Use alloc_size attribute on *alloc functions
malloc and family were not declared with __attribute__((alloc_size)).
This was (sometimes) preventing FORTIFY_SOURCE related functions
from knowing the size of the buffer it's dealing with, inhibiting
FORTIFY_SOURCE protections.
Add __attribute__((alloc_size))
Information about the alloc_size attribute can be found
at http://gcc.gnu.org/onlinedocs/gcc/Function-Attributes.html
Change-Id: Ia2f0a445f0170a7325f69259b5e7fb35a9f14921
diff --git a/tests/fortify_test.cpp b/tests/fortify_test.cpp
index 4ea868b..b131fbe 100644
--- a/tests/fortify_test.cpp
+++ b/tests/fortify_test.cpp
@@ -20,6 +20,7 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/socket.h>
+#include <malloc.h>
// We have to say "DeathTest" here so gtest knows to run this test (which exits)
// in its own process. Unfortunately, the C preprocessor doesn't give us an
@@ -395,6 +396,19 @@
ASSERT_EXIT(sprintf(buf, "%s", source_buf), testing::KilledBySignal(SIGABRT), "");
}
+#ifndef __clang__
+// This test is disabled in clang because clang doesn't properly detect
+// this buffer overflow. TODO: Fix clang.
+TEST(DEATHTEST, sprintf_malloc_fortified) {
+ ::testing::FLAGS_gtest_death_test_style = "threadsafe";
+ char* buf = (char *) malloc(10);
+ char source_buf[11];
+ memcpy(source_buf, "1234567890", 11);
+ ASSERT_EXIT(sprintf(buf, "%s", source_buf), testing::KilledBySignal(SIGABRT), "");
+ free(buf);
+}
+#endif
+
TEST(DEATHTEST, sprintf2_fortified) {
::testing::FLAGS_gtest_death_test_style = "threadsafe";
char buf[5];