From patchwork Thu Dec 21 18:59:19 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Adhemerval Zanella Netto
 <adhemerval.zanella@linaro.org>
X-Patchwork-Id: 82679
Return-Path: <libc-alpha-bounces+patchwork=sourceware.org@sourceware.org>
X-Original-To: patchwork@sourceware.org
Delivered-To: patchwork@sourceware.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id 15B53386EC4F
	for <patchwork@sourceware.org>; Thu, 21 Dec 2023 19:00:28 +0000 (GMT)
X-Original-To: libc-alpha@sourceware.org
Delivered-To: libc-alpha@sourceware.org
Received: from mail-pf1-x42d.google.com (mail-pf1-x42d.google.com
 [IPv6:2607:f8b0:4864:20::42d])
 by sourceware.org (Postfix) with ESMTPS id 9CF4E3857B8B
 for <libc-alpha@sourceware.org>; Thu, 21 Dec 2023 18:59:53 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 9CF4E3857B8B
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 9CF4E3857B8B
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=2607:f8b0:4864:20::42d
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1703185195; cv=none;
 b=iI6Kx65MIksc+VYswu/6sj+wECBCNskgtpbA0eMsz/xTNZ1qBOTLuwSKxtdIo2nOt+eAKymcaWjoQVWzlbuEZ96J0Fw4e/71zrSpvN3YAuCyPAC/qIgsOGu/hFLqekxK/7ALudMb07yVH7NSvMfePqKqyxqumM8H/RyrN7ybG9A=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1703185195; c=relaxed/simple;
 bh=LkVto+uxfCH1mih0rDbCzw3O4jPPzKoGkJ+Jou262sk=;
 h=DKIM-Signature:From:To:Subject:Date:Message-Id:MIME-Version;
 b=sLp9bshWFTkkzigdAaOzhfb3gAUVE9tBbqBOABf8OFls1U3f8J7XXABablTzYwSWehiDYMucmXq08b+ex1s0JvULJQgtXUZ0rz72ieaZQGYdtjmnwDsKZeyISdDzprSbYBwx47vhbW8YZPLIiiDQajfNqbql14wcBAWvvBCUc48=
ARC-Authentication-Results: i=1; server2.sourceware.org
Received: by mail-pf1-x42d.google.com with SMTP id
 d2e1a72fcca58-6d93d15db24so1069894b3a.0
 for <libc-alpha@sourceware.org>; Thu, 21 Dec 2023 10:59:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1703185192; x=1703789992; darn=sourceware.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
 :reply-to; bh=RFcUo9tu0w9v5JgwlrGSPqesrXrB1UX0MN/OqyNpNZ0=;
 b=b+fUc2+EnTlu+rc+au0DZZxbb9ND8r61HmP274uzJRDk9bHsPUX1/M4vMrftcbySM5
 63EADsKI4N3LTYr2h/zb+xUKWMJ4j2y5le1WHB0m6geb4FkMoKHbp4ypNQ7nRNdUgr2K
 aJcovSvpWFlhpO+L0Xj2JwhCCQfIVRYo5up3qX0T5ECQxbuqhGRsvsVSxjA3d+//omPF
 5GYRTMPQRIm/5l67kaHmAM8JQK0MsKrzklrilxfrOfV9mE+O+uVgjJ8ugazU7gbTDJMe
 Ai/CsjBAmKFF99KmKbD/NnR9ERm1jNfoVCbGdqU0gqb//FWFj7OLmNB8w8jStxRKF+W5
 YHAg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1703185192; x=1703789992;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=RFcUo9tu0w9v5JgwlrGSPqesrXrB1UX0MN/OqyNpNZ0=;
 b=KxdCZYlSuLzFpji8sRdAVW6E/VedwRTPHHfF+1NqQgD2SA5y0GpMVeEKt+lvbAqw6N
 P1eojwziGpXnw/0WII96w4DwFTQYJHPwq5XH04BpNnv7xeD9ShR8UdFoVL/iBb/KeBvd
 Sqmptb1L8tlZAQBX8llIXRl0p9VR+6OIOeXPwfd8W2Z8aV3eHDZzS5eOWsAYEHHjrmzC
 8hSdBzx3xo9nasReIZLLCAOp2YpDMWU64OO5LZ9zkhpvg0RYI6cijwUQE6zXVz+HxUO3
 e71VdvMqI+vmKCTQ6dXlNNvk3b6cScQ9UdViCt4j6O2XoDOAEc7zknv9fC7tAw/SQoDK
 QvAg==
X-Gm-Message-State: AOJu0YxdXfidQCOZ4GTqSCLyb48+BrwGNqyH4BAjmURR0cdG2w04wmfj
 bRvg8npp+4A4hba3p5VrXgDrELIie3tNtt2ItOFWMClO684=
X-Google-Smtp-Source: 
 AGHT+IEfpttoGTrIOF/CXlIV3YBh2PADlqX8QZ5uJZaWJpY0VpJnWI6tKeo3TzjtNppuamLZ8vQe5A==
X-Received: by 2002:a05:6a20:54a1:b0:18f:97c:8a1b with SMTP id
 i33-20020a056a2054a100b0018f097c8a1bmr152895pzk.70.1703185191902;
 Thu, 21 Dec 2023 10:59:51 -0800 (PST)
Received: from mandiga.. ([2804:1b3:a7c0:8192:ecd7:d327:bea0:14dc])
 by smtp.gmail.com with ESMTPSA id
 a9-20020a63e409000000b005cdbebd61d8sm1946165pgi.9.2023.12.21.10.59.50
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 21 Dec 2023 10:59:51 -0800 (PST)
From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
To: libc-alpha@sourceware.org,
	Siddhesh Poyarekar <siddhesh@gotplt.org>
Subject: [PATCH 05/15] debug: Add fortify wprintf tests
Date: Thu, 21 Dec 2023 15:59:19 -0300
Message-Id: <20231221185929.1307116-6-adhemerval.zanella@linaro.org>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20231221185929.1307116-1-adhemerval.zanella@linaro.org>
References: <20231221185929.1307116-1-adhemerval.zanella@linaro.org>
MIME-Version: 1.0
X-Spam-Status: No, score=-12.6 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT,
 RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP,
 T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org

