Gitiles
Code Review Sign In
review.blissroms.org / platform_bionic / 6e38072addd556e3894284b5bd040ac64fffa72e / . / tests / fortify_test.cpp
blob: 408991ef7985c237354d3f561b149dc145f63f60 [file] [log] [blame]
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]1/*
2 * Copyright (C) 2013 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include <gtest/gtest.h>
18#include <string.h>
19#include <stdarg.h>
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]20#include <sys/types.h>
21#include <sys/stat.h>
Nick Kralevich60f4f9a2013-09-24 16:32:07 -0700[diff] [blame]22#include <sys/socket.h>
Nick Kralevichb91791d2013-10-02 14:14:40 -0700[diff] [blame]23#include <malloc.h>
Nick Kralevichb036b5c2013-10-09 20:16:34 -0700[diff] [blame]24#include <fcntl.h>
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]25
26// We have to say "DeathTest" here so gtest knows to run this test (which exits)
27// in its own process. Unfortunately, the C preprocessor doesn't give us an
28// easy way to concatenate strings, so we need to use the complicated method
29// below. *sigh*
30#define DEATHTEST_PASTER(name) name##_DeathTest
31#define DEATHTEST_EVALUATOR(name) DEATHTEST_PASTER(name)
32#define DEATHTEST DEATHTEST_EVALUATOR(TEST_NAME)
33
34#if defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE == 2
35struct foo {
36 char empty[0];
37 char one[1];
38 char a[10];
39 char b[10];
40};
41
42#ifndef __clang__
43// This test is disabled in clang because clang doesn't properly detect
44// this buffer overflow. TODO: Fix clang.
45TEST(DEATHTEST, strncpy_fortified2) {
46 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
47 foo myfoo;
48 int copy_amt = atoi("11");
49 ASSERT_EXIT(strncpy(myfoo.a, "01234567890", copy_amt),
50 testing::KilledBySignal(SIGABRT), "");
51}
52#endif
53
54#ifndef __clang__
55// This test is disabled in clang because clang doesn't properly detect
56// this buffer overflow. TODO: Fix clang.
Nick Kralevich93501d32013-08-28 10:47:43 -0700[diff] [blame]57TEST(DEATHTEST, strncpy2_fortified2) {
58 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
59 foo myfoo;
60 memset(&myfoo, 0, sizeof(myfoo));
61 myfoo.one[0] = 'A'; // not null terminated string
62 ASSERT_EXIT(strncpy(myfoo.b, myfoo.one, sizeof(myfoo.b)),
63 testing::KilledBySignal(SIGABRT), "");
64}
65#endif
66
67#ifndef __clang__
68// This test is disabled in clang because clang doesn't properly detect
69// this buffer overflow. TODO: Fix clang.
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]70TEST(DEATHTEST, sprintf_fortified2) {
71 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
72 foo myfoo;
73 char source_buf[15];
74 memcpy(source_buf, "12345678901234", 15);
75 ASSERT_EXIT(sprintf(myfoo.a, "%s", source_buf),
76 testing::KilledBySignal(SIGABRT), "");
77}
78#endif
79
80#ifndef __clang__
81// This test is disabled in clang because clang doesn't properly detect
82// this buffer overflow. TODO: Fix clang.
83TEST(DEATHTEST, sprintf2_fortified2) {
84 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
85 foo myfoo;
86 ASSERT_EXIT(sprintf(myfoo.a, "0123456789"),
87 testing::KilledBySignal(SIGABRT), "");
88}
89#endif
90
91#ifndef __clang__
92// These tests are disabled in clang because clang doesn't properly detect
93// this buffer overflow. TODO: Fix clang.
94static int vsprintf_helper2(const char *fmt, ...) {
95 foo myfoo;
96 va_list va;
97 int result;
98
99 va_start(va, fmt);
100 result = vsprintf(myfoo.a, fmt, va); // should crash here
101 va_end(va);
102 return result;
103}
104
105TEST(DEATHTEST, vsprintf_fortified2) {
106 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
107 ASSERT_EXIT(vsprintf_helper2("%s", "0123456789"), testing::KilledBySignal(SIGABRT), "");
108}
109
110TEST(DEATHTEST, vsprintf2_fortified2) {
111 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
112 ASSERT_EXIT(vsprintf_helper2("0123456789"), testing::KilledBySignal(SIGABRT), "");
113}
114#endif
115
116#ifndef __clang__
117// These tests are disabled in clang because clang doesn't properly detect
118// this buffer overflow. TODO: Fix clang.
