1 /* Copyright (C) 2004, 2005 Free Software Foundation, Inc.
2 This file is part of the GNU C Library.
3 Contributed by Jakub Jelinek <jakub@redhat.com>, 2004.
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, write to the Free
17 Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
30 #include <sys/socket.h>
34 static void do_prepare (void);
35 static int do_test (void);
36 #define PREPARE(argc, argv) do_prepare ()
37 #define TEST_FUNCTION do_test ()
38 #include "../test-skeleton.c"
43 int temp_fd
= create_temp_file ("tst-chk1.", &temp_filename
);
46 printf ("cannot create temporary file: %m\n");
50 const char *strs
= "abcdefgh\nABCDEFGHI\nabcdefghij\nABCDEFGHIJ";
51 if (write (temp_fd
, strs
, strlen (strs
)) != strlen (strs
))
53 puts ("could not write test strings into file");
54 unlink (temp_filename
);
59 volatile int chk_fail_ok
;
69 longjmp (chk_fail_buf
, 1);
80 const char *str1
= "JIHGFEDCBA";
81 const char *str2
= "F";
82 const char *str3
= "%s%n%s%n";
83 const char *str4
= "Hello, ";
84 const char *str5
= "World!\n";
85 const wchar_t *wstr1
= L
"JIHGFEDCBA";
86 const wchar_t *wstr2
= L
"F";
87 const wchar_t *wstr3
= L
"%s%n%s%n";
88 const wchar_t *wstr4
= L
"Hello, ";
89 const wchar_t *wstr5
= L
"World!\n";
95 do { printf ("Failure on line %d\n", __LINE__); ret = 1; } while (0)
96 #define CHK_FAIL_START \
98 if (! setjmp (chk_fail_buf)) \
100 #define CHK_FAIL_END \
104 #if __USE_FORTIFY_LEVEL >= 2
105 #define CHK_FAIL2_START CHK_FAIL_START
106 #define CHK_FAIL2_END CHK_FAIL_END
108 #define CHK_FAIL2_START
109 #define CHK_FAIL2_END
116 sa
.sa_handler
= handler
;
118 sigemptyset (&sa
.sa_mask
);
120 sigaction (SIGABRT
, &sa
, NULL
);
122 /* Avoid all the buffer overflow messages on stderr. */
123 int fd
= open (_PATH_DEVNULL
, O_WRONLY
);
125 close (STDERR_FILENO
);
128 dup2 (fd
, STDERR_FILENO
);
131 setenv ("LIBC_FATAL_STDERR_", "1", 1);
133 struct A
{ char buf1
[9]; char buf2
[1]; } a
;
134 struct wA
{ wchar_t buf1
[9]; wchar_t buf2
[1]; } wa
;
136 printf ("Test checking routines at fortify level %d\n",
137 #ifdef __USE_FORTIFY_LEVEL
138 (int) __USE_FORTIFY_LEVEL
144 /* These ops can be done without runtime checking of object size. */
145 memcpy (buf
, "abcdefghij", 10);
146 memmove (buf
+ 1, buf
, 9);
147 if (memcmp (buf
, "aabcdefghi", 10))
150 if (mempcpy (buf
+ 5, "abcde", 5) != buf
+ 10
151 || memcmp (buf
