fortify_test.cpp revision 8d2532763981d132b02df157e4cc363c39330090
1/* 2 * Copyright (C) 2013 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#include <gtest/gtest.h> 18#include <string.h> 19#include <stdarg.h> 20#include <sys/types.h> 21#include <sys/stat.h> 22#include <sys/socket.h> 23#include <malloc.h> 24 25// We have to say "DeathTest" here so gtest knows to run this test (which exits) 26// in its own process. Unfortunately, the C preprocessor doesn't give us an 27// easy way to concatenate strings, so we need to use the complicated method 28// below. *sigh* 29#define DEATHTEST_PASTER(name) name##_DeathTest 30#define DEATHTEST_EVALUATOR(name) DEATHTEST_PASTER(name) 31#define DEATHTEST DEATHTEST_EVALUATOR(TEST_NAME) 32 33#if defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE == 2 34struct foo { 35 char empty[0]; 36 char one[1]; 37 char a[10]; 38 char b[10]; 39}; 40 41#ifndef __clang__ 42// This test is disabled in clang because clang doesn't properly detect 43// this buffer overflow. TODO: Fix clang. 44TEST(DEATHTEST, strncpy_fortified2) { 45 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 46 foo myfoo; 47 int copy_amt = atoi("11"); 48 ASSERT_EXIT(strncpy(myfoo.a, "01234567890", copy_amt), 49 testing::KilledBySignal(SIGABRT), ""); 50} 51#endif 52 53#ifndef __clang__ 54// This test is disabled in clang because clang doesn't properly detect 55// this buffer overflow. TODO: Fix clang. 56TEST(DEATHTEST, strncpy2_fortified2) { 57 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 58 foo myfoo; 59 memset(&myfoo, 0, sizeof(myfoo)); 60 myfoo.one[0] = 'A'; // not null terminated string 61 ASSERT_EXIT(strncpy(myfoo.b, myfoo.one, sizeof(myfoo.b)), 62 testing::KilledBySignal(SIGABRT), ""); 63} 64#endif 65 66#ifndef __clang__ 67// This test is disabled in clang because clang doesn't properly detect 68// this buffer overflow. TODO: Fix clang. 69TEST(DEATHTEST, sprintf_fortified2) { 70 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 71 foo myfoo; 72 char source_buf[15]; 73 memcpy(source_buf, "12345678901234", 15); 74 ASSERT_EXIT(sprintf(myfoo.a, "%s", source_buf), 75 testing::KilledBySignal(SIGABRT), ""); 76} 77#endif 78 79#ifndef __clang__ 80// This test is disabled in clang because clang doesn't properly detect 81// this buffer overflow. TODO: Fix clang. 82TEST(DEATHTEST, sprintf2_fortified2) { 83 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 84 foo myfoo; 85 ASSERT_EXIT(sprintf(myfoo.a, "0123456789"), 86 testing::KilledBySignal(SIGABRT), ""); 87} 88#endif 89 90#ifndef __clang__ 91// These tests are disabled in clang because clang doesn't properly detect 92// this buffer overflow. TODO: Fix clang. 93static int vsprintf_helper2(const char *fmt, ...) { 94 foo myfoo; 95 va_list va; 96 int result; 97 98 va_start(va, fmt); 99 result = vsprintf(myfoo.a, fmt, va); // should crash here 100 va_end(va); 101 return result; 102} 103 104TEST(DEATHTEST, vsprintf_fortified2) { 105 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 106 ASSERT_EXIT(vsprintf_helper2("%s", "0123456789"), testing::KilledBySignal(SIGABRT), ""); 107} 108 109TEST(DEATHTEST, vsprintf2_fortified2) { 110 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 111 ASSERT_EXIT(vsprintf_helper2("0123456789"), testing::KilledBySignal(SIGABRT), ""); 112} 113#endif 114 115#ifndef __clang__ 116// These tests are disabled in clang because clang doesn't properly detect 117// this buffer overflow. TODO: Fix clang. 