119static int vsnprintf_helper2(const char *fmt, ...) {
120 foo myfoo;
121 va_list va;
122 int result;
123 size_t size = atoi("11");
124
125 va_start(va, fmt);
126 result = vsnprintf(myfoo.a, size, fmt, va); // should crash here
127 va_end(va);
128 return result;
129}
130
131TEST(DEATHTEST, vsnprintf_fortified2) {
132 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
133 ASSERT_EXIT(vsnprintf_helper2("%s", "0123456789"), testing::KilledBySignal(SIGABRT), "");
134}
135
136TEST(DEATHTEST, vsnprintf2_fortified2) {
137 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
138 ASSERT_EXIT(vsnprintf_helper2("0123456789"), testing::KilledBySignal(SIGABRT), "");
139}
140#endif
141
142#if __BIONIC__
143
144#ifndef __clang__
145// zero sized target with "\0" source (should fail)
146// This test is disabled in clang because clang doesn't properly detect
147// this buffer overflow. TODO: Fix clang.
148TEST(DEATHTEST, strcpy_fortified2) {
149 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
150 foo myfoo;
151 char* src = strdup("");
152 ASSERT_EXIT(strcpy(myfoo.empty, src),
153 testing::KilledBySignal(SIGABRT), "");
154 free(src);
155}
156#endif
157
158#ifndef __clang__
159// zero sized target with longer source (should fail)
160// This test is disabled in clang because clang doesn't properly detect
161// this buffer overflow. TODO: Fix clang.
162TEST(DEATHTEST, strcpy2_fortified2) {
163 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
164 foo myfoo;
165 char* src = strdup("1");
166 ASSERT_EXIT(strcpy(myfoo.empty, src),
167 testing::KilledBySignal(SIGABRT), "");
168 free(src);
169}
170#endif
171
172#ifndef __clang__
173// one byte target with longer source (should fail)
174// This test is disabled in clang because clang doesn't properly detect
175// this buffer overflow. TODO: Fix clang.
176TEST(DEATHTEST, strcpy3_fortified2) {
177 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
178 foo myfoo;
179 char* src = strdup("12");
180 ASSERT_EXIT(strcpy(myfoo.one, src),
181 testing::KilledBySignal(SIGABRT), "");
182 free(src);
183}
184#endif
185
186#ifndef __clang__
187// This test is disabled in clang because clang doesn't properly detect
188// this buffer overflow. TODO: Fix clang.
189TEST(DEATHTEST, strchr_fortified2) {
190 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
191 foo myfoo;
192 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a));
193 myfoo.b[0] = '\0';
194 ASSERT_EXIT(printf("%s", strchr(myfoo.a, 'a')),
195 testing::KilledBySignal(SIGABRT), "");
196}
197#endif
198
199#ifndef __clang__
200// This test is disabled in clang because clang doesn't properly detect
201// this buffer overflow. TODO: Fix clang.
202TEST(DEATHTEST, strrchr_fortified2) {
203 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
204 foo myfoo;
205 memcpy(myfoo.a, "0123456789", 10);
206 memcpy(myfoo.b, "01234", 6);
207 ASSERT_EXIT(printf("%s", strrchr(myfoo.a, 'a')),
208 testing::KilledBySignal(SIGABRT), "");
209}
210#endif
211
212#ifndef __clang__
213// This test is disabled in clang because clang doesn't properly detect
214// this buffer overflow. TODO: Fix clang.
215TEST(DEATHTEST, strlcpy_fortified2) {
216 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
217 foo myfoo;
218 strcpy(myfoo.a, "01");
219 size_t n = strlen(myfoo.a);
220 ASSERT_EXIT(strlcpy(myfoo.one, myfoo.a, n),
221 testing::KilledBySignal(SIGABRT), "");
222}
223#endif
224
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]225#ifndef __clang__
226// This test is disabled in clang because clang doesn't properly detect
227// this buffer overflow. TODO: Fix clang.
