1 /*
2 * Copyright (C) 2013 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
17 #include <gtest/gtest.h>
18 #include "BionicDeathTest.h"
20 #include <fcntl.h>
21 #include <malloc.h>
22 #include <signal.h>
23 #include <stdarg.h>
24 #include <string.h>
25 #include <sys/socket.h>
26 #include <sys/stat.h>
27 #include <sys/types.h>
29 // Fortify test code needs to run multiple times, so TEST_NAME macro is used to
30 // distinguish different tests. TEST_NAME is defined in compilation command.
31 #define DEATHTEST_PASTER(name) name##_DeathTest
32 #define DEATHTEST_EVALUATOR(name) DEATHTEST_PASTER(name)
33 #define DEATHTEST DEATHTEST_EVALUATOR(TEST_NAME)
35 class DEATHTEST : public BionicDeathTest {};
37 #if defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE == 2
38 struct foo {
39 char empty[0];
40 char one[1];
41 char a[10];
42 char b[10];
43 };
45 #ifndef __clang__
46 // This test is disabled in clang because clang doesn't properly detect
47 // this buffer overflow. TODO: Fix clang.
48 TEST_F(DEATHTEST, stpncpy_fortified2) {
49 foo myfoo;
50 int copy_amt = atoi("11");
51 ASSERT_EXIT(stpncpy(myfoo.a, "01234567890", copy_amt),
52 testing::KilledBySignal(SIGABRT), "");
53 }
54 #endif
56 #ifndef __clang__
57 // This test is disabled in clang because clang doesn't properly detect
58 // this buffer overflow. TODO: Fix clang.
59 TEST_F(DEATHTEST, stpncpy2_fortified2) {
60 foo myfoo;
61 memset(&myfoo, 0, sizeof(myfoo));
62 myfoo.one[0] = 'A'; // not null terminated string
63 ASSERT_EXIT(stpncpy(myfoo.b, myfoo.one, sizeof(myfoo.b)),
64 testing::KilledBySignal(SIGABRT), "");
65 }
66 #endif
68 #ifndef __clang__
69 // This test is disabled in clang because clang doesn't properly detect
70 // this buffer overflow. TODO: Fix clang.
71 TEST_F(DEATHTEST, strncpy_fortified2) {
72 foo myfoo;
73 int copy_amt = atoi("11");
74 ASSERT_EXIT(strncpy(myfoo.a, "01234567890", copy_amt),
75 testing::KilledBySignal(SIGABRT), "");
76 }
77 #endif
79 #ifndef __clang__
80 // This test is disabled in clang because clang doesn't properly detect
81 // this buffer overflow. TODO: Fix clang.
82 TEST_F(DEATHTEST, strncpy2_fortified2) {
83 foo myfoo;
84 memset(&myfoo, 0, sizeof(myfoo));
85 myfoo.one[0] = 'A'; // not null terminated string
86 ASSERT_EXIT(strncpy(myfoo.b, myfoo.one, sizeof(myfoo.b)),
87 testing::KilledBySignal(SIGABRT), "");
88 }
89 #endif
91 #ifndef __clang__
92 // This test is disabled in clang because clang doesn't properly detect
93 // this buffer overflow. TODO: Fix clang.
94 TEST_F(DEATHTEST, sprintf_fortified2) {
95 foo myfoo;
96 char source_buf[15];
97 memcpy(source_buf, "12345678901234", 15);
98 ASSERT_EXIT(sprintf(myfoo.a, "%s", source_buf),
99 testing::KilledBySignal(SIGABRT), "");
100 }
101 #endif
103 #ifndef __clang__
104 // This test is disabled in clang because clang doesn't properly detect
105 // this buffer overflow. TODO: Fix clang.
106 TEST_F(DEATHTEST, sprintf2_fortified2) {
107 foo myfoo;
108 ASSERT_EXIT(sprintf(myfoo.a, "0123456789"),
109 testing::KilledBySignal(SIGABRT), "");
110 }
111 #endif
113 #ifndef __clang__
114 // These tests are disabled in clang because clang doesn't properly detect
115 // this buffer overflow. TODO: Fix clang.
116 static int vsprintf_helper2(const char *fmt, ...) {
117 foo myfoo;
118 va_list va;
119 int result;
121 va_start(va, fmt);
122 result = vsprintf(myfoo.a, fmt, va); // should crash here
123 va_end(va);
124 return result;
125 }
127 TEST_F(DEATHTEST, vsprintf_fortified2) {
128 ASSERT_EXIT(vsprintf_helper2("%s", "0123456789"), testing::KilledBySignal(SIGABRT), "");
129 }
131 TEST_F(DEATHTEST, vsprintf2_fortified2) {
132 ASSERT_EXIT(vsprintf_helper2("0123456789"), testing::KilledBySignal(SIGABRT), "");
133 }
134 #endif
136 #ifndef __clang__
137 // These tests are disabled in clang because clang doesn't properly detect
138 // this buffer overflow. TODO: Fix clang.
