Gitiles
Code Review Sign In
review.blissroms.org / platform_bionic / 5f149f1bdef31d198c0e84fd8c904204d263e825 / . / tests / fortify_test.cpp
blob: 67e197e6bdca00200838e637660021c46724ad20 [file] [log] [blame]
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]1/*
2 * Copyright (C) 2013 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include <gtest/gtest.h>
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]18#include <signal.h>
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]19#include <string.h>
20#include <stdarg.h>
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]21#include <sys/types.h>
22#include <sys/stat.h>
Nick Kralevich60f4f9a2013-09-24 16:32:07 -0700[diff] [blame]23#include <sys/socket.h>
Nick Kralevichb91791d2013-10-02 14:14:40 -0700[diff] [blame]24#include <malloc.h>
Nick Kralevichb036b5c2013-10-09 20:16:34 -0700[diff] [blame]25#include <fcntl.h>
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]26
27// We have to say "DeathTest" here so gtest knows to run this test (which exits)
28// in its own process. Unfortunately, the C preprocessor doesn't give us an
29// easy way to concatenate strings, so we need to use the complicated method
30// below. *sigh*
31#define DEATHTEST_PASTER(name) name##_DeathTest
32#define DEATHTEST_EVALUATOR(name) DEATHTEST_PASTER(name)
33#define DEATHTEST DEATHTEST_EVALUATOR(TEST_NAME)
34
35#if defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE == 2
36struct foo {
37 char empty[0];
38 char one[1];
39 char a[10];
40 char b[10];
41};
42
43#ifndef __clang__
44// This test is disabled in clang because clang doesn't properly detect
45// this buffer overflow. TODO: Fix clang.
46TEST(DEATHTEST, strncpy_fortified2) {
47 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
48 foo myfoo;
49 int copy_amt = atoi("11");
50 ASSERT_EXIT(strncpy(myfoo.a, "01234567890", copy_amt),
51 testing::KilledBySignal(SIGABRT), "");
52}
53#endif
54
55#ifndef __clang__
56// This test is disabled in clang because clang doesn't properly detect
57// this buffer overflow. TODO: Fix clang.
Nick Kralevich93501d32013-08-28 10:47:43 -0700[diff] [blame]58TEST(DEATHTEST, strncpy2_fortified2) {
59 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
60 foo myfoo;
61 memset(&myfoo, 0, sizeof(myfoo));
62 myfoo.one[0] = 'A'; // not null terminated string
63 ASSERT_EXIT(strncpy(myfoo.b, myfoo.one, sizeof(myfoo.b)),
64 testing::KilledBySignal(SIGABRT), "");
65}
66#endif
67
68#ifndef __clang__
69// This test is disabled in clang because clang doesn't properly detect
70// this buffer overflow. TODO: Fix clang.
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]71TEST(DEATHTEST, sprintf_fortified2) {
72 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
73 foo myfoo;
74 char source_buf[15];
75 memcpy(source_buf, "12345678901234", 15);
76 ASSERT_EXIT(sprintf(myfoo.a, "%s", source_buf),
77 testing::KilledBySignal(SIGABRT), "");
78}
79#endif
80
81#ifndef __clang__
82// This test is disabled in clang because clang doesn't properly detect
83// this buffer overflow. TODO: Fix clang.
84TEST(DEATHTEST, sprintf2_fortified2) {
85 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
86 foo myfoo;
87 ASSERT_EXIT(sprintf(myfoo.a, "0123456789"),
88 testing::KilledBySignal(SIGABRT), "");
89}
90#endif
91
92#ifndef __clang__
93// These tests are disabled in clang because clang doesn't properly detect
94// this buffer overflow. TODO: Fix clang.
95static int vsprintf_helper2(const char *fmt, ...) {
96 foo myfoo;
97 va_list va;
98 int result;
99
100 va_start(va, fmt);
101 result = vsprintf(myfoo.a, fmt, va); // should crash here
102 va_end(va);
103 return result;
104}
105
106TEST(DEATHTEST, vsprintf_fortified2) {
107 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
108 ASSERT_EXIT(vsprintf_helper2("%s", "0123456789"), testing::KilledBySignal(SIGABRT), "");
109}
110
111TEST(DEATHTEST, vsprintf2_fortified2) {
112 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
113 ASSERT_EXIT(vsprintf_helper2("0123456789"), testing::KilledBySignal(SIGABRT), "");
114}
115#endif
116
117#ifndef __clang__
118// These tests are disabled in clang because clang doesn't properly detect
119// this buffer overflow. TODO: Fix clang.
