From patchwork Mon Jun 7 07:10:24 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Noah Goldstein X-Patchwork-Id: 43733 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id CC8C53844007 for ; Mon, 7 Jun 2021 07:13:33 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org CC8C53844007 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1623050013; bh=z5VERdukxg0/eK+Dv82g2SBcpKf1NuSU7E7CbarELyE=; h=To:Subject:Date:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:From; b=XdJ6zmOeM2fImIMgp2boTCSM3+LznJhRN8n5QM/TSE46KNx8THDNe1PRlN614xr05 EN83Iy7FMUYMCvR++RHp/DblaHh6yDoGtTUprglNE1ysPHQfl9gBJKpiImD3X2ohiU glSCfXhAEKJiCkq+LLXNvvkNY/+3WDMNpsmjYvUU= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-qk1-x730.google.com (mail-qk1-x730.google.com [IPv6:2607:f8b0:4864:20::730]) by sourceware.org (Postfix) with ESMTPS id 7B998385BF99 for ; Mon, 7 Jun 2021 07:11:43 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 7B998385BF99 Received: by mail-qk1-x730.google.com with SMTP id c18so638457qkc.11 for ; Mon, 07 Jun 2021 00:11:43 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=z5VERdukxg0/eK+Dv82g2SBcpKf1NuSU7E7CbarELyE=; b=h2w0OwBk1SGwSy1BxPH8eNUvyEnKpNGv7cqfyuTicw2PC6iypNUBBxWYrNjv/cDCAA B+g5prZEXGOLHwxunVWzS4JUIjefd3vfronK9XUDJRZPdXNSp13ZPg5F6qzlAa4ZNoq6 lymkSombQHKVDPgtrCyJeYyuvbBc/5IEGsIiXBf4btAnEARRwAXswPMu3uJZJng21v08 a35QhdKS03YkKlwgg4tMZu36aax/5uSoiJpHlOuoFCGFNr412KYddzM4YxMfcwwp66Cp dnCV5JNbagn5mhPaNLngKTzoK8vf7V6bNyIQaJ6UynqpBdyrmTo7frPXooU399G0SE0C 9aGQ== X-Gm-Message-State: AOAM531ZvGUvpknndhYsyXtQOWyW6Oe/vFWO47lQydg6/BxrhuT4gJmD 2BK6nqMnmW/b24SI3Jk35/JPkHrnDA0= X-Google-Smtp-Source: ABdhPJyJO37QYQE2RwJ28TiP2l+xFAHPO4nNefcxiVC9E64Dc8e2rJvmZXMX9cXb6x1I/9afz5g9yA== X-Received: by 2002:a05:620a:704:: with SMTP id 4mr15136224qkc.66.1623049902808; Mon, 07 Jun 2021 00:11:42 -0700 (PDT) Received: from localhost.localdomain (pool-71-245-178-39.pitbpa.fios.verizon.net. [71.245.178.39]) by smtp.googlemail.com with ESMTPSA id 97sm8173094qte.20.2021.06.07.00.11.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 07 Jun 2021 00:11:42 -0700 (PDT) To: libc-alpha@sourceware.org Subject: [PATCH v1 1/3] String: tst-memset-overflow.c Add test for overflow case. Date: Mon, 7 Jun 2021 03:10:24 -0400 Message-Id: <20210607071025.449866-1-goldstein.w.n@gmail.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-Spam-Status: No, score=-12.5 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Noah Goldstein via Libc-alpha From: Noah Goldstein Reply-To: Noah Goldstein Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org Sender: "Libc-alpha" The following commit: author Noah Goldstein Thu, 20 May 2021 17:13:51 +0000 (13:13 -0400) commit 6abf27980a947f9b6e514d6b33b83059d39566ae added a bug to memset so that if destination + length overflowed memset would return early rather than throw a Segmentation Fault as is expected behavior: This commit adds a new test file: tst-memset-overflow.c that is expected to Segmentation Fault if that bug is not present Signed-off-by: Noah Goldstein --- Currently the test will "FAIL" which is expected. I am unsure, however, how to get the test to "PASS" while also inducing Segmentation Faults. string/Makefile | 2 +- string/tst-memset-overflow.c | 156 +++++++++++++++++++++++++++++++++++ 2 files changed, 157 insertions(+), 1 deletion(-) create mode 100644 string/tst-memset-overflow.c diff --git a/string/Makefile b/string/Makefile index