, "aabcdabcde", 10))
154 memset (buf
+ 8, 'j', 2);
155 if (memcmp (buf
, "aabcdabcjj", 10))
158 strcpy (buf
+ 4, "EDCBA");
159 if (memcmp (buf
, "aabcEDCBA", 10))
162 if (stpcpy (buf
+ 8, "F") != buf
+ 9 || memcmp (buf
, "aabcEDCBF", 10))
165 strncpy (buf
+ 6, "X", 4);
166 if (memcmp (buf
, "aabcEDX\0\0", 10))
169 if (sprintf (buf
+ 7, "%s", "67") != 2 || memcmp (buf
, "aabcEDX67", 10))
172 if (snprintf (buf
+ 7, 3, "%s", "987654") != 6
173 || memcmp (buf
, "aabcEDX98", 10))
176 /* These ops need runtime checking, but shouldn't __chk_fail. */
177 memcpy (buf
, "abcdefghij", l0
+ 10);
178 memmove (buf
+ 1, buf
, l0
+ 9);
179 if (memcmp (buf
, "aabcdefghi", 10))
182 if (mempcpy (buf
+ 5, "abcde", l0
+ 5) != buf
+ 10
183 || memcmp (buf
, "aabcdabcde", 10))
186 memset (buf
+ 8, 'j', l0
+ 2);
187 if (memcmp (buf
, "aabcdabcjj", 10))
190 strcpy (buf
+ 4, str1
+ 5);
191 if (memcmp (buf
, "aabcEDCBA", 10))
194 if (stpcpy (buf
+ 8, str2
) != buf
+ 9 || memcmp (buf
, "aabcEDCBF", 10))
197 strncpy (buf
+ 6, "X", l0
+ 4);
198 if (memcmp (buf
, "aabcEDX\0\0", 10))
201 if (stpncpy (buf
+ 5, "cd", l0
+ 5) != buf
+ 7
202 || memcmp (buf
, "aabcEcd\0\0", 10))
205 if (sprintf (buf
+ 7, "%d", num1
) != 2 || memcmp (buf
, "aabcEcd67", 10))
208 if (snprintf (buf
+ 7, 3, "%d", num2
) != 6 || memcmp (buf
, "aabcEcd98", 10))
213 if (memcmp (buf
, "aabcEcd9A", 10))
217 strncat (buf
, "ZYXWV", l0
+ 2);
218 if (memcmp (buf
, "aabcEcdZY", 10))
221 memcpy (a
.buf1
, "abcdefghij", l0
+ 10);
222 memmove (a
.buf1
+ 1, a
.buf1
, l0
+ 9);
223 if (memcmp (a
.buf1
, "aabcdefghi", 10))
226 if (mempcpy (a
.buf1
+ 5, "abcde", l0
+ 5) != a
.buf1
+ 10
227 || memcmp (a
.buf1
, "aabcdabcde", 10))
230 memset (a
.buf1
+ 8, 'j', l0
+ 2);
231 if (memcmp (a
.buf1
, "aabcdabcjj", 10))
234 #if __USE_FORTIFY_LEVEL < 2
235 /* The following tests are supposed to crash with -D_FORTIFY_SOURCE=2
236 and sufficient GCC support, as the string operations overflow
237 from a.buf1 into a.buf2. */
238 strcpy (a
.buf1
+ 4, str1
+ 5);
239 if (memcmp (a
.buf1
, "aabcEDCBA", 10))
242 if (stpcpy (a
.buf1
+ 8, str2
) != a
.buf1
+ 9
243 || memcmp (a
.buf1
, "aabcEDCBF", 10))
246 strncpy (a
.buf1
+ 6, "X", l0
+ 4);
247 if (memcmp (a
.buf1
, "aabcEDX\0\0", 10))
250 if (sprintf (a
.buf1
+ 7, "%d", num1
) != 2
251 || memcmp (a
.buf1
, "aabcEDX67", 10))
254 if (snprintf (a
.buf1
+ 7, 3, "%d", num2
) != 6