118static int vsnprintf_helper2(const char *fmt, ...) { 119 foo myfoo; 120 va_list va; 121 int result; 122 size_t size = atoi("11"); 123 124 va_start(va, fmt); 125 result = vsnprintf(myfoo.a, size, fmt, va); // should crash here 126 va_end(va); 127 return result; 128} 129 130TEST(DEATHTEST, vsnprintf_fortified2) { 131 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 132 ASSERT_EXIT(vsnprintf_helper2("%s", "0123456789"), testing::KilledBySignal(SIGABRT), ""); 133} 134 135TEST(DEATHTEST, vsnprintf2_fortified2) { 136 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 137 ASSERT_EXIT(vsnprintf_helper2("0123456789"), testing::KilledBySignal(SIGABRT), ""); 138} 139#endif 140 141#if __BIONIC__ 142 143#ifndef __clang__ 144// zero sized target with "\0" source (should fail) 145// This test is disabled in clang because clang doesn't properly detect 146// this buffer overflow. TODO: Fix clang. 147TEST(DEATHTEST, strcpy_fortified2) { 148 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 149 foo myfoo; 150 char* src = strdup(""); 151 ASSERT_EXIT(strcpy(myfoo.empty, src), 152 testing::KilledBySignal(SIGABRT), ""); 153 free(src); 154} 155#endif 156 157#ifndef __clang__ 158// zero sized target with longer source (should fail) 159// This test is disabled in clang because clang doesn't properly detect 160// this buffer overflow. TODO: Fix clang. 161TEST(DEATHTEST, strcpy2_fortified2) { 162 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 163 foo myfoo; 164 char* src = strdup("1"); 165 ASSERT_EXIT(strcpy(myfoo.empty, src), 166 testing::KilledBySignal(SIGABRT), ""); 167 free(src); 168} 169#endif 170 171#ifndef __clang__ 172// one byte target with longer source (should fail) 173// This test is disabled in clang because clang doesn't properly detect 174// this buffer overflow. TODO: Fix clang. 175TEST(DEATHTEST, strcpy3_fortified2) { 176 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 177 foo myfoo; 178 char* src = strdup("12"); 179 ASSERT_EXIT(strcpy(myfoo.one, src), 180 testing::KilledBySignal(SIGABRT), ""); 181 free(src); 182} 183#endif 184 185#ifndef __clang__ 186// This test is disabled in clang because clang doesn't properly detect 187// this buffer overflow. TODO: Fix clang. 188TEST(DEATHTEST, strchr_fortified2) { 189 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 190 foo myfoo; 191 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a)); 192 myfoo.b[0] = '\0'; 193 ASSERT_EXIT(printf("%s", strchr(myfoo.a, 'a')), 194 testing::KilledBySignal(SIGABRT), ""); 195} 196#endif 197 198#ifndef __clang__ 199// This test is disabled in clang because clang doesn't properly detect 200// this buffer overflow. TODO: Fix clang. 