Gitiles
Code Review Sign In
gerrit.omnirom.org / android_bionic / f68dcbe0930b38db2a0909934f64175b1c51745a / . / tests / fortify_test.cpp
blob: 4ffd5f92c39295ca071182cccd5f5abcb25ef0af [file] [log] [blame]
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]1/*
2 * Copyright (C) 2013 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
Dan Albertf68dcbe2016-02-02 17:13:03 -0800[diff] [blame^]17// -Werror is on whether we like it or not, and we're intentionally doing awful
18// things in this file. GCC is dumb and doesn't have a specific error class for
19// the fortify failures (it's just -Werror), so we can't use anything more
20// constrained than disabling all the warnings in the file :( It also won't let
21// us use system_header in a .cpp file, so we have to #include this from
22// fortify_test_main.cpp.
23#pragma GCC system_header
24
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]25#include <gtest/gtest.h>
Yabin Cui9df70402014-11-05 18:01:01 -0800[diff] [blame]26#include "BionicDeathTest.h"
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]27
Yabin Cui9df70402014-11-05 18:01:01 -0800[diff] [blame]28#include <fcntl.h>
29#include <malloc.h>
Elliott Hughes4674e382015-02-02 09:15:19 -0800[diff] [blame]30#include <poll.h>
Yabin Cui9df70402014-11-05 18:01:01 -0800[diff] [blame]31#include <signal.h>
32#include <stdarg.h>
33#include <string.h>
34#include <sys/socket.h>
35#include <sys/stat.h>
36#include <sys/types.h>
Yabin Cuif4fe6932015-02-03 17:52:32 -0800[diff] [blame]37#include <time.h>
Yabin Cui9df70402014-11-05 18:01:01 -0800[diff] [blame]38
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]39#if __BIONIC__
40#define ASSERT_FORTIFY(expr) ASSERT_EXIT(expr, testing::KilledBySignal(SIGABRT), "FORTIFY")
41#else
42#define ASSERT_FORTIFY(expr) ASSERT_EXIT(expr, testing::KilledBySignal(SIGABRT), "")
43#endif
44
Yabin Cui9df70402014-11-05 18:01:01 -0800[diff] [blame]45// Fortify test code needs to run multiple times, so TEST_NAME macro is used to
46// distinguish different tests. TEST_NAME is defined in compilation command.
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]47#define DEATHTEST_PASTER(name) name##_DeathTest
48#define DEATHTEST_EVALUATOR(name) DEATHTEST_PASTER(name)
49#define DEATHTEST DEATHTEST_EVALUATOR(TEST_NAME)
50
Yabin Cui9df70402014-11-05 18:01:01 -0800[diff] [blame]51class DEATHTEST : public BionicDeathTest {};
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]52
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]53#if defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE == 2
54struct foo {
55 char empty[0];
56 char one[1];
57 char a[10];
58 char b[10];
59};
60
61#ifndef __clang__
62// This test is disabled in clang because clang doesn't properly detect
63// this buffer overflow. TODO: Fix clang.
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]64TEST_F(DEATHTEST, stpncpy_fortified2) {
Christopher Ferris950a58e2014-04-04 14:38:18 -0700[diff] [blame]65 foo myfoo;
66 int copy_amt = atoi("11");
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]67 ASSERT_FORTIFY(stpncpy(myfoo.a, "01234567890", copy_amt));
Christopher Ferris950a58e2014-04-04 14:38:18 -0700[diff] [blame]68}
69#endif
70
71#ifndef __clang__
72// This test is disabled in clang because clang doesn't properly detect
73// this buffer overflow. TODO: Fix clang.
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]74TEST_F(DEATHTEST, stpncpy2_fortified2) {
Christopher Ferris950a58e2014-04-04 14:38:18 -0700[diff] [blame]75 foo myfoo;
76 memset(&myfoo, 0, sizeof(myfoo));
77 myfoo.one[0] = 'A'; // not null terminated string
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]78 ASSERT_FORTIFY(stpncpy(myfoo.b, myfoo.one, sizeof(myfoo.b)));
Christopher Ferris950a58e2014-04-04 14:38:18 -0700[diff] [blame]79}
80#endif
81
82#ifndef __clang__
83// This test is disabled in clang because clang doesn't properly detect
84// this buffer overflow. TODO: Fix clang.
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]85TEST_F(DEATHTEST, strncpy_fortified2) {
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]86 foo myfoo;
87 int copy_amt = atoi("11");
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]88 ASSERT_FORTIFY(strncpy(myfoo.a, "01234567890", copy_amt));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]89}
90#endif
91
92#ifndef __clang__
93// This test is disabled in clang because clang doesn't properly detect
94// this buffer overflow. TODO: Fix clang.
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]95TEST_F(DEATHTEST, strncpy2_fortified2) {
Nick Kralevich93501d32013-08-28 10:47:43 -0700[diff] [blame]96 foo myfoo;
97 memset(&myfoo, 0, sizeof(myfoo));
98 myfoo.one[0] = 'A'; // not null terminated string
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]99 ASSERT_FORTIFY(strncpy(myfoo.b, myfoo.one, sizeof(myfoo.b)));
Nick Kralevich93501d32013-08-28 10:47:43 -0700[diff] [blame]100}
101#endif
102
103#ifndef __clang__
104// This test is disabled in clang because clang doesn't properly detect
105// this buffer overflow. TODO: Fix clang.
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]106TEST_F(DEATHTEST, sprintf_fortified2) {
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]107 foo myfoo;
108 char source_buf[15];
109 memcpy(source_buf, "12345678901234", 15);
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]110 ASSERT_FORTIFY(sprintf(myfoo.a, "%s", source_buf));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]111}
112#endif
113
114#ifndef __clang__
Nick Kralevich884a3de2014-10-06 00:39:47 +0000[diff] [blame]115// This test is disabled in clang because clang doesn't properly detect
116// this buffer overflow. TODO: Fix clang.