120static int vsnprintf_helper2(const char *fmt, ...) {
121 foo myfoo;
122 va_list va;
123 int result;
124 size_t size = atoi("11");
125
126 va_start(va, fmt);
127 result = vsnprintf(myfoo.a, size, fmt, va); // should crash here
128 va_end(va);
129 return result;
130}
131
132TEST(DEATHTEST, vsnprintf_fortified2) {
133 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
134 ASSERT_EXIT(vsnprintf_helper2("%s", "0123456789"), testing::KilledBySignal(SIGABRT), "");
135}
136
137TEST(DEATHTEST, vsnprintf2_fortified2) {
138 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
139 ASSERT_EXIT(vsnprintf_helper2("0123456789"), testing::KilledBySignal(SIGABRT), "");
140}
141#endif
142
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]143#ifndef __clang__
144// zero sized target with "\0" source (should fail)
145// This test is disabled in clang because clang doesn't properly detect
146// this buffer overflow. TODO: Fix clang.
147TEST(DEATHTEST, strcpy_fortified2) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]148#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]149 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
150 foo myfoo;
151 char* src = strdup("");
152 ASSERT_EXIT(strcpy(myfoo.empty, src),
153 testing::KilledBySignal(SIGABRT), "");
154 free(src);
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]155#else // __BIONIC__
156 GTEST_LOG_(INFO) << "This test does nothing.\n";
157#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]158}
159#endif
160
161#ifndef __clang__
162// zero sized target with longer source (should fail)
163// This test is disabled in clang because clang doesn't properly detect
164// this buffer overflow. TODO: Fix clang.
165TEST(DEATHTEST, strcpy2_fortified2) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]166#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]167 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
168 foo myfoo;
169 char* src = strdup("1");
170 ASSERT_EXIT(strcpy(myfoo.empty, src),
171 testing::KilledBySignal(SIGABRT), "");
172 free(src);
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]173#else // __BIONIC__
174 GTEST_LOG_(INFO) << "This test does nothing.\n";
175#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]176}
177#endif
178
179#ifndef __clang__
180// one byte target with longer source (should fail)
181// This test is disabled in clang because clang doesn't properly detect
182// this buffer overflow. TODO: Fix clang.
183TEST(DEATHTEST, strcpy3_fortified2) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]184#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]185 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
186 foo myfoo;
187 char* src = strdup("12");
188 ASSERT_EXIT(strcpy(myfoo.one, src),
189 testing::KilledBySignal(SIGABRT), "");
190 free(src);
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]191#else // __BIONIC__
192 GTEST_LOG_(INFO) << "This test does nothing.\n";
193#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]194}
195#endif
196
197#ifndef __clang__
198// This test is disabled in clang because clang doesn't properly detect
199// this buffer overflow. TODO: Fix clang.
200TEST(DEATHTEST, strchr_fortified2) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]201#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]202 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
203 foo myfoo;
204 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a));
205 myfoo.b[0] = '\0';
206 ASSERT_EXIT(printf("%s", strchr(myfoo.a, 'a')),
207 testing::KilledBySignal(SIGABRT), "");
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]208#else // __BIONIC__
209 GTEST_LOG_(INFO) << "This test does nothing.\n";
210#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]211}
212#endif
213
214#ifndef __clang__
215// This test is disabled in clang because clang doesn't properly detect
216// this buffer overflow. TODO: Fix clang.
217TEST(DEATHTEST, strrchr_fortified2) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]218#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]219 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
220 foo myfoo;
221 memcpy(myfoo.a, "0123456789", 10);
222 memcpy(myfoo.b, "01234", 6);
223 ASSERT_EXIT(printf("%s", strrchr(myfoo.a, 'a')),
224 testing::KilledBySignal(SIGABRT), "");
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]225#else // __BIONIC__
226 GTEST_LOG_(INFO) << "This test does nothing.\n";
227#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]228}
229#endif
230
231#ifndef __clang__
232// This test is disabled in clang because clang doesn't properly detect
233// this buffer overflow. TODO: Fix clang.
234TEST(DEATHTEST, strlcpy_fortified2) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]235#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]236 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
237 foo myfoo;
238 strcpy(myfoo.a, "01");
239 size_t n = strlen(myfoo.a);
240 ASSERT_EXIT(strlcpy(myfoo.one, myfoo.a, n),
241 testing::KilledBySignal(SIGABRT), "");
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]242#else // __BIONIC__
243 GTEST_LOG_(INFO) << "This test does nothing.\n";
244#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]245}
246#endif
247
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]248#ifndef __clang__
249// This test is disabled in clang because clang doesn't properly detect
250// this buffer overflow. TODO: Fix clang.