201TEST(DEATHTEST, strrchr_fortified2) { 202 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 203 foo myfoo; 204 memcpy(myfoo.a, "0123456789", 10); 205 memcpy(myfoo.b, "01234", 6); 206 ASSERT_EXIT(printf("%s", strrchr(myfoo.a, 'a')), 207 testing::KilledBySignal(SIGABRT), ""); 208} 209#endif 210 211#ifndef __clang__ 212// This test is disabled in clang because clang doesn't properly detect 213// this buffer overflow. TODO: Fix clang. 214TEST(DEATHTEST, strlcpy_fortified2) { 215 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 216 foo myfoo; 217 strcpy(myfoo.a, "01"); 218 size_t n = strlen(myfoo.a); 219 ASSERT_EXIT(strlcpy(myfoo.one, myfoo.a, n), 220 testing::KilledBySignal(SIGABRT), ""); 221} 222#endif 223 224#ifndef __clang__ 225// This test is disabled in clang because clang doesn't properly detect 226// this buffer overflow. TODO: Fix clang. 227TEST(DEATHTEST, strlcat_fortified2) { 228 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 229 foo myfoo; 230 strcpy(myfoo.a, "01"); 231 myfoo.one[0] = '\0'; 232 size_t n = strlen(myfoo.a); 233 ASSERT_EXIT(strlcat(myfoo.one, myfoo.a, n), 234 testing::KilledBySignal(SIGABRT), ""); 235} 236#endif 237 238#endif /* __BIONIC__ */ 239 240#ifndef __clang__ 241// This test is disabled in clang because clang doesn't properly detect 242// this buffer overflow. TODO: Fix clang. 243TEST(DEATHTEST, strncat_fortified2) { 244 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 245 foo myfoo; 246 size_t n = atoi("10"); // avoid compiler optimizations 247 strncpy(myfoo.a, "012345678", n); 248 ASSERT_EXIT(strncat(myfoo.a, "9", n), testing::KilledBySignal(SIGABRT), ""); 249} 250#endif 251 252#ifndef __clang__ 253// This test is disabled in clang because clang doesn't properly detect 254// this buffer overflow. TODO: Fix clang. 255TEST(DEATHTEST, strncat2_fortified2) { 256 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 257 foo myfoo; 258 myfoo.a[0] = '\0'; 259 size_t n = atoi("10"); // avoid compiler optimizations 260 ASSERT_EXIT(strncat(myfoo.a, "0123456789", n), testing::KilledBySignal(SIGABRT), ""); 261} 262#endif 263 264TEST(DEATHTEST, strncat3_fortified2) { 265 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 266 foo myfoo; 267 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a)); // unterminated string 268 myfoo.b[0] = '\0'; 269 size_t n = atoi("10"); // avoid compiler optimizations 270 ASSERT_EXIT(strncat(myfoo.b, myfoo.a, n), testing::KilledBySignal(SIGABRT), ""); 271} 272 273#ifndef __clang__ 274// This test is disabled in clang because clang doesn't properly detect 275// this buffer overflow. TODO: Fix clang. 276TEST(DEATHTEST, strcat_fortified2) { 277 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 278 char src[11]; 279 strcpy(src, "0123456789"); 280 foo myfoo; 281 myfoo.a[0] = '\0'; 282 ASSERT_EXIT(strcat(myfoo.a, src), testing::KilledBySignal(SIGABRT), ""); 283} 284#endif 285 286TEST(DEATHTEST, strcat2_fortified2) { 287 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 288 foo myfoo; 289 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a)); // unterminated string 290 myfoo.b[0] = '\0'; 291 ASSERT_EXIT(strcat(myfoo.b, myfoo.a), testing::KilledBySignal(SIGABRT), ""); 292} 293 294TEST(DEATHTEST, snprintf_fortified2) { 295 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 296 foo myfoo; 297 strcpy(myfoo.a, "012345678"); 