1/* 2 * Copyright (C) 2013 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#include <gtest/gtest.h> 18#include "BionicDeathTest.h" 19 20#include <fcntl.h> 21#include <malloc.h> 22#include <poll.h> 23#include <signal.h> 24#include <stdarg.h> 25#include <string.h> 26#include <sys/socket.h> 27#include <sys/stat.h> 28#include <sys/types.h> 29#include <time.h> 30 31#if __BIONIC__ 32#define ASSERT_FORTIFY(expr) ASSERT_EXIT(expr, testing::KilledBySignal(SIGABRT), "FORTIFY") 33#else 34#define ASSERT_FORTIFY(expr) ASSERT_EXIT(expr, testing::KilledBySignal(SIGABRT), "") 35#endif 36 37// Fortify test code needs to run multiple times, so TEST_NAME macro is used to 38// distinguish different tests. TEST_NAME is defined in compilation command. 39#define DEATHTEST_PASTER(name) name##_DeathTest 40#define DEATHTEST_EVALUATOR(name) DEATHTEST_PASTER(name) 41#define DEATHTEST DEATHTEST_EVALUATOR(TEST_NAME) 42 43class DEATHTEST : public BionicDeathTest {}; 44 45#if defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE == 2 46struct foo { 47 char empty[0]; 48 char one[1]; 49 char a[10]; 50 char b[10]; 51}; 52 53#ifndef __clang__ 54// This test is disabled in clang because clang doesn't properly detect 55// this buffer overflow. TODO: Fix clang. 56TEST_F(DEATHTEST, stpncpy_fortified2) { 57 foo myfoo; 58 int copy_amt = atoi("11"); 59 ASSERT_FORTIFY(stpncpy(myfoo.a, "01234567890", copy_amt)); 60} 61#endif 62 63#ifndef __clang__ 64// This test is disabled in clang because clang doesn't properly detect 65// this buffer overflow. TODO: Fix clang. 66TEST_F(DEATHTEST, stpncpy2_fortified2) { 67 foo myfoo; 68 memset(&myfoo, 0, sizeof(myfoo)); 69 myfoo.one[0] = 'A'; // not null terminated string 70 ASSERT_FORTIFY(stpncpy(myfoo.b, myfoo.one, sizeof(myfoo.b))); 71} 72#endif 73 74#ifndef __clang__ 75// This test is disabled in clang because clang doesn't properly detect 76// this buffer overflow. TODO: Fix clang. 77TEST_F(DEATHTEST, strncpy_fortified2) { 78 foo myfoo; 79 int copy_amt = atoi("11"); 80 ASSERT_FORTIFY(strncpy(myfoo.a, "01234567890", copy_amt)); 81} 82#endif 83 84#ifndef __clang__ 85// This test is disabled in clang because clang doesn't properly detect 86// this buffer overflow. TODO: Fix clang. 87TEST_F(DEATHTEST, strncpy2_fortified2) { 88 foo myfoo; 89 memset(&myfoo, 0, sizeof(myfoo)); 90 myfoo.one[0] = 'A'; // not null terminated string 91 ASSERT_FORTIFY(strncpy(myfoo.b, myfoo.one, sizeof(myfoo.b))); 92} 93#endif 94 95#ifndef __clang__ 96// This test is disabled in clang because clang doesn't properly detect 97// this buffer overflow. TODO: Fix clang. 98TEST_F(DEATHTEST, sprintf_fortified2) { 99 foo myfoo; 100 char source_buf[15]; 101 memcpy(source_buf, "12345678901234", 15); 102 ASSERT_FORTIFY(sprintf(myfoo.a, "%s", source_buf)); 103} 104#endif 105 106#ifndef __clang__ 107// This test is disabled in clang because clang doesn't properly detect 108// this buffer overflow. TODO: Fix clang. 109TEST_F(DEATHTEST, sprintf2_fortified2) { 110 foo myfoo; 111 ASSERT_FORTIFY(sprintf(myfoo.a, "0123456789")); 112} 113#endif 114 115#ifndef __clang__ 116// These tests are disabled in clang because clang doesn't properly detect 117// this buffer overflow. TODO: Fix clang. 