139 static int vsnprintf_helper2(const char *fmt, ...) {
140 foo myfoo;
141 va_list va;
142 int result;
143 size_t size = atoi("11");
145 va_start(va, fmt);
146 result = vsnprintf(myfoo.a, size, fmt, va); // should crash here
147 va_end(va);
148 return result;
149 }
151 TEST_F(DEATHTEST, vsnprintf_fortified2) {
152 ASSERT_EXIT(vsnprintf_helper2("%s", "0123456789"), testing::KilledBySignal(SIGABRT), "");
153 }
155 TEST_F(DEATHTEST, vsnprintf2_fortified2) {
156 ASSERT_EXIT(vsnprintf_helper2("0123456789"), testing::KilledBySignal(SIGABRT), "");
157 }
158 #endif
160 #ifndef __clang__
161 // zero sized target with "\0" source (should fail)
162 // This test is disabled in clang because clang doesn't properly detect
163 // this buffer overflow. TODO: Fix clang.
164 TEST_F(DEATHTEST, stpcpy_fortified2) {
165 #if defined(__BIONIC__)
166 foo myfoo;
167 char* src = strdup("");
168 ASSERT_EXIT(stpcpy(myfoo.empty, src),
169 testing::KilledBySignal(SIGABRT), "");
170 free(src);
171 #else // __BIONIC__
172 GTEST_LOG_(INFO) << "This test does nothing.\n";
173 #endif // __BIONIC__
174 }
175 #endif
177 #ifndef __clang__
178 // zero sized target with "\0" source (should fail)
179 // This test is disabled in clang because clang doesn't properly detect
180 // this buffer overflow. TODO: Fix clang.
181 TEST_F(DEATHTEST, strcpy_fortified2) {
182 #if defined(__BIONIC__)
183 foo myfoo;
184 char* src = strdup("");
185 ASSERT_EXIT(strcpy(myfoo.empty, src),
186 testing::KilledBySignal(SIGABRT), "");
187 free(src);
188 #else // __BIONIC__
189 GTEST_LOG_(INFO) << "This test does nothing.\n";
190 #endif // __BIONIC__
191 }
192 #endif
194 #ifndef __clang__
195 // zero sized target with longer source (should fail)
196 // This test is disabled in clang because clang doesn't properly detect
197 // this buffer overflow. TODO: Fix clang.
198 TEST_F(DEATHTEST, strcpy2_fortified2) {
199 #if defined(__BIONIC__)
200 foo myfoo;
201 char* src = strdup("1");
202 ASSERT_EXIT(strcpy(myfoo.empty, src),
203 testing::KilledBySignal(SIGABRT), "");
204 free(src);
205 #else // __BIONIC__
206 GTEST_LOG_(INFO) << "This test does nothing.\n";
207 #endif // __BIONIC__
208 }
209 #endif
211 #ifndef __clang__
212 // one byte target with longer source (should fail)
213 // This test is disabled in clang because clang doesn't properly detect
214 // this buffer overflow. TODO: Fix clang.
215 TEST_F(DEATHTEST, strcpy3_fortified2) {
216 #if defined(__BIONIC__)
217 foo myfoo;
218 char* src = strdup("12");
219 ASSERT_EXIT(strcpy(myfoo.one, src),
220 testing::KilledBySignal(SIGABRT), "");
221 free(src);
222 #else // __BIONIC__
223 GTEST_LOG_(INFO) << "This test does nothing.\n";
224 #endif // __BIONIC__
225 }
226 #endif
228 #ifndef __clang__
229 // This test is disabled in clang because clang doesn't properly detect
230 // this buffer overflow. TODO: Fix clang.
231 TEST_F(DEATHTEST, strchr_fortified2) {
232 #if defined(__BIONIC__)
233 foo myfoo;
234 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a));
235 myfoo.b[0] = '\0';
236 ASSERT_EXIT(printf("%s", strchr(myfoo.a, 'a')),
237 testing::KilledBySignal(SIGABRT), "");
238 #else // __BIONIC__
239 GTEST_LOG_(INFO) << "This test does nothing.\n";
240 #endif // __BIONIC__
241 }
242 #endif
244 #ifndef __clang__
245 // This test is disabled in clang because clang doesn't properly detect
246 // this buffer overflow. TODO: Fix clang.
247 TEST_F(DEATHTEST, strrchr_fortified2) {
248 #if defined(__BIONIC__)
249 foo myfoo;
250 memcpy(myfoo.a, "0123456789", 10);
251 memcpy(myfoo.b, "01234", 6);
252 ASSERT_EXIT(printf("%s", strrchr(myfoo.a, 'a')),
253 testing::KilledBySignal(SIGABRT), "");
254 #else // __BIONIC__
255 GTEST_LOG_(INFO) << "This test does nothing.\n";
256 #endif // __BIONIC__
257 }
258 #endif
260 #ifndef __clang__
261 // This test is disabled in clang because clang doesn't properly detect
262 // this buffer overflow. TODO: Fix clang.
