSERT_EQ('6', dst[6]); 927 ASSERT_EQ('7', dst[7]); 928 ASSERT_EQ('8', dst[8]); 929 ASSERT_EQ('\0', dst[9]); 930 ASSERT_EQ('\0', dst[10]); 931 ASSERT_EQ('\0', dst[11]); 932 ASSERT_EQ('\0', dst[12]); 933 ASSERT_EQ('\0', dst[13]); 934 ASSERT_EQ('\0', dst[14]); 935} 936 937TEST(TEST_NAME, strcat_chk_max_int_size) { 938 char buf[10]; 939 memset(buf, 'A', sizeof(buf)); 940 buf[0] = 'a'; 941 buf[1] = '\0'; 942 char* res = __strcat_chk(buf, "01234567", (size_t)-1); 943 ASSERT_EQ(buf, res); 944 ASSERT_EQ('a', buf[0]); 945 ASSERT_EQ('0', buf[1]); 946 ASSERT_EQ('1', buf[2]); 947 ASSERT_EQ('2', buf[3]); 948 ASSERT_EQ('3', buf[4]); 949 ASSERT_EQ('4', buf[5]); 950 ASSERT_EQ('5', buf[6]); 951 ASSERT_EQ('6', buf[7]); 952 ASSERT_EQ('7', buf[8]); 953 ASSERT_EQ('\0', buf[9]); 954} 955 956extern "C" char* __stpcpy_chk(char*, const char*, size_t); 957 958TEST(TEST_NAME, stpcpy_chk_max_int_size) { 959 char buf[10]; 960 char* res = __stpcpy_chk(buf, "012345678", (size_t)-1); 961 ASSERT_EQ(buf + strlen("012345678"), res); 962 ASSERT_STREQ("012345678", buf); 963} 964 965extern "C" char* __strcpy_chk(char*, const char*, size_t); 966 967TEST(TEST_NAME, strcpy_chk_max_int_size) { 968 char buf[10]; 969 char* res = __strcpy_chk(buf, "012345678", (size_t)-1); 970 ASSERT_EQ(buf, res); 971 ASSERT_STREQ("012345678", buf); 972} 973 974extern "C" void* __memcpy_chk(void*, const void*, size_t, size_t); 975 976TEST(TEST_NAME, memcpy_chk_max_int_size) { 977 char buf[10]; 978 void* res = __memcpy_chk(buf, "012345678", sizeof(buf), (size_t)-1); 979 ASSERT_EQ((void*)buf, res); 980 ASSERT_EQ('0', buf[0]); 981 ASSERT_EQ('1', buf[1]); 982 ASSERT_EQ('2', buf[2]); 983 ASSERT_EQ('3', buf[3]); 984 ASSERT_EQ('4', buf[4]); 985 ASSERT_EQ('5', buf[5]); 986 ASSERT_EQ('6', buf[6]); 987 ASSERT_EQ('7', buf[7]); 988 ASSERT_EQ('8', buf[8]); 989 ASSERT_EQ('\0', buf[9]); 990} 991 992// Verify that macro expansion is done properly for sprintf/snprintf (which 993// are defined as macros in stdio.h under clang). 994#define CONTENTS "macro expansion" 995#define BUF_AND_SIZE(A) A, sizeof(A) 996#define BUF_AND_CONTENTS(A) A, CONTENTS 997#define BUF_AND_SIZE_AND_CONTENTS(A) A, sizeof(A), CONTENTS 998TEST(TEST_NAME, s_n_printf_macro_expansion) { 999 char buf[BUFSIZ]; 1000 snprintf(BUF_AND_SIZE(buf), CONTENTS); 1001 EXPECT_STREQ(CONTENTS, buf); 1002 1003 snprintf(BUF_AND_SIZE_AND_CONTENTS(buf)); 1004 EXPECT_STREQ(CONTENTS, buf); 1005 1006 sprintf(BUF_AND_CONTENTS(buf)); 1007 EXPECT_STREQ(CONTENTS, buf); 1008} 1009