118static int vsprintf_helper2(const char *fmt, ...) { 119 foo myfoo; 120 va_list va; 121 int result; 122 123 va_start(va, fmt); 124 result = vsprintf(myfoo.a, fmt, va); // should crash here 125 va_end(va); 126 return result; 127} 128 129TEST_F(DEATHTEST, vsprintf_fortified2) { 130 ASSERT_FORTIFY(vsprintf_helper2("%s", "0123456789")); 131} 132 133TEST_F(DEATHTEST, vsprintf2_fortified2) { 134 ASSERT_FORTIFY(vsprintf_helper2("0123456789")); 135} 136#endif 137 138#ifndef __clang__ 139// These tests are disabled in clang because clang doesn't properly detect 140// this buffer overflow. TODO: Fix clang. 141static int vsnprintf_helper2(const char *fmt, ...) { 142 foo myfoo; 143 va_list va; 144 int result; 145 size_t size = atoi("11"); 146 147 va_start(va, fmt); 148 result = vsnprintf(myfoo.a, size, fmt, va); // should crash here 149 va_end(va); 150 return result; 151} 152 153TEST_F(DEATHTEST, vsnprintf_fortified2) { 154 ASSERT_FORTIFY(vsnprintf_helper2("%s", "0123456789")); 155} 156 157TEST_F(DEATHTEST, vsnprintf2_fortified2) { 158 ASSERT_FORTIFY(vsnprintf_helper2("0123456789")); 159} 160#endif 161 162#ifndef __clang__ 163// zero sized target with "\0" source (should fail) 164// This test is disabled in clang because clang doesn't properly detect 165// this buffer overflow. TODO: Fix clang. 166TEST_F(DEATHTEST, stpcpy_fortified2) { 167#if defined(__BIONIC__) 168 foo myfoo; 169 char* src = strdup(""); 170 ASSERT_FORTIFY(stpcpy(myfoo.empty, src)); 171 free(src); 172#else // __BIONIC__ 173 GTEST_LOG_(INFO) << "This test does nothing.\n"; 174#endif // __BIONIC__ 175} 176#endif 177 178#ifndef __clang__ 179// zero sized target with "\0" source (should fail) 180// This test is disabled in clang because clang doesn't properly detect 181// this buffer overflow. TODO: Fix clang. 182TEST_F(DEATHTEST, strcpy_fortified2) { 183#if defined(__BIONIC__) 184 foo myfoo; 185 char* src = strdup(""); 186 ASSERT_FORTIFY(strcpy(myfoo.empty, src)); 187 free(src); 188#else // __BIONIC__ 189 GTEST_LOG_(INFO) << "This test does nothing.\n"; 190#endif // __BIONIC__ 191} 192#endif 193 194#ifndef __clang__ 195// zero sized target with longer source (should fail) 196// This test is disabled in clang because clang doesn't properly detect 197// this buffer overflow. TODO: Fix clang. 198TEST_F(DEATHTEST, strcpy2_fortified2) { 199#if defined(__BIONIC__) 200 foo myfoo; 201 char* src = strdup("1"); 202 ASSERT_FORTIFY(strcpy(myfoo.empty, src)); 203 free(src); 204#else // __BIONIC__ 205 GTEST_LOG_(INFO) << "This test does nothing.\n"; 206#endif // __BIONIC__ 207} 208#endif 209 210#ifndef __clang__ 211// one byte target with longer source (should fail) 212// This test is disabled in clang because clang doesn't properly detect 213// this buffer overflow. TODO: Fix clang. 214TEST_F(DEATHTEST, strcpy3_fortified2) { 215#if defined(__BIONIC__) 216 foo myfoo; 217 char* src = strdup("12"); 218 ASSERT_FORTIFY(strcpy(myfoo.one, src)); 219 free(src); 220#else // __BIONIC__ 221 GTEST_LOG_(INFO) << "This test does nothing.\n"; 222#endif // __BIONIC__ 223} 224#endif 225 226#ifndef __clang__ 227// This test is disabled in clang because clang doesn't properly detect 228// this buffer overflow. TODO: Fix clang. 229TEST_F(DEATHTEST, strchr_fortified2) { 230#if defined(__BIONIC__) 231 foo myfoo; 232 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a)); 233 myfoo.b[0] = '\0'; 234 ASSERT_FORTIFY(printf("%s", strchr(myfoo.a, 'a'))); 235#else // __BIONIC__ 236 GTEST_LOG_(INFO) << "This test does nothing.\n"; 237#endif // __BIONIC__ 238} 239#endif 240 241#ifndef __clang__ 242// This test is disabled in clang because clang doesn't properly detect 243// this buffer overflow. TODO: Fix clang. 