2 * Copyright (c) 1999 - 2006 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
19 * 3. Neither the name of the Institute nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 #ifdef HAVE_SYS_MMAN_H
45 #include "asn1-common.h"
46 #include "check-common.h"
56 /* #undef HAVE_MMAP */
59 map_alloc(enum map_type type
, const void *buf
,
60 size_t size
, struct map_page
**map
)
64 size_t len
= size
+ sizeof(long) * 2;
67 *map
= ecalloc(1, sizeof(**map
));
73 (*map
)->data_start
= p
+ sizeof(long);
74 for (i
= sizeof(long); i
> 0; i
--)
75 p
[sizeof(long) - i
] = 0xff - i
;
76 for (i
= sizeof(long); i
> 0; i
--)
77 p
[len
- i
] = 0xff - i
;
81 size_t pagesize
= getpagesize();
83 *map
= ecalloc(1, sizeof(**map
));
92 fd
= open ("/dev/zero", O_RDONLY
);
94 err (1, "open /dev/zero");
98 (*map
)->size
= size
+ pagesize
- (size
% pagesize
) + pagesize
* 2;
100 p
= (unsigned char *)mmap(0, (*map
)->size
, PROT_READ
| PROT_WRITE
,
102 if (p
== (unsigned char *)MAP_FAILED
)
107 ret
= mprotect (p
, pagesize
, 0);
111 ret
= mprotect (p
+ (*map
)->size
- pagesize
, pagesize
, 0);
117 (*map
)->data_start
= p
+ (*map
)->size
- pagesize
- size
;
120 (*map
)->data_start
= p
+ pagesize
;
126 (*map
)->data_size
= size
;
128 memcpy((*map
)->data_start
, buf
, size
);
129 return (*map
)->data_start
;
133 map_free(struct map_page
*map
, const char *test_name
, const char *map_name
)
136 unsigned char *p
= map
->start
;
139 for (i
= sizeof(long); i
> 0; i
--)
140 if (p
[sizeof(long) - i
] != 0xff - i
)
141 errx(1, "%s: %s underrun %d\n", test_name
, map_name
, i
);
142 for (i
= sizeof(long); i
> 0; i
--)
143 if (p
[map
->size
- i
] != 0xff - i
)
144 errx(1, "%s: %s overrun %lu\n", test_name
, map_name
,
145 (unsigned long)map
->size
- i
);
150 ret
= munmap (map
->start
, map
->size
);
158 print_bytes (unsigned const char *buf
, size_t len
)
162 for (i
= 0; i
< len
; ++i
)
163 printf ("%02x ", buf
[i
]);
167 #define MAP_FAILED (-1)
170 static char *current_test
= "<uninit>";
171 static char *current_state
= "<uninit>";
174 segv_handler(int sig
)
177 char msg
[] = "SIGSEGV i current test: ";
179 fd
= open("/dev/stdout", O_WRONLY
, 0600);
181 write(fd
, msg
, sizeof(msg
));
182 write(fd
, current_test
, strlen(current_test
));
184 write(fd
, current_state
, strlen(current_state
));
192 generic_test (const struct test_case
*tests
,
195 int (ASN1CALL
*encode
)(unsigned char *, size_t, void *, size_t *),
196 int (ASN1CALL
*length
)(void *),
197 int (ASN1CALL
*decode
)(unsigned char *, size_t, void *, size_t *),
198 int (ASN1CALL
*free_data
)(void *),
199 int (*cmp
)(void *a
, void *b
),
200 int (ASN1CALL
*copy
)(const void *from
, void *to
))
202 unsigned char *buf
, *buf2
;
206 struct map_page
*data_map
, *buf_map
, *buf2_map
;
208 #ifdef HAVE_SIGACTION
209 struct sigaction sa
, osa
;
212 for (i
= 0; i
< ntests
; ++i
) {
214 size_t sz
, consumed_sz
, length_sz
, buf_sz
;
217 current_test
= tests
[i
].name
;
219 current_state
= "init";
221 #ifdef HAVE_SIGACTION
222 sigemptyset (&sa
.sa_mask
);
225 sa
.sa_flags
|= SA_RESETHAND
;
227 sa
.sa_handler
= segv_handler
;
228 sigaction (SIGSEGV
, &sa
, &osa
);
231 data
= map_alloc(OVERRUN
, NULL
, data_size
, &data_map
);
233 buf_sz
= tests
[i
].byte_len
;
234 buf
= map_alloc(UNDERRUN
, NULL
, buf_sz
, &buf_map
);
236 current_state
= "encode";
237 ret
= (*encode
) (buf
