fortify_test.cpp revision f04935c85e0b466f0d30d2cd4c0fa2fff62e7d6d
1/* 2 * Copyright (C) 2013 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#include <gtest/gtest.h> 18#include <signal.h> 19#include <string.h> 20#include <stdarg.h> 21#include <sys/types.h> 22#include <sys/stat.h> 23#include <sys/socket.h> 24#include <malloc.h> 25#include <fcntl.h> 26 27// We have to say "DeathTest" here so gtest knows to run this test (which exits) 28// in its own process. Unfortunately, the C preprocessor doesn't give us an 29// easy way to concatenate strings, so we need to use the complicated method 30// below. *sigh* 31#define DEATHTEST_PASTER(name) name##_DeathTest 32#define DEATHTEST_EVALUATOR(name) DEATHTEST_PASTER(name) 33#define DEATHTEST DEATHTEST_EVALUATOR(TEST_NAME) 34 35#if defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE == 2 36struct foo { 37 char empty[0]; 38 char one[1]; 39 char a[10]; 40 char b[10]; 41}; 42 43#ifndef __clang__ 44// This test is disabled in clang because clang doesn't properly detect 45// this buffer overflow. TODO: Fix clang. 46TEST(DEATHTEST, strncpy_fortified2) { 47 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 48 foo myfoo; 49 int copy_amt = atoi("11"); 50 ASSERT_EXIT(strncpy(myfoo.a, "01234567890", copy_amt), 51 testing::KilledBySignal(SIGABRT), ""); 52} 53#endif 54 55#ifndef __clang__ 56// This test is disabled in clang because clang doesn't properly detect 57// this buffer overflow. TODO: Fix clang. 58TEST(DEATHTEST, strncpy2_fortified2) { 59 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 60 foo myfoo; 61 memset(&myfoo, 0, sizeof(myfoo)); 62 myfoo.one[0] = 'A'; // not null terminated string 63 ASSERT_EXIT(strncpy(myfoo.b, myfoo.one, sizeof(myfoo.b)), 64 testing::KilledBySignal(SIGABRT), ""); 65} 66#endif 67 68#ifndef __clang__ 69// This test is disabled in clang because clang doesn't properly detect 70// this buffer overflow. TODO: Fix clang. 71TEST(DEATHTEST, sprintf_fortified2) { 72 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 73 foo myfoo; 74 char source_buf[15]; 75 memcpy(source_buf, "12345678901234", 15); 76 ASSERT_EXIT(sprintf(myfoo.a, "%s", source_buf), 77 testing::KilledBySignal(SIGABRT), ""); 78} 79#endif 80 81#ifndef __clang__ 82// This test is disabled in clang because clang doesn't properly detect 83// this buffer overflow. TODO: Fix clang. 84TEST(DEATHTEST, sprintf2_fortified2) { 85 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 86 foo myfoo; 87 ASSERT_EXIT(sprintf(myfoo.a, "0123456789"), 88 testing::KilledBySignal(SIGABRT), ""); 89} 90#endif 91 92#ifndef __clang__ 93// These tests are disabled in clang because clang doesn't properly detect 94// this buffer overflow. TODO: Fix clang. 95static int vsprintf_helper2(const char *fmt, ...) { 96 foo myfoo; 97 va_list va; 98 int result; 99 100 va_start(va, fmt); 101 result = vsprintf(myfoo.a, fmt, va); // should crash here 102 va_end(va); 103 return result; 104} 105 106TEST(DEATHTEST, vsprintf_fortified2) { 107 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 108 ASSERT_EXIT(vsprintf_helper2("%s", "0123456789"), testing::KilledBySignal(SIGABRT), ""); 109} 110 111TEST(DEATHTEST, vsprintf2_fortified2) { 112 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 113 ASSERT_EXIT(vsprintf_helper2("0123456789"), testing::KilledBySignal(SIGABRT), ""); 114} 115#endif 116 117#ifndef __clang__ 118// These tests are disabled in clang because clang doesn't properly detect 119// this buffer overflow. TODO: Fix clang. 