228TEST(DEATHTEST, strlcat_fortified2) {
229 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
230 foo myfoo;
231 strcpy(myfoo.a, "01");
232 myfoo.one[0] = '\0';
233 size_t n = strlen(myfoo.a);
234 ASSERT_EXIT(strlcat(myfoo.one, myfoo.a, n),
235 testing::KilledBySignal(SIGABRT), "");
236}
237#endif
238
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]239#endif /* __BIONIC__ */
240
241#ifndef __clang__
242// This test is disabled in clang because clang doesn't properly detect
243// this buffer overflow. TODO: Fix clang.
244TEST(DEATHTEST, strncat_fortified2) {
245 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
246 foo myfoo;
247 size_t n = atoi("10"); // avoid compiler optimizations
248 strncpy(myfoo.a, "012345678", n);
249 ASSERT_EXIT(strncat(myfoo.a, "9", n), testing::KilledBySignal(SIGABRT), "");
250}
251#endif
252
253#ifndef __clang__
254// This test is disabled in clang because clang doesn't properly detect
255// this buffer overflow. TODO: Fix clang.
256TEST(DEATHTEST, strncat2_fortified2) {
257 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
258 foo myfoo;
259 myfoo.a[0] = '\0';
260 size_t n = atoi("10"); // avoid compiler optimizations
261 ASSERT_EXIT(strncat(myfoo.a, "0123456789", n), testing::KilledBySignal(SIGABRT), "");
262}
263#endif
264
265TEST(DEATHTEST, strncat3_fortified2) {
266 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
267 foo myfoo;
268 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a)); // unterminated string
269 myfoo.b[0] = '\0';
270 size_t n = atoi("10"); // avoid compiler optimizations
271 ASSERT_EXIT(strncat(myfoo.b, myfoo.a, n), testing::KilledBySignal(SIGABRT), "");
272}
273
274#ifndef __clang__
275// This test is disabled in clang because clang doesn't properly detect
276// this buffer overflow. TODO: Fix clang.
277TEST(DEATHTEST, strcat_fortified2) {
278 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
279 char src[11];
280 strcpy(src, "0123456789");
281 foo myfoo;
282 myfoo.a[0] = '\0';
283 ASSERT_EXIT(strcat(myfoo.a, src), testing::KilledBySignal(SIGABRT), "");
284}
285#endif
286
287TEST(DEATHTEST, strcat2_fortified2) {
288 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
289 foo myfoo;
290 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a)); // unterminated string
291 myfoo.b[0] = '\0';
292 ASSERT_EXIT(strcat(myfoo.b, myfoo.a), testing::KilledBySignal(SIGABRT), "");
293}
294
295TEST(DEATHTEST, snprintf_fortified2) {
296 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
297 foo myfoo;
298 strcpy(myfoo.a, "012345678");
299 size_t n = strlen(myfoo.a) + 2;
300 ASSERT_EXIT(snprintf(myfoo.b, n, "a%s", myfoo.a), testing::KilledBySignal(SIGABRT), "");
301}
302
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]303TEST(DEATHTEST, bzero_fortified2) {
304 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
305 foo myfoo;
306 memcpy(myfoo.b, "0123456789", sizeof(myfoo.b));
307 size_t n = atoi("11");
308 ASSERT_EXIT(bzero(myfoo.b, n), testing::KilledBySignal(SIGABRT), "");
309}
310
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]311#endif /* defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE=2 */
312
313#if __BIONIC__
314// multibyte target where we over fill (should fail)
315TEST(DEATHTEST, strcpy_fortified) {
316 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
317 char buf[10];
318 char *orig = strdup("0123456789");