+ buf_sz
- 1, buf_sz
,
240 printf ("encoding of %s failed %d\n", tests
[i
].name
, ret
);
244 if (sz
!= tests
[i
].byte_len
) {
245 printf ("encoding of %s has wrong len (%lu != %lu)\n",
247 (unsigned long)sz
, (unsigned long)tests
[i
].byte_len
);
252 current_state
= "length";
253 length_sz
= (*length
) (tests
[i
].val
);
254 if (sz
!= length_sz
) {
255 printf ("length for %s is bad (%lu != %lu)\n",
256 tests
[i
].name
, (unsigned long)length_sz
, (unsigned long)sz
);
261 current_state
= "memcmp";
262 if (memcmp (buf
, tests
[i
].bytes
, tests
[i
].byte_len
) != 0) {
263 printf ("encoding of %s has bad bytes:\n"
264 "correct: ", tests
[i
].name
);
265 print_bytes ((unsigned char *)tests
[i
].bytes
, tests
[i
].byte_len
);
266 printf ("\nactual: ");
267 print_bytes (buf
, sz
);
270 rk_dumpdata("correct", tests
[i
].bytes
, tests
[i
].byte_len
);
271 rk_dumpdata("actual", buf
, sz
);
278 buf2
= map_alloc(OVERRUN
, buf
, sz
, &buf2_map
);
280 current_state
= "decode";
281 ret
= (*decode
) (buf2
, sz
, data
, &consumed_sz
);
283 printf ("decoding of %s failed %d\n", tests
[i
].name
, ret
);
287 if (sz
!= consumed_sz
) {
288 printf ("different length decoding %s (%ld != %ld)\n",
290 (unsigned long)sz
, (unsigned long)consumed_sz
);
294 current_state
= "cmp";
295 if ((*cmp
)(data
, tests
[i
].val
) != 0) {
296 printf ("%s: comparison failed\n", tests
[i
].name
);
301 current_state
= "copy";
303 to
= emalloc(data_size
);
304 ret
= (*copy
)(data
, to
);
306 printf ("copy of %s failed %d\n", tests
[i
].name
, ret
);
311 current_state
= "cmp-copy";
312 if ((*cmp
)(data
, to
) != 0) {
313 printf ("%s: copy comparison failed\n", tests
[i
].name
);
319 current_state
= "free";
328 current_state
= "free";
329 map_free(buf_map
, tests
[i
].name
, "encode");
330 map_free(buf2_map
, tests
[i
].name
, "decode");
331 map_free(data_map
, tests
[i
].name
, "data");
333 #ifdef HAVE_SIGACTION
334 sigaction (SIGSEGV
, &osa
, NULL
);
337 current_state
= "done";
344 * a test size (byte_len) of -1 means that the test tries to trigger a
345 * integer overflow (and later a malloc of to little memory), just
346 * allocate some memory and hope that is enough for that test.
350 generic_decode_fail (const struct test_case
*tests
,
353 int (ASN1CALL
*decode
)(unsigned char *, size_t, void *, size_t *))
359 struct map_page
*data_map
, *buf_map
;
361 #ifdef HAVE_SIGACTION
362 struct sigaction sa
, osa
;
365 for (i
= 0; i
< ntests
; ++i
) {
370 current_test
= tests
[i
].name
;
372 current_state
= "init";
374 #ifdef HAVE_SIGACTION
375 sigemptyset (&sa
.sa_mask
);
378 sa
.sa_flags
|= SA_RESETHAND
;
380 sa
.sa_handler
= segv_handler
;
381 sigaction (SIGSEGV
, &sa
, &osa
);
384 data
= map_alloc(OVERRUN
, NULL
, data_size
, &data_map
);
386 if (tests
[i
].byte_len
< 0xffffff && tests
[i
].byte_len
>= 0) {
387 sz
= tests
[i
].byte_len
;
388 bytes
= tests
[i
].bytes
;
394 buf
= map_alloc(OVERRUN
, bytes
, sz
, &buf_map
);
396 if (tests
[i
].byte_len
== -1)
399 current_state
= "decode";
400 ret
= (*decode
) (buf
, tests
[i
].byte_len
, data
, &sz
);
402 printf ("sucessfully decoded %s\n", tests
[i
].name
);
407 current_state
= "free";
409 map_free(buf_map
, tests
[i
].name
, "encode");
410 map_free(data_map
, tests
[i
].name
, "data");
412 #ifdef HAVE_SIGACTION
413 sigaction (SIGSEGV
, &osa
, NULL
);
416 current_state
= "done";