1 /* Copyright (C) 2004, 2005, 2006, 2007 Free Software Foundation, Inc.
2 This file is part of the GNU C Library.
3 Contributed by Jakub Jelinek <jakub@redhat.com>, 2004.
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, write to the Free
17 Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
20 /* Hack: make sure GCC doesn't know __chk_fail () will not return. */
34 #include <sys/socket.h>
38 static void do_prepare (void);
39 static int do_test (void);
40 #define PREPARE(argc, argv) do_prepare ()
41 #define TEST_FUNCTION do_test ()
42 #include "../test-skeleton.c"
47 int temp_fd
= create_temp_file ("tst-chk1.", &temp_filename
);
50 printf ("cannot create temporary file: %m\n");
54 const char *strs
= "abcdefgh\nABCDEFGHI\nabcdefghij\nABCDEFGHIJ";
55 if ((size_t) write (temp_fd
, strs
, strlen (strs
)) != strlen (strs
))
57 puts ("could not write test strings into file");
58 unlink (temp_filename
);
63 volatile int chk_fail_ok
;
73 longjmp (chk_fail_buf
, 1);
84 const char *str1
= "JIHGFEDCBA";
85 const char *str2
= "F";
86 const char *str3
= "%s%n%s%n";
87 const char *str4
= "Hello, ";
88 const char *str5
= "World!\n";
89 const wchar_t *wstr1
= L
"JIHGFEDCBA";
90 const wchar_t *wstr2
= L
"F";
91 const wchar_t *wstr3
= L
"%s%n%s%n";
92 const wchar_t *wstr4
= L
"Hello, ";
93 const wchar_t *wstr5
= L
"World!\n";
99 do { printf ("Failure on line %d\n", __LINE__); ret = 1; } while (0)
100 #define CHK_FAIL_START \
102 if (! setjmp (chk_fail_buf)) \
104 #define CHK_FAIL_END \
108 #if __USE_FORTIFY_LEVEL >= 2 && (!defined __cplusplus || defined __va_arg_pack)
109 #define CHK_FAIL2_START CHK_FAIL_START
110 #define CHK_FAIL2_END CHK_FAIL_END
112 #define CHK_FAIL2_START
113 #define CHK_FAIL2_END
120 sa
.sa_handler
= handler
;
122 sigemptyset (&sa
.sa_mask
);
124 sigaction (SIGABRT
, &sa
, NULL
);
126 /* Avoid all the buffer overflow messages on stderr. */
127 int fd
= open (_PATH_DEVNULL
, O_WRONLY
);
129 close (STDERR_FILENO
);
132 dup2 (fd
, STDERR_FILENO
);
135 setenv ("LIBC_FATAL_STDERR_", "1", 1);
137 struct A
{ char buf1
[9]; char buf2
[1]; } a
;
138 struct wA
{ wchar_t buf1
[9]; wchar_t buf2
[1]; } wa
;
140 printf ("Test checking routines at fortify level %d\n",
141 #ifdef __USE_FORTIFY_LEVEL
142 (int) __USE_FORTIFY_LEVEL
148 #if defined __USE_FORTIFY_LEVEL && !defined __extern_always_inline
149 printf ("Test skipped");
154 /* These ops can be done without runtime checking of object size. */
155 memcpy (buf
, "abcdefghij", 10);
156 memmove (buf
+ 1, buf
, 9);
157 if (memcmp (buf
, "aabcdefghi", 10))
160 if (mempcpy (buf
+ 5, "abcde", 5) != buf
+ 10
161 || memcmp (buf
, "aabcdabcde", 10))
164 memset (buf
+ 8, 'j', 2);
165 if (memcmp (buf
, "aabcdabcjj", 10))
168 strcpy (buf
+ 4, "EDCBA");
169 if (memcmp (buf
, "aabcEDCBA", 10))
172 if (stpcpy (buf
+ 8, "F") != buf
+ 9 || memcmp (buf
, "aabcEDCBF", 10))
175 strncpy (buf
+ 6, "X", 4);
176 if (memcmp (buf
, "aabcEDX\0\0", 10))
179 if (sprintf (buf
+ 7, "%s", "67") != 2 || memcmp (buf
, "aabcEDX67", 10))
182 if (snprintf (buf
+ 7, 3, "%s", "987654") != 6
183 || memcmp (buf
, "aabcEDX98", 10))
186 /* These ops need runtime checking, but shouldn't __chk_fail. */
187 memcpy (buf
, "abcdefghij", l0
+ 10);