319 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), "");
320 free(orig);
321}
322
323// zero sized target with "\0" source (should fail)
324TEST(DEATHTEST, strcpy2_fortified) {
325 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
326 char buf[0];
327 char *orig = strdup("");
328 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), "");
329 free(orig);
330}
331
332// zero sized target with longer source (should fail)
333TEST(DEATHTEST, strcpy3_fortified) {
334 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
335 char buf[0];
336 char *orig = strdup("1");
337 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), "");
338 free(orig);
339}
340
341// one byte target with longer source (should fail)
342TEST(DEATHTEST, strcpy4_fortified) {
343 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
344 char buf[1];
345 char *orig = strdup("12");
346 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), "");
347 free(orig);
348}
349
350TEST(DEATHTEST, strlen_fortified) {
351 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
352 char buf[10];
353 memcpy(buf, "0123456789", sizeof(buf));
Elliott Hughes5b9310e2013-10-02 16:59:05 -0700[diff] [blame]354 ASSERT_EXIT(printf("%zd", strlen(buf)), testing::KilledBySignal(SIGABRT), "");
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]355}
356
357TEST(DEATHTEST, strchr_fortified) {
358 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
359 char buf[10];
360 memcpy(buf, "0123456789", sizeof(buf));
361 ASSERT_EXIT(printf("%s", strchr(buf, 'a')), testing::KilledBySignal(SIGABRT), "");
362}
363
364TEST(DEATHTEST, strrchr_fortified) {
365 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
366 char buf[10];
367 memcpy(buf, "0123456789", sizeof(buf));
368 ASSERT_EXIT(printf("%s", strrchr(buf, 'a')), testing::KilledBySignal(SIGABRT), "");
369}
370
371TEST(DEATHTEST, strlcpy_fortified) {
372 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
373 char bufa[15];
374 char bufb[10];
375 strcpy(bufa, "01234567890123");
376 size_t n = strlen(bufa);
377 ASSERT_EXIT(strlcpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), "");
378}
379
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]380TEST(DEATHTEST, strlcat_fortified) {
381 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
382 char bufa[15];
383 char bufb[10];
384 bufb[0] = '\0';
385 strcpy(bufa, "01234567890123");
386 size_t n = strlen(bufa);
387 ASSERT_EXIT(strlcat(bufb, bufa, n), testing::KilledBySignal(SIGABRT), "");
388}
389
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]390#endif
391
392TEST(DEATHTEST, sprintf_fortified) {
393 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
394 char buf[10];
395 char source_buf[15];
396 memcpy(source_buf, "12345678901234", 15);
397 ASSERT_EXIT(sprintf(buf, "%s", source_buf), testing::KilledBySignal(SIGABRT), "");
398}
399
Nick Kralevichb91791d2013-10-02 14:14:40 -0700[diff] [blame]400#ifndef __clang__
401// This test is disabled in clang because clang doesn't properly detect
402// this buffer overflow. TODO: Fix clang.
403TEST(DEATHTEST, sprintf_malloc_fortified) {
404 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
405 char* buf = (char *) malloc(10);
406 char source_buf[11];
407 memcpy(source_buf, "1234567890", 11);
408 ASSERT_EXIT(sprintf(buf, "%s", source_buf), testing::KilledBySignal(SIGABRT), "");
409 free(buf);
410}
411#endif
412