120static int vsnprintf_helper2(const char *fmt, ...) { 121 foo myfoo; 122 va_list va; 123 int result; 124 size_t size = atoi("11"); 125 126 va_start(va, fmt); 127 result = vsnprintf(myfoo.a, size, fmt, va); // should crash here 128 va_end(va); 129 return result; 130} 131 132TEST(DEATHTEST, vsnprintf_fortified2) { 133 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 134 ASSERT_EXIT(vsnprintf_helper2("%s", "0123456789"), testing::KilledBySignal(SIGABRT), ""); 135} 136 137TEST(DEATHTEST, vsnprintf2_fortified2) { 138 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 139 ASSERT_EXIT(vsnprintf_helper2("0123456789"), testing::KilledBySignal(SIGABRT), ""); 140} 141#endif 142 143#ifndef __clang__ 144// zero sized target with "\0" source (should fail) 145// This test is disabled in clang because clang doesn't properly detect 146// this buffer overflow. TODO: Fix clang. 147TEST(DEATHTEST, strcpy_fortified2) { 148#if defined(__BIONIC__) 149 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 150 foo myfoo; 151 char* src = strdup(""); 152 ASSERT_EXIT(strcpy(myfoo.empty, src), 153 testing::KilledBySignal(SIGABRT), ""); 154 free(src); 155#else // __BIONIC__ 156 GTEST_LOG_(INFO) << "This test does nothing.\n"; 157#endif // __BIONIC__ 158} 159#endif 160 161#ifndef __clang__ 162// zero sized target with longer source (should fail) 163// This test is disabled in clang because clang doesn't properly detect 164// this buffer overflow. TODO: Fix clang. 165TEST(DEATHTEST, strcpy2_fortified2) { 166#if defined(__BIONIC__) 167 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 168 foo myfoo; 169 char* src = strdup("1"); 170 ASSERT_EXIT(strcpy(myfoo.empty, src), 171 testing::KilledBySignal(SIGABRT), ""); 172 free(src); 173#else // __BIONIC__ 174 GTEST_LOG_(INFO) << "This test does nothing.\n"; 175#endif // __BIONIC__ 176} 177#endif 178 179#ifndef __clang__ 180// one byte target with longer source (should fail) 181// This test is disabled in clang because clang doesn't properly detect 182// this buffer overflow. TODO: Fix clang. 183TEST(DEATHTEST, strcpy3_fortified2) { 184#if defined(__BIONIC__) 185 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 186 foo myfoo; 187 char* src = strdup("12"); 188 ASSERT_EXIT(strcpy(myfoo.one, src), 189 testing::KilledBySignal(SIGABRT), ""); 190 free(src); 191#else // __BIONIC__ 192 GTEST_LOG_(INFO) << "This test does nothing.\n"; 193#endif // __BIONIC__ 194} 195#endif 196 197#ifndef __clang__ 198// This test is disabled in clang because clang doesn't properly detect 199// this buffer overflow. TODO: Fix clang. 200TEST(DEATHTEST, strchr_fortified2) { 201#if defined(__BIONIC__) 202 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 203 foo myfoo; 204 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a)); 205 myfoo.b[0] = '\0'; 206 ASSERT_EXIT(printf("%s", strchr(myfoo.a, 'a')), 207 testing::KilledBySignal(SIGABRT), ""); 208#else // __BIONIC__ 209 GTEST_LOG_(INFO) << "This test does nothing.\n"; 210#endif // __BIONIC__ 211} 212#endif 213 214#ifndef __clang__ 215// This test is disabled in clang because clang doesn't properly detect 216// this buffer overflow. TODO: Fix clang. 217TEST(DEATHTEST, strrchr_fortified2) { 218#if defined(__BIONIC__) 219 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 220 foo myfoo; 221 memcpy(myfoo.a, "0123456789", 10); 222 memcpy(myfoo.b, "01234", 6); 223 ASSERT_EXIT(printf("%s", strrchr(myfoo.a, 'a')), 224 testing::KilledBySignal(SIGABRT), ""); 225#else // __BIONIC__ 226 GTEST_LOG_(INFO) << "This test does nothing.