f0fce2a0b8..fd701a76e5 100644 --- a/string/Makefile +++ b/string/Makefile @@ -63,7 +63,7 @@ tests := tester inl-tester noinl-tester testcopy test-ffs \ tst-strtok_r bug-strcoll2 tst-cmp tst-xbzero-opt \ test-endian-types test-endian-file-scope \ test-endian-sign-conversion tst-memmove-overflow \ - test-sig_np + tst-memset-overflow test-sig_np # Both tests require the .mo translation files generated by msgfmt. tests-translation := tst-strsignal \ diff --git a/string/tst-memset-overflow.c b/string/tst-memset-overflow.c new file mode 100644 index 0000000000..5a2d49407b --- /dev/null +++ b/string/tst-memset-overflow.c @@ -0,0 +1,156 @@ +/* Test memset functions. + Copyright (C) 1999-2021 Free Software Foundation, Inc. + This file is part of the GNU C Library. + Written by Jakub Jelinek , 1999. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#define TEST_MAIN +#ifdef TEST_BZERO +# ifdef TEST_EXPLICIT_BZERO +# define TEST_NAME "explicit_bzero" +# else +# define TEST_NAME "bzero" +# endif +#else +# ifndef WIDE +# define TEST_NAME "memset" +# else +# define TEST_NAME "wmemset" +# endif /* WIDE */ +#endif /* !TEST_BZERO */ +#define MIN_PAGE_SIZE 131072 +#include "test-string.h" + +#ifndef WIDE +# define MEMSET memset +# define CHAR char +# define UCHAR unsigned char +# define SIMPLE_MEMSET simple_memset +# define MEMCMP memcmp +# define BIG_CHAR CHAR_MAX +#else +# include +# define MEMSET wmemset +# define CHAR wchar_t +# define UCHAR wchar_t +# define SIMPLE_MEMSET simple_wmemset +# define MEMCMP wmemcmp +# define BIG_CHAR WCHAR_MAX +#endif /* WIDE */ + +CHAR *SIMPLE_MEMSET (CHAR *, int, size_t); + +#ifdef TEST_BZERO +typedef void (*proto_t) (char *, size_t); +void simple_bzero (char *, size_t); +void builtin_bzero (char *, size_t); + +IMPL (simple_bzero, 0) +IMPL (builtin_bzero, 0) +#ifdef TEST_EXPLICIT_BZERO +IMPL (explicit_bzero, 1) +#else +IMPL (bzero, 1) +#endif + +void +simple_bzero (char *s, size_t n) +{ + SIMPLE_MEMSET (s, 0, n); +} + +void +builtin_bzero (char *s, size_t n) +{ + __builtin_bzero (s, n); +} +#else +typedef CHAR *(*proto_t) (CHAR *, int, size_t); + +IMPL (SIMPLE_MEMSET, 0) +# ifndef WIDE +char *builtin_memset (char *, int, size_t); +IMPL (builtin_memset, 0) +# endif /* !WIDE */ +IMPL (MEMSET, 1) + +# ifndef WIDE +char * +builtin_memset (char *s, int c, size_t n) +{ + return __builtin_memset (s, c, n); +} +# endif /* !WIDE */ +#endif /* !TEST_BZERO */ + +CHAR * +inhibit_loop_to_libcall +SIMPLE_MEMSET (CHAR *s, int c, size_t n) +{ + CHAR *r = s, *end = s + n; + while (r != end) + *r++ = c; + return s; +} + +int +test_main (void) +{ + size_t i, len; + const size_t one = 1; + + test_init (); + + printf ("%24s", ""); + FOR_EACH_IMPL (impl, 0) + printf ("\t%s", impl->name); + putchar ('\n'); + + for (i = 1; i <= 2; ++i) + { + len = one << (8 * sizeof(size_t) - i); + FOR_EACH_IMPL (impl, 0) + { +#ifdef TEST_BZERO + CALL (impl, (CHAR *) (buf1), len); +#else + CALL (impl, (CHAR *) (buf1), 0, len); +#endif + printf ("Should have thrown Segmentation Fault For (%p, %zu) %s", + buf1, len, impl->name); + ret = 1; + } + } + len = 0; + for (i = 8 * sizeof(size_t); i != 0; --i) + { + len |= (one << i); + FOR_EACH_IMPL (impl, 0) + { +#ifdef TEST_BZERO + CALL (impl, (CHAR *) (buf1), len); +#else + CALL (impl, (CHAR *) (buf1), 0, len); +#endif + printf ("Should have thrown Segmentation Fault For (%p, %zu) %s", + buf1, len, impl->name); + ret = 1; + } + } + return ret; +} + +#include