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]413TEST(DEATHTEST, sprintf2_fortified) {
414 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
415 char buf[5];
416 ASSERT_EXIT(sprintf(buf, "aaaaa"), testing::KilledBySignal(SIGABRT), "");
417}
418
419static int vsprintf_helper(const char *fmt, ...) {
420 char buf[10];
421 va_list va;
422 int result;
423
424 va_start(va, fmt);
425 result = vsprintf(buf, fmt, va); // should crash here
426 va_end(va);
427 return result;
428}
429
430TEST(DEATHTEST, vsprintf_fortified) {
431 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
432 ASSERT_EXIT(vsprintf_helper("%s", "0123456789"), testing::KilledBySignal(SIGABRT), "");
433}
434
435TEST(DEATHTEST, vsprintf2_fortified) {
436 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
437 ASSERT_EXIT(vsprintf_helper("0123456789"), testing::KilledBySignal(SIGABRT), "");
438}
439
440static int vsnprintf_helper(const char *fmt, ...) {
441 char buf[10];
442 va_list va;
443 int result;
444 size_t size = atoi("11");
445
446 va_start(va, fmt);
447 result = vsnprintf(buf, size, fmt, va); // should crash here
448 va_end(va);
449 return result;
450}
451
452TEST(DEATHTEST, vsnprintf_fortified) {
453 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
454 ASSERT_EXIT(vsnprintf_helper("%s", "0123456789"), testing::KilledBySignal(SIGABRT), "");
455}
456
457TEST(DEATHTEST, vsnprintf2_fortified) {
458 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
459 ASSERT_EXIT(vsnprintf_helper("0123456789"), testing::KilledBySignal(SIGABRT), "");
460}
461
462TEST(DEATHTEST, strncat_fortified) {
463 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
464 char buf[10];
465 size_t n = atoi("10"); // avoid compiler optimizations
466 strncpy(buf, "012345678", n);
467 ASSERT_EXIT(strncat(buf, "9", n), testing::KilledBySignal(SIGABRT), "");
468}
469
470TEST(DEATHTEST, strncat2_fortified) {
471 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
472 char buf[10];
473 buf[0] = '\0';
474 size_t n = atoi("10"); // avoid compiler optimizations
475 ASSERT_EXIT(strncat(buf, "0123456789", n), testing::KilledBySignal(SIGABRT), "");
476}
477
478TEST(DEATHTEST, strcat_fortified) {
479 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
480 char src[11];
481 strcpy(src, "0123456789");
482 char buf[10];
483 buf[0] = '\0';
484 ASSERT_EXIT(strcat(buf, src), testing::KilledBySignal(SIGABRT), "");
485}
486
487TEST(DEATHTEST, memmove_fortified) {
488 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
489 char buf[20];
490 strcpy(buf, "0123456789");
491 size_t n = atoi("10");
492 ASSERT_EXIT(memmove(buf + 11, buf, n), testing::KilledBySignal(SIGABRT), "");
493}
494
495TEST(DEATHTEST, memcpy_fortified) {
496 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
497 char bufa[10];
498 char bufb[10];
499 strcpy(bufa, "012345678");
500 size_t n = atoi("11");
501 ASSERT_EXIT(memcpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), "");
502}
503
504TEST(DEATHTEST, strncpy_fortified) {
505 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
506 char bufa[15];
507 char bufb[10];
508 strcpy(bufa, "01234567890123");
509 size_t n = strlen(bufa);
510 ASSERT_EXIT(strncpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), "");
511}
512
Nick Kralevich93501d32013-08-28 10:47:43 -0700[diff] [blame]513TEST(DEATHTEST, strncpy2_fortified) {
514 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
515 char dest[11];