\n"; 227#endif // __BIONIC__ 228} 229#endif 230 231#ifndef __clang__ 232// This test is disabled in clang because clang doesn't properly detect 233// this buffer overflow. TODO: Fix clang. 234TEST(DEATHTEST, strlcpy_fortified2) { 235#if defined(__BIONIC__) 236 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 237 foo myfoo; 238 strcpy(myfoo.a, "01"); 239 size_t n = strlen(myfoo.a); 240 ASSERT_EXIT(strlcpy(myfoo.one, myfoo.a, n), 241 testing::KilledBySignal(SIGABRT), ""); 242#else // __BIONIC__ 243 GTEST_LOG_(INFO) << "This test does nothing.\n"; 244#endif // __BIONIC__ 245} 246#endif 247 248#ifndef __clang__ 249// This test is disabled in clang because clang doesn't properly detect 250// this buffer overflow. TODO: Fix clang. 251TEST(DEATHTEST, strlcat_fortified2) { 252#if defined(__BIONIC__) 253 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 254 foo myfoo; 255 strcpy(myfoo.a, "01"); 256 myfoo.one[0] = '\0'; 257 size_t n = strlen(myfoo.a); 258 ASSERT_EXIT(strlcat(myfoo.one, myfoo.a, n), 259 testing::KilledBySignal(SIGABRT), ""); 260#else // __BIONIC__ 261 GTEST_LOG_(INFO) << "This test does nothing.\n"; 262#endif // __BIONIC__ 263} 264#endif 265 266#ifndef __clang__ 267// This test is disabled in clang because clang doesn't properly detect 268// this buffer overflow. TODO: Fix clang. 269TEST(DEATHTEST, strncat_fortified2) { 270 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 271 foo myfoo; 272 size_t n = atoi("10"); // avoid compiler optimizations 273 strncpy(myfoo.a, "012345678", n); 274 ASSERT_EXIT(strncat(myfoo.a, "9", n), testing::KilledBySignal(SIGABRT), ""); 275} 276#endif 277 278#ifndef __clang__ 279// This test is disabled in clang because clang doesn't properly detect 280// this buffer overflow. TODO: Fix clang. 281TEST(DEATHTEST, strncat2_fortified2) { 282 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 283 foo myfoo; 284 myfoo.a[0] = '\0'; 285 size_t n = atoi("10"); // avoid compiler optimizations 286 ASSERT_EXIT(strncat(myfoo.a, "0123456789", n), testing::KilledBySignal(SIGABRT), ""); 287} 288#endif 289 290TEST(DEATHTEST, strncat3_fortified2) { 291 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 292 foo myfoo; 293 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a)); // unterminated string 294 myfoo.b[0] = '\0'; 295 size_t n = atoi("10"); // avoid compiler optimizations 296 ASSERT_EXIT(strncat(myfoo.b, myfoo.a, n), testing::KilledBySignal(SIGABRT), ""); 297} 298 299#ifndef __clang__ 300// This test is disabled in clang because clang doesn't properly detect 301// this buffer overflow. TODO: Fix clang. 302TEST(DEATHTEST, strcat_fortified2) { 303 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 304 char src[11]; 305 strcpy(src, "0123456789"); 306 foo myfoo; 307 myfoo.a[0] = '\0'; 308 ASSERT_EXIT(strcat(myfoo.a, src), testing::KilledBySignal(SIGABRT), ""); 309} 310#endif 311 312TEST(DEATHTEST, strcat2_fortified2) { 313 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 314 foo myfoo; 315 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a)); // unterminated string 316 myfoo.b[0] = '\0'; 317 ASSERT_EXIT(strcat(myfoo.b, myfoo.a), testing::KilledBySignal(SIGABRT), ""); 318} 319 320TEST(DEATHTEST, snprintf_fortified2) { 321 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 322 foo myfoo; 323 strcpy(myfoo.a, "012345678"); 324 size_t n = strlen(myfoo.a) + 2; 325 ASSERT_EXIT(snprintf(myfoo.b, n, "a%s", myfoo.a), testing::KilledBySignal(SIGABRT), ""); 326} 327 328TEST(DEATHTEST, bzero_fortified2) { 329 