244TEST_F(DEATHTEST, strrchr_fortified2) { 245#if defined(__BIONIC__) 246 foo myfoo; 247 memcpy(myfoo.a, "0123456789", 10); 248 memcpy(myfoo.b, "01234", 6); 249 ASSERT_FORTIFY(printf("%s", strrchr(myfoo.a, 'a'))); 250#else // __BIONIC__ 251 GTEST_LOG_(INFO) << "This test does nothing.\n"; 252#endif // __BIONIC__ 253} 254#endif 255 256#ifndef __clang__ 257// This test is disabled in clang because clang doesn't properly detect 258// this buffer overflow. TODO: Fix clang. 259TEST_F(DEATHTEST, strlcpy_fortified2) { 260#if defined(__BIONIC__) 261 foo myfoo; 262 strcpy(myfoo.a, "01"); 263 size_t n = strlen(myfoo.a); 264 ASSERT_FORTIFY(strlcpy(myfoo.one, myfoo.a, n)); 265#else // __BIONIC__ 266 GTEST_LOG_(INFO) << "This test does nothing.\n"; 267#endif // __BIONIC__ 268} 269#endif 270 271#ifndef __clang__ 272// This test is disabled in clang because clang doesn't properly detect 273// this buffer overflow. TODO: Fix clang. 274TEST_F(DEATHTEST, strlcat_fortified2) { 275#if defined(__BIONIC__) 276 foo myfoo; 277 strcpy(myfoo.a, "01"); 278 myfoo.one[0] = '\0'; 279 size_t n = strlen(myfoo.a); 280 ASSERT_FORTIFY(strlcat(myfoo.one, myfoo.a, n)); 281#else // __BIONIC__ 282 GTEST_LOG_(INFO) << "This test does nothing.\n"; 283#endif // __BIONIC__ 284} 285#endif 286 287#ifndef __clang__ 288// This test is disabled in clang because clang doesn't properly detect 289// this buffer overflow. TODO: Fix clang. 290TEST_F(DEATHTEST, strncat_fortified2) { 291 foo myfoo; 292 size_t n = atoi("10"); // avoid compiler optimizations 293 strncpy(myfoo.a, "012345678", n); 294 ASSERT_FORTIFY(strncat(myfoo.a, "9", n)); 295} 296#endif 297 298#ifndef __clang__ 299// This test is disabled in clang because clang doesn't properly detect 300// this buffer overflow. TODO: Fix clang. 301TEST_F(DEATHTEST, strncat2_fortified2) { 302 foo myfoo; 303 myfoo.a[0] = '\0'; 304 size_t n = atoi("10"); // avoid compiler optimizations 305 ASSERT_FORTIFY(strncat(myfoo.a, "0123456789", n)); 306} 307#endif 308 309TEST_F(DEATHTEST, strncat3_fortified2) { 310 foo myfoo; 311 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a)); // unterminated string 312 myfoo.b[0] = '\0'; 313 size_t n = atoi("10"); // avoid compiler optimizations 314 ASSERT_FORTIFY(strncat(myfoo.b, myfoo.a, n)); 315} 316 317#ifndef __clang__ 318// This test is disabled in clang because clang doesn't properly detect 319// this buffer overflow. TODO: Fix clang. 320TEST_F(DEATHTEST, strcat_fortified2) { 321 char src[11]; 322 strcpy(src, "0123456789"); 323 foo myfoo; 324 myfoo.a[0] = '\0'; 325 ASSERT_FORTIFY(strcat(myfoo.a, src)); 326} 327#endif 328 329TEST_F(DEATHTEST, strcat2_fortified2) { 330 foo myfoo; 331 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a)); // unterminated string 332 myfoo.b[0] = '\0'; 333 ASSERT_FORTIFY(strcat(myfoo.b, myfoo.a)); 334} 335 336TEST_F(DEATHTEST, snprintf_fortified2) { 337 foo myfoo; 338 strcpy(myfoo.a, "012345678"); 339 size_t n = strlen(myfoo.a) + 2; 340 ASSERT_FORTIFY(snprintf(myfoo.b, n, "a%s", myfoo.a)); 341} 342 343TEST_F(DEATHTEST, bzero_fortified2) { 344 foo myfoo; 345 memcpy(myfoo.b, "0123456789", sizeof(myfoo.b)); 346 size_t n = atoi("11"); 347 ASSERT_FORTIFY(bzero(myfoo.b, n)); 348} 349 350#endif /* defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE=2 */ 351 352// multibyte target where we over fill (should fail) 353TEST_F(DEATHTEST, strcpy_fortified) { 354#if defined(__BIONIC__) 355 char buf[10]; 356 char *orig = strdup("0123456789"); 357 ASSERT_FORTIFY(strcpy(buf, orig)); 358 free(orig); 359#else // __BIONIC__ 360 GTEST_LOG_(INFO) << "This test does nothing.