516 char src[10];
517 memcpy(src, "0123456789", sizeof(src)); // src is not null terminated
518 ASSERT_EXIT(strncpy(dest, src, sizeof(dest)), testing::KilledBySignal(SIGABRT), "");
519}
520
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]521TEST(DEATHTEST, snprintf_fortified) {
522 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
523 char bufa[15];
524 char bufb[10];
525 strcpy(bufa, "0123456789");
526 size_t n = strlen(bufa) + 1;
527 ASSERT_EXIT(snprintf(bufb, n, "%s", bufa), testing::KilledBySignal(SIGABRT), "");
528}
529
Nick Kralevicha6cde392013-06-29 08:15:25 -0700[diff] [blame]530TEST(DEATHTEST, bzero_fortified) {
531 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
532 char buf[10];
533 memcpy(buf, "0123456789", sizeof(buf));
534 size_t n = atoi("11");
535 ASSERT_EXIT(bzero(buf, n), testing::KilledBySignal(SIGABRT), "");
536}
537
538TEST(DEATHTEST, umask_fortified) {
539 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
540 mode_t mask = atoi("1023"); // 01777 in octal
541 ASSERT_EXIT(umask(mask), testing::KilledBySignal(SIGABRT), "");
542}
543
Nick Kralevich60f4f9a2013-09-24 16:32:07 -0700[diff] [blame]544TEST(DEATHTEST, recv_fortified) {
545 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
546 size_t data_len = atoi("11"); // suppress compiler optimizations
547 char buf[10];
548 ASSERT_EXIT(recv(0, buf, data_len, 0), testing::KilledBySignal(SIGABRT), "");
549}
550
Nick Kralevich90201d52013-10-02 16:11:30 -0700[diff] [blame]551TEST(DEATHTEST, FD_ISSET_fortified) {
552 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
553 fd_set set;
554 memset(&set, 0, sizeof(set));
555 ASSERT_EXIT(FD_ISSET(-1, &set), testing::KilledBySignal(SIGABRT), "");
556}
557
Nick Kralevich7943df62013-10-03 14:08:39 -0700[diff] [blame]558TEST(DEATHTEST, FD_ISSET_2_fortified) {
559 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
560 char buf[1];
561 fd_set* set = (fd_set*) buf;
562 ASSERT_EXIT(FD_ISSET(0, set), testing::KilledBySignal(SIGABRT), "");
563}
564
565TEST(DEATHTEST, FD_ZERO_fortified) {
566 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
567 char buf[1];
568 fd_set* set = (fd_set*) buf;
569 ASSERT_EXIT(FD_ZERO(set), testing::KilledBySignal(SIGABRT), "");
570}
571
Nick Kralevichb036b5c2013-10-09 20:16:34 -0700[diff] [blame]572TEST(DEATHTEST, read_fortified) {
573 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
574 char buf[1];
575 size_t ct = atoi("2"); // prevent optimizations
576 int fd = open("/dev/null", O_RDONLY);
577 ASSERT_EXIT(read(fd, buf, ct), testing::KilledBySignal(SIGABRT), "");
578 close(fd);
579}
580
Nick Kralevich5bcf3982013-06-28 10:34:09 -0700[diff] [blame]581extern "C" char* __strncat_chk(char*, const char*, size_t, size_t);
582extern "C" char* __strcat_chk(char*, const char*, size_t);
583
584TEST(TEST_NAME, strncat) {
585 char buf[10];
586 memset(buf, 'A', sizeof(buf));
587 buf[0] = 'a';
588 buf[1] = '\0';
589 char* res = __strncat_chk(buf, "01234", sizeof(buf) - strlen(buf) - 1, sizeof(buf));
590 ASSERT_EQ(buf, res);
591 ASSERT_EQ('a', buf[0]);
592 ASSERT_EQ('0', buf[1]);
593 ASSERT_EQ('1', buf[2]);
594 ASSERT_EQ('2', buf[3]);
595 ASSERT_EQ('3', buf[4]);
596 ASSERT_EQ('4', buf[5]);
597 ASSERT_EQ('\0', buf[6]);
598 ASSERT_EQ('A', buf[7]);
599 ASSERT_EQ('A', buf[8]);
600 ASSERT_EQ('A', buf[9]);
601}
602
603TEST(TEST_NAME, strncat2) {
604 char buf[10];
605 memset(buf, 'A', sizeof(buf));