117TEST_F(DEATHTEST, sprintf2_fortified2) {
Nick Kralevich884a3de2014-10-06 00:39:47 +0000[diff] [blame]118 foo myfoo;
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]119 ASSERT_FORTIFY(sprintf(myfoo.a, "0123456789"));
Nick Kralevich884a3de2014-10-06 00:39:47 +0000[diff] [blame]120}
121#endif
122
123#ifndef __clang__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]124// These tests are disabled in clang because clang doesn't properly detect
125// this buffer overflow. TODO: Fix clang.
126static int vsprintf_helper2(const char *fmt, ...) {
127 foo myfoo;
128 va_list va;
129 int result;
130
131 va_start(va, fmt);
132 result = vsprintf(myfoo.a, fmt, va); // should crash here
133 va_end(va);
134 return result;
135}
136
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]137TEST_F(DEATHTEST, vsprintf_fortified2) {
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]138 ASSERT_FORTIFY(vsprintf_helper2("%s", "0123456789"));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]139}
140
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]141TEST_F(DEATHTEST, vsprintf2_fortified2) {
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]142 ASSERT_FORTIFY(vsprintf_helper2("0123456789"));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]143}
144#endif
145
146#ifndef __clang__
147// These tests are disabled in clang because clang doesn't properly detect
148// this buffer overflow. TODO: Fix clang.
149static int vsnprintf_helper2(const char *fmt, ...) {
150 foo myfoo;
151 va_list va;
152 int result;
153 size_t size = atoi("11");
154
155 va_start(va, fmt);
156 result = vsnprintf(myfoo.a, size, fmt, va); // should crash here
157 va_end(va);
158 return result;
159}
160
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]161TEST_F(DEATHTEST, vsnprintf_fortified2) {
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]162 ASSERT_FORTIFY(vsnprintf_helper2("%s", "0123456789"));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]163}
164
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]165TEST_F(DEATHTEST, vsnprintf2_fortified2) {
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]166 ASSERT_FORTIFY(vsnprintf_helper2("0123456789"));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]167}
168#endif
169
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]170#ifndef __clang__
171// zero sized target with "\0" source (should fail)
172// This test is disabled in clang because clang doesn't properly detect
173// this buffer overflow. TODO: Fix clang.
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]174TEST_F(DEATHTEST, stpcpy_fortified2) {
Christopher Ferris950a58e2014-04-04 14:38:18 -0700[diff] [blame]175#if defined(__BIONIC__)
Christopher Ferris950a58e2014-04-04 14:38:18 -0700[diff] [blame]176 foo myfoo;
177 char* src = strdup("");
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]178 ASSERT_FORTIFY(stpcpy(myfoo.empty, src));
Christopher Ferris950a58e2014-04-04 14:38:18 -0700[diff] [blame]179 free(src);
180#else // __BIONIC__
181 GTEST_LOG_(INFO) << "This test does nothing.\n";
182#endif // __BIONIC__
183}
184#endif
185
186#ifndef __clang__
187// zero sized target with "\0" source (should fail)
188// This test is disabled in clang because clang doesn't properly detect
189// this buffer overflow. TODO: Fix clang.
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]190TEST_F(DEATHTEST, strcpy_fortified2) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]191#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]192 foo myfoo;
193 char* src = strdup("");
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]194 ASSERT_FORTIFY(strcpy(myfoo.empty, src));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]195 free(src);
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]196#else // __BIONIC__
197 GTEST_LOG_(INFO) << "This test does nothing.\n";
198#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]199}
200#endif
201
202#ifndef __clang__
203// zero sized target with longer source (should fail)
204// This test is disabled in clang because clang doesn't properly detect
205// this buffer overflow. TODO: Fix clang.
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]206TEST_F(DEATHTEST, strcpy2_fortified2) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]207#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]208 foo myfoo;
209 char* src = strdup("1");
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]210 ASSERT_FORTIFY(strcpy(myfoo.empty, src));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]211 free(src);
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]212#else // __BIONIC__
213 GTEST_LOG_(INFO) << "This test does nothing.\n";
214#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]215}
216#endif
217
218#ifndef __clang__
219// one byte target with longer source (should fail)
220// This test is disabled in clang because clang doesn't properly detect
221// this buffer overflow. TODO: Fix clang.
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]222TEST_F(DEATHTEST, strcpy3_fortified2) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]223#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]224 foo myfoo;
225 char* src = strdup("12");
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]226 ASSERT_FORTIFY(strcpy(myfoo.one, src));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]227 free(src);
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]228#else // __BIONIC__
229 GTEST_LOG_(INFO) << "This test does nothing.\n";
230#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]231}
232#endif
233
234#ifndef __clang__
235// This test is disabled in clang because clang doesn't properly detect
236// this buffer overflow. TODO: Fix clang.
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]237TEST_F(DEATHTEST, strchr_fortified2) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]238#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]239 foo myfoo;
240 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a));
241 myfoo.b[0] = '\0';
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]242 ASSERT_FORTIFY(printf("%s", strchr(myfoo.a, 'a')));
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]243#else // __BIONIC__
244 GTEST_LOG_(INFO) << "This test does nothing.\n";
245#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]246}
247#endif
248
249#ifndef __clang__
250// This test is disabled in clang because clang doesn't properly detect
251// this buffer overflow. TODO: Fix clang.
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]252TEST_F(DEATHTEST, strrchr_fortified2) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]253#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]254 foo myfoo;
255 memcpy(myfoo.a, "0123456789", 10);
256 memcpy(myfoo.b, "01234", 6);
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]257 ASSERT_FORTIFY(printf("%s", strrchr(myfoo.a, 'a')));
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]258#else // __BIONIC__
259 GTEST_LOG_(INFO) << "This test does nothing.\n";
260#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]261}
262#endif
263
264#ifndef __clang__
265// This test is disabled in clang because clang doesn't properly detect
266// this buffer overflow. TODO: Fix clang.