251TEST(DEATHTEST, strlcat_fortified2) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]252#if defined(__BIONIC__)
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]253 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
254 foo myfoo;
255 strcpy(myfoo.a, "01");
256 myfoo.one[0] = '\0';
257 size_t n = strlen(myfoo.a);
258 ASSERT_EXIT(strlcat(myfoo.one, myfoo.a, n),
259 testing::KilledBySignal(SIGABRT), "");
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]260#else // __BIONIC__
261 GTEST_LOG_(INFO) << "This test does nothing.\n";
262#endif // __BIONIC__
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]263}
264#endif
265
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]266#ifndef __clang__
267// This test is disabled in clang because clang doesn't properly detect
268// this buffer overflow. TODO: Fix clang.
269TEST(DEATHTEST, strncat_fortified2) {
270 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
271 foo myfoo;
272 size_t n = atoi("10"); // avoid compiler optimizations
273 strncpy(myfoo.a, "012345678", n);
274 ASSERT_EXIT(strncat(myfoo.a, "9", n), testing::KilledBySignal(SIGABRT), "");
275}
276#endif
277
278#ifndef __clang__
279// This test is disabled in clang because clang doesn't properly detect
280// this buffer overflow. TODO: Fix clang.
281TEST(DEATHTEST, strncat2_fortified2) {
282 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
283 foo myfoo;
284 myfoo.a[0] = '\0';
285 size_t n = atoi("10"); // avoid compiler optimizations
286 ASSERT_EXIT(strncat(myfoo.a, "0123456789", n), testing::KilledBySignal(SIGABRT), "");
287}
288#endif
289
290TEST(DEATHTEST, strncat3_fortified2) {
291 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
292 foo myfoo;
293 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a)); // unterminated string
294 myfoo.b[0] = '\0';
295 size_t n = atoi("10"); // avoid compiler optimizations
296 ASSERT_EXIT(strncat(myfoo.b, myfoo.a, n), testing::KilledBySignal(SIGABRT), "");
297}
298
299#ifndef __clang__
300// This test is disabled in clang because clang doesn't properly detect
301// this buffer overflow. TODO: Fix clang.
302TEST(DEATHTEST, strcat_fortified2) {
303 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
304 char src[11];
305 strcpy(src, "0123456789");
306 foo myfoo;
307 myfoo.a[0] = '\0';
308 ASSERT_EXIT(strcat(myfoo.a, src), testing::KilledBySignal(SIGABRT), "");
309}
310#endif
311
312TEST(DEATHTEST, strcat2_fortified2) {
313 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
314 foo myfoo;
315 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a)); // unterminated string
316 myfoo.b[0] = '\0';
317 ASSERT_EXIT(strcat(myfoo.b, myfoo.a), testing::KilledBySignal(SIGABRT), "");
318}
319
320TEST(DEATHTEST, snprintf_fortified2) {
321 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
322 foo myfoo;
323 strcpy(myfoo.a, "012345678");
324 size_t n = strlen(myfoo.a) + 2;
325 ASSERT_EXIT(snprintf(myfoo.b, n, "a%s", myfoo.a), testing::KilledBySignal(SIGABRT), "");
326}
327
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]328TEST(DEATHTEST, bzero_fortified2) {
329 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
330 foo myfoo;
331 memcpy(myfoo.b, "0123456789", sizeof(myfoo.b));
332 size_t n = atoi("11");
333 ASSERT_EXIT(bzero(myfoo.b, n), testing::KilledBySignal(SIGABRT), "");
334}
335
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]336#endif /* defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE=2 */
337
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]338// multibyte target where we over fill (should fail)
339TEST(DEATHTEST, strcpy_fortified) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]340#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]341 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
342 char buf[10];
343 char *orig = strdup("0123456789");
344 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), "");
345 free(orig);
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]346#else // __BIONIC__
347 GTEST_LOG_(INFO) << "This test does nothing.\n";
348#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]349}
350
351// zero sized target with "\0" source (should fail)
352TEST(DEATHTEST, strcpy2_fortified) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]353#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]354 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
355 char buf[0];
356 char *orig = strdup("");
357 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), "");
358 free(orig);
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]359#else // __BIONIC__
360 GTEST_LOG_(INFO) << "This test does nothing.\n";
361#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]362}
363
364// zero sized target with longer source (should fail)