\n"; 361#endif // __BIONIC__ 362} 363 364// zero sized target with "\0" source (should fail) 365TEST_F(DEATHTEST, strcpy2_fortified) { 366#if defined(__BIONIC__) 367 char buf[0]; 368 char *orig = strdup(""); 369 ASSERT_FORTIFY(strcpy(buf, orig)); 370 free(orig); 371#else // __BIONIC__ 372 GTEST_LOG_(INFO) << "This test does nothing.\n"; 373#endif // __BIONIC__ 374} 375 376// zero sized target with longer source (should fail) 377TEST_F(DEATHTEST, strcpy3_fortified) { 378#if defined(__BIONIC__) 379 char buf[0]; 380 char *orig = strdup("1"); 381 ASSERT_FORTIFY(strcpy(buf, orig)); 382 free(orig); 383#else // __BIONIC__ 384 GTEST_LOG_(INFO) << "This test does nothing.\n"; 385#endif // __BIONIC__ 386} 387 388// one byte target with longer source (should fail) 389TEST_F(DEATHTEST, strcpy4_fortified) { 390#if defined(__BIONIC__) 391 char buf[1]; 392 char *orig = strdup("12"); 393 ASSERT_FORTIFY(strcpy(buf, orig)); 394 free(orig); 395#else // __BIONIC__ 396 GTEST_LOG_(INFO) << "This test does nothing.\n"; 397#endif // __BIONIC__ 398} 399 400TEST_F(DEATHTEST, strlen_fortified) { 401#if defined(__BIONIC__) 402 char buf[10]; 403 memcpy(buf, "0123456789", sizeof(buf)); 404 ASSERT_FORTIFY(printf("%zd", strlen(buf))); 405#else // __BIONIC__ 406 GTEST_LOG_(INFO) << "This test does nothing.\n"; 407#endif // __BIONIC__ 408} 409 410TEST_F(DEATHTEST, strchr_fortified) { 411#if defined(__BIONIC__) 412 char buf[10]; 413 memcpy(buf, "0123456789", sizeof(buf)); 414 ASSERT_FORTIFY(printf("%s", strchr(buf, 'a'))); 415#else // __BIONIC__ 416 GTEST_LOG_(INFO) << "This test does nothing.\n"; 417#endif // __BIONIC__ 418} 419 420TEST_F(DEATHTEST, strrchr_fortified) { 421#if defined(__BIONIC__) 422 char buf[10]; 423 memcpy(buf, "0123456789", sizeof(buf)); 424 ASSERT_FORTIFY(printf("%s", strrchr(buf, 'a'))); 425#else // __BIONIC__ 426 GTEST_LOG_(INFO) << "This test does nothing.\n"; 427#endif // __BIONIC__ 428} 429 430TEST_F(DEATHTEST, strlcpy_fortified) { 431#if defined(__BIONIC__) 432 char bufa[15]; 433 char bufb[10]; 434 strcpy(bufa, "01234567890123"); 435 size_t n = strlen(bufa); 436 ASSERT_FORTIFY(strlcpy(bufb, bufa, n)); 437#else // __BIONIC__ 438 GTEST_LOG_(INFO) << "This test does nothing.\n"; 439#endif // __BIONIC__ 440} 441 442TEST_F(DEATHTEST, strlcat_fortified) { 443#if defined(__BIONIC__) 444 char bufa[15]; 445 char bufb[10]; 446 bufb[0] = '\0'; 447 strcpy(bufa, "01234567890123"); 448 size_t n = strlen(bufa); 449 ASSERT_FORTIFY(strlcat(bufb, bufa, n)); 450#else // __BIONIC__ 451 GTEST_LOG_(INFO) << "This test does nothing.\n"; 452#endif // __BIONIC__ 453} 454 455TEST_F(DEATHTEST, sprintf_fortified) { 456 char buf[10]; 457 char source_buf[15]; 458 memcpy(source_buf, "12345678901234", 15); 459 ASSERT_FORTIFY(sprintf(buf, "%s", source_buf)); 460} 461 462#ifndef __clang__ 463// This test is disabled in clang because clang doesn't properly detect 464// this buffer overflow. TODO: Fix clang. 