255 || memcmp (a
.buf1
, "aabcEDX98", 10))
258 a
.buf1
[l0
+ 8] = '\0';
259 strcat (a
.buf1
, "A");
260 if (memcmp (a
.buf1
, "aabcEDX9A", 10))
263 a
.buf1
[l0
+ 7] = '\0';
264 strncat (a
.buf1
, "ZYXWV", l0
+ 2);
265 if (memcmp (a
.buf1
, "aabcEDXZY", 10))
270 #if __USE_FORTIFY_LEVEL >= 1
271 /* Now check if all buffer overflows are caught at runtime. */
274 memcpy (buf
+ 1, "abcdefghij", l0
+ 10);
278 memmove (buf
+ 2, buf
+ 1, l0
+ 9);
282 p
= mempcpy (buf
+ 6, "abcde", l0
+ 5);
286 memset (buf
+ 9, 'j', l0
+ 2);
290 strcpy (buf
+ 5, str1
+ 5);
294 p
= stpcpy (buf
+ 9, str2
);
298 strncpy (buf
+ 7, "X", l0
+ 4);
302 stpncpy (buf
+ 6, "cd", l0
+ 5);
306 sprintf (buf
+ 8, "%d", num1
);
310 snprintf (buf
+ 8, l0
+ 3, "%d", num2
);
313 memcpy (buf
, str1
+ 2, l0
+ 9);
318 memcpy (buf
, str1
+ 3, l0
+ 8);
320 strncat (buf
, "ZYXWV", l0
+ 3);
324 memcpy (a
.buf1
+ 1, "abcdefghij", l0
+ 10);
328 memmove (a
.buf1
+ 2, a
.buf1
+ 1, l0
+ 9);
332 p
= mempcpy (a
.buf1
+ 6, "abcde", l0
+ 5);
336 memset (a
.buf1
+ 9, 'j', l0
+ 2);
339 #if __USE_FORTIFY_LEVEL >= 2
346 strcpy (a
.buf1
+ (O
+ 4), str1
+ 5);
350 p
= stpcpy (a
.buf1
+ (O
+ 8), str2
);
354 strncpy (a
.buf1
+ (O
+ 6), "X", l0
+ 4);
358 sprintf (a
.buf1
+ (O
+ 7), "%d", num1
);
362 snprintf (a
.buf1
+ (O
+ 7), l0
+ 3, "%d", num2
);
365 memcpy (a
.buf1
, str1
+ (3 - O
), l0
+ 8 + O
);
367 strcat (a
.buf1
, "AB");
370 memcpy (a
.buf1
, str1
+ (4 - O
), l0
+ 7 + O
);
372 strncat (a
.buf1
, "ZYXWV", l0
+ 3);
377 /* These ops can be done without runtime checking of object size. */
378 wmemcpy (wbuf
, L
"abcdefghij", 10);
379 wmemmove (wbuf
+ 1, wbuf
, 9);
380 if (wmemcmp (wbuf
, L
"aabcdefghi", 10))
383 if (wmempcpy (wbuf
+ 5, L
"abcde", 5) != wbuf
+ 10
384 || wmemcmp (wbuf
, L
"aabcdabcde", 10))
387 wmemset (wbuf
+ 8, L
'j', 2);
388 if (wmemcmp (wbuf
, L
"aabcdabcjj", 10))
391 wcscpy (wbuf
+ 4, L
"EDCBA");
392 if (wmemcmp (wbuf
, L
"aabcEDCBA", 10))
395 if (wcpcpy (wbuf
+ 8, L
"F") != wbuf
+ 9 || wmemcmp (wbuf
, L
"aabcEDCBF", 10))
398 wcsncpy (wbuf
+ 6, L
"X", 4);
399 if (wmemcmp (wbuf
, L
"aabcEDX\0\0", 10))
402 if (swprintf (wbuf
+ 7, 3, L
"%ls", L
"987654") >= 0
403 || wmemcmp (wbuf
, L
"aabcEDX98", 10))
406 if (swprintf (wbuf
+ 7, 3, L
"64") != 2
407 || wmemcmp (wbuf
, L
"aabcEDX64", 10))
410 /* These ops need runtime checking, but shouldn't __chk_fail. */
411 wmemcpy (wbuf
, L
"abcdefghij", l0