365TEST(DEATHTEST, strcpy3_fortified) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]366#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]367 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
368 char buf[0];
369 char *orig = strdup("1");
370 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), "");
371 free(orig);
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]372#else // __BIONIC__
373 GTEST_LOG_(INFO) << "This test does nothing.\n";
374#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]375}
376
377// one byte target with longer source (should fail)
378TEST(DEATHTEST, strcpy4_fortified) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]379#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]380 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
381 char buf[1];
382 char *orig = strdup("12");
383 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), "");
384 free(orig);
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]385#else // __BIONIC__
386 GTEST_LOG_(INFO) << "This test does nothing.\n";
387#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]388}
389
390TEST(DEATHTEST, strlen_fortified) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]391#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]392 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
393 char buf[10];
394 memcpy(buf, "0123456789", sizeof(buf));
Elliott Hughes5b9310e2013-10-02 16:59:05 -0700[diff] [blame]395 ASSERT_EXIT(printf("%zd", strlen(buf)), testing::KilledBySignal(SIGABRT), "");
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]396#else // __BIONIC__
397 GTEST_LOG_(INFO) << "This test does nothing.\n";
398#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]399}
400
401TEST(DEATHTEST, strchr_fortified) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]402#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]403 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
404 char buf[10];
405 memcpy(buf, "0123456789", sizeof(buf));
406 ASSERT_EXIT(printf("%s", strchr(buf, 'a')), testing::KilledBySignal(SIGABRT), "");
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]407#else // __BIONIC__
408 GTEST_LOG_(INFO) << "This test does nothing.\n";
409#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]410}
411
412TEST(DEATHTEST, strrchr_fortified) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]413#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]414 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
415 char buf[10];
416 memcpy(buf, "0123456789", sizeof(buf));
417 ASSERT_EXIT(printf("%s", strrchr(buf, 'a')), testing::KilledBySignal(SIGABRT), "");
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]418#else // __BIONIC__
419 GTEST_LOG_(INFO) << "This test does nothing.\n";
420#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]421}
422
423TEST(DEATHTEST, strlcpy_fortified) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]424#if defined(__BIONIC__)
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]425 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
426 char bufa[15];
427 char bufb[10];
428 strcpy(bufa, "01234567890123");
429 size_t n = strlen(bufa);
430 ASSERT_EXIT(strlcpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), "");
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]431#else // __BIONIC__
432 GTEST_LOG_(INFO) << "This test does nothing.\n";
433#endif // __BIONIC__
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]434}
435
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]436TEST(DEATHTEST, strlcat_fortified) {
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]437#if defined(__BIONIC__)
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]438 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
439 char bufa[15];
440 char bufb[10];
441 bufb[0] = '\0';
442 strcpy(bufa, "01234567890123");
443 size_t n = strlen(bufa);
444 ASSERT_EXIT(strlcat(bufb, bufa, n), testing::KilledBySignal(SIGABRT), "");
Christopher Ferrisf04935c2013-12-20 18:43:21 -0800[diff] [blame]445#else // __BIONIC__
446 GTEST_LOG_(INFO) << "This test does nothing.\n";
447#endif // __BIONIC__
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]448}
449
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]450TEST(DEATHTEST, sprintf_fortified) {
451 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
452 char buf[10];
453 char source_buf[15];
454 memcpy(source_buf, "12345678901234", 15);
455 ASSERT_EXIT(sprintf(buf, "%s", source_buf), testing::KilledBySignal(SIGABRT), "");
456}
457
Nick Kralevichb91791d2013-10-02 14:14:40 -0700[diff] [blame]458#ifndef __clang__
459// This test is disabled in clang because clang doesn't properly detect
460// this buffer overflow. TODO: Fix clang.