188 memmove (buf
+ 1, buf
, l0
+ 9);
189 if (memcmp (buf
, "aabcdefghi", 10))
192 if (mempcpy (buf
+ 5, "abcde", l0
+ 5) != buf
+ 10
193 || memcmp (buf
, "aabcdabcde", 10))
196 memset (buf
+ 8, 'j', l0
+ 2);
197 if (memcmp (buf
, "aabcdabcjj", 10))
200 strcpy (buf
+ 4, str1
+ 5);
201 if (memcmp (buf
, "aabcEDCBA", 10))
204 if (stpcpy (buf
+ 8, str2
) != buf
+ 9 || memcmp (buf
, "aabcEDCBF", 10))
207 strncpy (buf
+ 6, "X", l0
+ 4);
208 if (memcmp (buf
, "aabcEDX\0\0", 10))
211 if (stpncpy (buf
+ 5, "cd", l0
+ 5) != buf
+ 7
212 || memcmp (buf
, "aabcEcd\0\0", 10))
215 if (sprintf (buf
+ 7, "%d", num1
) != 2 || memcmp (buf
, "aabcEcd67", 10))
218 if (snprintf (buf
+ 7, 3, "%d", num2
) != 6 || memcmp (buf
, "aabcEcd98", 10))
223 if (memcmp (buf
, "aabcEcd9A", 10))
227 strncat (buf
, "ZYXWV", l0
+ 2);
228 if (memcmp (buf
, "aabcEcdZY", 10))
231 memcpy (a
.buf1
, "abcdefghij", l0
+ 10);
232 memmove (a
.buf1
+ 1, a
.buf1
, l0
+ 9);
233 if (memcmp (a
.buf1
, "aabcdefghi", 10))
236 if (mempcpy (a
.buf1
+ 5, "abcde", l0
+ 5) != a
.buf1
+ 10
237 || memcmp (a
.buf1
, "aabcdabcde", 10))
240 memset (a
.buf1
+ 8, 'j', l0
+ 2);
241 if (memcmp (a
.buf1
, "aabcdabcjj", 10))
244 #if __USE_FORTIFY_LEVEL < 2 || !__GNUC_PREREQ (4, 0)
245 /* The following tests are supposed to crash with -D_FORTIFY_SOURCE=2
246 and sufficient GCC support, as the string operations overflow
247 from a.buf1 into a.buf2. */
248 strcpy (a
.buf1
+ 4, str1
+ 5);
249 if (memcmp (a
.buf1
, "aabcEDCBA", 10))
252 if (stpcpy (a
.buf1
+ 8, str2
) != a
.buf1
+ 9
253 || memcmp (a
.buf1
, "aabcEDCBF", 10))
256 strncpy (a
.buf1
+ 6, "X", l0
+ 4);
257 if (memcmp (a
.buf1
, "aabcEDX\0\0", 10))
260 if (sprintf (a
.buf1
+ 7, "%d", num1
) != 2
261 || memcmp (a
.buf1
, "aabcEDX67", 10))
264 if (snprintf (a
.buf1
+ 7, 3, "%d", num2
) != 6
265 || memcmp (a
.buf1
, "aabcEDX98", 10))
268 a
.buf1
[l0
+ 8] = '\0';
269 strcat (a
.buf1
, "A");
270 if (memcmp (a
.buf1
, "aabcEDX9A", 10))
273 a
.buf1
[l0
+ 7] = '\0';
274 strncat (a
.buf1
, "ZYXWV", l0
+ 2);
275 if (memcmp (a
.buf1
, "aabcEDXZY", 10))
280 #if __USE_FORTIFY_LEVEL >= 1
281 /* Now check if all buffer overflows are caught at runtime. */
284 memcpy (buf
+ 1, "abcdefghij", l0
+ 10);
288 memmove (buf
+ 2, buf
+ 1, l0
+ 9);
292 p
= (char *) mempcpy (buf
+ 6, "abcde", l0
+ 5);
296 memset (buf
+ 9, 'j', l0
+ 2);
300 strcpy (buf
+ 5, str1
+ 5);
304 p
= stpcpy (buf
+ 9, str2
);
308 strncpy (buf
+ 7, "X", l0
+ 4);
312 stpncpy (buf
+ 6, "cd", l0
+ 5);
315 # if !defined __cplusplus || defined __va_arg_pack
317 sprintf (buf
+ 8, "%d", num1
);
321 snprintf (buf
+ 8, l0
+ 3, "%d", num2
);
325 swprintf (wbuf
+ 8, 3, L
"%d", num1
);
329 swprintf (wbuf
+ 8, l0
+ 3, L
"%d", num1
);
333 memcpy (buf
, str1
+ 2, l0
+ 9);
338 memcpy (buf
, str1
+ 3, l0
+ 8);
340 strncat (buf
, "ZYXWV", l0
+ 3);
344 memcpy (a
.buf1
+ 1, "abcdefghij", l0
+ 10);
348 memmove (a
.buf1
+ 2, a
.buf1
+ 1, l0
+ 9);
352 p
= (char *) mempcpy (a
.buf1
+ 6, "abcde", l0
+ 5);
356 memset (a
.buf1
+ 9, 'j', l0
+ 2);
359 # if __USE_FORTIFY_LEVEL >= 2 && __GNUC_PREREQ (4, 0)
366 strcpy (a
.buf1
+ (O
+ 4), str1
+ 5);
370 p
= stpcpy (a
.buf1
+ (O
+ 8), str2
);
374 strncpy (a
.buf1
+ (O
+ 6), "X", l0
+ 4);
