Gitiles
Code Review Sign In
review.blissroms.org / platform_bionic / 78a7bf998d2d29592504984fcf419cd2701c6c54 / . / tests / fortify1_test.cpp
blob: d4e9dd51d039409e23b6e81fa8f244c6fcf5ecd3 [file] [log] [blame]
Nick Kralevich1aae9bd2013-04-29 14:07:06 -0700[diff] [blame]1/*
2 * Copyright (C) 2013 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#undef _FORTIFY_SOURCE
18#define _FORTIFY_SOURCE 1
19
20#include <gtest/gtest.h>
21#include <string.h>
Nick Kralevichc8ae8bd2013-06-27 08:58:14 -0700[diff] [blame]22#include <stdarg.h>
Nick Kralevich1aae9bd2013-04-29 14:07:06 -0700[diff] [blame]23
24#if __BIONIC__
25// We have to say "DeathTest" here so gtest knows to run this test (which exits)
26// in its own process.
Nick Kralevich13476de2013-06-03 10:58:06 -0700[diff] [blame]27
28// multibyte target where we over fill (should fail)
Nick Kralevich1aae9bd2013-04-29 14:07:06 -0700[diff] [blame]29TEST(Fortify1_DeathTest, strcpy_fortified) {
30 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
31 char buf[10];
32 char *orig = strdup("0123456789");
Nick Kralevichfd0325b2013-06-11 15:45:23 -0700[diff] [blame]33 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), "");
Nick Kralevich1aae9bd2013-04-29 14:07:06 -0700[diff] [blame]34 free(orig);
35}
36
Nick Kralevich13476de2013-06-03 10:58:06 -0700[diff] [blame]37// zero sized target with "\0" source (should fail)
38TEST(Fortify1_DeathTest, strcpy2_fortified) {
39 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
40 char buf[0];
41 char *orig = strdup("");
Nick Kralevichfd0325b2013-06-11 15:45:23 -0700[diff] [blame]42 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), "");
Nick Kralevich13476de2013-06-03 10:58:06 -0700[diff] [blame]43 free(orig);
44}
45
46// zero sized target with longer source (should fail)
47TEST(Fortify1_DeathTest, strcpy3_fortified) {
48 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
49 char buf[0];
50 char *orig = strdup("1");
Nick Kralevichfd0325b2013-06-11 15:45:23 -0700[diff] [blame]51 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), "");
Nick Kralevich13476de2013-06-03 10:58:06 -0700[diff] [blame]52 free(orig);
53}
54
55// one byte target with longer source (should fail)
56TEST(Fortify1_DeathTest, strcpy4_fortified) {
57 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
58 char buf[1];
59 char *orig = strdup("12");
Nick Kralevichfd0325b2013-06-11 15:45:23 -0700[diff] [blame]60 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), "");
Nick Kralevich13476de2013-06-03 10:58:06 -0700[diff] [blame]61 free(orig);
62}
63
Nick Kralevich1aae9bd2013-04-29 14:07:06 -0700[diff] [blame]64TEST(Fortify1_DeathTest, strlen_fortified) {
65 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
66 char buf[10];
67 memcpy(buf, "0123456789", sizeof(buf));
Nick Kralevichfd0325b2013-06-11 15:45:23 -0700[diff] [blame]68 ASSERT_EXIT(printf("%d", strlen(buf)), testing::KilledBySignal(SIGABRT), "");
Nick Kralevich1aae9bd2013-04-29 14:07:06 -0700[diff] [blame]69}
70
71TEST(Fortify1_DeathTest, strchr_fortified) {
72 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
73 char buf[10];
74 memcpy(buf, "0123456789", sizeof(buf));
Nick Kralevichfd0325b2013-06-11 15:45:23 -0700[diff] [blame]75 ASSERT_EXIT(printf("%s", strchr(buf, 'a')), testing::KilledBySignal(SIGABRT), "");