263 TEST_F(DEATHTEST, strlcpy_fortified2) {
264 #if defined(__BIONIC__)
265 foo myfoo;
266 strcpy(myfoo.a, "01");
267 size_t n = strlen(myfoo.a);
268 ASSERT_EXIT(strlcpy(myfoo.one, myfoo.a, n),
269 testing::KilledBySignal(SIGABRT), "");
270 #else // __BIONIC__
271 GTEST_LOG_(INFO) << "This test does nothing.\n";
272 #endif // __BIONIC__
273 }
274 #endif
276 #ifndef __clang__
277 // This test is disabled in clang because clang doesn't properly detect
278 // this buffer overflow. TODO: Fix clang.
279 TEST_F(DEATHTEST, strlcat_fortified2) {
280 #if defined(__BIONIC__)
281 foo myfoo;
282 strcpy(myfoo.a, "01");
283 myfoo.one[0] = '\0';
284 size_t n = strlen(myfoo.a);
285 ASSERT_EXIT(strlcat(myfoo.one, myfoo.a, n),
286 testing::KilledBySignal(SIGABRT), "");
287 #else // __BIONIC__
288 GTEST_LOG_(INFO) << "This test does nothing.\n";
289 #endif // __BIONIC__
290 }
291 #endif
293 #ifndef __clang__
294 // This test is disabled in clang because clang doesn't properly detect
295 // this buffer overflow. TODO: Fix clang.
296 TEST_F(DEATHTEST, strncat_fortified2) {
297 foo myfoo;
298 size_t n = atoi("10"); // avoid compiler optimizations
299 strncpy(myfoo.a, "012345678", n);
300 ASSERT_EXIT(strncat(myfoo.a, "9", n), testing::KilledBySignal(SIGABRT), "");
301 }
302 #endif
304 #ifndef __clang__
305 // This test is disabled in clang because clang doesn't properly detect
306 // this buffer overflow. TODO: Fix clang.
307 TEST_F(DEATHTEST, strncat2_fortified2) {
308 foo myfoo;
309 myfoo.a[0] = '\0';
310 size_t n = atoi("10"); // avoid compiler optimizations
311 ASSERT_EXIT(strncat(myfoo.a, "0123456789", n), testing::KilledBySignal(SIGABRT), "");
312 }
313 #endif
315 TEST_F(DEATHTEST, strncat3_fortified2) {
316 foo myfoo;
317 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a)); // unterminated string
318 myfoo.b[0] = '\0';
319 size_t n = atoi("10"); // avoid compiler optimizations
320 ASSERT_EXIT(strncat(myfoo.b, myfoo.a, n), testing::KilledBySignal(SIGABRT), "");
321 }
323 #ifndef __clang__
324 // This test is disabled in clang because clang doesn't properly detect
325 // this buffer overflow. TODO: Fix clang.
326 TEST_F(DEATHTEST, strcat_fortified2) {
327 char src[11];
328 strcpy(src, "0123456789");
329 foo myfoo;
330 myfoo.a[0] = '\0';
331 ASSERT_EXIT(strcat(myfoo.a, src), testing::KilledBySignal(SIGABRT), "");
332 }
333 #endif
335 TEST_F(DEATHTEST, strcat2_fortified2) {
336 foo myfoo;
337 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a)); // unterminated string
338 myfoo.b[0] = '\0';
339 ASSERT_EXIT(strcat(myfoo.b, myfoo.a), testing::KilledBySignal(SIGABRT), "");
340 }
342 TEST_F(DEATHTEST, snprintf_fortified2) {
343 foo myfoo;
344 strcpy(myfoo.a, "012345678");
345 size_t n = strlen(myfoo.a) + 2;
346 ASSERT_EXIT(snprintf(myfoo.b, n, "a%s", myfoo.a), testing::KilledBySignal(SIGABRT), "");
347 }
349 TEST_F(DEATHTEST, bzero_fortified2) {
350 foo myfoo;
351 memcpy(myfoo.b, "0123456789", sizeof(myfoo.b));
352 size_t n = atoi("11");
353 ASSERT_EXIT(bzero(myfoo.b, n), testing::KilledBySignal(SIGABRT), "");
354 }
356 #endif /* defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE=2 */
358 // multibyte target where we over fill (should fail)
359 TEST_F(DEATHTEST, strcpy_fortified) {
360 #if defined(__BIONIC__)
361 char buf[10];
362 char *orig = strdup("0123456789");