465TEST_F(DEATHTEST, sprintf_malloc_fortified) { 466 char* buf = (char *) malloc(10); 467 char source_buf[11]; 468 memcpy(source_buf, "1234567890", 11); 469 ASSERT_FORTIFY(sprintf(buf, "%s", source_buf)); 470 free(buf); 471} 472#endif 473 474TEST_F(DEATHTEST, sprintf2_fortified) { 475 char buf[5]; 476 ASSERT_FORTIFY(sprintf(buf, "aaaaa")); 477} 478 479static int vsprintf_helper(const char *fmt, ...) { 480 char buf[10]; 481 va_list va; 482 int result; 483 484 va_start(va, fmt); 485 result = vsprintf(buf, fmt, va); // should crash here 486 va_end(va); 487 return result; 488} 489 490TEST_F(DEATHTEST, vsprintf_fortified) { 491 ASSERT_FORTIFY(vsprintf_helper("%s", "0123456789")); 492} 493 494TEST_F(DEATHTEST, vsprintf2_fortified) { 495 ASSERT_FORTIFY(vsprintf_helper("0123456789")); 496} 497 498static int vsnprintf_helper(const char *fmt, ...) { 499 char buf[10]; 500 va_list va; 501 int result; 502 size_t size = atoi("11"); 503 504 va_start(va, fmt); 505 result = vsnprintf(buf, size, fmt, va); // should crash here 506 va_end(va); 507 return result; 508} 509 510TEST_F(DEATHTEST, vsnprintf_fortified) { 511 ASSERT_FORTIFY(vsnprintf_helper("%s", "0123456789")); 512} 513 514TEST_F(DEATHTEST, vsnprintf2_fortified) { 515 ASSERT_FORTIFY(vsnprintf_helper("0123456789")); 516} 517 518TEST_F(DEATHTEST, strncat_fortified) { 519 char buf[10]; 520 size_t n = atoi("10"); // avoid compiler optimizations 521 strncpy(buf, "012345678", n); 522 ASSERT_FORTIFY(strncat(buf, "9", n)); 523} 524 525TEST_F(DEATHTEST, strncat2_fortified) { 526 char buf[10]; 527 buf[0] = '\0'; 528 size_t n = atoi("10"); // avoid compiler optimizations 529 ASSERT_FORTIFY(strncat(buf, "0123456789", n)); 530} 531 532TEST_F(DEATHTEST, strcat_fortified) { 533 char src[11]; 534 strcpy(src, "0123456789"); 535 char buf[10]; 536 buf[0] = '\0'; 537 ASSERT_FORTIFY(strcat(buf, src)); 538} 539 540TEST_F(DEATHTEST, memmove_fortified) { 541 char buf[20]; 542 strcpy(buf, "0123456789"); 543 size_t n = atoi("10"); 544 ASSERT_FORTIFY(memmove(buf + 11, buf, n)); 545} 546 547TEST_F(DEATHTEST, memcpy_fortified) { 548 char bufa[10]; 549 char bufb[10]; 550 strcpy(bufa, "012345678"); 551 size_t n = atoi("11"); 552 ASSERT_FORTIFY(memcpy(bufb, bufa, n)); 553} 554 555TEST_F(DEATHTEST, stpncpy_fortified) { 556 char bufa[15]; 557 char bufb[10]; 558 strcpy(bufa, "01234567890123"); 559 size_t n = strlen(bufa); 560 ASSERT_FORTIFY(stpncpy(bufb, bufa, n)); 561} 562 563TEST_F(DEATHTEST, stpncpy2_fortified) { 564 char dest[11]; 565 char src[10]; 566 memcpy(src, "0123456789", sizeof(src)); // src is not null terminated 567 ASSERT_FORTIFY(stpncpy(dest, src, sizeof(dest))); 568} 569 570TEST_F(DEATHTEST, strncpy_fortified) { 571 char bufa[15]; 572 char bufb[10]; 573 strcpy(bufa, "01234567890123"); 574 size_t n = strlen(bufa); 575 ASSERT_FORTIFY(strncpy(bufb, bufa, n)); 576} 577 578 579TEST_F(DEATHTEST, strncpy2_fortified) { 580 char dest[11]; 581 char src[10]; 582 memcpy(src, "0123456789", sizeof(src)); // src is not null terminated 583 ASSERT_FORTIFY(strncpy(dest, src, sizeof(dest))); 584} 585 586TEST_F(DEATHTEST, snprintf_fortified) { 587 char bufa[15]; 588 char bufb[10]; 589 strcpy(bufa, "0123456789"); 590 size_t n = strlen(bufa) + 1; 591 ASSERT_FORTIFY(snprintf(bufb, n, "%s", bufa)); 592} 593 594TEST_F(DEATHTEST, bzero_fortified) { 595 char buf[10]; 596 memcpy(buf, "0123456789", sizeof(buf)); 597 size_t n = atoi("11"); 598 ASSERT_FORTIFY(bzero(buf, n)); 599} 600 601TEST_F(DEATHTEST, umask_fortified) { 602 mode_t mask = atoi("1023"); // 01777 in octal 603 ASSERT_FORTIFY(umask(mask)); 604} 605 606TEST_F(DEATHTEST, recv_fortified) { 607 size_t data_len = atoi("11"); // suppress compiler optimizations 608 char buf[10]; 609 ASSERT_FORTIFY(recv(0, buf, data_len, 0)); 610} 611 612TEST_F(DEATHTEST, FD_ISSET_fortified) { 613#if defined(__BIONIC__) // glibc catches