377 # if !defined __cplusplus || defined __va_arg_pack
379 sprintf (a
.buf1
+ (O
+ 7), "%d", num1
);
383 snprintf (a
.buf1
+ (O
+ 7), l0
+ 3, "%d", num2
);
387 memcpy (a
.buf1
, str1
+ (3 - O
), l0
+ 8 + O
);
389 strcat (a
.buf1
, "AB");
392 memcpy (a
.buf1
, str1
+ (4 - O
), l0
+ 7 + O
);
394 strncat (a
.buf1
, "ZYXWV", l0
+ 3);
399 /* These ops can be done without runtime checking of object size. */
400 wmemcpy (wbuf
, L
"abcdefghij", 10);
401 wmemmove (wbuf
+ 1, wbuf
, 9);
402 if (wmemcmp (wbuf
, L
"aabcdefghi", 10))
405 if (wmempcpy (wbuf
+ 5, L
"abcde", 5) != wbuf
+ 10
406 || wmemcmp (wbuf
, L
"aabcdabcde", 10))
409 wmemset (wbuf
+ 8, L
'j', 2);
410 if (wmemcmp (wbuf
, L
"aabcdabcjj", 10))
413 wcscpy (wbuf
+ 4, L
"EDCBA");
414 if (wmemcmp (wbuf
, L
"aabcEDCBA", 10))
417 if (wcpcpy (wbuf
+ 8, L
"F") != wbuf
+ 9 || wmemcmp (wbuf
, L
"aabcEDCBF", 10))
420 wcsncpy (wbuf
+ 6, L
"X", 4);
421 if (wmemcmp (wbuf
, L
"aabcEDX\0\0", 10))
424 if (swprintf (wbuf
+ 7, 3, L
"%ls", L
"987654") >= 0
425 || wmemcmp (wbuf
, L
"aabcEDX98", 10))
428 if (swprintf (wbuf
+ 7, 3, L
"64") != 2
429 || wmemcmp (wbuf
, L
"aabcEDX64", 10))
432 /* These ops need runtime checking, but shouldn't __chk_fail. */
433 wmemcpy (wbuf
, L
"abcdefghij", l0
+ 10);
434 wmemmove (wbuf
+ 1, wbuf
, l0
+ 9);
435 if (wmemcmp (wbuf
, L
"aabcdefghi", 10))
438 if (wmempcpy (wbuf
+ 5, L
"abcde", l0
+ 5) != wbuf
+ 10
439 || wmemcmp (wbuf
, L
"aabcdabcde", 10))
442 wmemset (wbuf
+ 8, L
'j', l0
+ 2);
443 if (wmemcmp (wbuf
, L
"aabcdabcjj", 10))
446 wcscpy (wbuf
+ 4, wstr1
+ 5);
447 if (wmemcmp (wbuf
, L
"aabcEDCBA", 10))
450 if (wcpcpy (wbuf
+ 8, wstr2
) != wbuf
+ 9 || wmemcmp (wbuf
, L
"aabcEDCBF", 10))
453 wcsncpy (wbuf
+ 6, L
"X", l0
+ 4);
454 if (wmemcmp (wbuf
, L
"aabcEDX\0\0", 10))
457 if (wcpncpy (wbuf
+ 5, L
"cd", l0
+ 5) != wbuf
+ 7
458 || wmemcmp (wbuf
, L
"aabcEcd\0\0", 10))
461 if (swprintf (wbuf
+ 7, 3, L
"%d", num2
) >= 0
462 || wmemcmp (wbuf
, L
"aabcEcd98", 10))
465 wbuf
[l0
+ 8] = L
'\0';
467 if (wmemcmp (wbuf
, L
"aabcEcd9A", 10))
470 wbuf
[l0
+ 7] = L
'\0';
471 wcsncat (wbuf
, L
"ZYXWV", l0
+ 2);
472 if (wmemcmp (wbuf
, L
"aabcEcdZY", 10))
475 wmemcpy (wa
.buf1
, L
"abcdefghij", l0
+ 10);
476 wmemmove (wa
.buf1
+ 1, wa
.buf1
, l0
+ 9);
477 if (wmemcmp (wa
.buf1
, L
"aabcdefghi", 10))
480 if (wmempcpy (wa
.buf1
+ 5, L
"abcde", l0
+ 5) != wa
.buf1
+ 10
481 || wmemcmp (wa
.buf1
, L
"aabcdabcde", 10))
484 wmemset (wa
.buf1
+ 8, L
'j', l0
+ 2);
485 if (wmemcmp (wa
.buf1
, L
"aabcdabcjj", 10))
488 #if __USE_FORTIFY_LEVEL < 2
489 /* The following tests are supposed to crash with -D_FORTIFY_SOURCE=2
490 and sufficient GCC support, as the string operations overflow
491 from a.buf1 into a.buf2. */
492 wcscpy (wa
.buf1
+ 4, wstr1
+ 5);
493 if (wmemcmp (wa
.buf1
, L
"aabcEDCBA", 10))
496 if (wcpcpy (wa
.buf1
+ 8, wstr2
) != wa
.buf1
+ 9
497 || wmemcmp (wa
.buf1
, L
"aabcEDCBF", 10))
500 wcsncpy (wa
.buf1
+ 6, L
"X", l0
+ 4);
501 if (wmemcmp (wa
.buf1
, L
"aabcEDX\0\0", 10))
504 if (swprintf (wa
.buf1
+ 7, 3, L
"%d", num2
) >= 0
505 || wmemcmp (wa
.buf1
, L
"aabcEDX98", 10))
508 wa
.buf1
[l0
+ 8] = L
'\0';
509 wcscat (wa
.buf1
, L
"A");
510 if (wmemcmp (wa
.buf1
, L
"aabcEDX9A", 10))
513 wa
.buf1
[l0
+ 7] = L
'\0';