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 330 foo myfoo; 331 memcpy(myfoo.b, "0123456789", sizeof(myfoo.b)); 332 size_t n = atoi("11"); 333 ASSERT_EXIT(bzero(myfoo.b, n), testing::KilledBySignal(SIGABRT), ""); 334} 335 336#endif /* defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE=2 */ 337 338// multibyte target where we over fill (should fail) 339TEST(DEATHTEST, strcpy_fortified) { 340#if defined(__BIONIC__) 341 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 342 char buf[10]; 343 char *orig = strdup("0123456789"); 344 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), ""); 345 free(orig); 346#else // __BIONIC__ 347 GTEST_LOG_(INFO) << "This test does nothing.\n"; 348#endif // __BIONIC__ 349} 350 351// zero sized target with "\0" source (should fail) 352TEST(DEATHTEST, strcpy2_fortified) { 353#if defined(__BIONIC__) 354 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 355 char buf[0]; 356 char *orig = strdup(""); 357 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), ""); 358 free(orig); 359#else // __BIONIC__ 360 GTEST_LOG_(INFO) << "This test does nothing.\n"; 361#endif // __BIONIC__ 362} 363 364// zero sized target with longer source (should fail) 365TEST(DEATHTEST, strcpy3_fortified) { 366#if defined(__BIONIC__) 367 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 368 char buf[0]; 369 char *orig = strdup("1"); 370 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), ""); 371 free(orig); 372#else // __BIONIC__ 373 GTEST_LOG_(INFO) << "This test does nothing.\n"; 374#endif // __BIONIC__ 375} 376 377// one byte target with longer source (should fail) 378TEST(DEATHTEST, strcpy4_fortified) { 379#if defined(__BIONIC__) 380 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 381 char buf[1]; 382 char *orig = strdup("12"); 383 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), ""); 384 free(orig); 385#else // __BIONIC__ 386 GTEST_LOG_(INFO) << "This test does nothing.\n"; 387#endif // __BIONIC__ 388} 389 390TEST(DEATHTEST, strlen_fortified) { 391#if defined(__BIONIC__) 392 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 393 char buf[10]; 394 memcpy(buf, "0123456789", sizeof(buf)); 395 ASSERT_EXIT(printf("%zd", strlen(buf)), testing::KilledBySignal(SIGABRT), ""); 396#else // __BIONIC__ 397 GTEST_LOG_(INFO) << "This test does nothing.\n"; 398#endif // __BIONIC__ 399} 400 401TEST(DEATHTEST, strchr_fortified) { 402#if defined(__BIONIC__) 403 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 404 char buf[10]; 405 memcpy(buf, "0123456789", sizeof(buf)); 406 ASSERT_EXIT(printf("%s", strchr(buf, 'a')), testing::KilledBySignal(SIGABRT), ""); 407#else // __BIONIC__ 408 GTEST_LOG_(INFO) << "This test does nothing.\n"; 409#endif // __BIONIC__ 410} 411 412TEST(DEATHTEST, strrchr_fortified) { 413#if defined(__BIONIC__) 414 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 415 char buf[10]; 416 memcpy(buf, "0123456789", sizeof(buf)); 417 ASSERT_EXIT(printf("%s", strrchr(buf, 'a')), testing::KilledBySignal(SIGABRT), ""); 418#else // __BIONIC__ 419 GTEST_LOG_(INFO) << "This test does nothing.\n"; 420#endif // __BIONIC__ 421} 422 423TEST(DEATHTEST, strlcpy_fortified) { 424#if defined(__BIONIC__) 425 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 426 char bufa[15]; 427 char bufb[10]; 428 strcpy(bufa, "01234567890123"); 429 size_t n = strlen(bufa); 430 ASSERT_EXIT(strlcpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), ""); 431#else // __BIONIC__ 432 GTEST_LOG_(INFO) << "This test does nothing.