363 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), "");
364 free(orig);
365 #else // __BIONIC__
366 GTEST_LOG_(INFO) << "This test does nothing.\n";
367 #endif // __BIONIC__
368 }
370 // zero sized target with "\0" source (should fail)
371 TEST_F(DEATHTEST, strcpy2_fortified) {
372 #if defined(__BIONIC__)
373 char buf[0];
374 char *orig = strdup("");
375 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), "");
376 free(orig);
377 #else // __BIONIC__
378 GTEST_LOG_(INFO) << "This test does nothing.\n";
379 #endif // __BIONIC__
380 }
382 // zero sized target with longer source (should fail)
383 TEST_F(DEATHTEST, strcpy3_fortified) {
384 #if defined(__BIONIC__)
385 char buf[0];
386 char *orig = strdup("1");
387 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), "");
388 free(orig);
389 #else // __BIONIC__
390 GTEST_LOG_(INFO) << "This test does nothing.\n";
391 #endif // __BIONIC__
392 }
394 // one byte target with longer source (should fail)
395 TEST_F(DEATHTEST, strcpy4_fortified) {
396 #if defined(__BIONIC__)
397 char buf[1];
398 char *orig = strdup("12");
399 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGABRT), "");
400 free(orig);
401 #else // __BIONIC__
402 GTEST_LOG_(INFO) << "This test does nothing.\n";
403 #endif // __BIONIC__
404 }
406 TEST_F(DEATHTEST, strlen_fortified) {
407 #if defined(__BIONIC__)
408 char buf[10];
409 memcpy(buf, "0123456789", sizeof(buf));
410 ASSERT_EXIT(printf("%zd", strlen(buf)), testing::KilledBySignal(SIGABRT), "");
411 #else // __BIONIC__
412 GTEST_LOG_(INFO) << "This test does nothing.\n";
413 #endif // __BIONIC__
414 }
416 TEST_F(DEATHTEST, strchr_fortified) {
417 #if defined(__BIONIC__)
418 char buf[10];
419 memcpy(buf, "0123456789", sizeof(buf));
420 ASSERT_EXIT(printf("%s", strchr(buf, 'a')), testing::KilledBySignal(SIGABRT), "");
421 #else // __BIONIC__
422 GTEST_LOG_(INFO) << "This test does nothing.\n";
423 #endif // __BIONIC__
424 }
426 TEST_F(DEATHTEST, strrchr_fortified) {
427 #if defined(__BIONIC__)
428 char buf[10];
429 memcpy(buf, "0123456789", sizeof(buf));
430 ASSERT_EXIT(printf("%s", strrchr(buf, 'a')), testing::KilledBySignal(SIGABRT), "");
431 #else // __BIONIC__
432 GTEST_LOG_(INFO) << "This test does nothing.\n";
433 #endif // __BIONIC__
434 }
436 TEST_F(DEATHTEST, strlcpy_fortified) {
437 #if defined(__BIONIC__)
438 char bufa[15];
439 char bufb[10];
440 strcpy(bufa, "01234567890123");
441 size_t n = strlen(bufa);
442 ASSERT_EXIT(strlcpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), "");
443 #else // __BIONIC__
444 GTEST_LOG_(INFO) << "This test does nothing.\n";
445 #endif // __BIONIC__
446 }
448 TEST_F(DEATHTEST, strlcat_fortified) {
449 #if defined(__BIONIC__)
450 char bufa[15];
451 char bufb[10];
452 bufb[0] = '\0';
453 strcpy(bufa, "01234567890123");
454 size_t n = strlen(bufa);
455 ASSERT_EXIT(strlcat(bufb, bufa, n), testing::KilledBySignal(SIGABRT), "");
456 #else // __BIONIC__
457 GTEST_LOG_(INFO) << "This test does nothing.\n";
458 #endif // __BIONIC__
459 }
461 TEST_F(DEATHTEST, sprintf_fortified) {
462 char buf[10];
463 char source_buf[15];
464 memcpy(source_buf, "12345678901234", 15);
465 ASSERT_EXIT(sprintf(buf, "%s", source_buf), testing::KilledBySignal(SIGABRT), "");
466 }
468 #ifndef __clang__
469 // This test is disabled in clang because clang doesn't properly detect
470 // this buffer overflow. TODO: Fix clang.