this at compile-time. 614 fd_set set; 615 memset(&set, 0, sizeof(set)); 616 ASSERT_FORTIFY(FD_ISSET(-1, &set)); 617#endif 618} 619 620TEST_F(DEATHTEST, FD_ISSET_2_fortified) { 621 char buf[1]; 622 fd_set* set = (fd_set*) buf; 623 ASSERT_FORTIFY(FD_ISSET(0, set)); 624} 625 626TEST_F(DEATHTEST, pread_fortified) { 627 char buf[1]; 628 size_t ct = atoi("2"); // prevent optimizations 629 int fd = open("/dev/null", O_RDONLY); 630 ASSERT_FORTIFY(pread(fd, buf, ct, 0)); 631 close(fd); 632} 633 634TEST_F(DEATHTEST, pread64_fortified) { 635 char buf[1]; 636 size_t ct = atoi("2"); // prevent optimizations 637 int fd = open("/dev/null", O_RDONLY); 638 ASSERT_FORTIFY(pread64(fd, buf, ct, 0)); 639 close(fd); 640} 641 642TEST_F(DEATHTEST, read_fortified) { 643 char buf[1]; 644 size_t ct = atoi("2"); // prevent optimizations 645 int fd = open("/dev/null", O_RDONLY); 646 ASSERT_FORTIFY(read(fd, buf, ct)); 647 close(fd); 648} 649 650TEST_F(DEATHTEST, readlink_fortified) { 651 char buf[1]; 652 size_t ct = atoi("2"); // prevent optimizations 653 ASSERT_FORTIFY(readlink("/dev/null", buf, ct)); 654} 655 656TEST_F(DEATHTEST, readlinkat_fortified) { 657 char buf[1]; 658 size_t ct = atoi("2"); // prevent optimizations 659 ASSERT_FORTIFY(readlinkat(AT_FDCWD, "/dev/null", buf, ct)); 660} 661 662extern "C" char* __strncat_chk(char*, const char*, size_t, size_t); 663extern "C" char* __strcat_chk(char*, const char*, size_t); 664 665TEST(TEST_NAME, strncat) { 666 char buf[10]; 667 memset(buf, 'A', sizeof(buf)); 668 buf[0] = 'a'; 669 buf[1] = '\0'; 670 char* res = __strncat_chk(buf, "01234", sizeof(buf) - strlen(buf) - 1, sizeof(buf)); 671 ASSERT_EQ(buf, res); 672 ASSERT_EQ('a', buf[0]); 673 ASSERT_EQ('0', buf[1]); 674 ASSERT_EQ('1', buf[2]); 675 ASSERT_EQ('2', buf[3]); 676 ASSERT_EQ('3', buf[4]); 677 ASSERT_EQ('4', buf[5]); 678 ASSERT_EQ('\0', buf[6]); 679 ASSERT_EQ('A', buf[7]); 680 ASSERT_EQ('A', buf[8]); 681 ASSERT_EQ('A', buf[9]); 682} 683 684TEST(TEST_NAME, strncat2) { 685 char buf[10]; 686 memset(buf, 'A', sizeof(buf)); 687 buf[0] = 'a'; 688 buf[1] = '\0'; 689 char* res = __strncat_chk(buf, "0123456789", 5, sizeof(buf)); 690 ASSERT_EQ(buf, res); 691 ASSERT_EQ('a', buf[0]); 692 ASSERT_EQ('0', buf[1]); 693 ASSERT_EQ('1', buf[2]); 694 ASSERT_EQ('2', buf[3]); 695 ASSERT_EQ('3', buf[4]); 696 ASSERT_EQ('4', buf[5]); 697 ASSERT_EQ('\0', buf[6]); 698 ASSERT_EQ('A', buf[7]); 699 ASSERT_EQ('A', buf[8]); 700 ASSERT_EQ('A', buf[9]); 701} 702 703TEST(TEST_NAME, strncat3) { 704 char buf[10]; 705 memset(buf, 'A', sizeof(buf)); 706 buf[0] = '\0'; 707 char* res = __strncat_chk(buf, "0123456789", 5, sizeof(buf)); 708 ASSERT_EQ(buf, res); 709 ASSERT_EQ('0', buf[0]); 710 ASSERT_EQ('1', buf[1]); 711 ASSERT_EQ('2', buf[2]); 712 ASSERT_EQ('3', buf[3]); 713 ASSERT_EQ('4', buf[4]); 714 ASSERT_EQ('\0', buf[5]); 715 ASSERT_EQ('A', buf[6]); 716 ASSERT_EQ('A', buf[7]); 717 ASSERT_EQ('A', buf[8]); 718 ASSERT_EQ('A', buf[9]); 719} 720 721TEST(TEST_NAME, strncat4) { 722 char buf[10]; 723 memset(buf, 'A', sizeof(buf)); 724 buf[9] = '\0'; 725 char* res = __strncat_chk(buf, "", 5, sizeof(buf)); 726 ASSERT_EQ(buf, res); 727 ASSERT_EQ('A', buf[0]); 728 ASSERT_EQ('A', buf[1]); 729 ASSERT_EQ('A', buf[2]); 730 ASSERT_EQ('A', buf[3]); 731 ASSERT_EQ('A', buf[4]); 732 ASSERT_EQ('A', buf[5]); 733 ASSERT_EQ('A', buf[6]); 734 ASSERT_EQ('A', buf[7]); 735 ASSERT_EQ('A', buf[8]); 736 ASSERT_EQ('\0', buf[9]); 737} 738 739TEST(TEST_NAME, strncat5) { 740 char