\n"; 433#endif // __BIONIC__ 434} 435 436TEST(DEATHTEST, strlcat_fortified) { 437#if defined(__BIONIC__) 438 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 439 char bufa[15]; 440 char bufb[10]; 441 bufb[0] = '\0'; 442 strcpy(bufa, "01234567890123"); 443 size_t n = strlen(bufa); 444 ASSERT_EXIT(strlcat(bufb, bufa, n), testing::KilledBySignal(SIGABRT), ""); 445#else // __BIONIC__ 446 GTEST_LOG_(INFO) << "This test does nothing.\n"; 447#endif // __BIONIC__ 448} 449 450TEST(DEATHTEST, sprintf_fortified) { 451 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 452 char buf[10]; 453 char source_buf[15]; 454 memcpy(source_buf, "12345678901234", 15); 455 ASSERT_EXIT(sprintf(buf, "%s", source_buf), testing::KilledBySignal(SIGABRT), ""); 456} 457 458#ifndef __clang__ 459// This test is disabled in clang because clang doesn't properly detect 460// this buffer overflow. TODO: Fix clang. 461TEST(DEATHTEST, sprintf_malloc_fortified) { 462 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 463 char* buf = (char *) malloc(10); 464 char source_buf[11]; 465 memcpy(source_buf, "1234567890", 11); 466 ASSERT_EXIT(sprintf(buf, "%s", source_buf), testing::KilledBySignal(SIGABRT), ""); 467 free(buf); 468} 469#endif 470 471TEST(DEATHTEST, sprintf2_fortified) { 472 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 473 char buf[5]; 474 ASSERT_EXIT(sprintf(buf, "aaaaa"), testing::KilledBySignal(SIGABRT), ""); 475} 476 477static int vsprintf_helper(const char *fmt, ...) { 478 char buf[10]; 479 va_list va; 480 int result; 481 482 va_start(va, fmt); 483 result = vsprintf(buf, fmt, va); // should crash here 484 va_end(va); 485 return result; 486} 487 488TEST(DEATHTEST, vsprintf_fortified) { 489 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 490 ASSERT_EXIT(vsprintf_helper("%s", "0123456789"), testing::KilledBySignal(SIGABRT), ""); 491} 492 493TEST(DEATHTEST, vsprintf2_fortified) { 494 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 495 ASSERT_EXIT(vsprintf_helper("0123456789"), testing::KilledBySignal(SIGABRT), ""); 496} 497 498static int vsnprintf_helper(const char *fmt, ...) { 499 char buf[10]; 500 va_list va; 501 int result; 502 size_t size = atoi("11"); 503 504 va_start(va, fmt); 505 result = vsnprintf(buf, size, fmt, va); // should crash here 506 va_end(va); 507 return result; 508} 509 510TEST(DEATHTEST, vsnprintf_fortified) { 511 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 512 ASSERT_EXIT(vsnprintf_helper("%s", "0123456789"), testing::KilledBySignal(SIGABRT), ""); 513} 514 515TEST(DEATHTEST, vsnprintf2_fortified) { 516 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 517 ASSERT_EXIT(vsnprintf_helper("0123456789"), testing::KilledBySignal(SIGABRT), ""); 518} 519 520TEST(DEATHTEST, strncat_fortified) { 521 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 522 char buf[10]; 523 size_t n = atoi("10"); // avoid compiler optimizations 524 strncpy(buf, "012345678", n); 525 ASSERT_EXIT(strncat(buf, "9", n), testing::KilledBySignal(SIGABRT), ""); 526} 527 528TEST(DEATHTEST, strncat2_fortified) { 529 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 530 char buf[10]; 531 buf[0] = '\0'; 532 size_t n = atoi("10"); // avoid compiler optimizations 533 ASSERT_EXIT(strncat(buf, "0123456789", n), testing::KilledBySignal(SIGABRT), ""); 534} 535 536TEST(DEATHTEST, strcat_fortified) { 537 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 538 char src[11]; 539 strcpy(src, "0123456789"); 540 char buf[10]; 541 buf[0] = '\0'; 542 ASSERT_EXIT(strcat(buf, src), testing::KilledBySignal(SIGABRT), ""); 