471 TEST_F(DEATHTEST, sprintf_malloc_fortified) {
472 char* buf = (char *) malloc(10);
473 char source_buf[11];
474 memcpy(source_buf, "1234567890", 11);
475 ASSERT_EXIT(sprintf(buf, "%s", source_buf), testing::KilledBySignal(SIGABRT), "");
476 free(buf);
477 }
478 #endif
480 TEST_F(DEATHTEST, sprintf2_fortified) {
481 char buf[5];
482 ASSERT_EXIT(sprintf(buf, "aaaaa"), testing::KilledBySignal(SIGABRT), "");
483 }
485 static int vsprintf_helper(const char *fmt, ...) {
486 char buf[10];
487 va_list va;
488 int result;
490 va_start(va, fmt);
491 result = vsprintf(buf, fmt, va); // should crash here
492 va_end(va);
493 return result;
494 }
496 TEST_F(DEATHTEST, vsprintf_fortified) {
497 ASSERT_EXIT(vsprintf_helper("%s", "0123456789"), testing::KilledBySignal(SIGABRT), "");
498 }
500 TEST_F(DEATHTEST, vsprintf2_fortified) {
501 ASSERT_EXIT(vsprintf_helper("0123456789"), testing::KilledBySignal(SIGABRT), "");
502 }
504 static int vsnprintf_helper(const char *fmt, ...) {
505 char buf[10];
506 va_list va;
507 int result;
508 size_t size = atoi("11");
510 va_start(va, fmt);
511 result = vsnprintf(buf, size, fmt, va); // should crash here
512 va_end(va);
513 return result;
514 }
516 TEST_F(DEATHTEST, vsnprintf_fortified) {
517 ASSERT_EXIT(vsnprintf_helper("%s", "0123456789"), testing::KilledBySignal(SIGABRT), "");
518 }
520 TEST_F(DEATHTEST, vsnprintf2_fortified) {
521 ASSERT_EXIT(vsnprintf_helper("0123456789"), testing::KilledBySignal(SIGABRT), "");
522 }
524 TEST_F(DEATHTEST, strncat_fortified) {
525 char buf[10];
526 size_t n = atoi("10"); // avoid compiler optimizations
527 strncpy(buf, "012345678", n);
528 ASSERT_EXIT(strncat(buf, "9", n), testing::KilledBySignal(SIGABRT), "");
529 }
531 TEST_F(DEATHTEST, strncat2_fortified) {
532 char buf[10];
533 buf[0] = '\0';
534 size_t n = atoi("10"); // avoid compiler optimizations
535 ASSERT_EXIT(strncat(buf, "0123456789", n), testing::KilledBySignal(SIGABRT), "");
536 }
538 TEST_F(DEATHTEST, strcat_fortified) {
539 char src[11];
540 strcpy(src, "0123456789");
541 char buf[10];
542 buf[0] = '\0';
543 ASSERT_EXIT(strcat(buf, src), testing::KilledBySignal(SIGABRT), "");
544 }
546 TEST_F(DEATHTEST, memmove_fortified) {
547 char buf[20];
548 strcpy(buf, "0123456789");
549 size_t n = atoi("10");
550 ASSERT_EXIT(memmove(buf + 11, buf, n), testing::KilledBySignal(SIGABRT), "");
551 }
553 TEST_F(DEATHTEST, memcpy_fortified) {
554 char bufa[10];
555 char bufb[10];
556 strcpy(bufa, "012345678");
557 size_t n = atoi("11");
558 ASSERT_EXIT(memcpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), "");
559 }
561 TEST_F(DEATHTEST, stpncpy_fortified) {
562 char bufa[15];
563 char bufb[10];
564 strcpy(bufa, "01234567890123");
565 size_t n = strlen(bufa);
566 ASSERT_EXIT(stpncpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), "");
567 }
569 TEST_F(DEATHTEST, stpncpy2_fortified) {
570 char dest[11];
571 char src[10];
572 memcpy(src, "0123456789", sizeof(src)); // src is not null terminated
573 ASSERT_EXIT(stpncpy(dest, src, sizeof(dest)), testing::KilledBySignal(SIGABRT), "");
574 }
576 TEST_F(DEATHTEST, strncpy_fortified) {
577 char bufa[15];
578 char bufb[10];
579 strcpy(bufa, "01234567890123");
580 size_t n = strlen(bufa);
581 ASSERT_EXIT(strncpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), "");
582 }
585 TEST_F(DEATHTEST, strncpy2_fortified) {
586 char dest[11];
587 char src[10];
588 memcpy(src, "0123456789", sizeof(src)); // src is not null terminated
589 ASSERT_EXIT(strncpy(dest, src, sizeof(dest)), testing::KilledBySignal(SIGABRT), "");
590 }
592 TEST_F(DEATHTEST, snprintf_fortified) {
593 char bufa[15];
594 char bufb[10];
595 strcpy(bufa, "0123456789");
596 size_t n = strlen(bufa) + 1;
597 ASSERT_EXIT(snprintf(bufb, n, "%s", bufa), testing::KilledBySignal(SIGABRT), "");
598 }
600 TEST_F(DEATHTEST, bzero_fortified) {
601 char buf[10];
602 memcpy(buf, "0123456789", sizeof(buf));
603 size_t n = atoi("11");
604 ASSERT_EXIT(bzero(buf, n), testing::KilledBySignal(SIGABRT), "");
605 }
607 TEST_F(DEATHTEST, umask_fortified) {
608 mode_t mask = atoi("1023"); // 01777 in octal
609 ASSERT_EXIT(umask(mask), testing::KilledBySignal(SIGABRT), "");
610 }
612 TEST_F(DEATHTEST, recv_fortified) {
613 size_t data_len = atoi("11"); // suppress compiler optimizations
614 char buf[10];
615 ASSERT_EXIT(recv(0, buf, data_len, 0), testing::KilledBySignal(SIGABRT), "");
616 }
618 TEST_F(DEATHTEST, FD_ISSET_fortified) {
619 #if defined(__BIONIC__) // glibc catches this at compile-time.
620 fd_set set;
621 memset(&set, 0, sizeof(set));
622 ASSERT_EXIT(FD_ISSET(-1, &set), testing::KilledBySignal(SIGABRT), "");
623 #endif
624 }
626 TEST_F(DEATHTEST, FD_ISSET_2_fortified) {
627 char buf[1];
628 fd_set* set = (fd_set*) buf;
629 ASSERT_EXIT(FD_ISSET(0, set), testing::KilledBySignal(SIGABRT), "");
630 }
632 // gtest's ASSERT_EXIT needs a valid expression, but glibc has a do-while macro.