+ 10);
412 wmemmove (wbuf
+ 1, wbuf
, l0
+ 9);
413 if (wmemcmp (wbuf
, L
"aabcdefghi", 10))
416 if (wmempcpy (wbuf
+ 5, L
"abcde", l0
+ 5) != wbuf
+ 10
417 || wmemcmp (wbuf
, L
"aabcdabcde", 10))
420 wmemset (wbuf
+ 8, L
'j', l0
+ 2);
421 if (wmemcmp (wbuf
, L
"aabcdabcjj", 10))
424 wcscpy (wbuf
+ 4, wstr1
+ 5);
425 if (wmemcmp (wbuf
, L
"aabcEDCBA", 10))
428 if (wcpcpy (wbuf
+ 8, wstr2
) != wbuf
+ 9 || wmemcmp (wbuf
, L
"aabcEDCBF", 10))
431 wcsncpy (wbuf
+ 6, L
"X", l0
+ 4);
432 if (wmemcmp (wbuf
, L
"aabcEDX\0\0", 10))
435 if (wcpncpy (wbuf
+ 5, L
"cd", l0
+ 5) != wbuf
+ 7
436 || wmemcmp (wbuf
, L
"aabcEcd\0\0", 10))
439 if (swprintf (wbuf
+ 7, 3, L
"%d", num2
) >= 0
440 || wmemcmp (wbuf
, L
"aabcEcd98", 10))
443 wbuf
[l0
+ 8] = L
'\0';
445 if (wmemcmp (wbuf
, L
"aabcEcd9A", 10))
448 wbuf
[l0
+ 7] = L
'\0';
449 wcsncat (wbuf
, L
"ZYXWV", l0
+ 2);
450 if (wmemcmp (wbuf
, L
"aabcEcdZY", 10))
453 wmemcpy (wa
.buf1
, L
"abcdefghij", l0
+ 10);
454 wmemmove (wa
.buf1
+ 1, wa
.buf1
, l0
+ 9);
455 if (wmemcmp (wa
.buf1
, L
"aabcdefghi", 10))
458 if (wmempcpy (wa
.buf1
+ 5, L
"abcde", l0
+ 5) != wa
.buf1
+ 10
459 || wmemcmp (wa
.buf1
, L
"aabcdabcde", 10))
462 wmemset (wa
.buf1
+ 8, L
'j', l0
+ 2);
463 if (wmemcmp (wa
.buf1
, L
"aabcdabcjj", 10))
466 #if __USE_FORTIFY_LEVEL < 2
467 /* The following tests are supposed to crash with -D_FORTIFY_SOURCE=2
468 and sufficient GCC support, as the string operations overflow
469 from a.buf1 into a.buf2. */
470 wcscpy (wa
.buf1
+ 4, wstr1
+ 5);
471 if (wmemcmp (wa
.buf1
, L
"aabcEDCBA", 10))
474 if (wcpcpy (wa
.buf1
+ 8, wstr2
) != wa
.buf1
+ 9
475 || wmemcmp (wa
.buf1
, L
"aabcEDCBF", 10))
478 wcsncpy (wa
.buf1
+ 6, L
"X", l0
+ 4);
479 if (wmemcmp (wa
.buf1
, L
"aabcEDX\0\0", 10))
482 if (swprintf (wa
.buf1
+ 7, 3, L
"%d", num2
) >= 0
483 || wmemcmp (wa
.buf1
, L
"aabcEDX98", 10))
486 wa
.buf1
[l0
+ 8] = L
'\0';
487 wcscat (wa
.buf1
, L
"A");
488 if (wmemcmp (wa
.buf1
, L
"aabcEDX9A", 10))
491 wa
.buf1
[l0
+ 7] = L
'\0';
492 wcsncat (wa
.buf1
, L
"ZYXWV", l0
+ 2);
493 if (wmemcmp (wa
.buf1
, L
"aabcEDXZY", 10))
498 #if __USE_FORTIFY_LEVEL >= 1
499 /* Now check if all buffer overflows are caught at runtime. */
502 wmemcpy (wbuf
+ 1, L
"abcdefghij", l0
+ 10);
506 wmemmove (wbuf
+ 2, wbuf
+ 1, l0
+ 9);
510 wp
= wmempcpy (wbuf
+ 6, L
"abcde", l0
+ 5);
514 wmemset (wbuf
+ 9, L
'j', l0
+ 2);