Nick Kralevich1aae9bd2013-04-29 14:07:06 -0700[diff] [blame]76}
77
78TEST(Fortify1_DeathTest, strrchr_fortified) {
79 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
80 char buf[10];
81 memcpy(buf, "0123456789", sizeof(buf));
Nick Kralevichfd0325b2013-06-11 15:45:23 -0700[diff] [blame]82 ASSERT_EXIT(printf("%s", strrchr(buf, 'a')), testing::KilledBySignal(SIGABRT), "");
Nick Kralevich1aae9bd2013-04-29 14:07:06 -0700[diff] [blame]83}
Nick Kralevich8bafa742013-06-20 12:17:44 -0700[diff] [blame]84
85TEST(Fortify1_DeathTest, strlcpy_fortified) {
86 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
87 char bufa[15];
88 char bufb[10];
89 strcpy(bufa, "01234567890123");
90 size_t n = strlen(bufa);
91 ASSERT_EXIT(strlcpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), "");
92}
93
Nick Kralevich1aae9bd2013-04-29 14:07:06 -0700[diff] [blame]94#endif
Nick Kralevich78d6d982013-04-29 16:29:37 -0700[diff] [blame]95
96TEST(Fortify1_DeathTest, sprintf_fortified) {
97 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
98 char buf[10];
99 char source_buf[15];
100 memcpy(source_buf, "12345678901234", 15);
Nick Kralevichfd0325b2013-06-11 15:45:23 -0700[diff] [blame]101 ASSERT_EXIT(sprintf(buf, "%s", source_buf), testing::KilledBySignal(SIGABRT), "");
Nick Kralevich78d6d982013-04-29 16:29:37 -0700[diff] [blame]102}
Nick Kralevich8cc145e2013-05-30 13:21:14 -0700[diff] [blame]103
Nick Kralevichc6eb9852013-06-24 11:44:00 -0700[diff] [blame]104TEST(Fortify1_DeathTest, sprintf2_fortified) {
105 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
106 char buf[5];
107 ASSERT_EXIT(sprintf(buf, "aaaaa"), testing::KilledBySignal(SIGABRT), "");
108}
109
Nick Kralevichc8ae8bd2013-06-27 08:58:14 -0700[diff] [blame]110static int vsprintf_helper(const char *fmt, ...) {
111 char buf[10];
112 va_list va;
113 int result;
114
115 va_start(va, fmt);
116 result = vsprintf(buf, fmt, va); // should crash here
117 va_end(va);
118 return result;
119}
120
121TEST(Fortify1_DeathTest, vsprintf_fortified) {
122 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
123 ASSERT_EXIT(vsprintf_helper("%s", "0123456789"), testing::KilledBySignal(SIGABRT), "");
124}
125
126TEST(Fortify1_DeathTest, vsprintf2_fortified) {
127 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
128 ASSERT_EXIT(vsprintf_helper("0123456789"), testing::KilledBySignal(SIGABRT), "");
129}
130
131static int vsnprintf_helper(const char *fmt, ...) {
132 char buf[10];
133 va_list va;
134 int result;
135 size_t size = atoi("11");
136
137 va_start(va, fmt);
138 result = vsnprintf(buf, size, fmt, va); // should crash here
139 va_end(va);
140 return result;
141}
142
143TEST(Fortify1_DeathTest, vsnprintf_fortified) {
144 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
145 ASSERT_EXIT(vsnprintf_helper("%s", "0123456789"), testing::KilledBySignal(SIGABRT), "");
146}
147
148TEST(Fortify1_DeathTest, vsnprintf2_fortified) {
149 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
150 ASSERT_EXIT(vsnprintf_helper("0123456789"), testing::KilledBySignal(SIGABRT), "");
151}
152
Nick Kralevich8cc145e2013-05-30 13:21:14 -0700[diff] [blame]153TEST(Fortify1_DeathTest, strncat_fortified) {
154 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
155 char buf[10];
156 size_t n = atoi("10"); // avoid compiler optimizations