633 static void FD_ZERO_function(fd_set* s) { FD_ZERO(s); }
635 TEST_F(DEATHTEST, FD_ZERO_fortified) {
636 char buf[1];
637 fd_set* set = (fd_set*) buf;
638 ASSERT_EXIT(FD_ZERO_function(set), testing::KilledBySignal(SIGABRT), "");
639 }
641 TEST_F(DEATHTEST, read_fortified) {
642 char buf[1];
643 size_t ct = atoi("2"); // prevent optimizations
644 int fd = open("/dev/null", O_RDONLY);
645 ASSERT_EXIT(read(fd, buf, ct), testing::KilledBySignal(SIGABRT), "");
646 close(fd);
647 }
649 extern "C" char* __strncat_chk(char*, const char*, size_t, size_t);
650 extern "C" char* __strcat_chk(char*, const char*, size_t);
652 TEST(TEST_NAME, strncat) {
653 char buf[10];
654 memset(buf, 'A', sizeof(buf));
655 buf[0] = 'a';
656 buf[1] = '\0';
657 char* res = __strncat_chk(buf, "01234", sizeof(buf) - strlen(buf) - 1, sizeof(buf));
658 ASSERT_EQ(buf, res);
659 ASSERT_EQ('a', buf[0]);
660 ASSERT_EQ('0', buf[1]);
661 ASSERT_EQ('1', buf[2]);
662 ASSERT_EQ('2', buf[3]);
663 ASSERT_EQ('3', buf[4]);
664 ASSERT_EQ('4', buf[5]);
665 ASSERT_EQ('\0', buf[6]);
666 ASSERT_EQ('A', buf[7]);
667 ASSERT_EQ('A', buf[8]);
668 ASSERT_EQ('A', buf[9]);
669 }
671 TEST(TEST_NAME, strncat2) {
672 char buf[10];
673 memset(buf, 'A', sizeof(buf));
674 buf[0] = 'a';
675 buf[1] = '\0';
676 char* res = __strncat_chk(buf, "0123456789", 5, sizeof(buf));
677 ASSERT_EQ(buf, res);
678 ASSERT_EQ('a', buf[0]);
679 ASSERT_EQ('0', buf[1]);
680 ASSERT_EQ('1', buf[2]);
681 ASSERT_EQ('2', buf[3]);
682 ASSERT_EQ('3', buf[4]);
683 ASSERT_EQ('4', buf[5]);
684 ASSERT_EQ('\0', buf[6]);
685 ASSERT_EQ('A', buf[7]);
686 ASSERT_EQ('A', buf[8]);
687 ASSERT_EQ('A', buf[9]);
688 }
690 TEST(TEST_NAME, strncat3) {
691 char buf[10];
692 memset(buf, 'A', sizeof(buf));
693 buf[0] = '\0';
694 char* res = __strncat_chk(buf, "0123456789", 5, sizeof(buf));
695 ASSERT_EQ(buf, res);
696 ASSERT_EQ('0', buf[0]);
697 ASSERT_EQ('1', buf[1]);
698 ASSERT_EQ('2', buf[2]);
699 ASSERT_EQ('3', buf[3]);
700 ASSERT_EQ('4', buf[4]);
701 ASSERT_EQ('\0', buf[5]);
702 ASSERT_EQ('A', buf[6]);
703 ASSERT_EQ('A', buf[7]);
704 ASSERT_EQ('A', buf[8]);
705 ASSERT_EQ('A', buf[9]);
706 }
708 TEST(TEST_NAME, strncat4) {
709 char buf[10];
710 memset(buf, 'A', sizeof(buf));
711 buf[9] = '\0';
712 char* res = __strncat_chk(buf, "", 5, sizeof(buf));
713 ASSERT_EQ(buf, res);
714 ASSERT_EQ('A', buf[0]);
715 ASSERT_EQ('A', buf[1]);
716 ASSERT_EQ('A', buf[2]);
717 ASSERT_EQ('A', buf[3]);
718 ASSERT_EQ('A', buf[4]);
719 ASSERT_EQ('A', buf[5]);
720 ASSERT_EQ('A', buf[6]);
721 ASSERT_EQ('A', buf[7]);
722 ASSERT_EQ('A', buf[8]);
723 ASSERT_EQ('\0', buf[9]);
724 }
726 TEST(TEST_NAME, strncat5) {
727 char buf[10];
728 memset(buf, 'A', sizeof(buf));
729 buf[0] = 'a';
730 buf[1] = '\0';
731 char* res = __strncat_chk(buf, "01234567", 8, sizeof(buf));
732 ASSERT_EQ(buf, res);
733 ASSERT_EQ('a', buf[0]);
734 ASSERT_EQ('0', buf[1]);
735 ASSERT_EQ('1', buf[2]);
736 ASSERT_EQ('2', buf[3]);
737 ASSERT_EQ('3', buf[4]);