606 buf[0] = 'a';
607 buf[1] = '\0';
608 char* res = __strncat_chk(buf, "0123456789", 5, sizeof(buf));
609 ASSERT_EQ(buf, res);
610 ASSERT_EQ('a', buf[0]);
611 ASSERT_EQ('0', buf[1]);
612 ASSERT_EQ('1', buf[2]);
613 ASSERT_EQ('2', buf[3]);
614 ASSERT_EQ('3', buf[4]);
615 ASSERT_EQ('4', buf[5]);
616 ASSERT_EQ('\0', buf[6]);
617 ASSERT_EQ('A', buf[7]);
618 ASSERT_EQ('A', buf[8]);
619 ASSERT_EQ('A', buf[9]);
620}
621
622TEST(TEST_NAME, strncat3) {
623 char buf[10];
624 memset(buf, 'A', sizeof(buf));
625 buf[0] = '\0';
626 char* res = __strncat_chk(buf, "0123456789", 5, sizeof(buf));
627 ASSERT_EQ(buf, res);
628 ASSERT_EQ('0', buf[0]);
629 ASSERT_EQ('1', buf[1]);
630 ASSERT_EQ('2', buf[2]);
631 ASSERT_EQ('3', buf[3]);
632 ASSERT_EQ('4', buf[4]);
633 ASSERT_EQ('\0', buf[5]);
634 ASSERT_EQ('A', buf[6]);
635 ASSERT_EQ('A', buf[7]);
636 ASSERT_EQ('A', buf[8]);
637 ASSERT_EQ('A', buf[9]);
638}
639
640TEST(TEST_NAME, strncat4) {
641 char buf[10];
642 memset(buf, 'A', sizeof(buf));
643 buf[9] = '\0';
644 char* res = __strncat_chk(buf, "", 5, sizeof(buf));
645 ASSERT_EQ(buf, res);
646 ASSERT_EQ('A', buf[0]);
647 ASSERT_EQ('A', buf[1]);
648 ASSERT_EQ('A', buf[2]);
649 ASSERT_EQ('A', buf[3]);
650 ASSERT_EQ('A', buf[4]);
651 ASSERT_EQ('A', buf[5]);
652 ASSERT_EQ('A', buf[6]);
653 ASSERT_EQ('A', buf[7]);
654 ASSERT_EQ('A', buf[8]);
655 ASSERT_EQ('\0', buf[9]);
656}
657
658TEST(TEST_NAME, strncat5) {
659 char buf[10];
660 memset(buf, 'A', sizeof(buf));
661 buf[0] = 'a';
662 buf[1] = '\0';
663 char* res = __strncat_chk(buf, "01234567", 8, sizeof(buf));
664 ASSERT_EQ(buf, res);
665 ASSERT_EQ('a', buf[0]);
666 ASSERT_EQ('0', buf[1]);
667 ASSERT_EQ('1', buf[2]);
668 ASSERT_EQ('2', buf[3]);
669 ASSERT_EQ('3', buf[4]);
670 ASSERT_EQ('4', buf[5]);
671 ASSERT_EQ('5', buf[6]);
672 ASSERT_EQ('6', buf[7]);
673 ASSERT_EQ('7', buf[8]);
674 ASSERT_EQ('\0', buf[9]);
675}
676
677TEST(TEST_NAME, strncat6) {
678 char buf[10];
679 memset(buf, 'A', sizeof(buf));
680 buf[0] = 'a';
681 buf[1] = '\0';
682 char* res = __strncat_chk(buf, "01234567", 9, sizeof(buf));
683 ASSERT_EQ(buf, res);
684 ASSERT_EQ('a', buf[0]);
685 ASSERT_EQ('0', buf[1]);
686 ASSERT_EQ('1', buf[2]);
687 ASSERT_EQ('2', buf[3]);
688 ASSERT_EQ('3', buf[4]);
689 ASSERT_EQ('4', buf[5]);
690 ASSERT_EQ('5', buf[6]);
691 ASSERT_EQ('6', buf[7]);
692 ASSERT_EQ('7', buf[8]);
693 ASSERT_EQ('\0', buf[9]);
694}
695
696
697TEST(TEST_NAME, strcat) {
698 char buf[10];
699 memset(buf, 'A', sizeof(buf));
700 buf[0] = 'a';
701 buf[1] = '\0';
702 char* res = __strcat_chk(buf, "01234", sizeof(buf));
703 ASSERT_EQ(buf, res);
704 ASSERT_EQ('a', buf[0]);
705 ASSERT_EQ('0', buf[1]);
706 ASSERT_EQ('1', buf[2]);
707 ASSERT_EQ('2', buf[3]);
708 ASSERT_EQ('3', buf[4]);
709 ASSERT_EQ('4', buf[5]);
710 ASSERT_EQ('\0', buf[6]);
711 ASSERT_EQ('A', buf[7]);
712 ASSERT_EQ('A', buf[8]);
713 ASSERT_EQ('A', buf[9]);
714}
715
716TEST(TEST_NAME, strcat2) {
717 char buf[10];
718 memset(buf, 'A', sizeof(buf));
719 buf[0] = 'a';
720 buf[1] = '\0';
721 char* res = __strcat_chk(buf, "01234567", sizeof(buf));
722 ASSERT_EQ(buf, res);
723 ASSERT_EQ('a', buf[0]);
724 ASSERT_EQ('0', buf[1]);
725 ASSERT_EQ('1', buf[2]);
726 ASSERT_EQ('2', buf[3]);
727 ASSERT_EQ('3', buf[4]);
728 ASSERT_EQ('4', buf[5]);
729 ASSERT_EQ('5', buf[6]);
730 ASSERT_EQ('6', buf[7]);
731 ASSERT_EQ('7', buf[8]);
732 ASSERT_EQ('\0', buf[9]);
733}