543} 544 545TEST(DEATHTEST, memmove_fortified) { 546 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 547 char buf[20]; 548 strcpy(buf, "0123456789"); 549 size_t n = atoi("10"); 550 ASSERT_EXIT(memmove(buf + 11, buf, n), testing::KilledBySignal(SIGABRT), ""); 551} 552 553TEST(DEATHTEST, memcpy_fortified) { 554 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 555 char bufa[10]; 556 char bufb[10]; 557 strcpy(bufa, "012345678"); 558 size_t n = atoi("11"); 559 ASSERT_EXIT(memcpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), ""); 560} 561 562TEST(DEATHTEST, strncpy_fortified) { 563 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 564 char bufa[15]; 565 char bufb[10]; 566 strcpy(bufa, "01234567890123"); 567 size_t n = strlen(bufa); 568 ASSERT_EXIT(strncpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), ""); 569} 570 571TEST(DEATHTEST, strncpy2_fortified) { 572 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 573 char dest[11]; 574 char src[10]; 575 memcpy(src, "0123456789", sizeof(src)); // src is not null terminated 576 ASSERT_EXIT(strncpy(dest, src, sizeof(dest)), testing::KilledBySignal(SIGABRT), ""); 577} 578 579TEST(DEATHTEST, snprintf_fortified) { 580 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 581 char bufa[15]; 582 char bufb[10]; 583 strcpy(bufa, "0123456789"); 584 size_t n = strlen(bufa) + 1; 585 ASSERT_EXIT(snprintf(bufb, n, "%s", bufa), testing::KilledBySignal(SIGABRT), ""); 586} 587 588TEST(DEATHTEST, bzero_fortified) { 589 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 590 char buf[10]; 591 memcpy(buf, "0123456789", sizeof(buf)); 592 size_t n = atoi("11"); 593 ASSERT_EXIT(bzero(buf, n), testing::KilledBySignal(SIGABRT), ""); 594} 595 596TEST(DEATHTEST, umask_fortified) { 597 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 598 mode_t mask = atoi("1023"); // 01777 in octal 599 ASSERT_EXIT(umask(mask), testing::KilledBySignal(SIGABRT), ""); 600} 601 602TEST(DEATHTEST, recv_fortified) { 603 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 604 size_t data_len = atoi("11"); // suppress compiler optimizations 605 char buf[10]; 606 ASSERT_EXIT(recv(0, buf, data_len, 0), testing::KilledBySignal(SIGABRT), ""); 607} 608 609TEST(DEATHTEST, FD_ISSET_fortified) { 610 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 611 fd_set set; 612 memset(&set, 0, sizeof(set)); 613 ASSERT_EXIT(FD_ISSET(-1, &set), testing::KilledBySignal(SIGABRT), ""); 614} 615 616TEST(DEATHTEST, FD_ISSET_2_fortified) { 617 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 618 char buf[1]; 619 fd_set* set = (fd_set*) buf; 620 ASSERT_EXIT(FD_ISSET(0, set), testing::KilledBySignal(SIGABRT), ""); 621} 622 623TEST(DEATHTEST, FD_ZERO_fortified) { 624 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 625 char buf[1]; 626 fd_set* set = (fd_set*) buf; 627 ASSERT_EXIT(FD_ZERO(set), testing::KilledBySignal(SIGABRT), ""); 628} 629 630TEST(DEATHTEST, read_fortified) { 631 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 632 char buf[1]; 633 size_t ct = atoi("2"); // prevent optimizations 634 int fd = open("/dev/null", O_RDONLY); 635 ASSERT_EXIT(read(fd, buf, ct), testing::KilledBySignal(SIGABRT), ""); 636 close(fd); 637} 638 639extern "C" char* __strncat_chk(char*, const char*, size_t, size_t); 640extern "C" char* __strcat_chk(char*, const char*, size_t); 641 642TEST(TEST_NAME, strncat) { 643 char buf[10]; 644 memset(buf, 'A', sizeof(buf)); 645 buf[0] = 'a'; 646 buf[1] = '\0'; 647 char* res = __strncat_chk(buf, "01234", sizeof(buf) - strlen(buf) - 1, sizeof(buf)); 648 ASSERT_EQ(buf, res); 649 ASSERT_EQ('a', buf[0]); 650 ASSERT_EQ('0', buf[1]); 651 ASSERT_EQ('1', buf[2]); 652 ASSERT_EQ('2', buf[3]); 653 ASSERT_EQ('3', buf[4]); 654 ASSERT_EQ('4', buf[5]); 655 ASSERT_EQ('\0', buf[6]); 656 ASSERT_EQ('A', buf[7]); 657 ASSERT_EQ('A', buf[8]); 658 ASSERT_EQ('A', buf[9]); 659} 660 661TEST(TEST_NAME, strncat2) { 662 char buf[10]; 663 memset(buf, 'A', sizeof(buf)); 664 buf[0] = 'a'; 665 buf[1] = '\0'; 666 char* res = __strncat_chk(buf, "0123456789", 5, sizeof(buf)); 667 ASSERT_EQ(buf, res); 668 ASSERT_EQ('a', buf[0]); 669 ASSERT_EQ('0', buf[1]); 670 ASSERT_EQ('1', buf[2]); 671 ASSERT_EQ('2', buf[3]); 672 ASSERT_EQ('3', buf[4]); 673 ASSERT_EQ('4', buf[5]); 674 ASSERT_EQ('\0', buf[6]); 675 ASSERT_EQ('A', buf[7]); 676 ASSERT_EQ('A', buf[8]); 677 ASSERT_EQ('A', buf[9]); 678} 679 680TEST(TEST_NAME, strncat3) { 681 char buf[10]; 682 memset(buf, 'A', sizeof(buf)); 683 buf[0] = '\0'; 684 char* res = __strncat_chk(buf, "0123456789", 5, sizeof(buf)); 685 ASSERT_EQ(buf, res); 686 ASSERT_EQ('0', buf[0]); 687 ASSERT_EQ('1', buf[1]); 688 ASSERT_EQ('2', buf[2]); 689 ASSERT_EQ('3', buf[3]); 690 ASSERT_EQ('4', buf[4]); 691 ASSERT_EQ('\0', buf[5]); 692 ASSERT_EQ('A', buf[6]); 693 ASSERT_EQ('A', buf[7]); 694 ASSERT_EQ('A', buf[8]); 695 ASSERT_EQ('A', buf[9]); 696} 697 698TEST(TEST_NAME, strncat4) { 699 char buf[10]; 700 memset(buf, 'A', sizeof(buf)); 701 buf[9] = '\0'; 702 char* res = __strncat_chk(buf, "", 5, sizeof(buf)); 703 ASSERT_EQ(buf, res); 704 ASSERT_EQ('A', buf[0]); 705 ASSERT_EQ('A', buf[1]); 706 ASSERT_EQ('A', buf[2]); 707 ASSERT_EQ('A', buf[3]); 708 ASSERT_EQ('A', buf[4]); 709 ASSERT_EQ('A', buf[5]); 710 ASSERT_EQ('A', buf[6]); 711 ASSERT_EQ('A', buf[7]); 712 ASSERT_EQ('A', buf[8]); 713 ASSERT_EQ('\0', buf[9]); 714} 715 716TEST(TEST_NAME, strncat5) { 717 char buf[10]; 718 memset(buf, 'A', sizeof(buf)); 719 buf[0] = 'a'; 720 buf[1] = '\0'; 721 char* res = __strncat_chk(buf, "01234567", 8, sizeof(buf)); 722 ASSERT_EQ(buf, res); 723 ASSERT_EQ('a', buf[0]); 724 ASSERT_EQ('0', buf[1]); 725 ASSERT_EQ('1', buf[2]); 726 ASSERT_EQ('2', buf[3]); 727 ASSERT_EQ('3', buf[4]); 728 ASSERT_EQ('4', buf[5]); 729 ASSERT_EQ('5', buf[6]); 730 ASSERT_EQ('6', buf[7]); 731 ASSERT_EQ('7', buf[8]); 732 ASSERT_EQ('\0', buf[9]); 733} 734 735TEST(TEST_NAME, strncat6) { 736 char buf[10]; 737 memset(buf, 'A', sizeof(buf)); 738 buf[0] = 'a'; 739 buf[1] = '\0'; 740 char* res = __strncat_chk(buf, "01234567", 9, sizeof(buf)); 741 ASSERT_EQ(buf, res); 742 ASSERT_EQ('a', buf[0]); 743 ASSERT_EQ('0', buf[1]); 744 ASSERT_EQ('1', buf[2]); 745 ASSERT_EQ('2', buf[3]); 746 ASSERT_EQ('3', buf[4]); 747 ASSERT_EQ('4', buf[5]); 748 ASSERT_EQ('5', buf[6]); 749 ASSERT_EQ('6', buf[7]); 750 ASSERT_EQ('7', buf[8]); 751 ASSERT_EQ('\0', buf[9]); 752} 753 754 755TEST(TEST_NAME, strcat) { 756 char buf[10]; 757 memset(buf, 'A', sizeof(buf)); 758 buf[0] = 'a'; 759 buf[1] = '\0'; 760 char* res = __strcat_chk(buf, "01234", sizeof(buf)); 761 ASSERT_EQ(buf, res); 762 ASSERT_EQ('a', buf[0]); 763 ASSERT_EQ('0', buf[1]); 764 ASSERT_EQ('1', buf[2]); 765 ASSERT_EQ('2', buf[3]); 766 ASSERT_EQ('3', buf[4]); 767 ASSERT_EQ('4', buf[5]); 768 ASSERT_EQ('\0', buf[6]); 769 ASSERT_EQ('A', buf[7]); 770 ASSERT_EQ('A', buf[8]); 771 ASSERT_EQ('A', buf[9]); 772} 773 774TEST(TEST_NAME, strcat2) { 775 char buf[10]; 776 memset(buf, 'A', sizeof(buf)); 777 buf[0] = 'a'; 778 buf[1] = '\0'; 779 char* res = __strcat_chk(buf, "01234567", sizeof(buf)); 780 ASSERT_EQ(buf, res); 