738 ASSERT_EQ('4', buf[5]);
739 ASSERT_EQ('5', buf[6]);
740 ASSERT_EQ('6', buf[7]);
741 ASSERT_EQ('7', buf[8]);
742 ASSERT_EQ('\0', buf[9]);
743 }
745 TEST(TEST_NAME, strncat6) {
746 char buf[10];
747 memset(buf, 'A', sizeof(buf));
748 buf[0] = 'a';
749 buf[1] = '\0';
750 char* res = __strncat_chk(buf, "01234567", 9, sizeof(buf));
751 ASSERT_EQ(buf, res);
752 ASSERT_EQ('a', buf[0]);
753 ASSERT_EQ('0', buf[1]);
754 ASSERT_EQ('1', buf[2]);
755 ASSERT_EQ('2', buf[3]);
756 ASSERT_EQ('3', buf[4]);
757 ASSERT_EQ('4', buf[5]);
758 ASSERT_EQ('5', buf[6]);
759 ASSERT_EQ('6', buf[7]);
760 ASSERT_EQ('7', buf[8]);
761 ASSERT_EQ('\0', buf[9]);
762 }
765 TEST(TEST_NAME, strcat) {
766 char buf[10];
767 memset(buf, 'A', sizeof(buf));
768 buf[0] = 'a';
769 buf[1] = '\0';
770 char* res = __strcat_chk(buf, "01234", sizeof(buf));
771 ASSERT_EQ(buf, res);
772 ASSERT_EQ('a', buf[0]);
773 ASSERT_EQ('0', buf[1]);
774 ASSERT_EQ('1', buf[2]);
775 ASSERT_EQ('2', buf[3]);
776 ASSERT_EQ('3', buf[4]);
777 ASSERT_EQ('4', buf[5]);
778 ASSERT_EQ('\0', buf[6]);
779 ASSERT_EQ('A', buf[7]);
780 ASSERT_EQ('A', buf[8]);
781 ASSERT_EQ('A', buf[9]);
782 }
784 TEST(TEST_NAME, strcat2) {
785 char buf[10];
786 memset(buf, 'A', sizeof(buf));
787 buf[0] = 'a';
788 buf[1] = '\0';
789 char* res = __strcat_chk(buf, "01234567", sizeof(buf));
790 ASSERT_EQ(buf, res);
791 ASSERT_EQ('a', buf[0]);
792 ASSERT_EQ('0', buf[1]);
793 ASSERT_EQ('1', buf[2]);
794 ASSERT_EQ('2', buf[3]);
795 ASSERT_EQ('3', buf[4]);
796 ASSERT_EQ('4', buf[5]);
797 ASSERT_EQ('5', buf[6]);
798 ASSERT_EQ('6', buf[7]);
799 ASSERT_EQ('7', buf[8]);
800 ASSERT_EQ('\0', buf[9]);
801 }
803 TEST(TEST_NAME, stpncpy) {
804 char src[10];
805 char dst[10];
806 memcpy(src, "0123456789", sizeof(src)); // non null terminated string
807 stpncpy(dst, src, sizeof(dst));
808 ASSERT_EQ('0', dst[0]);
809 ASSERT_EQ('1', dst[1]);
810 ASSERT_EQ('2', dst[2]);
811 ASSERT_EQ('3', dst[3]);
812 ASSERT_EQ('4', dst[4]);
813 ASSERT_EQ('5', dst[5]);
814 ASSERT_EQ('6', dst[6]);
815 ASSERT_EQ('7', dst[7]);
816 ASSERT_EQ('8', dst[8]);
817 ASSERT_EQ('9', dst[9]);
818 }
820 TEST(TEST_NAME, stpncpy2) {
821 char src[10];
822 char dst[15];
823 memcpy(src, "012345678\0", sizeof(src));
824 stpncpy(dst, src, sizeof(dst));
825 ASSERT_EQ('0', dst[0]);
826 ASSERT_EQ('1', dst[1]);
827 ASSERT_EQ('2', dst[2]);
828 ASSERT_EQ('3', dst[3]);
829 ASSERT_EQ('4', dst[4]);
830 ASSERT_EQ('5', dst[5]);
831 ASSERT_EQ('6', dst[6]);
832 ASSERT_EQ('7', dst[7]);
833 ASSERT_EQ('8', dst[8]);
834 ASSERT_EQ('\0', dst[9]);
835 ASSERT_EQ('\0', dst[10]);
836 ASSERT_EQ('\0', dst[11]);
837 ASSERT_EQ('\0', dst[12]);
838 ASSERT_EQ('\0', dst[13]);
839 ASSERT_EQ('\0', dst[14]);
840 }
842 TEST(TEST_NAME, strncpy) {
843 char src[10];
844 char dst[10];
845 memcpy(src, "0123456789", sizeof(src)); // non null terminated string
846 strncpy(dst, src, sizeof(dst));
847 ASSERT_EQ('0', dst[0]);
848 ASSERT_EQ('1', dst[1]);
849 ASSERT_EQ('2', dst[2]);
850 ASSERT_EQ('3', dst[3]);