461TEST(DEATHTEST, sprintf_malloc_fortified) {
462 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
463 char* buf = (char *) malloc(10);
464 char source_buf[11];
465 memcpy(source_buf, "1234567890", 11);
466 ASSERT_EXIT(sprintf(buf, "%s", source_buf), testing::KilledBySignal(SIGABRT), "");
467 free(buf);
468}
469#endif
470
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]471TEST(DEATHTEST, sprintf2_fortified) {
472 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
473 char buf[5];
474 ASSERT_EXIT(sprintf(buf, "aaaaa"), testing::KilledBySignal(SIGABRT), "");
475}
476
477static int vsprintf_helper(const char *fmt, ...) {
478 char buf[10];
479 va_list va;
480 int result;
481
482 va_start(va, fmt);
483 result = vsprintf(buf, fmt, va); // should crash here
484 va_end(va);
485 return result;
486}
487
488TEST(DEATHTEST, vsprintf_fortified) {
489 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
490 ASSERT_EXIT(vsprintf_helper("%s", "0123456789"), testing::KilledBySignal(SIGABRT), "");
491}
492
493TEST(DEATHTEST, vsprintf2_fortified) {
494 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
495 ASSERT_EXIT(vsprintf_helper("0123456789"), testing::KilledBySignal(SIGABRT), "");
496}
497
498static int vsnprintf_helper(const char *fmt, ...) {
499 char buf[10];
500 va_list va;
501 int result;
502 size_t size = atoi("11");
503
504 va_start(va, fmt);
505 result = vsnprintf(buf, size, fmt, va); // should crash here
506 va_end(va);
507 return result;
508}
509
510TEST(DEATHTEST, vsnprintf_fortified) {
511 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
512 ASSERT_EXIT(vsnprintf_helper("%s", "0123456789"), testing::KilledBySignal(SIGABRT), "");
513}
514
515TEST(DEATHTEST, vsnprintf2_fortified) {
516 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
517 ASSERT_EXIT(vsnprintf_helper("0123456789"), testing::KilledBySignal(SIGABRT), "");
518}
519
520TEST(DEATHTEST, strncat_fortified) {
521 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
522 char buf[10];
523 size_t n = atoi("10"); // avoid compiler optimizations
524 strncpy(buf, "012345678", n);
525 ASSERT_EXIT(strncat(buf, "9", n), testing::KilledBySignal(SIGABRT), "");
526}
527
528TEST(DEATHTEST, strncat2_fortified) {
529 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
530 char buf[10];
531 buf[0] = '\0';
532 size_t n = atoi("10"); // avoid compiler optimizations
533 ASSERT_EXIT(strncat(buf, "0123456789", n), testing::KilledBySignal(SIGABRT), "");
534}
535
536TEST(DEATHTEST, strcat_fortified) {
537 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
538 char src[11];
539 strcpy(src, "0123456789");
540 char buf[10];
541 buf[0] = '\0';
542 ASSERT_EXIT(strcat(buf, src), testing::KilledBySignal(SIGABRT), "");
543}
544
545TEST(DEATHTEST, memmove_fortified) {
546 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
547 char buf[20];
548 strcpy(buf, "0123456789");
549 size_t n = atoi("10");
550 ASSERT_EXIT(memmove(buf + 11, buf, n), testing::KilledBySignal(SIGABRT), "");
551}
552
553TEST(DEATHTEST, memcpy_fortified) {
554 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
555 char bufa[10];
556 char bufb[10];
557 strcpy(bufa, "012345678");
558 size_t n = atoi("11");
559 ASSERT_EXIT(memcpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), "");
560}
561
562TEST(DEATHTEST, strncpy_fortified) {
563 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
564 char bufa[15];
565 char bufb[10];
566 strcpy(bufa, "01234567890123");
567 size_t n = strlen(bufa);