781 ASSERT_EQ('a', buf[0]); 782 ASSERT_EQ('0', buf[1]); 783 ASSERT_EQ('1', buf[2]); 784 ASSERT_EQ('2', buf[3]); 785 ASSERT_EQ('3', buf[4]); 786 ASSERT_EQ('4', buf[5]); 787 ASSERT_EQ('5', buf[6]); 788 ASSERT_EQ('6', buf[7]); 789 ASSERT_EQ('7', buf[8]); 790 ASSERT_EQ('\0', buf[9]); 791} 792 793TEST(TEST_NAME, strncpy) { 794 char src[10]; 795 char dst[10]; 796 memcpy(src, "0123456789", sizeof(src)); // non null terminated string 797 strncpy(dst, src, sizeof(dst)); 798 ASSERT_EQ('0', dst[0]); 799 ASSERT_EQ('1', dst[1]); 800 ASSERT_EQ('2', dst[2]); 801 ASSERT_EQ('3', dst[3]); 802 ASSERT_EQ('4', dst[4]); 803 ASSERT_EQ('5', dst[5]); 804 ASSERT_EQ('6', dst[6]); 805 ASSERT_EQ('7', dst[7]); 806 ASSERT_EQ('8', dst[8]); 807 ASSERT_EQ('9', dst[9]); 808} 809 810TEST(TEST_NAME, strncpy2) { 811 char src[10]; 812 char dst[15]; 813 memcpy(src, "012345678\0", sizeof(src)); 814 strncpy(dst, src, sizeof(dst)); 815 ASSERT_EQ('0', dst[0]); 816 ASSERT_EQ('1', dst[1]); 817 ASSERT_EQ('2', dst[2]); 818 ASSERT_EQ('3', dst[3]); 819 ASSERT_EQ('4', dst[4]); 820 ASSERT_EQ('5', dst[5]); 821 ASSERT_EQ('6', dst[6]); 822 ASSERT_EQ('7', dst[7]); 823 ASSERT_EQ('8', dst[8]); 824 ASSERT_EQ('\0', dst[9]); 825 ASSERT_EQ('\0', dst[10]); 826 ASSERT_EQ('\0', dst[11]); 827 ASSERT_EQ('\0', dst[12]); 828 ASSERT_EQ('\0', dst[13]); 829 ASSERT_EQ('\0', dst[14]); 830} 831 832TEST(TEST_NAME, strcat_chk_max_int_size) { 833 char buf[10]; 834 memset(buf, 'A', sizeof(buf)); 835 buf[0] = 'a'; 836 buf[1] = '\0'; 837 char* res = __strcat_chk(buf, "01234567", (size_t)-1); 838 ASSERT_EQ(buf, res); 839 ASSERT_EQ('a', buf[0]); 840 ASSERT_EQ('0', buf[1]); 841 ASSERT_EQ('1', buf[2]); 842 ASSERT_EQ('2', buf[3]); 843 ASSERT_EQ('3', buf[4]); 844 ASSERT_EQ('4', buf[5]); 845 ASSERT_EQ('5', buf[6]); 846 ASSERT_EQ('6', buf[7]); 847 ASSERT_EQ('7', buf[8]); 848 ASSERT_EQ('\0', buf[9]); 849} 850 851extern "C" char* __strcpy_chk(char*, const char*, size_t); 852 853TEST(TEST_NAME, strcpy_chk_max_int_size) { 854 char buf[10]; 855 char* res = __strcpy_chk(buf, "012345678", (size_t)-1); 856 ASSERT_EQ(buf, res); 857 ASSERT_EQ('0', buf[0]); 858 ASSERT_EQ('1', buf[1]); 859 ASSERT_EQ('2', buf[2]); 860 ASSERT_EQ('3', buf[3]); 861 ASSERT_EQ('4', buf[4]); 862 ASSERT_EQ('5', buf[5]); 863 ASSERT_EQ('6', buf[6]); 864 ASSERT_EQ('7', buf[7]); 865 ASSERT_EQ('8', buf[8]); 866 ASSERT_EQ('\0', buf[9]); 867} 868 869extern "C" void* __memcpy_chk(void*, const void*, size_t, size_t); 870 871TEST(TEST_NAME, memcpy_chk_max_int_size) { 872 char buf[10]; 873 void* res = __memcpy_chk(buf, "012345678", sizeof(buf), (size_t)-1); 874 ASSERT_EQ((void*)buf, res); 875 ASSERT_EQ('0', buf[0]); 876 ASSERT_EQ('1', buf[1]); 877 ASSERT_EQ('2', buf[2]); 878 ASSERT_EQ('3', buf[3]); 879 ASSERT_EQ('4', buf[4]); 880 ASSERT_EQ('5', buf[5]); 881 ASSERT_EQ('6', buf[6]); 882 ASSERT_EQ('7', buf[7]); 883 ASSERT_EQ('8', buf[8]); 884 ASSERT_EQ('\0', buf[9]); 885} 886 887// Verify that macro expansion is done properly for sprintf/snprintf (which 888// are defined as macros in stdio.h under clang). 889#define CONTENTS "macro expansion" 890#define BUF_AND_SIZE(A) A, sizeof(A) 891#define BUF_AND_CONTENTS(A) A, CONTENTS 892#define BUF_AND_SIZE_AND_CONTENTS(A) A, sizeof(A), CONTENTS 893TEST(TEST_NAME, s_n_printf_macro_expansion) { 894 char buf[BUFSIZ]; 895 snprintf(BUF_AND_SIZE(buf), CONTENTS); 896 EXPECT_STREQ(CONTENTS, buf); 897 898 snprintf(BUF_AND_SIZE_AND_CONTENTS(buf)); 899 EXPECT_STREQ(CONTENTS, buf); 900 901 sprintf(BUF_AND_CONTENTS(buf)); 902 EXPECT_STREQ(CONTENTS, buf); 903} 904