Nick Kralevich93501d32013-08-28 10:47:43 -0700[diff] [blame]734
735TEST(TEST_NAME, strncpy) {
736 char src[10];
737 char dst[10];
738 memcpy(src, "0123456789", sizeof(src)); // non null terminated string
739 strncpy(dst, src, sizeof(dst));
740 ASSERT_EQ('0', dst[0]);
741 ASSERT_EQ('1', dst[1]);
742 ASSERT_EQ('2', dst[2]);
743 ASSERT_EQ('3', dst[3]);
744 ASSERT_EQ('4', dst[4]);
745 ASSERT_EQ('5', dst[5]);
746 ASSERT_EQ('6', dst[6]);
747 ASSERT_EQ('7', dst[7]);
748 ASSERT_EQ('8', dst[8]);
749 ASSERT_EQ('9', dst[9]);
750}
751
752TEST(TEST_NAME, strncpy2) {
753 char src[10];
754 char dst[15];
755 memcpy(src, "012345678\0", sizeof(src));
756 strncpy(dst, src, sizeof(dst));
757 ASSERT_EQ('0', dst[0]);
758 ASSERT_EQ('1', dst[1]);
759 ASSERT_EQ('2', dst[2]);
760 ASSERT_EQ('3', dst[3]);
761 ASSERT_EQ('4', dst[4]);
762 ASSERT_EQ('5', dst[5]);
763 ASSERT_EQ('6', dst[6]);
764 ASSERT_EQ('7', dst[7]);
765 ASSERT_EQ('8', dst[8]);
766 ASSERT_EQ('\0', dst[9]);
767 ASSERT_EQ('\0', dst[10]);
768 ASSERT_EQ('\0', dst[11]);
769 ASSERT_EQ('\0', dst[12]);
770 ASSERT_EQ('\0', dst[13]);
771 ASSERT_EQ('\0', dst[14]);
772}
Christopher Ferris16e185c2013-09-10 16:56:34 -0700[diff] [blame]773
774TEST(TEST_NAME, strcat_chk_max_int_size) {
775 char buf[10];
776 memset(buf, 'A', sizeof(buf));
777 buf[0] = 'a';
778 buf[1] = '\0';
779 char* res = __strcat_chk(buf, "01234567", (size_t)-1);
780 ASSERT_EQ(buf, res);
781 ASSERT_EQ('a', buf[0]);
782 ASSERT_EQ('0', buf[1]);
783 ASSERT_EQ('1', buf[2]);
784 ASSERT_EQ('2', buf[3]);
785 ASSERT_EQ('3', buf[4]);
786 ASSERT_EQ('4', buf[5]);
787 ASSERT_EQ('5', buf[6]);
788 ASSERT_EQ('6', buf[7]);
789 ASSERT_EQ('7', buf[8]);
790 ASSERT_EQ('\0', buf[9]);
791}
792
793extern "C" char* __strcpy_chk(char*, const char*, size_t);
794
795TEST(TEST_NAME, strcpy_chk_max_int_size) {
796 char buf[10];
797 char* res = __strcpy_chk(buf, "012345678", (size_t)-1);
798 ASSERT_EQ(buf, res);
799 ASSERT_EQ('0', buf[0]);
800 ASSERT_EQ('1', buf[1]);
801 ASSERT_EQ('2', buf[2]);
802 ASSERT_EQ('3', buf[3]);
803 ASSERT_EQ('4', buf[4]);
804 ASSERT_EQ('5', buf[5]);
805 ASSERT_EQ('6', buf[6]);
806 ASSERT_EQ('7', buf[7]);
807 ASSERT_EQ('8', buf[8]);
808 ASSERT_EQ('\0', buf[9]);
809}
810
811extern "C" void* __memcpy_chk(void*, const void*, size_t, size_t);
812
813TEST(TEST_NAME, memcpy_chk_max_int_size) {
814 char buf[10];
815 void* res = __memcpy_chk(buf, "012345678", sizeof(buf), (size_t)-1);
816 ASSERT_EQ((void*)buf, res);
817 ASSERT_EQ('0', buf[0]);
818 ASSERT_EQ('1', buf[1]);
819 ASSERT_EQ('2', buf[2]);
820 ASSERT_EQ('3', buf[3]);
821 ASSERT_EQ('4', buf[4]);
822 ASSERT_EQ('5', buf[5]);
823 ASSERT_EQ('6', buf[6]);
824 ASSERT_EQ('7', buf[7]);
825 ASSERT_EQ('8', buf[8]);
826 ASSERT_EQ('\0', buf[9]);
827}
Stephen Hines6e380722013-10-11 00:45:24 -0700[diff] [blame^]828
829// Verify that macro expansion is done properly for sprintf/snprintf (which
830// are defined as macros in stdio.h under clang).
831#define CONTENTS "macro expansion"
832#define BUF_AND_SIZE(A) A, sizeof(A)
833#define BUF_AND_CONTENTS(A) A, CONTENTS
834#define BUF_AND_SIZE_AND_CONTENTS(A) A, sizeof(A), CONTENTS
835TEST(TEST_NAME, s_n_printf_macro_expansion) {
836 char buf[BUFSIZ];
837 snprintf(BUF_AND_SIZE(buf), CONTENTS);
838 EXPECT_STREQ(CONTENTS, buf);
839
840 snprintf(BUF_AND_SIZE_AND_CONTENTS(buf));
841 EXPECT_STREQ(CONTENTS, buf);
842
843 sprintf(BUF_AND_CONTENTS(buf));
844 EXPECT_STREQ(CONTENTS, buf);
845}