568 ASSERT_EXIT(strncpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), "");
569}
570
Nick Kralevich93501d32013-08-28 10:47:43 -0700[diff] [blame]571TEST(DEATHTEST, strncpy2_fortified) {
572 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
573 char dest[11];
574 char src[10];
575 memcpy(src, "0123456789", sizeof(src)); // src is not null terminated
576 ASSERT_EXIT(strncpy(dest, src, sizeof(dest)), testing::KilledBySignal(SIGABRT), "");
577}
578
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]579TEST(DEATHTEST, snprintf_fortified) {
580 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
581 char bufa[15];
582 char bufb[10];
583 strcpy(bufa, "0123456789");
584 size_t n = strlen(bufa) + 1;
585 ASSERT_EXIT(snprintf(bufb, n, "%s", bufa), testing::KilledBySignal(SIGABRT), "");
586}
587
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]588TEST(DEATHTEST, bzero_fortified) {
589 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
590 char buf[10];
591 memcpy(buf, "0123456789", sizeof(buf));
592 size_t n = atoi("11");
593 ASSERT_EXIT(bzero(buf, n), testing::KilledBySignal(SIGABRT), "");
594}
595
596TEST(DEATHTEST, umask_fortified) {
597 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
598 mode_t mask = atoi("1023"); // 01777 in octal
599 ASSERT_EXIT(umask(mask), testing::KilledBySignal(SIGABRT), "");
600}
601
Nick Kralevich60f4f9a2013-09-24 16:32:07 -0700[diff] [blame]602TEST(DEATHTEST, recv_fortified) {
603 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
604 size_t data_len = atoi("11"); // suppress compiler optimizations
605 char buf[10];
606 ASSERT_EXIT(recv(0, buf, data_len, 0), testing::KilledBySignal(SIGABRT), "");
607}
608
Nick Kralevich90201d52013-10-02 16:11:30 -0700[diff] [blame]609TEST(DEATHTEST, FD_ISSET_fortified) {
610 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
611 fd_set set;
612 memset(&set, 0, sizeof(set));
613 ASSERT_EXIT(FD_ISSET(-1, &set), testing::KilledBySignal(SIGABRT), "");
614}
615
Nick Kralevich7943df62013-10-03 14:08:39 -0700[diff] [blame]616TEST(DEATHTEST, FD_ISSET_2_fortified) {
617 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
618 char buf[1];
619 fd_set* set = (fd_set*) buf;
620 ASSERT_EXIT(FD_ISSET(0, set), testing::KilledBySignal(SIGABRT), "");
621}
622
623TEST(DEATHTEST, FD_ZERO_fortified) {
624 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
625 char buf[1];
626 fd_set* set = (fd_set*) buf;
627 ASSERT_EXIT(FD_ZERO(set), testing::KilledBySignal(SIGABRT), "");
628}
629
Nick Kralevichb036b5c2013-10-09 20:16:34 -0700[diff] [blame]630TEST(DEATHTEST, read_fortified) {
631 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
632 char buf[1];
633 size_t ct = atoi("2"); // prevent optimizations
634 int fd = open("/dev/null", O_RDONLY);
635 ASSERT_EXIT(read(fd, buf, ct), testing::KilledBySignal(SIGABRT), "");
636 close(fd);
637}
638
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]639extern "C" char* __strncat_chk(char*, const char*, size_t, size_t);
640extern "C" char* __strcat_chk(char*, const char*, size_t);
641
642TEST(TEST_NAME, strncat) {
643 char buf[10];
644 memset(buf, 'A', sizeof(buf));
645 buf[0] = 'a';
646 buf[1] = '\0';
647 char* res = __strncat_chk(buf, "01234", sizeof(buf) - strlen(buf) - 1, sizeof(buf));
648 ASSERT_EQ(buf, res);
649 ASSERT_EQ('a', buf[0]);
650 ASSERT_EQ('0', buf[1]);
651 ASSERT_EQ('1', buf[2]);
652 ASSERT_EQ('2', buf[3]);
653 ASSERT_EQ('3', buf[4]);
654 ASSERT_EQ('4', buf[5]);
655 ASSERT_EQ('\0', buf[6]);