514 wcsncat (wa
.buf1
, L
"ZYXWV", l0
+ 2);
515 if (wmemcmp (wa
.buf1
, L
"aabcEDXZY", 10))
520 #if __USE_FORTIFY_LEVEL >= 1
521 /* Now check if all buffer overflows are caught at runtime. */
524 wmemcpy (wbuf
+ 1, L
"abcdefghij", l0
+ 10);
528 wmemcpy (wbuf
+ 9, L
"abcdefghij", l0
+ 10);
532 wmemmove (wbuf
+ 2, wbuf
+ 1, l0
+ 9);
536 wp
= wmempcpy (wbuf
+ 6, L
"abcde", l0
+ 5);
540 wmemset (wbuf
+ 9, L
'j', l0
+ 2);
544 wcscpy (wbuf
+ 5, wstr1
+ 5);
548 wp
= wcpcpy (wbuf
+ 9, wstr2
);
552 wcsncpy (wbuf
+ 7, L
"X", l0
+ 4);
556 wcsncpy (wbuf
+ 9, L
"XABCDEFGH", 8);
560 wcpncpy (wbuf
+ 9, L
"XABCDEFGH", 8);
564 wcpncpy (wbuf
+ 6, L
"cd", l0
+ 5);
567 wmemcpy (wbuf
, wstr1
+ 2, l0
+ 9);
569 wcscat (wbuf
, L
"AB");
572 wmemcpy (wbuf
, wstr1
+ 3, l0
+ 8);
574 wcsncat (wbuf
, L
"ZYXWV", l0
+ 3);
578 wmemcpy (wa
.buf1
+ 1, L
"abcdefghij", l0
+ 10);
582 wmemmove (wa
.buf1
+ 2, wa
.buf1
+ 1, l0
+ 9);
586 wp
= wmempcpy (wa
.buf1
+ 6, L
"abcde", l0
+ 5);
590 wmemset (wa
.buf1
+ 9, L
'j', l0
+ 2);
593 #if __USE_FORTIFY_LEVEL >= 2
600 wcscpy (wa
.buf1
+ (O
+ 4), wstr1
+ 5);
604 wp
= wcpcpy (wa
.buf1
+ (O
+ 8), wstr2
);
608 wcsncpy (wa
.buf1
+ (O
+ 6), L
"X", l0
+ 4);
611 wmemcpy (wa
.buf1
, wstr1
+ (3 - O
), l0
+ 8 + O
);
613 wcscat (wa
.buf1
, L
"AB");
616 wmemcpy (wa
.buf1
, wstr1
+ (4 - O
), l0
+ 7 + O
);
618 wcsncat (wa
.buf1
, L
"ZYXWV", l0
+ 3);
623 /* Now checks for %n protection. */
625 /* Constant literals passed directly are always ok
626 (even with warnings about possible bugs from GCC). */
628 if (sprintf (buf
, "%s%n%s%n", str2
, &n1
, str2
, &n2
) != 2
629 || n1
!= 1 || n2
!= 2)
632 /* In this case the format string is not known at compile time,
633 but resides in read-only memory, so is ok. */
634 if (snprintf (buf
, 4, str3
, str2
, &n1
, str2
, &n2
) != 2
635 || n1
!= 1 || n2
!= 2)
638 strcpy (buf2
+ 2, "%n%s%n");
639 /* When the format string is writable and contains %n,
640 with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */
642 if (sprintf (buf
, buf2
, str2
, &n1
, str2
, &n1
) != 2)
647 if (snprintf (buf
, 3, buf2
, str2
, &n1
, str2
, &n1
) != 2)
651 /* But if there is no %n, even writable format string
654 if (sprintf (buf
, buf2
+ 4, str2
) != 1)
657 /* Constant literals passed directly are always ok
658 (even with warnings about possible bugs from GCC). */
659 if (printf ("%s%n%s%n", str4
, &n1
, str5
, &n2
) != 14
660 || n1
!= 7 || n2
!= 14)
663 /* In this case the format string is not known at compile time,
664 but resides in read-only memory, so is ok. */
665 if (printf (str3
, str4
, &n1
, str5
, &n2
) != 14
666 || n1
!= 7 || n2
!= 14)
669 strcpy (buf2
+ 2, "%n%s%n");
670 /* When the format string is writable and contains %n,
671 with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */
673 if (printf (buf2
, str4
, &n1
, str5
, &n1
) != 14)
677 /* But if there is no %n, even writable format string
680 if (printf (buf2
+ 4, str5
) != 7)
685 /* Constant literals passed directly are always ok
686 (even with warnings about possible bugs from GCC). */
687 if (fprintf (fp
, "%s%n%s%n", str4
, &n1
, str5
, &n2
) != 14
688 || n1
!= 7 || n2
!= 14)
691 /* In this case the format string is not known at compile time,