298 size_t n = strlen(myfoo.a) + 2; 299 ASSERT_EXIT(snprintf(myfoo.b, n, "a%s", myfoo.a), testing::KilledBySignal(SIGABRT), ""); 300} 301 302TEST(DEATHTEST, bzero_fortified2) { 303 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 304 foo myfoo; 305 memcpy(myfoo.b, "0123456789", sizeof(myfoo.b)); 306 size_t n = atoi("11"); 307 ASSERT_EXIT(bzero(myfoo.b, n), testing::KilledBySignal(SIGABRT), ""); 308} 309 310#endif /* defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE=2 */ 311 312#if __BIONIC__ 313// multibyte target where we over fill (should fail) 314TEST(DEATHTEST, strcpy_fortified) { 315 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 316 char buf[10]; 317 char *orig = strdup("0123456789"); 318 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), ""); 319 free(orig); 320} 321 322// zero sized target with "\0" source (should fail) 323TEST(DEATHTEST, strcpy2_fortified) { 324 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 325 char buf[0]; 326 char *orig = strdup(""); 327 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), ""); 328 free(orig); 329} 330 331// zero sized target with longer source (should fail) 332TEST(DEATHTEST, strcpy3_fortified) { 333 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 334 char buf[0]; 335 char *orig = strdup("1"); 336 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), ""); 337 free(orig); 338} 339 340// one byte target with longer source (should fail) 341TEST(DEATHTEST, strcpy4_fortified) { 342 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 343 char buf[1]; 344 char *orig = strdup("12"); 345 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), ""); 346 free(orig); 347} 348 349TEST(DEATHTEST, strlen_fortified) { 350 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 351 char buf[10]; 352 memcpy(buf, "0123456789", sizeof(buf)); 353 ASSERT_EXIT(printf("%zd", strlen(buf)), testing::KilledBySignal(SIGABRT), ""); 354} 355 356TEST(DEATHTEST, strchr_fortified) { 357 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 358 char buf[10]; 359 memcpy(buf, "0123456789", sizeof(buf)); 360 ASSERT_EXIT(printf("%s", strchr(buf, 'a')), testing::KilledBySignal(SIGABRT), ""); 361} 362 363TEST(DEATHTEST, strrchr_fortified) { 364 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 365 char buf[10]; 366 memcpy(buf, "0123456789", sizeof(buf)); 367 ASSERT_EXIT(printf("%s", strrchr(buf, 'a')), testing::KilledBySignal(SIGABRT), ""); 368} 369 370TEST(DEATHTEST, strlcpy_fortified) { 371 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 372 char bufa[15]; 373 char bufb[10]; 374 strcpy(bufa, "01234567890123"); 375 size_t n = strlen(bufa); 376 ASSERT_EXIT(strlcpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), ""); 377} 378 379TEST(DEATHTEST, strlcat_fortified) { 380 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 381 char bufa[15]; 382 char bufb[10]; 383 bufb[0] = '\0'; 384 strcpy(bufa, "01234567890123"); 385 size_t n = strlen(bufa); 386 ASSERT_EXIT(strlcat(bufb, bufa, n), testing::KilledBySignal(SIGABRT), ""); 387} 388 389#endif 390 391TEST(DEATHTEST, sprintf_fortified) { 392 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 393 char buf[10]; 394 char source_buf[15]; 395 memcpy(source_buf, "12345678901234", 15); 396 ASSERT_EXIT(sprintf(buf, "%s", source_buf), testing::KilledBySignal(SIGABRT), ""); 397} 398 399#ifndef __clang__ 400// This test is disabled in clang because clang doesn't properly detect 401// this buffer overflow. TODO: Fix clang. 