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]267TEST_F(DEATHTEST, strlcpy_fortified2) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]268#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]269 foo myfoo;
270 strcpy(myfoo.a, "01");
271 size_t n = strlen(myfoo.a);
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]272 ASSERT_FORTIFY(strlcpy(myfoo.one, myfoo.a, n));
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]273#else // __BIONIC__
274 GTEST_LOG_(INFO) << "This test does nothing.\n";
275#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]276}
277#endif
278
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]279#ifndef __clang__
280// This test is disabled in clang because clang doesn't properly detect
281// this buffer overflow. TODO: Fix clang.
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]282TEST_F(DEATHTEST, strlcat_fortified2) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]283#if defined(__BIONIC__)
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]284 foo myfoo;
285 strcpy(myfoo.a, "01");
286 myfoo.one[0] = '\0';
287 size_t n = strlen(myfoo.a);
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]288 ASSERT_FORTIFY(strlcat(myfoo.one, myfoo.a, n));
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]289#else // __BIONIC__
290 GTEST_LOG_(INFO) << "This test does nothing.\n";
291#endif // __BIONIC__
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]292}
293#endif
294
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]295#ifndef __clang__
296// This test is disabled in clang because clang doesn't properly detect
297// this buffer overflow. TODO: Fix clang.
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]298TEST_F(DEATHTEST, strncat_fortified2) {
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]299 foo myfoo;
300 size_t n = atoi("10"); // avoid compiler optimizations
301 strncpy(myfoo.a, "012345678", n);
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]302 ASSERT_FORTIFY(strncat(myfoo.a, "9", n));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]303}
304#endif
305
306#ifndef __clang__
307// This test is disabled in clang because clang doesn't properly detect
308// this buffer overflow. TODO: Fix clang.
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]309TEST_F(DEATHTEST, strncat2_fortified2) {
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]310 foo myfoo;
311 myfoo.a[0] = '\0';
312 size_t n = atoi("10"); // avoid compiler optimizations
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]313 ASSERT_FORTIFY(strncat(myfoo.a, "0123456789", n));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]314}
315#endif
316
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]317TEST_F(DEATHTEST, strncat3_fortified2) {
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]318 foo myfoo;
319 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a)); // unterminated string
320 myfoo.b[0] = '\0';
321 size_t n = atoi("10"); // avoid compiler optimizations
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]322 ASSERT_FORTIFY(strncat(myfoo.b, myfoo.a, n));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]323}
324
325#ifndef __clang__
326// This test is disabled in clang because clang doesn't properly detect
327// this buffer overflow. TODO: Fix clang.
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]328TEST_F(DEATHTEST, strcat_fortified2) {
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]329 char src[11];
330 strcpy(src, "0123456789");
331 foo myfoo;
332 myfoo.a[0] = '\0';
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]333 ASSERT_FORTIFY(strcat(myfoo.a, src));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]334}
335#endif
336
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]337TEST_F(DEATHTEST, strcat2_fortified2) {
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]338 foo myfoo;
339 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a)); // unterminated string
340 myfoo.b[0] = '\0';
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]341 ASSERT_FORTIFY(strcat(myfoo.b, myfoo.a));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]342}
343
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]344TEST_F(DEATHTEST, snprintf_fortified2) {
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]345 foo myfoo;
346 strcpy(myfoo.a, "012345678");
347 size_t n = strlen(myfoo.a) + 2;
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]348 ASSERT_FORTIFY(snprintf(myfoo.b, n, "a%s", myfoo.a));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]349}
350
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]351TEST_F(DEATHTEST, bzero_fortified2) {
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]352 foo myfoo;
353 memcpy(myfoo.b, "0123456789", sizeof(myfoo.b));
354 size_t n = atoi("11");
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]355 ASSERT_FORTIFY(bzero(myfoo.b, n));
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]356}
357
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]358#endif /* defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE=2 */
359
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]360// multibyte target where we over fill (should fail)
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]361TEST_F(DEATHTEST, strcpy_fortified) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]362#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]363 char buf[10];
364 char *orig = strdup("0123456789");