692 but resides in read-only memory, so is ok. */
693 if (fprintf (fp
, str3
, str4
, &n1
, str5
, &n2
) != 14
694 || n1
!= 7 || n2
!= 14)
697 strcpy (buf2
+ 2, "%n%s%n");
698 /* When the format string is writable and contains %n,
699 with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */
701 if (fprintf (fp
, buf2
, str4
, &n1
, str5
, &n1
) != 14)
705 /* But if there is no %n, even writable format string
708 if (fprintf (fp
, buf2
+ 4, str5
) != 7)
711 if (freopen (temp_filename
, "r", stdin
) == NULL
)
713 puts ("could not open temporary file");
717 if (gets (buf
) != buf
|| memcmp (buf
, "abcdefgh", 9))
719 if (gets (buf
) != buf
|| memcmp (buf
, "ABCDEFGHI", 10))
722 #if __USE_FORTIFY_LEVEL >= 1
724 if (gets (buf
) != buf
)
731 if (fgets (buf
, sizeof (buf
), stdin
) != buf
732 || memcmp (buf
, "abcdefgh\n", 10))
734 if (fgets (buf
, sizeof (buf
), stdin
) != buf
|| memcmp (buf
, "ABCDEFGHI", 10))
739 if (fgets (buf
, l0
+ sizeof (buf
), stdin
) != buf
740 || memcmp (buf
, "abcdefgh\n", 10))
743 #if __USE_FORTIFY_LEVEL >= 1
745 if (fgets (buf
, sizeof (buf
) + 1, stdin
) != buf
)
750 if (fgets (buf
, l0
+ sizeof (buf
) + 1, stdin
) != buf
)
757 if (fgets_unlocked (buf
, sizeof (buf
), stdin
) != buf
758 || memcmp (buf
, "abcdefgh\n", 10))
760 if (fgets_unlocked (buf
, sizeof (buf
), stdin
) != buf
761 || memcmp (buf
, "ABCDEFGHI", 10))
766 if (fgets_unlocked (buf
, l0
+ sizeof (buf
), stdin
) != buf
767 || memcmp (buf
, "abcdefgh\n", 10))
770 #if __USE_FORTIFY_LEVEL >= 1
772 if (fgets_unlocked (buf
, sizeof (buf
) + 1, stdin
) != buf
)
777 if (fgets_unlocked (buf
, l0
+ sizeof (buf
) + 1, stdin
) != buf
)
784 if (fread (buf
, 1, sizeof (buf
), stdin
) != sizeof (buf
)
785 || memcmp (buf
, "abcdefgh\nA", 10))
787 if (fread (buf
, sizeof (buf
), 1, stdin
) != 1
788 || memcmp (buf
, "BCDEFGHI\na", 10))
793 if (fread (buf
, l0
+ 1, sizeof (buf
), stdin
) != sizeof (buf
)
794 || memcmp (buf
, "abcdefgh\nA", 10))
796 if (fread (buf
, sizeof (buf
), l0
+ 1, stdin
) != 1
797 || memcmp (buf
, "BCDEFGHI\na", 10))
800 #if __USE_FORTIFY_LEVEL >= 1
802 if (fread (buf
, 1, sizeof (buf
) + 1, stdin
) != sizeof (buf
) + 1)
807 if (fread (buf
, sizeof (buf
) + 1, l0
+ 1, stdin
) != 1)
814 if (fread_unlocked (buf
, 1, sizeof (buf
), stdin
) != sizeof (buf
)
815 || memcmp (buf
, "abcdefgh\nA", 10))
817 if (fread_unlocked (buf
, sizeof (buf
), 1, stdin
) != 1
818 || memcmp (buf
, "BCDEFGHI\na", 10))
823 if (fread_unlocked (buf
, 1, 4, stdin
) != 4
824 || memcmp (buf
, "abcdFGHI\na", 10))
826 if (fread_unlocked (buf
, 4, 1, stdin
) != 1
827 || memcmp (buf
, "efghFGHI\na", 10))
832 if (fread_unlocked (buf
, l0
+ 1, sizeof (buf
), stdin
) != sizeof (buf
)
833 || memcmp (buf
, "abcdefgh\nA", 10))
835 if (fread_unlocked (buf
, sizeof (buf
), l0
+ 1, stdin
) != 1
836 || memcmp (buf
, "BCDEFGHI\na", 10))
839 #if __USE_FORTIFY_LEVEL >= 1
841 if (fread_unlocked (buf
, 1, sizeof (buf
) + 1, stdin
) != sizeof (buf
) + 1)
846 if (fread_unlocked (buf
, sizeof (buf
) + 1, l0
+ 1, stdin
) != 1)
851 lseek (fileno (stdin
), 0, SEEK_SET
);
853 if (read (fileno (stdin
), buf
, sizeof (buf
) - 1) != sizeof (buf
) - 1
854 || memcmp (buf
, "abcdefgh\n", 9))
856 if (read (fileno (stdin
), buf
, sizeof (buf
