sunrpc/tst-bug22542.c

   1 /* Test to verify that overlong hostname is rejected by clnt_create
   2    and doesn't cause a buffer overflow (bug  22542).
   3
   4    Copyright (C) 2022 Free Software Foundation, Inc.
   5    This file is part of the GNU C Library.
   6
   7    The GNU C Library is free software; you can redistribute it and/or
   8    modify it under the terms of the GNU Lesser General Public
   9    License as published by the Free Software Foundation; either
  10    version 2.1 of the License, or (at your option) any later version.
  11
  12    The GNU C Library is distributed in the hope that it will be useful,
  13    but WITHOUT ANY WARRANTY; without even the implied warranty of
  14    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  15    Lesser General Public License for more details.
  16
  17    You should have received a copy of the GNU Lesser General Public
  18    License along with the GNU C Library; if not, see
  19    <http://www.gnu.org/licenses/>.  */
  20
  21 #include <errno.h>
  22 #include <rpc/clnt.h>
  23 #include <string.h>
  24 #include <support/check.h>
  25 #include <sys/socket.h>
  26 #include <sys/un.h>
  27
  28 static int
  29 do_test (void)
  30 {
  31   /* Create an arbitrary hostname that's longer than fits in sun_path.  */
  32   char name [sizeof ((struct sockaddr_un*)0)->sun_path * 2];
  33   memset (name, 'x', sizeof name - 1);
  34   name [sizeof name - 1] = '\0';
  35
  36   errno = 0;
  37   CLIENT *clnt = clnt_create (name, 0, 0, "unix");
  38
  39   TEST_VERIFY (clnt == NULL);
  40   TEST_COMPARE (errno, EINVAL);
  41   return 0;
  42 }
  43
  44 #include <support/test-driver.c>