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]365 ASSERT_FORTIFY(strcpy(buf, orig));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]366 free(orig);
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]367#else // __BIONIC__
368 GTEST_LOG_(INFO) << "This test does nothing.\n";
369#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]370}
371
372// zero sized target with "\0" source (should fail)
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]373TEST_F(DEATHTEST, strcpy2_fortified) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]374#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]375 char buf[0];
376 char *orig = strdup("");
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]377 ASSERT_FORTIFY(strcpy(buf, orig));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]378 free(orig);
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]379#else // __BIONIC__
380 GTEST_LOG_(INFO) << "This test does nothing.\n";
381#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]382}
383
384// zero sized target with longer source (should fail)
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]385TEST_F(DEATHTEST, strcpy3_fortified) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]386#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]387 char buf[0];
388 char *orig = strdup("1");
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]389 ASSERT_FORTIFY(strcpy(buf, orig));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]390 free(orig);
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]391#else // __BIONIC__
392 GTEST_LOG_(INFO) << "This test does nothing.\n";
393#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]394}
395
396// one byte target with longer source (should fail)
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]397TEST_F(DEATHTEST, strcpy4_fortified) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]398#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]399 char buf[1];
400 char *orig = strdup("12");
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]401 ASSERT_FORTIFY(strcpy(buf, orig));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]402 free(orig);
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]403#else // __BIONIC__
404 GTEST_LOG_(INFO) << "This test does nothing.\n";
405#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]406}
407
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]408TEST_F(DEATHTEST, strlen_fortified) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]409#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]410 char buf[10];
411 memcpy(buf, "0123456789", sizeof(buf));
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]412 ASSERT_FORTIFY(printf("%zd", strlen(buf)));
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]413#else // __BIONIC__
414 GTEST_LOG_(INFO) << "This test does nothing.\n";
415#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]416}
417
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]418TEST_F(DEATHTEST, strchr_fortified) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]419#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]420 char buf[10];
421 memcpy(buf, "0123456789", sizeof(buf));
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]422 ASSERT_FORTIFY(printf("%s", strchr(buf, 'a')));
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]423#else // __BIONIC__
424 GTEST_LOG_(INFO) << "This test does nothing.\n";
425#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]426}
427
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]428TEST_F(DEATHTEST, strrchr_fortified) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]429#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]430 char buf[10];
431 memcpy(buf, "0123456789", sizeof(buf));
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]432 ASSERT_FORTIFY(printf("%s", strrchr(buf, 'a')));
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]433#else // __BIONIC__
434 GTEST_LOG_(INFO) << "This test does nothing.\n";
435#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]436}
437
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]438TEST_F(DEATHTEST, strlcpy_fortified) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]439#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]440 char bufa[15];
441 char bufb[10];
442 strcpy(bufa, "01234567890123");
443 size_t n = strlen(bufa);
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]444 ASSERT_FORTIFY(strlcpy(bufb, bufa, n));
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]445#else // __BIONIC__
446 GTEST_LOG_(INFO) << "This test does nothing.\n";
447#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]448}
449
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]450TEST_F(DEATHTEST, strlcat_fortified) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]451#if defined(__BIONIC__)
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]452 char bufa[15];
453 char bufb[10];
454 bufb[0] = '\0';
455 strcpy(bufa, "01234567890123");
456 size_t n = strlen(bufa);
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]457 ASSERT_FORTIFY(strlcat(bufb, bufa, n));
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]458#else // __BIONIC__
459 GTEST_LOG_(INFO) << "This test does nothing.\n";
460#endif // __BIONIC__
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]461}
462
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]463TEST_F(DEATHTEST, sprintf_fortified) {
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]464 char buf[10];
465 char source_buf[15];
466 memcpy(source_buf, "12345678901234", 15);