buf[10]; 741 memset(buf, 'A', sizeof(buf)); 742 buf[0] = 'a'; 743 buf[1] = '\0'; 744 char* res = __strncat_chk(buf, "01234567", 8, sizeof(buf)); 745 ASSERT_EQ(buf, res); 746 ASSERT_EQ('a', buf[0]); 747 ASSERT_EQ('0', buf[1]); 748 ASSERT_EQ('1', buf[2]); 749 ASSERT_EQ('2', buf[3]); 750 ASSERT_EQ('3', buf[4]); 751 ASSERT_EQ('4', buf[5]); 752 ASSERT_EQ('5', buf[6]); 753 ASSERT_EQ('6', buf[7]); 754 ASSERT_EQ('7', buf[8]); 755 ASSERT_EQ('\0', buf[9]); 756} 757 758TEST(TEST_NAME, strncat6) { 759 char buf[10]; 760 memset(buf, 'A', sizeof(buf)); 761 buf[0] = 'a'; 762 buf[1] = '\0'; 763 char* res = __strncat_chk(buf, "01234567", 9, sizeof(buf)); 764 ASSERT_EQ(buf, res); 765 ASSERT_EQ('a', buf[0]); 766 ASSERT_EQ('0', buf[1]); 767 ASSERT_EQ('1', buf[2]); 768 ASSERT_EQ('2', buf[3]); 769 ASSERT_EQ('3', buf[4]); 770 ASSERT_EQ('4', buf[5]); 771 ASSERT_EQ('5', buf[6]); 772 ASSERT_EQ('6', buf[7]); 773 ASSERT_EQ('7', buf[8]); 774 ASSERT_EQ('\0', buf[9]); 775} 776 777 778TEST(TEST_NAME, strcat) { 779 char buf[10]; 780 memset(buf, 'A', sizeof(buf)); 781 buf[0] = 'a'; 782 buf[1] = '\0'; 783 char* res = __strcat_chk(buf, "01234", sizeof(buf)); 784 ASSERT_EQ(buf, res); 785 ASSERT_EQ('a', buf[0]); 786 ASSERT_EQ('0', buf[1]); 787 ASSERT_EQ('1', buf[2]); 788 ASSERT_EQ('2', buf[3]); 789 ASSERT_EQ('3', buf[4]); 790 ASSERT_EQ('4', buf[5]); 791 ASSERT_EQ('\0', buf[6]); 792 ASSERT_EQ('A', buf[7]); 793 ASSERT_EQ('A', buf[8]); 794 ASSERT_EQ('A', buf[9]); 795} 796 797TEST(TEST_NAME, strcat2) { 798 char buf[10]; 799 memset(buf, 'A', sizeof(buf)); 800 buf[0] = 'a'; 801 buf[1] = '\0'; 802 char* res = __strcat_chk(buf, "01234567", sizeof(buf)); 803 ASSERT_EQ(buf, res); 804 ASSERT_EQ('a', buf[0]); 805 ASSERT_EQ('0', buf[1]); 806 ASSERT_EQ('1', buf[2]); 807 ASSERT_EQ('2', buf[3]); 808 ASSERT_EQ('3', buf[4]); 809 ASSERT_EQ('4', buf[5]); 810 ASSERT_EQ('5', buf[6]); 811 ASSERT_EQ('6', buf[7]); 812 ASSERT_EQ('7', buf[8]); 813 ASSERT_EQ('\0', buf[9]); 814} 815 816TEST(TEST_NAME, stpncpy) { 817 char src[10]; 818 char dst[10]; 819 memcpy(src, "0123456789", sizeof(src)); // non null terminated string 820 stpncpy(dst, src, sizeof(dst)); 821 ASSERT_EQ('0', dst[0]); 822 ASSERT_EQ('1', dst[1]); 823 ASSERT_EQ('2', dst[2]); 824 ASSERT_EQ('3', dst[3]); 825 ASSERT_EQ('4', dst[4]); 826 ASSERT_EQ('5', dst[5]); 827 ASSERT_EQ('6', dst[6]); 828 ASSERT_EQ('7', dst[7]); 829 ASSERT_EQ('8', dst[8]); 830 ASSERT_EQ('9', dst[9]); 831} 832 833TEST(TEST_NAME, stpncpy2) { 834 char src[10]; 835 char dst[15]; 836 memcpy(src, "012345678\0", sizeof(src)); 837 stpncpy(dst, src, sizeof(dst)); 838 ASSERT_EQ('0', dst[0]); 839 ASSERT_EQ('1', dst[1]); 840 ASSERT_EQ('2', dst[2]); 841 ASSERT_EQ('3', dst[3]); 842 ASSERT_EQ('4', dst[4]); 843 ASSERT_EQ('5', dst[5]); 844 ASSERT_EQ('6', dst[6]); 845 ASSERT_EQ('7', dst[7]); 846 ASSERT_EQ('8', dst[8]); 847 ASSERT_EQ('\0', dst[9]); 848 ASSERT_EQ('\0', dst[10]); 849 ASSERT_EQ('\0', dst[11]); 850 ASSERT_EQ('\0', dst[12]); 851 ASSERT_EQ('\0', dst[13]); 852 ASSERT_EQ('\0', dst[14]); 853} 854 855TEST(TEST_NAME, strncpy) { 856 char src[10]; 857 char dst[10]; 858 memcpy(src, "0123456789", sizeof(src)); // non null terminated string 859 strncpy(dst, src, sizeof(dst)); 860 ASSERT_EQ('0', dst[0]); 861 ASSERT_EQ('1', dst[1]); 862 ASSERT_EQ('2', dst[2]); 863 ASSERT_EQ('3', dst[3]); 864 ASSERT_EQ('4', dst[4]); 865 ASSERT_EQ('5', dst[5]); 866 ASSERT_EQ('6', dst[6]); 867 ASSERT_EQ('7', dst[7]); 868 ASSERT_EQ('8', dst[8]); 869 ASSERT_EQ('9', dst[9]); 