| /* |
| * Copyright (c) 2017 Richard Palethorpe <rpalethorpe@suse.com> |
| * |
| * This program is free software: you can redistribute it and/or modify |
| * it under the terms of the GNU General Public License as published by |
| * the Free Software Foundation, either version 2 of the License, or |
| * (at your option) any later version. |
| * |
| * This program is distributed in the hope that it will be useful, |
| * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| * GNU General Public License for more details. |
| * |
| * You should have received a copy of the GNU General Public License |
| * along with this program. If not, see <http://www.gnu.org/licenses/>. |
| */ |
| /* |
| * Test for CVE-2016-6951, original reproducer can be found here: |
| * http://www.spinics.net/lists/keyrings/msg01845.html |
| * |
| * request_key() is not in glibc, so we just use the syscall directly instead |
| * of linking to keyutils. |
| */ |
| |
| #include <unistd.h> |
| #include <sys/syscall.h> |
| |
| #include "tst_test.h" |
| #include "linux_syscall_numbers.h" |
| |
| #define ATTEMPTS 0x100 |
| |
| static void run(void) |
| { |
| int i; |
| |
| tst_res(TINFO, "Requesting dead key"); |
| for (i = 0; i < ATTEMPTS; i++) |
| tst_syscall(__NR_request_key, "dead", "abc", "abc", 0, 0, 0); |
| |
| tst_res(TPASS, "No crash after %d attempts", ATTEMPTS); |
| } |
| |
| static struct tst_test test = { |
| .test_all = run, |
| }; |