402TEST(DEATHTEST, sprintf_malloc_fortified) { 403 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 404 char* buf = (char *) malloc(10); 405 char source_buf[11]; 406 memcpy(source_buf, "1234567890", 11); 407 ASSERT_EXIT(sprintf(buf, "%s", source_buf), testing::KilledBySignal(SIGABRT), ""); 408 free(buf); 409} 410#endif 411 412TEST(DEATHTEST, sprintf2_fortified) { 413 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 414 char buf[5]; 415 ASSERT_EXIT(sprintf(buf, "aaaaa"), testing::KilledBySignal(SIGABRT), ""); 416} 417 418static int vsprintf_helper(const char *fmt, ...) { 419 char buf[10]; 420 va_list va; 421 int result; 422 423 va_start(va, fmt); 424 result = vsprintf(buf, fmt, va); // should crash here 425 va_end(va); 426 return result; 427} 428 429TEST(DEATHTEST, vsprintf_fortified) { 430 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 431 ASSERT_EXIT(vsprintf_helper("%s", "0123456789"), testing::KilledBySignal(SIGABRT), ""); 432} 433 434TEST(DEATHTEST, vsprintf2_fortified) { 435 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 436 ASSERT_EXIT(vsprintf_helper("0123456789"), testing::KilledBySignal(SIGABRT), ""); 437} 438 439static int vsnprintf_helper(const char *fmt, ...) { 440 char buf[10]; 441 va_list va; 442 int result; 443 size_t size = atoi("11"); 444 445 va_start(va, fmt); 446 result = vsnprintf(buf, size, fmt, va); // should crash here 447 va_end(va); 448 return result; 449} 450 451TEST(DEATHTEST, vsnprintf_fortified) { 452 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 453 ASSERT_EXIT(vsnprintf_helper("%s", "0123456789"), testing::KilledBySignal(SIGABRT), ""); 454} 455 456TEST(DEATHTEST, vsnprintf2_fortified) { 457 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 458 ASSERT_EXIT(vsnprintf_helper("0123456789"), testing::KilledBySignal(SIGABRT), ""); 459} 460 461TEST(DEATHTEST, strncat_fortified) { 462 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 463 char buf[10]; 464 size_t n = atoi("10"); // avoid compiler optimizations 465 strncpy(buf, "012345678", n); 466 ASSERT_EXIT(strncat(buf, "9", n), testing::KilledBySignal(SIGABRT), ""); 467} 468 469TEST(DEATHTEST, strncat2_fortified) { 470 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 471 char buf[10]; 472 buf[0] = '\0'; 473 size_t n = atoi("10"); // avoid compiler optimizations 474 ASSERT_EXIT(strncat(buf, "0123456789", n), testing::KilledBySignal(SIGABRT), ""); 475} 476 477TEST(DEATHTEST, strcat_fortified) { 478 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 479 char src[11]; 480 strcpy(src, "0123456789"); 481 char buf[10]; 482 buf[0] = '\0'; 483 ASSERT_EXIT(strcat(buf, src), testing::KilledBySignal(SIGABRT), ""); 484} 485 486TEST(DEATHTEST, memmove_fortified) { 487 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 488 char buf[20]; 489 strcpy(buf, "0123456789"); 