Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / bionic / 9647f797d59222cd91507d4554bf62166ba88e0a / . / tests / fortify2_test.cpp
blob: f0c2e773c215fcd2b52ae76079226516405e23a3 [file] [log] [blame]
Nick Kralevich1aae9bd2013-04-29 14:07:06 -0700[diff] [blame]1/*
2 * Copyright (C) 2013 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#undef _FORTIFY_SOURCE
18#define _FORTIFY_SOURCE 2
19
20#include <gtest/gtest.h>
21#include <string.h>
22
23struct foo {
Nick Kralevich13476de2013-06-03 10:58:06 -0700[diff] [blame]24 char empty[0];
25 char one[1];
Nick Kralevich1aae9bd2013-04-29 14:07:06 -0700[diff] [blame]26 char a[10];
27 char b[10];
28};
29
30// We have to say "DeathTest" here so gtest knows to run this test (which exits)
31// in its own process.
Nick Kralevich78d6d982013-04-29 16:29:37 -0700[diff] [blame]32TEST(Fortify2_DeathTest, strncpy_fortified2) {
Nick Kralevich1aae9bd2013-04-29 14:07:06 -0700[diff] [blame]33 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
34 foo myfoo;
35 int copy_amt = atoi("11");
36 ASSERT_EXIT(strncpy(myfoo.a, "01234567890", copy_amt),
37 testing::KilledBySignal(SIGSEGV), "");
38}
39
Nick Kralevich78d6d982013-04-29 16:29:37 -0700[diff] [blame]40TEST(Fortify2_DeathTest, sprintf_fortified2) {
41 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
42 foo myfoo;
43 char source_buf[15];
44 memcpy(source_buf, "12345678901234", 15);
45 ASSERT_EXIT(sprintf(myfoo.a, "%s", source_buf),
46 testing::KilledBySignal(SIGSEGV), "");
47}
48
Nick Kralevich80541922013-05-01 14:55:33 -0700[diff] [blame]49#if __BIONIC__
Nick Kralevich13476de2013-06-03 10:58:06 -0700[diff] [blame]50// zero sized target with "\0" source (should fail)
51TEST(Fortify2_DeathTest, strcpy_fortified2) {
52 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
53 foo myfoo;
54 char* src = strdup("");
55 ASSERT_EXIT(strcpy(myfoo.empty, src),
56 testing::KilledBySignal(SIGSEGV), "");
57 free(src);
58}
59
60// zero sized target with longer source (should fail)
61TEST(Fortify2_DeathTest, strcpy2_fortified2) {
62 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
63 foo myfoo;
64 char* src = strdup("1");
65 ASSERT_EXIT(strcpy(myfoo.empty, src),
66 testing::KilledBySignal(SIGSEGV), "");
67 free(src);
68}
69
70// one byte target with longer source (should fail)
71TEST(Fortify2_DeathTest, strcpy3_fortified2) {
72 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
73 foo myfoo;
74 char* src = strdup("12");
75 ASSERT_EXIT(strcpy(myfoo.one, src),
76 testing::KilledBySignal(SIGSEGV), "");
77 free(src);
78}
79
Nick Kralevich4f40e512013-04-19 16:54:22 -0700[diff] [blame]80TEST(Fortify2_DeathTest, strchr_fortified2) {
81 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
82 foo myfoo;
83 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a));
84 myfoo.b[0] = '\0';
85 ASSERT_EXIT(printf("%s", strchr(myfoo.a, 'a')),
86 testing::KilledBySignal(SIGSEGV), "");
87}
88
Nick Kralevich277226b2013-05-01 15:05:01 -0700[diff] [blame]89TEST(Fortify2_DeathTest, strrchr_fortified2) {
Nick Kralevich80541922013-05-01 14:55:33 -0700[diff] [blame]90 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
91 foo myfoo;
92 memcpy(myfoo.a, "0123456789", 10);
93 memcpy(myfoo.b, "01234", 6);
94 ASSERT_EXIT(printf("%s", strrchr(myfoo.a, 'a')),
95 testing::KilledBySignal(SIGSEGV), "");
96}
97#endif
98
Nick Kralevich8cc145e2013-05-30 13:21:14 -0700[diff] [blame]99TEST(Fortify2_DeathTest, strncat_fortified2) {
100 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
101 foo myfoo;
102 size_t n = atoi("10"); // avoid compiler optimizations
103 strncpy(myfoo.a, "012345678", n);
104 ASSERT_EXIT(strncat(myfoo.a, "9", n), testing::KilledBySignal(SIGSEGV), "");
105}
106
107TEST(Fortify2_DeathTest, strncat2_fortified2) {
108 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
109 foo myfoo;
110 myfoo.a[0] = '\0';
111 size_t n = atoi("10"); // avoid compiler optimizations
112 ASSERT_EXIT(strncat(myfoo.a, "0123456789", n), testing::KilledBySignal(SIGSEGV), "");
113}
114
Nick Kralevichcf870192013-05-30 16:48:53 -0700[diff] [blame]115TEST(Fortify2_DeathTest, strncat3_fortified2) {
116 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
117 foo myfoo;
118 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a)); // unterminated string
119 myfoo.b[0] = '\0';
120 size_t n = atoi("10"); // avoid compiler optimizations
121 ASSERT_EXIT(strncat(myfoo.b, myfoo.a, n), testing::KilledBySignal(SIGSEGV), "");
122}
123
124TEST(Fortify2_DeathTest, strcat_fortified2) {