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]467 ASSERT_FORTIFY(sprintf(buf, "%s", source_buf));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]468}
469
Nick Kralevichb91791d2013-10-02 14:14:40 -0700[diff] [blame]470#ifndef __clang__
471// This test is disabled in clang because clang doesn't properly detect
472// this buffer overflow. TODO: Fix clang.
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]473TEST_F(DEATHTEST, sprintf_malloc_fortified) {
Nick Kralevichb91791d2013-10-02 14:14:40 -0700[diff] [blame]474 char* buf = (char *) malloc(10);
475 char source_buf[11];
476 memcpy(source_buf, "1234567890", 11);
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]477 ASSERT_FORTIFY(sprintf(buf, "%s", source_buf));
Nick Kralevichb91791d2013-10-02 14:14:40 -0700[diff] [blame]478 free(buf);
479}
480#endif
481
Nick Kralevich884a3de2014-10-06 00:39:47 +0000[diff] [blame]482TEST_F(DEATHTEST, sprintf2_fortified) {
Nick Kralevich884a3de2014-10-06 00:39:47 +0000[diff] [blame]483 char buf[5];
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]484 ASSERT_FORTIFY(sprintf(buf, "aaaaa"));
Nick Kralevich884a3de2014-10-06 00:39:47 +0000[diff] [blame]485}
486
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]487static int vsprintf_helper(const char *fmt, ...) {
488 char buf[10];
489 va_list va;
490 int result;
491
492 va_start(va, fmt);
493 result = vsprintf(buf, fmt, va); // should crash here
494 va_end(va);
495 return result;
496}
497
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]498TEST_F(DEATHTEST, vsprintf_fortified) {
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]499 ASSERT_FORTIFY(vsprintf_helper("%s", "0123456789"));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]500}
501
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]502TEST_F(DEATHTEST, vsprintf2_fortified) {
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]503 ASSERT_FORTIFY(vsprintf_helper("0123456789"));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]504}
505
506static int vsnprintf_helper(const char *fmt, ...) {
507 char buf[10];
508 va_list va;
509 int result;
510 size_t size = atoi("11");
511
512 va_start(va, fmt);
513 result = vsnprintf(buf, size, fmt, va); // should crash here
514 va_end(va);
515 return result;
516}
517
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]518TEST_F(DEATHTEST, vsnprintf_fortified) {
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]519 ASSERT_FORTIFY(vsnprintf_helper("%s", "0123456789"));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]520}
521
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]522TEST_F(DEATHTEST, vsnprintf2_fortified) {
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]523 ASSERT_FORTIFY(vsnprintf_helper("0123456789"));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]524}
525
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]526TEST_F(DEATHTEST, strncat_fortified) {
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]527 char buf[10];
528 size_t n = atoi("10"); // avoid compiler optimizations
529 strncpy(buf, "012345678", n);
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]530 ASSERT_FORTIFY(strncat(buf, "9", n));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]531}
532
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]533TEST_F(DEATHTEST, strncat2_fortified) {
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]534 char buf[10];
535 buf[0] = '\0';
536 size_t n = atoi("10"); // avoid compiler optimizations
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]537 ASSERT_FORTIFY(strncat(buf, "0123456789", n));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]538}
539
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]540TEST_F(DEATHTEST, strcat_fortified) {
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]541 char src[11];
542 strcpy(src, "0123456789");
543 char buf[10];
544 buf[0] = '\0';
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]545 ASSERT_FORTIFY(strcat(buf, src));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]546}
547
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]548TEST_F(DEATHTEST, memmove_fortified) {
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]549 char buf[20];
550 strcpy(buf, "0123456789");
551 size_t n = atoi("10");
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]552 ASSERT_FORTIFY(memmove(buf + 11, buf, n));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]553}
554
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]555TEST_F(DEATHTEST, memcpy_fortified) {
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]556 char bufa[10];
557 char bufb[10];
558 strcpy(bufa, "012345678");
559 size_t n = atoi("11");
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]560 ASSERT_FORTIFY(memcpy(bufb, bufa, n));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]561}
562
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]563TEST_F(DEATHTEST, stpncpy_fortified) {
Christopher Ferris950a58e2014-04-04 14:38:18 -0700[diff] [blame]564 char bufa[15];
565 char bufb[10];
566 strcpy(bufa, "01234567890123");
567 size_t n = strlen(bufa);
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]568 ASSERT_FORTIFY(stpncpy(bufb, bufa, n));
Christopher Ferris950a58e2014-04-04 14:38:18 -0700[diff] [blame]569}
570
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]571TEST_F(DEATHTEST, stpncpy2_fortified) {
Christopher Ferris950a58e2014-04-04 14:38:18 -0700[diff] [blame]572 char dest[11];
573 char src[10];
574 memcpy(src, "0123456789", sizeof(src)); // src is not null terminated
