aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorZack Weinberg <zackw@panix.com>2016-08-17 10:05:43 -0400
committerZack Weinberg <zackw@panix.com>2016-08-19 09:04:35 -0400
commitd3bf0bade622ccc51da2f66cea967101b6cc33fb (patch)
tree976d2444c83e2c1bdd0f442ce4b5f7481d8a18c7
parent6f9d4f595e4073807ad0e844cbb3b3d7158b76d5 (diff)
downloadglibc-d3bf0bade622ccc51da2f66cea967101b6cc33fb.zip
glibc-d3bf0bade622ccc51da2f66cea967101b6cc33fb.tar.gz
glibc-d3bf0bade622ccc51da2f66cea967101b6cc33fb.tar.bz2
Add tests for fortification of bcopy and bzero.
* debug/tst-chk1.c: Add tests for fortification of bcopy and bzero.
-rw-r--r--ChangeLog4
-rw-r--r--debug/tst-chk1.c61
2 files changed, 65 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index bc2c353..3e39147 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2016-08-19 Zack Weinberg <zackw@panix.com>
+
+ * debug/tst-chk1.c: Add tests for fortification of bcopy and bzero.
+
2016-08-18 Torvald Riegel <triegel@redhat.com>
[BZ #20477]
diff --git a/debug/tst-chk1.c b/debug/tst-chk1.c
index 4f968ee..478c2fb 100644
--- a/debug/tst-chk1.c
+++ b/debug/tst-chk1.c
@@ -143,6 +143,11 @@ do_test (void)
if (memcmp (buf, "aabcdefghi", 10))
FAIL ();
+ memcpy (buf, "abcdefghij", 10);
+ bcopy (buf, buf + 1, 9);
+ if (memcmp (buf, "aabcdefghi", 10))
+ FAIL ();
+
if (mempcpy (buf + 5, "abcde", 5) != buf + 10
|| memcmp (buf, "aabcdabcde", 10))
FAIL ();
@@ -151,6 +156,10 @@ do_test (void)
if (memcmp (buf, "aabcdabcjj", 10))
FAIL ();
+ bzero (buf + 8, 2);
+ if (memcmp (buf, "aabcdabc\0\0", 10))
+ FAIL ();
+
strcpy (buf + 4, "EDCBA");
if (memcmp (buf, "aabcEDCBA", 10))
FAIL ();
@@ -175,6 +184,11 @@ do_test (void)
if (memcmp (buf, "aabcdefghi", 10))
FAIL ();
+ memcpy (buf, "abcdefghij", l0 + 10);
+ bcopy (buf, buf + 1, l0 + 9);
+ if (memcmp (buf, "aabcdefghi", 10))
+ FAIL ();
+
if (mempcpy (buf + 5, "abcde", l0 + 5) != buf + 10
|| memcmp (buf, "aabcdabcde", 10))
FAIL ();
@@ -183,6 +197,10 @@ do_test (void)
if (memcmp (buf, "aabcdabcjj", 10))
FAIL ();
+ bzero (buf + 8, l0 + 2);
+ if (memcmp (buf, "aabcdabc\0\0", 10))
+ FAIL ();
+
strcpy (buf + 4, str1 + 5);
if (memcmp (buf, "aabcEDCBA", 10))
FAIL ();
@@ -214,11 +232,18 @@ do_test (void)
if (memcmp (buf, "aabcEcdZY", 10))
FAIL ();
+ /* The following tests are supposed to succeed at all fortify
+ levels, even though they overflow a.buf1 into a.buf2. */
memcpy (a.buf1, "abcdefghij", l0 + 10);
memmove (a.buf1 + 1, a.buf1, l0 + 9);
if (memcmp (a.buf1, "aabcdefghi", 10))
FAIL ();
+ memcpy (a.buf1, "abcdefghij", l0 + 10);
+ bcopy (a.buf1, a.buf1 + 1, l0 + 9);
+ if (memcmp (a.buf1, "aabcdefghi", 10))
+ FAIL ();
+
if (mempcpy (a.buf1 + 5, "abcde", l0 + 5) != a.buf1 + 10
|| memcmp (a.buf1, "aabcdabcde", 10))
FAIL ();
@@ -227,6 +252,10 @@ do_test (void)
if (memcmp (a.buf1, "aabcdabcjj", 10))
FAIL ();
+ bzero (a.buf1 + 8, l0 + 2);
+ if (memcmp (a.buf1, "aabcdabc\0\0", 10))
+ FAIL ();
+
#if __USE_FORTIFY_LEVEL < 2
/* The following tests are supposed to crash with -D_FORTIFY_SOURCE=2
and sufficient GCC support, as the string operations overflow
@@ -285,6 +314,14 @@ do_test (void)
CHK_FAIL_END
CHK_FAIL_START
+ bcopy (buf + 1, buf + 2, 9);
+ CHK_FAIL_END
+
+ CHK_FAIL_START
+ bcopy (buf + 1, buf + 2, l0 + 9);
+ CHK_FAIL_END
+
+ CHK_FAIL_START
p = (char *) mempcpy (buf + 6, "abcde", 5);
CHK_FAIL_END
@@ -301,6 +338,14 @@ do_test (void)
CHK_FAIL_END
CHK_FAIL_START
+ bzero (buf + 9, 2);
+ CHK_FAIL_END
+
+ CHK_FAIL_START
+ bzero (buf + 9, l0 + 2);
+ CHK_FAIL_END
+
+ CHK_FAIL_START
strcpy (buf + 5, str1 + 5);
CHK_FAIL_END
@@ -378,6 +423,14 @@ do_test (void)
CHK_FAIL_END
CHK_FAIL_START
+ bcopy (a.buf1 + 1, a.buf1 + 2, 9);
+ CHK_FAIL_END
+
+ CHK_FAIL_START
+ bcopy (a.buf1 + 1, a.buf1 + 2, l0 + 9);
+ CHK_FAIL_END
+
+ CHK_FAIL_START
p = (char *) mempcpy (a.buf1 + 6, "abcde", 5);
CHK_FAIL_END
@@ -393,6 +446,14 @@ do_test (void)
memset (a.buf1 + 9, 'j', l0 + 2);
CHK_FAIL_END
+ CHK_FAIL_START
+ bzero (a.buf1 + 9, 2);
+ CHK_FAIL_END
+
+ CHK_FAIL_START
+ bzero (a.buf1 + 9, l0 + 2);
+ CHK_FAIL_END
+
# if __USE_FORTIFY_LEVEL >= 2
# define O 0
# else