125 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
126 char src[11];
127 strcpy(src, "0123456789");
128 foo myfoo;
129 myfoo.a[0] = '\0';
130 ASSERT_EXIT(strcat(myfoo.a, src), testing::KilledBySignal(SIGSEGV), "");
131}
132
133TEST(Fortify2_DeathTest, strcat2_fortified2) {
134 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
135 foo myfoo;
136 memcpy(myfoo.a, "0123456789", sizeof(myfoo.a)); // unterminated string
137 myfoo.b[0] = '\0';
138 ASSERT_EXIT(strcat(myfoo.b, myfoo.a), testing::KilledBySignal(SIGSEGV), "");
139}
140
Nick Kralevich78d6d982013-04-29 16:29:37 -0700[diff] [blame]141/***********************************************************/
142/* TESTS BELOW HERE DUPLICATE TESTS FROM fortify1_test.cpp */
143/***********************************************************/
144
Nick Kralevich1aae9bd2013-04-29 14:07:06 -0700[diff] [blame]145#if __BIONIC__
Nick Kralevich13476de2013-06-03 10:58:06 -0700[diff] [blame]146// multibyte target where we over fill (should fail)
Nick Kralevich1aae9bd2013-04-29 14:07:06 -0700[diff] [blame]147TEST(Fortify2_DeathTest, strcpy_fortified) {
148 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
149 char buf[10];
150 char *orig = strdup("0123456789");
151 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGSEGV), "");
152 free(orig);
153}
154
Nick Kralevich13476de2013-06-03 10:58:06 -0700[diff] [blame]155// zero sized target with "\0" source (should fail)
156TEST(Fortify2_DeathTest, strcpy2_fortified) {
157 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
158 char buf[0];
159 char *orig = strdup("");
160 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGSEGV), "");
161 free(orig);
162}
163
164// zero sized target with longer source (should fail)
165TEST(Fortify2_DeathTest, strcpy3_fortified) {
166 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
167 char buf[0];
168 char *orig = strdup("1");
169 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGSEGV), "");
170 free(orig);
171}
172
173// one byte target with longer source (should fail)
174TEST(Fortify2_DeathTest, strcpy4_fortified) {
175 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
176 char buf[1];
177 char *orig = strdup("12");
178 ASSERT_EXIT(strcpy(buf, orig), testing::KilledBySignal(SIGSEGV), "");
179 free(orig);
180}
181
Nick Kralevich1aae9bd2013-04-29 14:07:06 -0700[diff] [blame]182TEST(Fortify2_DeathTest, strlen_fortified) {
183 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
184 char buf[10];
185 memcpy(buf, "0123456789", sizeof(buf));
186 ASSERT_EXIT(printf("%d", strlen(buf)), testing::KilledBySignal(SIGSEGV), "");
187}
188
189TEST(Fortify2_DeathTest, strchr_fortified) {
190 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
191 char buf[10];
192 memcpy(buf, "0123456789", sizeof(buf));
193 ASSERT_EXIT(printf("%s", strchr(buf, 'a')), testing::KilledBySignal(SIGSEGV), "");
194}
195
196TEST(Fortify2_DeathTest, strrchr_fortified) {
197 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
198 char buf[10];
199 memcpy(buf, "0123456789", sizeof(buf));
200 ASSERT_EXIT(printf("%s", strrchr(buf, 'a')), testing::KilledBySignal(SIGSEGV), "");
201}
202#endif
Nick Kralevich78d6d982013-04-29 16:29:37 -0700[diff] [blame]203
204TEST(Fortify2_DeathTest, sprintf_fortified) {
205 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
206 char buf[10];
207 char source_buf[15];
208 memcpy(source_buf, "12345678901234", 15);
209 ASSERT_EXIT(sprintf(buf, "%s", source_buf), testing::KilledBySignal(SIGSEGV), "");
210}
Nick Kralevich8cc145e2013-05-30 13:21:14 -0700[diff] [blame]211
212TEST(Fortify2_DeathTest, strncat_fortified) {
213 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
214 char buf[10];
215 size_t n = atoi("10"); // avoid compiler optimizations
216 strncpy(buf, "012345678", n);
217 ASSERT_EXIT(strncat(buf, "9", n), testing::KilledBySignal(SIGSEGV), "");
218}
219
220TEST(Fortify2_DeathTest, strncat2_fortified) {
221 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
222 char buf[10];
223 buf[0] = '\0';
224 size_t n = atoi("10"); // avoid compiler optimizations
225 ASSERT_EXIT(strncat(buf, "0123456789", n), testing::KilledBySignal(SIGSEGV), "");
226}
Nick Kralevichcf870192013-05-30 16:48:53 -0700[diff] [blame]227
228TEST(Fortify2_DeathTest, strcat_fortified) {
229 ::testing::FLAGS_gtest_death_test_style = "threadsafe";
230 char src[11];
231 strcpy(src, "0123456789");
232 char buf[10];
233 buf[0] = '\0';
234 ASSERT_EXIT(strcat(buf, src), testing::KilledBySignal(SIGSEGV), "");
235}