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]575 ASSERT_FORTIFY(stpncpy(dest, src, sizeof(dest)));
Christopher Ferris950a58e2014-04-04 14:38:18 -0700[diff] [blame]576}
577
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]578TEST_F(DEATHTEST, strncpy_fortified) {
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]579 char bufa[15];
580 char bufb[10];
581 strcpy(bufa, "01234567890123");
582 size_t n = strlen(bufa);
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]583 ASSERT_FORTIFY(strncpy(bufb, bufa, n));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]584}
585
Christopher Ferris950a58e2014-04-04 14:38:18 -0700[diff] [blame]586
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]587TEST_F(DEATHTEST, strncpy2_fortified) {
Nick Kralevich93501d32013-08-28 10:47:43 -0700[diff] [blame]588 char dest[11];
589 char src[10];
590 memcpy(src, "0123456789", sizeof(src)); // src is not null terminated
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]591 ASSERT_FORTIFY(strncpy(dest, src, sizeof(dest)));
Nick Kralevich93501d32013-08-28 10:47:43 -0700[diff] [blame]592}
593
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]594TEST_F(DEATHTEST, snprintf_fortified) {
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]595 char bufa[15];
596 char bufb[10];
597 strcpy(bufa, "0123456789");
598 size_t n = strlen(bufa) + 1;
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]599 ASSERT_FORTIFY(snprintf(bufb, n, "%s", bufa));
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]600}
601
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]602TEST_F(DEATHTEST, bzero_fortified) {
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]603 char buf[10];
604 memcpy(buf, "0123456789", sizeof(buf));
605 size_t n = atoi("11");
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]606 ASSERT_FORTIFY(bzero(buf, n));
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]607}
608
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]609TEST_F(DEATHTEST, umask_fortified) {
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]610 mode_t mask = atoi("1023"); // 01777 in octal
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]611 ASSERT_FORTIFY(umask(mask));
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]612}
613
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]614TEST_F(DEATHTEST, recv_fortified) {
Nick Kralevich60f4f9a2013-09-24 16:32:07 -0700[diff] [blame]615 size_t data_len = atoi("11"); // suppress compiler optimizations
616 char buf[10];
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]617 ASSERT_FORTIFY(recv(0, buf, data_len, 0));
Nick Kralevich60f4f9a2013-09-24 16:32:07 -0700[diff] [blame]618}
619
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]620TEST_F(DEATHTEST, FD_ISSET_fortified) {
Elliott Hughes063525c2014-05-13 11:19:57 -0700[diff] [blame]621#if defined(__BIONIC__) // glibc catches this at compile-time.
Nick Kralevich90201d52013-10-02 16:11:30 -0700[diff] [blame]622 fd_set set;
623 memset(&set, 0, sizeof(set));
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]624 ASSERT_FORTIFY(FD_ISSET(-1, &set));
Elliott Hughes409588c2014-04-23 23:02:43 -0700[diff] [blame]625#endif
Nick Kralevich90201d52013-10-02 16:11:30 -0700[diff] [blame]626}
627
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]628TEST_F(DEATHTEST, FD_ISSET_2_fortified) {
Nick Kralevich7943df62013-10-03 14:08:39 -0700[diff] [blame]629 char buf[1];
630 fd_set* set = (fd_set*) buf;
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]631 ASSERT_FORTIFY(FD_ISSET(0, set));
Nick Kralevich7943df62013-10-03 14:08:39 -0700[diff] [blame]632}
633
Daniel Micay9101b002015-05-20 15:31:26 -0400[diff] [blame]634TEST_F(DEATHTEST, getcwd_fortified) {
635 char buf[1];
636 size_t ct = atoi("2"); // prevent optimizations
637 ASSERT_FORTIFY(getcwd(buf, ct));
638}
639
Daniel Micaye7e1c872015-04-16 09:07:45 -0400[diff] [blame]640TEST_F(DEATHTEST, pread_fortified) {
641 char buf[1];
642 size_t ct = atoi("2"); // prevent optimizations
643 int fd = open("/dev/null", O_RDONLY);
644 ASSERT_FORTIFY(pread(fd, buf, ct, 0));
645 close(fd);
646}
647
648TEST_F(DEATHTEST, pread64_fortified) {
649 char buf[1];
650 size_t ct = atoi("2"); // prevent optimizations
651 int fd = open("/dev/null", O_RDONLY);
652 ASSERT_FORTIFY(pread64(fd, buf, ct, 0));
653 close(fd);
654}
655
Daniel Micayafdd1542015-07-20 21:37:29 -0400[diff] [blame]656TEST_F(DEATHTEST, pwrite_fortified) {
657 char buf[1] = {0};
658 size_t ct = atoi("2"); // prevent optimizations
659 int fd = open("/dev/null", O_WRONLY);
660 ASSERT_FORTIFY(pwrite(fd, buf, ct, 0));
661 close(fd);
662}
663
664TEST_F(DEATHTEST, pwrite64_fortified) {
665 char buf[1] = {0};
666 size_t ct = atoi("2"); // prevent optimizations
667 int fd = open("/dev/null", O_WRONLY);
668 ASSERT_FORTIFY(pwrite64(fd, buf, ct, 0));
669 close(fd);
670}
671
Nick Kralevichbe0e43b2014-07-23 13:56:23 -0700[diff] [blame]672TEST_F(DEATHTEST, read_fortified) {
Nick Kralevichb036b5c2013-10-09 20:16:34 -0700[diff] [blame]673 char buf[1];
674 size_t ct = atoi("2"); // prevent optimizations
675 int fd = open("/dev/null", O_RDONLY);
Elliott Hughesd036e942015-02-02 11:18:58 -0800[diff] [blame]676 ASSERT_FORTIFY(read(fd, buf, ct));
Nick Kralevichb036b5c2013-10-09 20:16:34 -0700[diff] [blame]677 close(fd);
678}
679
Daniel Micayafdd1542015-07-20 21:37:29 -0400[diff] [blame]680TEST_F(DEATHTEST, write_fortified) {
681 char buf[1] = {0};
682 size_t ct = atoi("2"); // prevent optimizations
683 int fd = open("/dev/null", O_WRONLY);