) - 1) != sizeof (buf
) - 1
857 || memcmp (buf
, "ABCDEFGHI", 9))
860 lseek (fileno (stdin
), 0, SEEK_SET
);
862 if (read (fileno (stdin
), buf
, l0
+ sizeof (buf
) - 1) != sizeof (buf
) - 1
863 || memcmp (buf
, "abcdefgh\n", 9))
866 #if __USE_FORTIFY_LEVEL >= 1
868 if (read (fileno (stdin
), buf
, sizeof (buf
) + 1) != sizeof (buf
) + 1)
873 if (pread (fileno (stdin
), buf
, sizeof (buf
) - 1, sizeof (buf
) - 2)
875 || memcmp (buf
, "\nABCDEFGH", 9))
877 if (pread (fileno (stdin
), buf
, sizeof (buf
) - 1, 0) != sizeof (buf
) - 1
878 || memcmp (buf
, "abcdefgh\n", 9))
880 if (pread (fileno (stdin
), buf
, l0
+ sizeof (buf
) - 1, sizeof (buf
) - 3)
882 || memcmp (buf
, "h\nABCDEFG", 9))
885 #if __USE_FORTIFY_LEVEL >= 1
887 if (pread (fileno (stdin
), buf
, sizeof (buf
) + 1, 2 * sizeof (buf
))
893 if (pread64 (fileno (stdin
), buf
, sizeof (buf
) - 1, sizeof (buf
) - 2)
895 || memcmp (buf
, "\nABCDEFGH", 9))
897 if (pread64 (fileno (stdin
), buf
, sizeof (buf
) - 1, 0) != sizeof (buf
) - 1
898 || memcmp (buf
, "abcdefgh\n", 9))
900 if (pread64 (fileno (stdin
), buf
, l0
+ sizeof (buf
) - 1, sizeof (buf
) - 3)
902 || memcmp (buf
, "h\nABCDEFG", 9))
905 #if __USE_FORTIFY_LEVEL >= 1
907 if (pread64 (fileno (stdin
), buf
, sizeof (buf
) + 1, 2 * sizeof (buf
))
913 if (freopen (temp_filename
, "r", stdin
) == NULL
)
915 puts ("could not open temporary file");
919 if (fseek (stdin
, 9 + 10 + 11, SEEK_SET
))
921 puts ("could not seek in test file");
925 #if __USE_FORTIFY_LEVEL >= 1
927 if (gets (buf
) != buf
)
932 /* Check whether missing N$ formats are detected. */
934 printf ("%3$d\n", 1, 2, 3, 4);
938 fprintf (stdout
, "%3$d\n", 1, 2, 3, 4);
942 sprintf (buf
, "%3$d\n", 1, 2, 3, 4);
946 snprintf (buf
, sizeof (buf
), "%3$d\n", 1, 2, 3, 4);
950 if (socketpair (PF_UNIX
, SOCK_STREAM
, 0, sp
))
954 const char *sendstr
= "abcdefgh\nABCDEFGH\n0123456789\n";
955 if ((size_t) send (sp
[0], sendstr
, strlen (sendstr
), 0)
960 if (recv (sp
[1], recvbuf
, sizeof recvbuf
, MSG_PEEK
)
962 || memcmp (recvbuf
, sendstr
, sizeof recvbuf
) != 0)
965 if (recv (sp
[1], recvbuf
+ 6, l0
+ sizeof recvbuf
- 7, MSG_PEEK
)
966 != sizeof recvbuf
- 7
967 || memcmp (recvbuf
+ 6, sendstr
, sizeof recvbuf
- 7) != 0)
970 #if __USE_FORTIFY_LEVEL >= 1
972 if (recv (sp
[1], recvbuf
+ 1, sizeof recvbuf
, MSG_PEEK
)
978 if (recv (sp
[1], recvbuf
+ 4, l0
+ sizeof recvbuf
- 3, MSG_PEEK
)
979 != sizeof recvbuf
- 3)
985 struct sockaddr_un sa_un
;
988 if (recvfrom (sp
[1], recvbuf
, sizeof recvbuf
, MSG_PEEK
,
989 (struct sockaddr
*) &sa_un
, &sl
)
991 || memcmp (recvbuf
, sendstr
, sizeof recvbuf
) != 0)
995 if (recvfrom (sp
[1], recvbuf
+ 6, l0
+ sizeof recvbuf
- 7, MSG_PEEK
,
996 (struct sockaddr
*) &sa_un
, &sl
) != sizeof recvbuf
- 7
997 || memcmp (recvbuf
+ 6, sendstr
, sizeof recvbuf
- 7) != 0)
1000 #if __USE_FORTIFY_LEVEL >= 1
1002 sl
= sizeof (sa_un
);
1003 if (recvfrom (sp
[1], recvbuf
+ 1, sizeof recvbuf
, MSG_PEEK
,
1004 (struct sockaddr
*) &sa_un
, &sl
) != sizeof recvbuf
)
1009 sl
= sizeof (sa_un
);
1010 if (recvfrom (sp
[1], recvbuf
+ 4, l0
+ sizeof recvbuf
- 3, MSG_PEEK
,
1011 (struct sockaddr
*) &sa_un
, &sl
) != sizeof recvbuf
- 3)
1020 char fname
[] = "/tmp/tst-chk1-dir-XXXXXX\0foo";