656 ASSERT_EQ('A', buf[7]);
657 ASSERT_EQ('A', buf[8]);
658 ASSERT_EQ('A', buf[9]);
659}
660
661TEST(TEST_NAME, strncat2) {
662 char buf[10];
663 memset(buf, 'A', sizeof(buf));
664 buf[0] = 'a';
665 buf[1] = '\0';
666 char* res = __strncat_chk(buf, "0123456789", 5, sizeof(buf));
667 ASSERT_EQ(buf, res);
668 ASSERT_EQ('a', buf[0]);
669 ASSERT_EQ('0', buf[1]);
670 ASSERT_EQ('1', buf[2]);
671 ASSERT_EQ('2', buf[3]);
672 ASSERT_EQ('3', buf[4]);
673 ASSERT_EQ('4', buf[5]);
674 ASSERT_EQ('\0', buf[6]);
675 ASSERT_EQ('A', buf[7]);
676 ASSERT_EQ('A', buf[8]);
677 ASSERT_EQ('A', buf[9]);
678}
679
680TEST(TEST_NAME, strncat3) {
681 char buf[10];
682 memset(buf, 'A', sizeof(buf));
683 buf[0] = '\0';
684 char* res = __strncat_chk(buf, "0123456789", 5, sizeof(buf));
685 ASSERT_EQ(buf, res);
686 ASSERT_EQ('0', buf[0]);
687 ASSERT_EQ('1', buf[1]);
688 ASSERT_EQ('2', buf[2]);
689 ASSERT_EQ('3', buf[3]);
690 ASSERT_EQ('4', buf[4]);
691 ASSERT_EQ('\0', buf[5]);
692 ASSERT_EQ('A', buf[6]);
693 ASSERT_EQ('A', buf[7]);
694 ASSERT_EQ('A', buf[8]);
695 ASSERT_EQ('A', buf[9]);
696}
697
698TEST(TEST_NAME, strncat4) {
699 char buf[10];
700 memset(buf, 'A', sizeof(buf));
701 buf[9] = '\0';
702 char* res = __strncat_chk(buf, "", 5, sizeof(buf));
703 ASSERT_EQ(buf, res);
704 ASSERT_EQ('A', buf[0]);
705 ASSERT_EQ('A', buf[1]);
706 ASSERT_EQ('A', buf[2]);
707 ASSERT_EQ('A', buf[3]);
708 ASSERT_EQ('A', buf[4]);
709 ASSERT_EQ('A', buf[5]);
710 ASSERT_EQ('A', buf[6]);
711 ASSERT_EQ('A', buf[7]);
712 ASSERT_EQ('A', buf[8]);
713 ASSERT_EQ('\0', buf[9]);
714}
715
716TEST(TEST_NAME, strncat5) {
717 char buf[10];
718 memset(buf, 'A', sizeof(buf));
719 buf[0] = 'a';
720 buf[1] = '\0';
721 char* res = __strncat_chk(buf, "01234567", 8, sizeof(buf));
722 ASSERT_EQ(buf, res);
723 ASSERT_EQ('a', buf[0]);
724 ASSERT_EQ('0', buf[1]);
725 ASSERT_EQ('1', buf[2]);
726 ASSERT_EQ('2', buf[3]);
727 ASSERT_EQ('3', buf[4]);
728 ASSERT_EQ('4', buf[5]);
729 ASSERT_EQ('5', buf[6]);
730 ASSERT_EQ('6', buf[7]);
731 ASSERT_EQ('7', buf[8]);
732 ASSERT_EQ('\0', buf[9]);
733}
734
735TEST(TEST_NAME, strncat6) {
736 char buf[10];
737 memset(buf, 'A', sizeof(buf));
738 buf[0] = 'a';
739 buf[1] = '\0';
740 char* res = __strncat_chk(buf, "01234567", 9, sizeof(buf));
741 ASSERT_EQ(buf, res);
742 ASSERT_EQ('a', buf[0]);
743 ASSERT_EQ('0', buf[1]);
744 ASSERT_EQ('1', buf[2]);
745 ASSERT_EQ('2', buf[3]);
746 ASSERT_EQ('3', buf[4]);
747 ASSERT_EQ('4', buf[5]);
748 ASSERT_EQ('5', buf[6]);
749 ASSERT_EQ('6', buf[7]);
750 ASSERT_EQ('7', buf[8]);
751 ASSERT_EQ('\0', buf[9]);
752}
753
754
755TEST(TEST_NAME, strcat) {
756 char buf[10];
757 memset(buf, 'A', sizeof(buf));
758 buf[0] = 'a';
759 buf[1] = '\0';
760 char* res = __strcat_chk(buf, "01234", sizeof(buf));
761 ASSERT_EQ(buf, res);
762 ASSERT_EQ('a', buf[0]);
763 ASSERT_EQ('0', buf[1]);
764 ASSERT_EQ('1', buf[2]);
765 ASSERT_EQ('2', buf[3]);
766 ASSERT_EQ('3', buf[4]);
767 ASSERT_EQ('4', buf[5]);
768 ASSERT_EQ('\0', buf[6]);
769 ASSERT_EQ('A', buf[7]);
770 ASSERT_EQ('A', buf[8]);
771 ASSERT_EQ('A', buf[9]);
772}
773
774TEST(TEST_NAME, strcat2) {
775 char buf[10];
776 memset(buf, 'A', sizeof(buf));
777 buf[0] = 'a';
778 buf[1] = '\0';
779 char* res = __strcat_chk(buf, "01234567", sizeof(buf));
780 ASSERT_EQ(buf, res);
781 ASSERT_EQ('a', buf[0]);
782 ASSERT_EQ('0', buf[1]);
783 ASSERT_EQ('1', buf[2]);
784 ASSERT_EQ('2', buf[3]);
785 ASSERT_EQ('3', buf[4]);
786 ASSERT_EQ('4', buf[5]);
787 ASSERT_EQ('5', buf[6]);
788 ASSERT_EQ('6', buf[7]);