157 strncpy(buf, "012345678", n);
Nick Kralevichfd0325b2013-06-11 15:45:23 -0700[diff] [blame]158 ASSERT_EXIT(strncat(buf, "9", n), testing::KilledBySignal(SIGABRT), "");
Nick Kralevich8cc145e2013-05-30 13:21:14 -0700[diff] [blame]159}
160
161TEST(Fortify1_DeathTest, strncat2_fortified) {
162 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
163 char buf[10];
164 buf[0] = '\0';
165 size_t n = atoi("10"); // avoid compiler optimizations
Nick Kralevichfd0325b2013-06-11 15:45:23 -0700[diff] [blame]166 ASSERT_EXIT(strncat(buf, "0123456789", n), testing::KilledBySignal(SIGABRT), "");
Nick Kralevich8cc145e2013-05-30 13:21:14 -0700[diff] [blame]167}
Nick Kralevichcf870192013-05-30 16:48:53 -0700[diff] [blame]168
169TEST(Fortify1_DeathTest, strcat_fortified) {
170 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
171 char src[11];
172 strcpy(src, "0123456789");
173 char buf[10];
174 buf[0] = '\0';
Nick Kralevichfd0325b2013-06-11 15:45:23 -0700[diff] [blame]175 ASSERT_EXIT(strcat(buf, src), testing::KilledBySignal(SIGABRT), "");
Nick Kralevichcf870192013-05-30 16:48:53 -0700[diff] [blame]176}
177
Nick Kralevich16d1af12013-06-17 14:49:19 -0700[diff] [blame]178TEST(Fortify1_DeathTest, memmove_fortified) {
179 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
180 char buf[20];
181 strcpy(buf, "0123456789");
182 size_t n = atoi("10");
183 ASSERT_EXIT(memmove(buf + 11, buf, n), testing::KilledBySignal(SIGABRT), "");
184}
185
186TEST(Fortify1_DeathTest, memcpy_fortified) {
187 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
188 char bufa[10];
189 char bufb[10];
190 strcpy(bufa, "012345678");
191 size_t n = atoi("11");
192 ASSERT_EXIT(memcpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), "");
193}
194
195TEST(Fortify1_DeathTest, strncpy_fortified) {
196 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
197 char bufa[15];
198 char bufb[10];
199 strcpy(bufa, "01234567890123");
200 size_t n = strlen(bufa);
201 ASSERT_EXIT(strncpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), "");
202}
203
Nick Kralevich621b19d2013-06-25 10:02:35 -0700[diff] [blame]204TEST(Fortify1_DeathTest, snprintf_fortified) {
205 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
206 char bufa[15];
207 char bufb[10];
208 strcpy(bufa, "0123456789");
209 size_t n = strlen(bufa) + 1;
210 ASSERT_EXIT(snprintf(bufb, n, "%s", bufa), testing::KilledBySignal(SIGABRT), "");
211}
212
Nick Kralevichcf870192013-05-30 16:48:53 -0700[diff] [blame]213extern "C" char* __strncat_chk(char*, const char*, size_t, size_t);
214extern "C" char* __strcat_chk(char*, const char*, size_t);
215
216TEST(Fortify1, strncat) {
217 char buf[10];
218 memset(buf, 'A', sizeof(buf));
219 buf[0] = 'a';
220 buf[1] = '\0';
221 char* res = __strncat_chk(buf, "01234", sizeof(buf) - strlen(buf) - 1, sizeof(buf));
222 ASSERT_EQ(buf, res);
223 ASSERT_EQ('a', buf[0]);
224 ASSERT_EQ('0', buf[1]);
225 ASSERT_EQ('1', buf[2]);
226 ASSERT_EQ('2', buf[3]);
227 ASSERT_EQ('3', buf[4]);
228 ASSERT_EQ('4', buf[5]);
229 ASSERT_EQ('\0', buf[6]);
230 ASSERT_EQ('A', buf[7]);
231 ASSERT_EQ('A', buf[8]);
232 ASSERT_EQ('A', buf[9]);
233}
234
235TEST(Fortify1, strncat2) {
236 char buf[10];
237 memset(buf, 'A', sizeof(buf));
238 buf[0] = 'a';
239 buf[1] = '\0';