1021 char *enddir
= strchr (fname
, '\0');
1022 if (mkdtemp (fname
) == NULL
)
1024 printf ("mkdtemp failed: %m\n");
1028 if (symlink ("bar", fname
) != 0)
1031 char readlinkbuf
[4];
1032 if (readlink (fname
, readlinkbuf
, 4) != 3
1033 || memcmp (readlinkbuf
, "bar", 3) != 0)
1035 if (readlink (fname
, readlinkbuf
+ 1, l0
+ 3) != 3
1036 || memcmp (readlinkbuf
, "bbar", 4) != 0)
1039 #if __USE_FORTIFY_LEVEL >= 1
1041 if (readlink (fname
, readlinkbuf
+ 2, l0
+ 3) != 3)
1046 if (readlink (fname
, readlinkbuf
+ 3, 4) != 3)
1051 int tmpfd
= open ("/tmp", O_RDONLY
| O_DIRECTORY
);
1055 if (readlinkat (tmpfd
, fname
+ sizeof ("/tmp/") - 1, readlinkbuf
, 4) != 3
1056 || memcmp (readlinkbuf
, "bar", 3) != 0)
1058 if (readlinkat (tmpfd
, fname
+ sizeof ("/tmp/") - 1, readlinkbuf
+ 1,
1060 || memcmp (readlinkbuf
, "bbar", 4) != 0)
1063 #if __USE_FORTIFY_LEVEL >= 1
1065 if (readlinkat (tmpfd
, fname
+ sizeof ("/tmp/") - 1, readlinkbuf
+ 2,
1071 if (readlinkat (tmpfd
, fname
+ sizeof ("/tmp/") - 1, readlinkbuf
+ 3,
1079 char *cwd1
= getcwd (NULL
, 0);
1083 char *cwd2
= getcwd (NULL
, 250);
1089 if (strcmp (cwd1
, cwd2
) != 0)
1096 char *cwd3
= getcwd (NULL
, 0);
1099 if (strcmp (fname
, cwd3
) != 0)
1100 printf ("getcwd after chdir is '%s' != '%s',"
1101 "get{c,}wd tests skipped\n", cwd3
, fname
);
1104 char getcwdbuf
[sizeof fname
- 3];
1106 char *cwd4
= getcwd (getcwdbuf
, sizeof getcwdbuf
);
1107 if (cwd4
!= getcwdbuf
1108 || strcmp (getcwdbuf
, fname
) != 0)
1111 cwd4
= getcwd (getcwdbuf
+ 1, l0
+ sizeof getcwdbuf
- 1);
1112 if (cwd4
!= getcwdbuf
+ 1
1113 || getcwdbuf
[0] != fname
[0]
1114 || strcmp (getcwdbuf
+ 1, fname
) != 0)
1117 #if __USE_FORTIFY_LEVEL >= 1
1119 if (getcwd (getcwdbuf
+ 2, l0
+ sizeof getcwdbuf
)
1125 if (getcwd (getcwdbuf
+ 2, sizeof getcwdbuf
)
1131 if (getwd (getcwdbuf
) != getcwdbuf
1132 || strcmp (getcwdbuf
, fname
) != 0)
1135 if (getwd (getcwdbuf
+ 1) != getcwdbuf
+ 1
1136 || strcmp (getcwdbuf
+ 1, fname
) != 0)
1139 #if __USE_FORTIFY_LEVEL >= 1
1141 if (getwd (getcwdbuf
+ 2) != getcwdbuf
+ 2)
1147 if (chdir (cwd1
) != 0)
1155 if (unlink (fname
) != 0)
1159 if (rmdir (fname
) != 0)
1164 char largebuf
[PATH_MAX
];
1165 char *realres
= realpath (".", largebuf
);
1166 if (realres
!= largebuf
)
1169 # if __USE_FORTIFY_LEVEL >= 1
1172 realres
= realpath (".", realbuf
);
1173 if (realres
!= realbuf
)
1179 if (setlocale (LC_ALL
, "de_DE.UTF-8") != NULL
)
1181 assert (MB_CUR_MAX
<= 10);
1183 /* First a simple test. */
1185 if (wctomb (enough
, L
'A') != 1)
1188 #if __USE_FORTIFY_LEVEL >= 1
1189 /* We know the wchar_t encoding is ISO 10646. So pick a
1190 character which has a multibyte representation which does not
1194 if (wctomb (smallbuf
, L
'\x100') != 2)
1200 memset (&s
, '\0', sizeof (s
));
1201 if (wcrtomb (enough
, L
'D', &s
) != 1 || enough
[0] != 'D')
1204 #if __USE_FORTIFY_LEVEL >= 1
1205 /* We know the wchar_t encoding is ISO 10646. So pick a
1206 character which has a multibyte representation which does not
1210 if (wcrtomb (smallbuf
, L
'\x100', &s
) != 2)
1215 wchar_t wenough
[10];
1216 memset (&s
, '\0', sizeof (s
));
1217 const char *cp
= "A";
1218 if (mbsrtowcs (wenough
, &cp
, 10, &s
) != 1
1219 || wcscmp (wenough