870} 871 872TEST(TEST_NAME, strncpy2) { 873 char src[10]; 874 char dst[15]; 875 memcpy(src, "012345678\0", sizeof(src)); 876 strncpy(dst, src, sizeof(dst)); 877 ASSERT_EQ('0', dst[0]); 878 ASSERT_EQ('1', dst[1]); 879 ASSERT_EQ('2', dst[2]); 880 ASSERT_EQ('3', dst[3]); 881 ASSERT_EQ('4', dst[4]); 882 ASSERT_EQ('5', dst[5]); 883 ASSERT_EQ('6', dst[6]); 884 ASSERT_EQ('7', dst[7]); 885 ASSERT_EQ('8', dst[8]); 886 ASSERT_EQ('\0', dst[9]); 887 ASSERT_EQ('\0', dst[10]); 888 ASSERT_EQ('\0', dst[11]); 889 ASSERT_EQ('\0', dst[12]); 890 ASSERT_EQ('\0', dst[13]); 891 ASSERT_EQ('\0', dst[14]); 892} 893 894TEST(TEST_NAME, strcat_chk_max_int_size) { 895 char buf[10]; 896 memset(buf, 'A', sizeof(buf)); 897 buf[0] = 'a'; 898 buf[1] = '\0'; 899 char* res = __strcat_chk(buf, "01234567", (size_t)-1); 900 ASSERT_EQ(buf, res); 901 ASSERT_EQ('a', buf[0]); 902 ASSERT_EQ('0', buf[1]); 903 ASSERT_EQ('1', buf[2]); 904 ASSERT_EQ('2', buf[3]); 905 ASSERT_EQ('3', buf[4]); 906 ASSERT_EQ('4', buf[5]); 907 ASSERT_EQ('5', buf[6]); 908 ASSERT_EQ('6', buf[7]); 909 ASSERT_EQ('7', buf[8]); 910 ASSERT_EQ('\0', buf[9]); 911} 912 913extern "C" char* __stpcpy_chk(char*, const char*, size_t); 914 915TEST(TEST_NAME, stpcpy_chk_max_int_size) { 916 char buf[10]; 917 char* res = __stpcpy_chk(buf, "012345678", (size_t)-1); 918 ASSERT_EQ(buf + strlen("012345678"), res); 919 ASSERT_STREQ("012345678", buf); 920} 921 922extern "C" char* __strcpy_chk(char*, const char*, size_t); 923 924TEST(TEST_NAME, strcpy_chk_max_int_size) { 925 char buf[10]; 926 char* res = __strcpy_chk(buf, "012345678", (size_t)-1); 927 ASSERT_EQ(buf, res); 928 ASSERT_STREQ("012345678", buf); 929} 930 931extern "C" void* __memcpy_chk(void*, const void*, size_t, size_t); 932 933TEST(TEST_NAME, memcpy_chk_max_int_size) { 934 char buf[10]; 935 void* res = __memcpy_chk(buf, "012345678", sizeof(buf), (size_t)-1); 936 ASSERT_EQ((void*)buf, res); 937 ASSERT_EQ('0', buf[0]); 938 ASSERT_EQ('1', buf[1]); 939 ASSERT_EQ('2', buf[2]); 940 ASSERT_EQ('3', buf[3]); 941 ASSERT_EQ('4', buf[4]); 942 ASSERT_EQ('5', buf[5]); 943 ASSERT_EQ('6', buf[6]); 944 ASSERT_EQ('7', buf[7]); 945 ASSERT_EQ('8', buf[8]); 946 ASSERT_EQ('\0', buf[9]); 947} 948 949// Verify that macro expansion is done properly for sprintf/snprintf (which 950// are defined as macros in stdio.h under clang). 951#define CONTENTS "macro expansion" 952#define BUF_AND_SIZE(A) A, sizeof(A) 953#define BUF_AND_CONTENTS(A) A, CONTENTS 954#define BUF_AND_SIZE_AND_CONTENTS(A) A, sizeof(A), CONTENTS 955TEST(TEST_NAME, s_n_printf_macro_expansion) { 956 char buf[BUFSIZ]; 957 snprintf(BUF_AND_SIZE(buf), CONTENTS); 958 EXPECT_STREQ(CONTENTS, buf); 959 960 snprintf(BUF_AND_SIZE_AND_CONTENTS(buf)); 961 EXPECT_STREQ(CONTENTS, buf); 962 963 sprintf(BUF_AND_CONTENTS(buf)); 964 EXPECT_STREQ(CONTENTS, buf); 965} 966 967TEST_F(DEATHTEST, poll_fortified) { 968 nfds_t fd_count = atoi("2"); // suppress compiler optimizations 969 pollfd buf[1] = {{0, POLLIN, 0}}; 970 // Set timeout to zero to prevent waiting in poll when fortify test fails. 971 ASSERT_FORTIFY(poll(buf, fd_count, 0)); 972} 973 974TEST_F(DEATHTEST, ppoll_fortified) { 975 nfds_t fd_count = atoi("2"); // suppress compiler optimizations 976 pollfd buf[1] = {{0, POLLIN, 0}}; 977 // Set timeout to zero to prevent waiting in ppoll when fortify test fails. 978 timespec timeout; 979 timeout.tv_sec = timeout.tv_nsec = 0; 980 ASSERT_FORTIFY(ppoll(buf, fd_count, &timeout, NULL)); 981} 982