851 ASSERT_EQ('4', dst[4]);
852 ASSERT_EQ('5', dst[5]);
853 ASSERT_EQ('6', dst[6]);
854 ASSERT_EQ('7', dst[7]);
855 ASSERT_EQ('8', dst[8]);
856 ASSERT_EQ('9', dst[9]);
857 }
859 TEST(TEST_NAME, strncpy2) {
860 char src[10];
861 char dst[15];
862 memcpy(src, "012345678\0", sizeof(src));
863 strncpy(dst, src, sizeof(dst));
864 ASSERT_EQ('0', dst[0]);
865 ASSERT_EQ('1', dst[1]);
866 ASSERT_EQ('2', dst[2]);
867 ASSERT_EQ('3', dst[3]);
868 ASSERT_EQ('4', dst[4]);
869 ASSERT_EQ('5', dst[5]);
870 ASSERT_EQ('6', dst[6]);
871 ASSERT_EQ('7', dst[7]);
872 ASSERT_EQ('8', dst[8]);
873 ASSERT_EQ('\0', dst[9]);
874 ASSERT_EQ('\0', dst[10]);
875 ASSERT_EQ('\0', dst[11]);
876 ASSERT_EQ('\0', dst[12]);
877 ASSERT_EQ('\0', dst[13]);
878 ASSERT_EQ('\0', dst[14]);
879 }
881 TEST(TEST_NAME, strcat_chk_max_int_size) {
882 char buf[10];
883 memset(buf, 'A', sizeof(buf));
884 buf[0] = 'a';
885 buf[1] = '\0';
886 char* res = __strcat_chk(buf, "01234567", (size_t)-1);
887 ASSERT_EQ(buf, res);
888 ASSERT_EQ('a', buf[0]);
889 ASSERT_EQ('0', buf[1]);
890 ASSERT_EQ('1', buf[2]);
891 ASSERT_EQ('2', buf[3]);
892 ASSERT_EQ('3', buf[4]);
893 ASSERT_EQ('4', buf[5]);
894 ASSERT_EQ('5', buf[6]);
895 ASSERT_EQ('6', buf[7]);
896 ASSERT_EQ('7', buf[8]);
897 ASSERT_EQ('\0', buf[9]);
898 }
900 extern "C" char* __stpcpy_chk(char*, const char*, size_t);
902 TEST(TEST_NAME, stpcpy_chk_max_int_size) {
903 char buf[10];
904 char* res = __stpcpy_chk(buf, "012345678", (size_t)-1);
905 ASSERT_EQ(buf + strlen("012345678"), res);
906 ASSERT_STREQ("012345678", buf);
907 }
909 extern "C" char* __strcpy_chk(char*, const char*, size_t);
911 TEST(TEST_NAME, strcpy_chk_max_int_size) {
912 char buf[10];
913 char* res = __strcpy_chk(buf, "012345678", (size_t)-1);
914 ASSERT_EQ(buf, res);
915 ASSERT_STREQ("012345678", buf);
916 }
918 extern "C" void* __memcpy_chk(void*, const void*, size_t, size_t);
920 TEST(TEST_NAME, memcpy_chk_max_int_size) {
921 char buf[10];
922 void* res = __memcpy_chk(buf, "012345678", sizeof(buf), (size_t)-1);
923 ASSERT_EQ((void*)buf, res);
924 ASSERT_EQ('0', buf[0]);
925 ASSERT_EQ('1', buf[1]);
926 ASSERT_EQ('2', buf[2]);
927 ASSERT_EQ('3', buf[3]);
928 ASSERT_EQ('4', buf[4]);
929 ASSERT_EQ('5', buf[5]);
930 ASSERT_EQ('6', buf[6]);
931 ASSERT_EQ('7', buf[7]);
932 ASSERT_EQ('8', buf[8]);
933 ASSERT_EQ('\0', buf[9]);
934 }
936 // Verify that macro expansion is done properly for sprintf/snprintf (which
937 // are defined as macros in stdio.h under clang).
938 #define CONTENTS "macro expansion"
939 #define BUF_AND_SIZE(A) A, sizeof(A)
940 #define BUF_AND_CONTENTS(A) A, CONTENTS
941 #define BUF_AND_SIZE_AND_CONTENTS(A) A, sizeof(A), CONTENTS
942 TEST(TEST_NAME, s_n_printf_macro_expansion) {
943 char buf[BUFSIZ];
944 snprintf(BUF_AND_SIZE(buf), CONTENTS);
945 EXPECT_STREQ(CONTENTS, buf);
947 snprintf(BUF_AND_SIZE_AND_CONTENTS(buf));
948 EXPECT_STREQ(CONTENTS, buf);
950 sprintf(BUF_AND_CONTENTS(buf));
951 EXPECT_STREQ(CONTENTS, buf);
952 }