490 size_t n = atoi("10"); 491 ASSERT_EXIT(memmove(buf + 11, buf, n), testing::KilledBySignal(SIGABRT), ""); 492} 493 494TEST(DEATHTEST, memcpy_fortified) { 495 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 496 char bufa[10]; 497 char bufb[10]; 498 strcpy(bufa, "012345678"); 499 size_t n = atoi("11"); 500 ASSERT_EXIT(memcpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), ""); 501} 502 503TEST(DEATHTEST, strncpy_fortified) { 504 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 505 char bufa[15]; 506 char bufb[10]; 507 strcpy(bufa, "01234567890123"); 508 size_t n = strlen(bufa); 509 ASSERT_EXIT(strncpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), ""); 510} 511 512TEST(DEATHTEST, strncpy2_fortified) { 513 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 514 char dest[11]; 515 char src[10]; 516 memcpy(src, "0123456789", sizeof(src)); // src is not null terminated 517 ASSERT_EXIT(strncpy(dest, src, sizeof(dest)), testing::KilledBySignal(SIGABRT), ""); 518} 519 520TEST(DEATHTEST, snprintf_fortified) { 521 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 522 char bufa[15]; 523 char bufb[10]; 524 strcpy(bufa, "0123456789"); 525 size_t n = strlen(bufa) + 1; 526 ASSERT_EXIT(snprintf(bufb, n, "%s", bufa), testing::KilledBySignal(SIGABRT), ""); 527} 528 529TEST(DEATHTEST, bzero_fortified) { 530 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 531 char buf[10]; 532 memcpy(buf, "0123456789", sizeof(buf)); 533 size_t n = atoi("11"); 534 ASSERT_EXIT(bzero(buf, n), testing::KilledBySignal(SIGABRT), ""); 535} 536 537TEST(DEATHTEST, umask_fortified) { 538 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 539 mode_t mask = atoi("1023"); // 01777 in octal 540 ASSERT_EXIT(umask(mask), testing::KilledBySignal(SIGABRT), ""); 541} 542 543TEST(DEATHTEST, recv_fortified) { 544 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 545 size_t data_len = atoi("11"); // suppress compiler optimizations 546 char buf[10]; 547 ASSERT_EXIT(recv(0, buf, data_len, 0), testing::KilledBySignal(SIGABRT), ""); 548} 549 550TEST(DEATHTEST, FD_ISSET_fortified) { 551 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 552 fd_set set; 553 memset(&set, 0, sizeof(set)); 554 ASSERT_EXIT(FD_ISSET(-1, &set), testing::KilledBySignal(SIGABRT), ""); 555} 556 557TEST(DEATHTEST, FD_ISSET_2_fortified) { 558 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 559 char buf[1]; 560 fd_set* set = (fd_set*) buf; 561 ASSERT_EXIT(FD_ISSET(0, set), testing::KilledBySignal(SIGABRT), ""); 562} 563 564TEST(DEATHTEST, FD_ZERO_fortified) { 565 ::testing::FLAGS_gtest_death_test_style = "threadsafe"; 566 char buf[1]; 567 fd_set* set = (fd_set*) buf; 568 ASSERT_EXIT(FD_ZERO(set), testing::KilledBySignal(SIGABRT), ""); 569} 570 571extern "C" char* __strncat_chk(char*, const char*, size_t, size_t); 572extern "C" char* __strcat_chk(char*, const char*, size_t); 573 574TEST(TEST_NAME, strncat) { 575 char buf[10]; 576 memset(buf, 'A', sizeof(buf)); 577 buf[0] = 'a'; 578 buf[1] = '\0'; 579 char* res = __strncat_chk(buf, "01234", sizeof(buf) - strlen(buf) - 1, sizeof(buf)); 580 ASSERT_EQ(buf, res); 581 ASSERT_EQ('a', buf[0]); 