240 char* res = __strncat_chk(buf, "0123456789", 5, sizeof(buf));
241 ASSERT_EQ(buf, res);
242 ASSERT_EQ('a', buf[0]);
243 ASSERT_EQ('0', buf[1]);
244 ASSERT_EQ('1', buf[2]);
245 ASSERT_EQ('2', buf[3]);
246 ASSERT_EQ('3', buf[4]);
247 ASSERT_EQ('4', buf[5]);
248 ASSERT_EQ('\0', buf[6]);
249 ASSERT_EQ('A', buf[7]);
250 ASSERT_EQ('A', buf[8]);
251 ASSERT_EQ('A', buf[9]);
252}
253
254TEST(Fortify1, strncat3) {
255 char buf[10];
256 memset(buf, 'A', sizeof(buf));
257 buf[0] = '\0';
258 char* res = __strncat_chk(buf, "0123456789", 5, sizeof(buf));
259 ASSERT_EQ(buf, res);
260 ASSERT_EQ('0', buf[0]);
261 ASSERT_EQ('1', buf[1]);
262 ASSERT_EQ('2', buf[2]);
263 ASSERT_EQ('3', buf[3]);
264 ASSERT_EQ('4', buf[4]);
265 ASSERT_EQ('\0', buf[5]);
266 ASSERT_EQ('A', buf[6]);
267 ASSERT_EQ('A', buf[7]);
268 ASSERT_EQ('A', buf[8]);
269 ASSERT_EQ('A', buf[9]);
270}
271
272TEST(Fortify1, strncat4) {
273 char buf[10];
274 memset(buf, 'A', sizeof(buf));
275 buf[9] = '\0';
276 char* res = __strncat_chk(buf, "", 5, sizeof(buf));
277 ASSERT_EQ(buf, res);
278 ASSERT_EQ('A', buf[0]);
279 ASSERT_EQ('A', buf[1]);
280 ASSERT_EQ('A', buf[2]);
281 ASSERT_EQ('A', buf[3]);
282 ASSERT_EQ('A', buf[4]);
283 ASSERT_EQ('A', buf[5]);
284 ASSERT_EQ('A', buf[6]);
285 ASSERT_EQ('A', buf[7]);
286 ASSERT_EQ('A', buf[8]);
287 ASSERT_EQ('\0', buf[9]);
288}
289
290TEST(Fortify1, strncat5) {
291 char buf[10];
292 memset(buf, 'A', sizeof(buf));
293 buf[0] = 'a';
294 buf[1] = '\0';
295 char* res = __strncat_chk(buf, "01234567", 8, sizeof(buf));
296 ASSERT_EQ(buf, res);
297 ASSERT_EQ('a', buf[0]);
298 ASSERT_EQ('0', buf[1]);
299 ASSERT_EQ('1', buf[2]);
300 ASSERT_EQ('2', buf[3]);
301 ASSERT_EQ('3', buf[4]);
302 ASSERT_EQ('4', buf[5]);
303 ASSERT_EQ('5', buf[6]);
304 ASSERT_EQ('6', buf[7]);
305 ASSERT_EQ('7', buf[8]);
306 ASSERT_EQ('\0', buf[9]);
307}
308
309TEST(Fortify1, strncat6) {
310 char buf[10];
311 memset(buf, 'A', sizeof(buf));
312 buf[0] = 'a';
313 buf[1] = '\0';
314 char* res = __strncat_chk(buf, "01234567", 9, sizeof(buf));
315 ASSERT_EQ(buf, res);
316 ASSERT_EQ('a', buf[0]);
317 ASSERT_EQ('0', buf[1]);
318 ASSERT_EQ('1', buf[2]);
319 ASSERT_EQ('2', buf[3]);
320 ASSERT_EQ('3', buf[4]);
321 ASSERT_EQ('4', buf[5]);
322 ASSERT_EQ('5', buf[6]);
323 ASSERT_EQ('6', buf[7]);
324 ASSERT_EQ('7', buf[8]);
325 ASSERT_EQ('\0', buf[9]);
326}
327
328
329TEST(Fortify1, strcat) {
330 char buf[10];
331 memset(buf, 'A', sizeof(buf));
332 buf[0] = 'a';
333 buf[1] = '\0';
334 char* res = __strcat_chk(buf, "01234", sizeof(buf));
335 ASSERT_EQ(buf, res);
336 ASSERT_EQ('a', buf[0]);
337 ASSERT_EQ('0', buf[1]);
338 ASSERT_EQ('1', buf[2]);
339 ASSERT_EQ('2', buf[3]);
340 ASSERT_EQ('3', buf[4]);
341 ASSERT_EQ('4', buf[5]);
342 ASSERT_EQ('\0', buf[6]);
343 ASSERT_EQ('A', buf[7]);
344 ASSERT_EQ('A', buf[8]);
345 ASSERT_EQ('A', buf[9]);
346}
347
348TEST(Fortify1, strcat2) {
349 char buf[10];
350 memset(buf, 'A', sizeof(buf));
351 buf[0] = 'a';
352 buf[1] = '\0';
353 char* res = __strcat_chk(buf, "01234567", sizeof(buf));
354 ASSERT_EQ(buf, res);
355 ASSERT_EQ('a', buf[0]);
356 ASSERT_EQ('0', buf[1]);
357 ASSERT_EQ('1', buf[2]);
358 ASSERT_EQ('2', buf[3]);
359 ASSERT_EQ('3', buf[4]);
360 ASSERT_EQ('4', buf[5]);
361 ASSERT_EQ('5', buf[6]);
362 ASSERT_EQ('6', buf[7]);
363 ASSERT_EQ('7', buf[8]);
364 ASSERT_EQ('\0', buf[9]);
365}