, L
"A") != 0)
1223 if (mbsrtowcs (wenough
, &cp
, l0
+ 10, &s
) != 2
1224 || wcscmp (wenough
, L
"BC") != 0)
1227 #if __USE_FORTIFY_LEVEL >= 1
1229 wchar_t wsmallbuf
[2];
1231 mbsrtowcs (wsmallbuf
, &cp
, 10, &s
);
1236 if (mbstowcs (wenough
, cp
, 10) != 1
1237 || wcscmp (wenough
, L
"A") != 0)
1241 if (mbstowcs (wenough
, cp
, l0
+ 10) != 3
1242 || wcscmp (wenough
, L
"DEF") != 0)
1245 #if __USE_FORTIFY_LEVEL >= 1
1247 wchar_t wsmallbuf
[2];
1249 mbstowcs (wsmallbuf
, cp
, 10);
1253 memset (&s
, '\0', sizeof (s
));
1255 wcscpy (wenough
, L
"DEF");
1256 if (mbsnrtowcs (wenough
, &cp
, 1, 10, &s
) != 1
1257 || wcscmp (wenough
, L
"AEF") != 0)
1261 if (mbsnrtowcs (wenough
, &cp
, 1, l0
+ 10, &s
) != 1
1262 || wcscmp (wenough
, L
"IEF") != 0)
1265 #if __USE_FORTIFY_LEVEL >= 1
1267 wchar_t wsmallbuf
[2];
1269 mbsnrtowcs (wsmallbuf
, &cp
, 3, 10, &s
);
1273 memset (&s
, '\0', sizeof (s
));
1274 const wchar_t *wcp
= L
"A";
1275 if (wcsrtombs (enough
, &wcp
, 10, &s
) != 1
1276 || strcmp (enough
, "A") != 0)
1280 if (wcsrtombs (enough
, &wcp
, l0
+ 10, &s
) != 2
1281 || strcmp (enough
, "BC") != 0)
1284 #if __USE_FORTIFY_LEVEL >= 1
1288 wcsrtombs (smallbuf
, &wcp
, 10, &s
);
1292 memset (enough
, 'Z', sizeof (enough
));
1294 if (wcstombs (enough
, wcp
, 10) != 2
1295 || strcmp (enough
, "EF") != 0)
1299 if (wcstombs (enough
, wcp
, l0
+ 10) != 1
1300 || strcmp (enough
, "G") != 0)
1303 #if __USE_FORTIFY_LEVEL >= 1
1307 wcstombs (smallbuf
, wcp
, 10);
1311 memset (&s
, '\0', sizeof (s
));
1313 if (wcsnrtombs (enough
, &wcp
, 1, 10, &s
) != 1
1314 || strcmp (enough
, "A") != 0)
1318 if (wcsnrtombs (enough
, &wcp
, 1, l0
+ 10, &s
) != 1
1319 || strcmp (enough
, "B") != 0)
1322 #if __USE_FORTIFY_LEVEL >= 1
1326 wcsnrtombs (smallbuf
, &wcp
, 3, 10, &s
);
1332 puts ("cannot set locale");
1336 fd
= posix_openpt (O_RDWR
);
1340 if (ptsname_r (fd
, enough
, sizeof (enough
)) != 0)
1343 #if __USE_FORTIFY_LEVEL >= 1
1346 if (ptsname_r (fd
, smallbuf
, sizeof (smallbuf
) + 1) == 0)
1354 confstr (_CS_GNU_LIBC_VERSION
, largebuf
, sizeof (largebuf
));
1355 # if __USE_FORTIFY_LEVEL >= 1
1358 confstr (_CS_GNU_LIBC_VERSION
, smallbuf
, sizeof (largebuf
));
1364 int ngr
= getgroups (5, grpslarge
);
1365 asm volatile ("" : : "r" (ngr
));
1366 #if __USE_FORTIFY_LEVEL >= 1
1369 ngr
= getgroups (5, (gid_t
*) smallbuf
);
1370 asm volatile ("" : : "r" (ngr
));
1374 fd
= open (_PATH_TTY
, O_RDONLY
);
1378 if (ttyname_r (fd
, enough
, sizeof (enough
)) != 0)
1381 #if __USE_FORTIFY_LEVEL >= 1
1384 if (ttyname_r (fd
, smallbuf
, sizeof (smallbuf
) + 1) == 0)
1391 char hostnamelarge
[1000];
1392 gethostname (hostnamelarge
, sizeof (hostnamelarge
));
1393 #if __USE_FORTIFY_LEVEL >= 1
1396 gethostname (smallbuf
, sizeof (hostnamelarge
));
1400 char loginlarge
[1000];
1401 getlogin_r (loginlarge
, sizeof (hostnamelarge
));
1402 #if __USE_FORTIFY_LEVEL >= 1
1405 getlogin_r (smallbuf
, sizeof (loginlarge
));
1409 char domainnamelarge
[1000];
1410 int res
= getdomainname (domainnamelarge
, sizeof (domainnamelarge
));
1411 asm volatile ("" : : "r" (res
));
1412 #if __USE_FORTIFY_LEVEL >= 1
1415 res
= getdomainname (smallbuf
, sizeof (domainnamelarge
));
1416 asm volatile ("" : : "r" (res
));