Similar to other printf-like ones.  It requires to be in a different
process so we can change the orientation of stdout.

Checked on aarch64, armhf, x86_64, and i686.
---
 debug/Makefile           |   2 +
 debug/tst-fortify-wide.c | 104 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 106 insertions(+)
 create mode 100644 debug/tst-fortify-wide.c

diff --git a/debug/Makefile b/debug/Makefile
index fdc250e209..ed90ef7030 100644
--- a/debug/Makefile
+++ b/debug/Makefile
@@ -180,6 +180,7 @@ CPPFLAGS-tst-realpath-chk.c += $(no-fortify-source),-D_FORTIFY_SOURCE=2
 CPPFLAGS-tst-chk-cancel.c += $(no-fortify-source),-D_FORTIFY_SOURCE=2
 CFLAGS-tst-sprintf-fortify-rdonly.c += $(no-fortify-source),-D_FORTIFY_SOURCE=2
 CFLAGS-tst-fortify-syslog.c += $(no-fortify-source),-D_FORTIFY_SOURCE=2
+CFLAGS-tst-fortify-wide.c += $(no-fortify-source),-D_FORTIFY_SOURCE=2
 
 # _FORTIFY_SOURCE tests.
 # Auto-generate tests for _FORTIFY_SOURCE for different levels, compilers and
@@ -283,6 +284,7 @@ tests = \
   tst-backtrace4 \
   tst-backtrace5 \
   tst-backtrace6 \
+  tst-fortify-wide \
   tst-longjmp_chk \
   tst-longjmp_chk2 \
   tst-realpath-chk \
diff --git a/debug/tst-fortify-wide.c b/debug/tst-fortify-wide.c
new file mode 100644
index 0000000000..6947d04fa6
--- /dev/null
+++ b/debug/tst-fortify-wide.c
@@ -0,0 +1,104 @@
+/* Fortify check for wprintf.
+   Copyright (C) 2004-2023 Free Software Foundation, Inc.
+   Copyright The GNU Toolchain Authors.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <setjmp.h>
+#include <stdio.h>
+#include <wchar.h>
+#include <unistd.h>
+
+#include <support/support.h>
+
+static volatile int chk_fail_ok;
+static volatile int ret;
+static jmp_buf chk_fail_buf;
+
+static void
+handler (int sig)
+{
+  if (chk_fail_ok)
+    {
+      chk_fail_ok = 0;
+      longjmp (chk_fail_buf, 1);
+    }
+  else
+    _exit (127);
+}
+
+static const wchar_t *wstr3 = L"%ls%n%ls%n";
+static const wchar_t *wstr4 = L"Hello, ";
+static const wchar_t *wstr5 = L"World!\n";
+static wchar_t wbuf2[20] = L"%ls";
+
+#define WFAIL \
+  do { wprintf (L"Failure on line %d\n", __LINE__); ret = 1; } while (0)
+#define CHK_FAIL_START \
+  chk_fail_ok = 1;				\
+  if (! setjmp (chk_fail_buf))			\
+    {
+#define CHK_FAIL_END \
+      chk_fail_ok = 0;				\
+      WFAIL;					\
+    }
+
+static int
+do_test (void)
+{
+  set_fortify_handler (handler);
+
+  int n1, n2;
+
+  int orientation = fwide (stdout, 1);
+  if (orientation <= 0)
+    WFAIL;
+
+  /* Constant literals passed directly are always ok
+     (even with warnings about possible bugs from GCC).  */
+  if (wprintf (L"%ls%n%ls%n", wstr4, &n1, wstr5, &n2) != 14
+      || n1 != 7 || n2 != 14)
+    WFAIL;
+
+  /* In this case the format string is not known at compile time,
+     but resides in read-only memory, so is ok.  */
+  if (wprintf (wstr3, wstr4, &n1, wstr5, &n2) != 14
+      || n1 != 7 || n2 != 14)
+    WFAIL;
+
+  wcpcpy (&wbuf2[3], L"%n%ls%n");
+  /* When the format string is writable and contains %n,
+     with -D_FORTIFY_SOURCE=2 it causes __chk_fail.  */
+  CHK_FAIL_START
+  if (wprintf (wbuf2, wstr4, &n1, wstr5, &n1) != 14)
+    WFAIL;
+  CHK_FAIL_END
+
+  /* But if there is no %n, even writable format string
+     should work.  */
+  wbuf2[8] = L'\0';
+  if (wprintf (&wbuf2[5], wstr5) != 7)
+    WFAIL;
+
+  /* Check whether missing N$ formats are detected.  */
+  CHK_FAIL_START
+  wprintf (L"%3$d\n", 1, 2, 3, 4);
+  CHK_FAIL_END
+
+  return ret;
+}
+
+#include <support/test-driver.c>