684 ASSERT_EXIT(write(fd, buf, ct), testing::KilledBySignal(SIGABRT), "");
685 close(fd);
686}
687
Daniel Micayfed26592015-07-18 13:55:51 -0400[diff] [blame]688TEST_F(DEATHTEST, fread_fortified) {
689 char buf[1];
690 size_t ct = atoi("2"); // prevent optimizations
691 FILE* fp = fopen("/dev/null", "r");
692 ASSERT_FORTIFY(fread(buf, 1, ct, fp));
693 fclose(fp);
694}
695
696TEST_F(DEATHTEST, fwrite_fortified) {
697 char buf[1] = {0};
698 size_t ct = atoi("2"); // prevent optimizations
699 FILE* fp = fopen("/dev/null", "w");
700 ASSERT_FORTIFY(fwrite(buf, 1, ct, fp));
701 fclose(fp);
702}
703
Daniel Micay42281882015-04-17 11:26:36 -0400[diff] [blame]704TEST_F(DEATHTEST, readlink_fortified) {
705 char buf[1];
706 size_t ct = atoi("2"); // prevent optimizations
707 ASSERT_FORTIFY(readlink("/dev/null", buf, ct));
708}
709
710TEST_F(DEATHTEST, readlinkat_fortified) {
711 char buf[1];
712 size_t ct = atoi("2"); // prevent optimizations
713 ASSERT_FORTIFY(readlinkat(AT_FDCWD, "/dev/null", buf, ct));
714}
715
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]716extern "C" char* __strncat_chk(char*, const char*, size_t, size_t);
717extern "C" char* __strcat_chk(char*, const char*, size_t);
718
719TEST(TEST_NAME, strncat) {
720 char buf[10];
721 memset(buf, 'A', sizeof(buf));
722 buf[0] = 'a';
723 buf[1] = '\0';
724 char* res = __strncat_chk(buf, "01234", sizeof(buf) - strlen(buf) - 1, sizeof(buf));
725 ASSERT_EQ(buf, res);
726 ASSERT_EQ('a', buf[0]);
727 ASSERT_EQ('0', buf[1]);
728 ASSERT_EQ('1', buf[2]);
729 ASSERT_EQ('2', buf[3]);
730 ASSERT_EQ('3', buf[4]);
731 ASSERT_EQ('4', buf[5]);
732 ASSERT_EQ('\0', buf[6]);
733 ASSERT_EQ('A', buf[7]);
734 ASSERT_EQ('A', buf[8]);
735 ASSERT_EQ('A', buf[9]);
736}
737
738TEST(TEST_NAME, strncat2) {
739 char buf[10];
740 memset(buf, 'A', sizeof(buf));
741 buf[0] = 'a';
742 buf[1] = '\0';
743 char* res = __strncat_chk(buf, "0123456789", 5, sizeof(buf));
744 ASSERT_EQ(buf, res);
745 ASSERT_EQ('a', buf[0]);
746 ASSERT_EQ('0', buf[1]);
747 ASSERT_EQ('1', buf[2]);
748 ASSERT_EQ('2', buf[3]);
749 ASSERT_EQ('3', buf[4]);
750 ASSERT_EQ('4', buf[5]);
751 ASSERT_EQ('\0', buf[6]);
752 ASSERT_EQ('A', buf[7]);
753 ASSERT_EQ('A', buf[8]);
754 ASSERT_EQ('A', buf[9]);
755}
756
757TEST(TEST_NAME, strncat3) {
758 char buf[10];
759 memset(buf, 'A', sizeof(buf));
760 buf[0] = '\0';
761 char* res = __strncat_chk(buf, "0123456789", 5, sizeof(buf));
762 ASSERT_EQ(buf, res);
763 ASSERT_EQ('0', buf[0]);
764 ASSERT_EQ('1', buf[1]);
765 ASSERT_EQ('2', buf[2]);
766 ASSERT_EQ('3', buf[3]);
767 ASSERT_EQ('4', buf[4]);
768 ASSERT_EQ('\0', buf[5]);
769 ASSERT_EQ('A', buf[6]);
770 ASSERT_EQ('A', buf[7]);
771 ASSERT_EQ('A', buf[8]);
772 ASSERT_EQ('A', buf[9]);
773}
774
775TEST(TEST_NAME, strncat4) {
776 char buf[10];
777 memset(buf, 'A', sizeof(buf));
778 buf[9] = '\0';
779 char* res = __strncat_chk(buf, "", 5, sizeof(buf));
780 ASSERT_EQ(buf, res);
781 ASSERT_EQ('A', buf[0]);
782 ASSERT_EQ('A', buf[1]);
783 ASSERT_EQ('A', buf[2]);
784 ASSERT_EQ('A', buf[3]);
785 ASSERT_EQ('A', buf[4]);
786 ASSERT_EQ('A', buf[5]);
787 ASSERT_EQ('A', buf[6]);
788 ASSERT_EQ('A', buf[7]);
789 ASSERT_EQ('A', buf[8]);
790 ASSERT_EQ('\0', buf[9]);
791}
792
793TEST(TEST_NAME, strncat5) {
794 char buf[10];
795 memset(buf, 'A', sizeof(buf));
796 buf[0] = 'a';
797 buf[1] = '\0';
798 char* res = __strncat_chk(buf, "01234567", 8, sizeof(buf));
799 ASSERT_EQ(buf, res);
800 ASSERT_EQ('a', buf[0]);
801 ASSERT_EQ('0', buf[1]);
802 ASSERT_EQ('1', buf[2]);
803 ASSERT_EQ('2', buf[3]);
804 ASSERT_EQ('3', buf[4]);
805 ASSERT_EQ('4', buf[5]);
806 ASSERT_EQ('5', buf[6]);
807 ASSERT_EQ('6', buf[7]);
808 ASSERT_EQ('7', buf[8]);
809 ASSERT_EQ('\0', buf[9]);
810}
811
812TEST(TEST_NAME, strncat6) {
813 char buf[10];
814 memset(buf, 'A', sizeof(buf));
815 buf[0] = 'a';
816 buf[1] = '\0';
817 char* res = __strncat_chk(buf, "01234567", 9, sizeof(buf));
818 ASSERT_EQ(buf, res);
819 ASSERT_EQ('a', buf[0]);
820 ASSERT_EQ('0', buf[1]);
821 ASSERT_EQ('1', buf[2]);
822 ASSERT_EQ('2', buf[3]);
823 ASSERT_EQ('3', buf[4]);
824 ASSERT_EQ('4', buf[5]);
825 ASSERT_EQ('5', buf[6]);
826 ASSERT_EQ('6', buf[7]);
827 ASSERT_EQ('7', buf[8]);
828 ASSERT_EQ('\0', buf[9]);
829}
830
831
832TEST(TEST_NAME, strcat) {
833 char buf[10];
834 memset(buf, 'A', sizeof(buf));
835 buf[0] = 'a';
836 buf[1] = '\0';
837 char* res = __strcat_chk(buf, "01234", sizeof(buf));
838 ASSERT_EQ(buf, res);
839 ASSERT_EQ('a', buf[0]);
840 ASSERT_EQ('0', buf[1]);
841 ASSERT_EQ('1', buf[2]);
842 ASSERT_EQ('2', buf[3]);
843 ASSERT_EQ('3', buf[4]);
844 ASSERT_EQ('4', buf[5]);
845 ASSERT_EQ('\0', buf[6]);
846 ASSERT_EQ('A', buf[7]);
847 ASSERT_EQ('A', buf[8]);
848 ASSERT_EQ('A', buf[9]);
849}
850
851TEST(TEST_NAME, strcat2) {
852 char buf[10];
853 memset(buf, 'A', sizeof(buf));
854 buf[0] = 'a';
855 buf[1] = '\0';
856 char* res = __strcat_chk(buf, "01234567", sizeof(buf));
857 ASSERT_EQ(buf, res);
858 ASSERT_EQ('a', buf[0]);
859 ASSERT_EQ('0', buf[1]);
860 ASSERT_EQ('1', buf[2]);
861 ASSERT_EQ('2', buf[3]);
862 ASSERT_EQ('3', buf[4]);
863 ASSERT_EQ('4', buf[5]);
864 ASSERT_EQ('5', buf[6]);
865 ASSERT_EQ('6', buf[7]);
866 ASSERT_EQ('7', buf[8]);
867 ASSERT_EQ('\0', buf[9]);
868}
Nick Kralevich93501d32013-08-28 10:47:43 -0700[diff] [blame]869
Christopher Ferris950a58e2014-04-04 14:38:18 -0700[diff] [blame]870TEST(TEST_NAME, stpncpy) {
871 char src[10];
872 char dst[10];
873 memcpy(src, "0123456789", sizeof(src)); // non null terminated string
874 stpncpy(dst, src, sizeof(dst));
875 ASSERT_EQ('0', dst[0]);