582 ASSERT_EQ('0', buf[1]); 583 ASSERT_EQ('1', buf[2]); 584 ASSERT_EQ('2', buf[3]); 585 ASSERT_EQ('3', buf[4]); 586 ASSERT_EQ('4', buf[5]); 587 ASSERT_EQ('\0', buf[6]); 588 ASSERT_EQ('A', buf[7]); 589 ASSERT_EQ('A', buf[8]); 590 ASSERT_EQ('A', buf[9]); 591} 592 593TEST(TEST_NAME, strncat2) { 594 char buf[10]; 595 memset(buf, 'A', sizeof(buf)); 596 buf[0] = 'a'; 597 buf[1] = '\0'; 598 char* res = __strncat_chk(buf, "0123456789", 5, sizeof(buf)); 599 ASSERT_EQ(buf, res); 600 ASSERT_EQ('a', buf[0]); 601 ASSERT_EQ('0', buf[1]); 602 ASSERT_EQ('1', buf[2]); 603 ASSERT_EQ('2', buf[3]); 604 ASSERT_EQ('3', buf[4]); 605 ASSERT_EQ('4', buf[5]); 606 ASSERT_EQ('\0', buf[6]); 607 ASSERT_EQ('A', buf[7]); 608 ASSERT_EQ('A', buf[8]); 609 ASSERT_EQ('A', buf[9]); 610} 611 612TEST(TEST_NAME, strncat3) { 613 char buf[10]; 614 memset(buf, 'A', sizeof(buf)); 615 buf[0] = '\0'; 616 char* res = __strncat_chk(buf, "0123456789", 5, sizeof(buf)); 617 ASSERT_EQ(buf, res); 618 ASSERT_EQ('0', buf[0]); 619 ASSERT_EQ('1', buf[1]); 620 ASSERT_EQ('2', buf[2]); 621 ASSERT_EQ('3', buf[3]); 622 ASSERT_EQ('4', buf[4]); 623 ASSERT_EQ('\0', buf[5]); 624 ASSERT_EQ('A', buf[6]); 625 ASSERT_EQ('A', buf[7]); 626 ASSERT_EQ('A', buf[8]); 627 ASSERT_EQ('A', buf[9]); 628} 629 630TEST(TEST_NAME, strncat4) { 631 char buf[10]; 632 memset(buf, 'A', sizeof(buf)); 633 buf[9] = '\0'; 634 char* res = __strncat_chk(buf, "", 5, sizeof(buf)); 635 ASSERT_EQ(buf, res); 636 ASSERT_EQ('A', buf[0]); 637 ASSERT_EQ('A', buf[1]); 638 ASSERT_EQ('A', buf[2]); 639 ASSERT_EQ('A', buf[3]); 640 ASSERT_EQ('A', buf[4]); 641 ASSERT_EQ('A', buf[5]); 642 ASSERT_EQ('A', buf[6]); 643 ASSERT_EQ('A', buf[7]); 644 ASSERT_EQ('A', buf[8]); 645 ASSERT_EQ('\0', buf[9]); 646} 647 648TEST(TEST_NAME, strncat5) { 649 char buf[10]; 650 memset(buf, 'A', sizeof(buf)); 651 buf[0] = 'a'; 652 buf[1] = '\0'; 653 char* res = __strncat_chk(buf, "01234567", 8, sizeof(buf)); 654 ASSERT_EQ(buf, res); 655 ASSERT_EQ('a', buf[0]); 656 ASSERT_EQ('0', buf[1]); 657 ASSERT_EQ('1', buf[2]); 658 ASSERT_EQ('2', buf[3]); 659 ASSERT_EQ('3', buf[4]); 660 ASSERT_EQ('4', buf[5]); 661 ASSERT_EQ('5', buf[6]); 662 ASSERT_EQ('6', buf[7]); 663 ASSERT_EQ('7', buf[8]); 664 ASSERT_EQ('\0', buf[9]); 665} 666 667TEST(TEST_NAME, strncat6) { 668 char buf[10]; 669 memset(buf, 'A', sizeof(buf)); 670 buf[0] = 'a'; 671 buf[1] = '\0'; 672 char* res = __strncat_chk(buf, "01234567", 9, sizeof(buf)); 673 ASSERT_EQ(buf, res); 674 ASSERT_EQ('a', buf[0]); 675 ASSERT_EQ('0', buf[1]); 676 ASSERT_EQ('1', buf[2]); 677 ASSERT_EQ('2', buf[3]); 678 ASSERT_EQ('3', buf[4]); 679 ASSERT_EQ('4', buf[5]); 680 ASSERT_EQ('5', buf[6]); 681 ASSERT_EQ('6', buf[7]); 682 ASSERT_EQ('7', buf[8]); 683 ASSERT_EQ('\0', buf[9]); 684} 685 686 687TEST(TEST_NAME, strcat) { 688 char buf[10]; 689 memset(buf, 'A', sizeof(buf)); 690 buf[0] = 'a'; 691 buf[1] = '\0'; 692 char* res = __strcat_chk(buf, "01234", sizeof(buf)); 693 ASSERT_EQ(buf, res); 694 ASSERT_EQ('a', buf[0]); 695 ASSERT_EQ('0', buf[1]); 696 ASSERT_EQ('1', buf[2]); 697 ASSERT_EQ('2', buf[3]); 698 ASSERT_EQ('3', buf[4]); 699 ASSERT_EQ('4', buf[5]); 700 ASSERT_EQ('\0', buf[6]); 701 ASSERT_EQ('A', buf[7]); 