789 ASSERT_EQ('7', buf[8]);
790 ASSERT_EQ('\0', buf[9]);
791}
Nick Kralevich93501d32013-08-28 10:47:43 -0700[diff] [blame]792
793TEST(TEST_NAME, strncpy) {
794 char src[10];
795 char dst[10];
796 memcpy(src, "0123456789", sizeof(src)); // non null terminated string
797 strncpy(dst, src, sizeof(dst));
798 ASSERT_EQ('0', dst[0]);
799 ASSERT_EQ('1', dst[1]);
800 ASSERT_EQ('2', dst[2]);
801 ASSERT_EQ('3', dst[3]);
802 ASSERT_EQ('4', dst[4]);
803 ASSERT_EQ('5', dst[5]);
804 ASSERT_EQ('6', dst[6]);
805 ASSERT_EQ('7', dst[7]);
806 ASSERT_EQ('8', dst[8]);
807 ASSERT_EQ('9', dst[9]);
808}
809
810TEST(TEST_NAME, strncpy2) {
811 char src[10];
812 char dst[15];
813 memcpy(src, "012345678\0", sizeof(src));
814 strncpy(dst, src, sizeof(dst));
815 ASSERT_EQ('0', dst[0]);
816 ASSERT_EQ('1', dst[1]);
817 ASSERT_EQ('2', dst[2]);
818 ASSERT_EQ('3', dst[3]);
819 ASSERT_EQ('4', dst[4]);
820 ASSERT_EQ('5', dst[5]);
821 ASSERT_EQ('6', dst[6]);
822 ASSERT_EQ('7', dst[7]);
823 ASSERT_EQ('8', dst[8]);
824 ASSERT_EQ('\0', dst[9]);
825 ASSERT_EQ('\0', dst[10]);
826 ASSERT_EQ('\0', dst[11]);
827 ASSERT_EQ('\0', dst[12]);
828 ASSERT_EQ('\0', dst[13]);
829 ASSERT_EQ('\0', dst[14]);
830}
Christopher Ferris16e185c2013-09-10 16:56:34 -0700[diff] [blame]831
832TEST(TEST_NAME, strcat_chk_max_int_size) {
833 char buf[10];
834 memset(buf, 'A', sizeof(buf));
835 buf[0] = 'a';
836 buf[1] = '\0';
837 char* res = __strcat_chk(buf, "01234567", (size_t)-1);
838 ASSERT_EQ(buf, res);
839 ASSERT_EQ('a', buf[0]);
840 ASSERT_EQ('0', buf[1]);
841 ASSERT_EQ('1', buf[2]);
842 ASSERT_EQ('2', buf[3]);
843 ASSERT_EQ('3', buf[4]);
844 ASSERT_EQ('4', buf[5]);
845 ASSERT_EQ('5', buf[6]);
846 ASSERT_EQ('6', buf[7]);
847 ASSERT_EQ('7', buf[8]);
848 ASSERT_EQ('\0', buf[9]);
849}
850
851extern "C" char* __strcpy_chk(char*, const char*, size_t);
852
853TEST(TEST_NAME, strcpy_chk_max_int_size) {
854 char buf[10];
855 char* res = __strcpy_chk(buf, "012345678", (size_t)-1);
856 ASSERT_EQ(buf, res);
857 ASSERT_EQ('0', buf[0]);
858 ASSERT_EQ('1', buf[1]);
859 ASSERT_EQ('2', buf[2]);
860 ASSERT_EQ('3', buf[3]);
861 ASSERT_EQ('4', buf[4]);
862 ASSERT_EQ('5', buf[5]);
863 ASSERT_EQ('6', buf[6]);
864 ASSERT_EQ('7', buf[7]);
865 ASSERT_EQ('8', buf[8]);
866 ASSERT_EQ('\0', buf[9]);
867}
868
869extern "C" void* __memcpy_chk(void*, const void*, size_t, size_t);
870
871TEST(TEST_NAME, memcpy_chk_max_int_size) {
872 char buf[10];
873 void* res = __memcpy_chk(buf, "012345678", sizeof(buf), (size_t)-1);
874 ASSERT_EQ((void*)buf, res);
875 ASSERT_EQ('0', buf[0]);
876 ASSERT_EQ('1', buf[1]);
877 ASSERT_EQ('2', buf[2]);
878 ASSERT_EQ('3', buf[3]);
879 ASSERT_EQ('4', buf[4]);
880 ASSERT_EQ('5', buf[5]);
881 ASSERT_EQ('6', buf[6]);
882 ASSERT_EQ('7', buf[7]);
883 ASSERT_EQ('8', buf[8]);
884 ASSERT_EQ('\0', buf[9]);
885}
Stephen Hines6e380722013-10-11 00:45:24 -0700[diff] [blame]886
887// Verify that macro expansion is done properly for sprintf/snprintf (which
888// are defined as macros in stdio.h under clang).
889#define CONTENTS "macro expansion"
890#define BUF_AND_SIZE(A) A, sizeof(A)
891#define BUF_AND_CONTENTS(A) A, CONTENTS
892#define BUF_AND_SIZE_AND_CONTENTS(A) A, sizeof(A), CONTENTS
893TEST(TEST_NAME, s_n_printf_macro_expansion) {
894 char buf[BUFSIZ];
895 snprintf(BUF_AND_SIZE(buf), CONTENTS);
896 EXPECT_STREQ(CONTENTS, buf);
897
898 snprintf(BUF_AND_SIZE_AND_CONTENTS(buf));
899 EXPECT_STREQ(CONTENTS, buf);
900
901 sprintf(BUF_AND_CONTENTS(buf));
902 EXPECT_STREQ(CONTENTS, buf);
903}