876 ASSERT_EQ('1', dst[1]);
877 ASSERT_EQ('2', dst[2]);
878 ASSERT_EQ('3', dst[3]);
879 ASSERT_EQ('4', dst[4]);
880 ASSERT_EQ('5', dst[5]);
881 ASSERT_EQ('6', dst[6]);
882 ASSERT_EQ('7', dst[7]);
883 ASSERT_EQ('8', dst[8]);
884 ASSERT_EQ('9', dst[9]);
885}
886
887TEST(TEST_NAME, stpncpy2) {
888 char src[10];
889 char dst[15];
890 memcpy(src, "012345678\0", sizeof(src));
891 stpncpy(dst, src, sizeof(dst));
892 ASSERT_EQ('0', dst[0]);
893 ASSERT_EQ('1', dst[1]);
894 ASSERT_EQ('2', dst[2]);
895 ASSERT_EQ('3', dst[3]);
896 ASSERT_EQ('4', dst[4]);
897 ASSERT_EQ('5', dst[5]);
898 ASSERT_EQ('6', dst[6]);
899 ASSERT_EQ('7', dst[7]);
900 ASSERT_EQ('8', dst[8]);
901 ASSERT_EQ('\0', dst[9]);
902 ASSERT_EQ('\0', dst[10]);
903 ASSERT_EQ('\0', dst[11]);
904 ASSERT_EQ('\0', dst[12]);
905 ASSERT_EQ('\0', dst[13]);
906 ASSERT_EQ('\0', dst[14]);
907}
908
Nick Kralevich93501d32013-08-28 10:47:43 -0700[diff] [blame]909TEST(TEST_NAME, strncpy) {
910 char src[10];
911 char dst[10];
912 memcpy(src, "0123456789", sizeof(src)); // non null terminated string
913 strncpy(dst, src, sizeof(dst));
914 ASSERT_EQ('0', dst[0]);
915 ASSERT_EQ('1', dst[1]);
916 ASSERT_EQ('2', dst[2]);
917 ASSERT_EQ('3', dst[3]);
918 ASSERT_EQ('4', dst[4]);
919 ASSERT_EQ('5', dst[5]);
920 ASSERT_EQ('6', dst[6]);
921 ASSERT_EQ('7', dst[7]);
922 ASSERT_EQ('8', dst[8]);
923 ASSERT_EQ('9', dst[9]);
924}
925
926TEST(TEST_NAME, strncpy2) {
927 char src[10];
928 char dst[15];
929 memcpy(src, "012345678\0", sizeof(src));
930 strncpy(dst, src, sizeof(dst));
931 ASSERT_EQ('0', dst[0]);
932 ASSERT_EQ('1', dst[1]);
933 ASSERT_EQ('2', dst[2]);
934 ASSERT_EQ('3', dst[3]);
935 ASSERT_EQ('4', dst[4]);
936 ASSERT_EQ('5', dst[5]);
937 ASSERT_EQ('6', dst[6]);
938 ASSERT_EQ('7', dst[7]);
939 ASSERT_EQ('8', dst[8]);
940 ASSERT_EQ('\0', dst[9]);
941 ASSERT_EQ('\0', dst[10]);
942 ASSERT_EQ('\0', dst[11]);
943 ASSERT_EQ('\0', dst[12]);
944 ASSERT_EQ('\0', dst[13]);
945 ASSERT_EQ('\0', dst[14]);
946}
Christopher Ferris16e185c2013-09-10 16:56:34 -0700[diff] [blame]947
948TEST(TEST_NAME, strcat_chk_max_int_size) {
949 char buf[10];
950 memset(buf, 'A', sizeof(buf));
951 buf[0] = 'a';
952 buf[1] = '\0';
953 char* res = __strcat_chk(buf, "01234567", (size_t)-1);
954 ASSERT_EQ(buf, res);
955 ASSERT_EQ('a', buf[0]);
956 ASSERT_EQ('0', buf[1]);
957 ASSERT_EQ('1', buf[2]);
958 ASSERT_EQ('2', buf[3]);
959 ASSERT_EQ('3', buf[4]);
960 ASSERT_EQ('4', buf[5]);
961 ASSERT_EQ('5', buf[6]);
962 ASSERT_EQ('6', buf[7]);
963 ASSERT_EQ('7', buf[8]);
964 ASSERT_EQ('\0', buf[9]);
965}
966
Christopher Ferris950a58e2014-04-04 14:38:18 -0700[diff] [blame]967extern "C" char* __stpcpy_chk(char*, const char*, size_t);
968
969TEST(TEST_NAME, stpcpy_chk_max_int_size) {
970 char buf[10];
971 char* res = __stpcpy_chk(buf, "012345678", (size_t)-1);
972 ASSERT_EQ(buf + strlen("012345678"), res);
973 ASSERT_STREQ("012345678", buf);
974}
975
Christopher Ferris16e185c2013-09-10 16:56:34 -0700[diff] [blame]976extern "C" char* __strcpy_chk(char*, const char*, size_t);
977
978TEST(TEST_NAME, strcpy_chk_max_int_size) {
979 char buf[10];
980 char* res = __strcpy_chk(buf, "012345678", (size_t)-1);
981 ASSERT_EQ(buf, res);
Christopher Ferris950a58e2014-04-04 14:38:18 -0700[diff] [blame]982 ASSERT_STREQ("012345678", buf);
Christopher Ferris16e185c2013-09-10 16:56:34 -0700[diff] [blame]983}
984
985extern "C" void* __memcpy_chk(void*, const void*, size_t, size_t);
986
987TEST(TEST_NAME, memcpy_chk_max_int_size) {
988 char buf[10];
989 void* res = __memcpy_chk(buf, "012345678", sizeof(buf), (size_t)-1);
990 ASSERT_EQ((void*)buf, res);
991 ASSERT_EQ('0', buf[0]);
992 ASSERT_EQ('1', buf[1]);
993 ASSERT_EQ('2', buf[2]);
994 ASSERT_EQ('3', buf[3]);
995 ASSERT_EQ('4', buf[4]);
996 ASSERT_EQ('5', buf[5]);
997 ASSERT_EQ('6', buf[6]);
998 ASSERT_EQ('7', buf[7]);
999 ASSERT_EQ('8', buf[8]);
1000 ASSERT_EQ('\0', buf[9]);
1001}
Stephen Hines6e380722013-10-11 00:45:24 -0700[diff] [blame]1002
1003// Verify that macro expansion is done properly for sprintf/snprintf (which
1004// are defined as macros in stdio.h under clang).
1005#define CONTENTS "macro expansion"
1006#define BUF_AND_SIZE(A) A, sizeof(A)
1007#define BUF_AND_CONTENTS(A) A, CONTENTS
1008#define BUF_AND_SIZE_AND_CONTENTS(A) A, sizeof(A), CONTENTS
1009TEST(TEST_NAME, s_n_printf_macro_expansion) {
1010 char buf[BUFSIZ];
1011 snprintf(BUF_AND_SIZE(buf), CONTENTS);
1012 EXPECT_STREQ(CONTENTS, buf);
1013
1014 snprintf(BUF_AND_SIZE_AND_CONTENTS(buf));
1015 EXPECT_STREQ(CONTENTS, buf);
1016
1017 sprintf(BUF_AND_CONTENTS(buf));
1018 EXPECT_STREQ(CONTENTS, buf);
1019}
Elliott Hughes4674e382015-02-02 09:15:19 -0800[diff] [blame]1020
1021TEST_F(DEATHTEST, poll_fortified) {
1022 nfds_t fd_count = atoi("2"); // suppress compiler optimizations
1023 pollfd buf[1] = {{0, POLLIN, 0}};
Yabin Cuif4fe6932015-02-03 17:52:32 -0800[diff] [blame]1024 // Set timeout to zero to prevent waiting in poll when fortify test fails.
1025 ASSERT_FORTIFY(poll(buf, fd_count, 0));
Elliott Hughes4674e382015-02-02 09:15:19 -0800[diff] [blame]1026}
1027
1028TEST_F(DEATHTEST, ppoll_fortified) {
1029 nfds_t fd_count = atoi("2"); // suppress compiler optimizations
1030 pollfd buf[1] = {{0, POLLIN, 0}};
Yabin Cuif4fe6932015-02-03 17:52:32 -0800[diff] [blame]1031 // Set timeout to zero to prevent waiting in ppoll when fortify test fails.
1032 timespec timeout;
1033 timeout.tv_sec = timeout.tv_nsec = 0;
1034 ASSERT_FORTIFY(ppoll(buf, fd_count, &timeout, NULL));
Elliott Hughes4674e382015-02-02 09:15:19 -0800[diff] [blame]1035}