702 ASSERT_EQ('A', buf[8]); 703 ASSERT_EQ('A', buf[9]); 704} 705 706TEST(TEST_NAME, strcat2) { 707 char buf[10]; 708 memset(buf, 'A', sizeof(buf)); 709 buf[0] = 'a'; 710 buf[1] = '\0'; 711 char* res = __strcat_chk(buf, "01234567", sizeof(buf)); 712 ASSERT_EQ(buf, res); 713 ASSERT_EQ('a', buf[0]); 714 ASSERT_EQ('0', buf[1]); 715 ASSERT_EQ('1', buf[2]); 716 ASSERT_EQ('2', buf[3]); 717 ASSERT_EQ('3', buf[4]); 718 ASSERT_EQ('4', buf[5]); 719 ASSERT_EQ('5', buf[6]); 720 ASSERT_EQ('6', buf[7]); 721 ASSERT_EQ('7', buf[8]); 722 ASSERT_EQ('\0', buf[9]); 723} 724 725TEST(TEST_NAME, strncpy) { 726 char src[10]; 727 char dst[10]; 728 memcpy(src, "0123456789", sizeof(src)); // non null terminated string 729 strncpy(dst, src, sizeof(dst)); 730 ASSERT_EQ('0', dst[0]); 731 ASSERT_EQ('1', dst[1]); 732 ASSERT_EQ('2', dst[2]); 733 ASSERT_EQ('3', dst[3]); 734 ASSERT_EQ('4', dst[4]); 735 ASSERT_EQ('5', dst[5]); 736 ASSERT_EQ('6', dst[6]); 737 ASSERT_EQ('7', dst[7]); 738 ASSERT_EQ('8', dst[8]); 739 ASSERT_EQ('9', dst[9]); 740} 741 742TEST(TEST_NAME, strncpy2) { 743 char src[10]; 744 char dst[15]; 745 memcpy(src, "012345678\0", sizeof(src)); 746 strncpy(dst, src, sizeof(dst)); 747 ASSERT_EQ('0', dst[0]); 748 ASSERT_EQ('1', dst[1]); 749 ASSERT_EQ('2', dst[2]); 750 ASSERT_EQ('3', dst[3]); 751 ASSERT_EQ('4', dst[4]); 752 ASSERT_EQ('5', dst[5]); 753 ASSERT_EQ('6', dst[6]); 754 ASSERT_EQ('7', dst[7]); 755 ASSERT_EQ('8', dst[8]); 756 ASSERT_EQ('\0', dst[9]); 757 ASSERT_EQ('\0', dst[10]); 758 ASSERT_EQ('\0', dst[11]); 759 ASSERT_EQ('\0', dst[12]); 760 ASSERT_EQ('\0', dst[13]); 761 ASSERT_EQ('\0', dst[14]); 762} 763 764TEST(TEST_NAME, strcat_chk_max_int_size) { 765 char buf[10]; 766 memset(buf, 'A', sizeof(buf)); 767 buf[0] = 'a'; 768 buf[1] = '\0'; 769 char* res = __strcat_chk(buf, "01234567", (size_t)-1); 770 ASSERT_EQ(buf, res); 771 ASSERT_EQ('a', buf[0]); 772 ASSERT_EQ('0', buf[1]); 773 ASSERT_EQ('1', buf[2]); 774 ASSERT_EQ('2', buf[3]); 775 ASSERT_EQ('3', buf[4]); 776 ASSERT_EQ('4', buf[5]); 777 ASSERT_EQ('5', buf[6]); 778 ASSERT_EQ('6', buf[7]); 779 ASSERT_EQ('7', buf[8]); 780 ASSERT_EQ('\0', buf[9]); 781} 782 783extern "C" char* __strcpy_chk(char*, const char*, size_t); 784 785TEST(TEST_NAME, strcpy_chk_max_int_size) { 786 char buf[10]; 787 char* res = __strcpy_chk(buf, "012345678", (size_t)-1); 788 ASSERT_EQ(buf, res); 789 ASSERT_EQ('0', buf[0]); 790 ASSERT_EQ('1', buf[1]); 791 ASSERT_EQ('2', buf[2]); 792 ASSERT_EQ('3', buf[3]); 793 ASSERT_EQ('4', buf[4]); 794 ASSERT_EQ('5', buf[5]); 795 ASSERT_EQ('6', buf[6]); 796 ASSERT_EQ('7', buf[7]); 797 ASSERT_EQ('8', buf[8]); 798 ASSERT_EQ('\0', buf[9]); 799} 800 801extern "C" void* __memcpy_chk(void*, const void*, size_t, size_t); 802 803TEST(TEST_NAME, memcpy_chk_max_int_size) { 804 char buf[10]; 805 void* res = __memcpy_chk(buf, "012345678", sizeof(buf), (size_t)-1); 806 ASSERT_EQ((void*)buf, res); 807 ASSERT_EQ('0', buf[0]); 808 ASSERT_EQ('1', buf[1]); 809 ASSERT_EQ('2', buf[2]); 810 ASSERT_EQ('3', buf[3]); 811 ASSERT_EQ('4', buf[4]); 812 ASSERT_EQ('5', buf[5]); 813 ASSERT_EQ('6', buf[6]); 814 ASSERT_EQ('7', buf[7]); 815 ASSERT_EQ('8', buf[8]); 816 ASSERT_EQ('\0', buf[9]); 817} 818