518 wcscpy (wbuf
+ 5, wstr1
+ 5);
522 wp
= wcpcpy (wbuf
+ 9, wstr2
);
526 wcsncpy (wbuf
+ 7, L
"X", l0
+ 4);
530 wcpncpy (wbuf
+ 6, L
"cd", l0
+ 5);
533 wmemcpy (wbuf
, wstr1
+ 2, l0
+ 9);
535 wcscat (wbuf
, L
"AB");
538 wmemcpy (wbuf
, wstr1
+ 3, l0
+ 8);
540 wcsncat (wbuf
, L
"ZYXWV", l0
+ 3);
544 wmemcpy (wa
.buf1
+ 1, L
"abcdefghij", l0
+ 10);
548 wmemmove (wa
.buf1
+ 2, wa
.buf1
+ 1, l0
+ 9);
552 wp
= wmempcpy (wa
.buf1
+ 6, L
"abcde", l0
+ 5);
556 wmemset (wa
.buf1
+ 9, L
'j', l0
+ 2);
559 #if __USE_FORTIFY_LEVEL >= 2
566 wcscpy (wa
.buf1
+ (O
+ 4), wstr1
+ 5);
570 wp
= wcpcpy (wa
.buf1
+ (O
+ 8), wstr2
);
574 wcsncpy (wa
.buf1
+ (O
+ 6), L
"X", l0
+ 4);
577 wmemcpy (wa
.buf1
, wstr1
+ (3 - O
), l0
+ 8 + O
);
579 wcscat (wa
.buf1
, L
"AB");
582 wmemcpy (wa
.buf1
, wstr1
+ (4 - O
), l0
+ 7 + O
);
584 wcsncat (wa
.buf1
, L
"ZYXWV", l0
+ 3);
589 /* Now checks for %n protection. */
591 /* Constant literals passed directly are always ok
592 (even with warnings about possible bugs from GCC). */
594 if (sprintf (buf
, "%s%n%s%n", str2
, &n1
, str2
, &n2
) != 2
595 || n1
!= 1 || n2
!= 2)
598 /* In this case the format string is not known at compile time,
599 but resides in read-only memory, so is ok. */
600 if (snprintf (buf
, 4, str3
, str2
, &n1
, str2
, &n2
) != 2
601 || n1
!= 1 || n2
!= 2)
604 strcpy (buf2
+ 2, "%n%s%n");
605 /* When the format string is writable and contains %n,
606 with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */
608 if (sprintf (buf
, buf2
, str2
, &n1
, str2
, &n1
) != 2)
613 if (snprintf (buf
, 3, buf2
, str2
, &n1
, str2
, &n1
) != 2)
617 /* But if there is no %n, even writable format string
620 if (sprintf (buf
, buf2
+ 4, str2
) != 1)
623 /* Constant literals passed directly are always ok
624 (even with warnings about possible bugs from GCC). */
625 if (printf ("%s%n%s%n", str4
, &n1
, str5
, &n2
) != 14
626 || n1
!= 7 || n2
!= 14)
629 /* In this case the format string is not known at compile time,
630 but resides in read-only memory, so is ok. */
631 if (printf (str3
, str4
, &n1
, str5
, &n2
) != 14
632 || n1
!= 7 || n2
!= 14)
635 strcpy (buf2
+ 2, "%n%s%n");
636 /* When the format string is writable and contains %n,
637 with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */
639 if (printf (buf2
, str4
, &n1
, str5
, &n1
) != 14)
643 /* But if there is no %n, even writable format string
646 if (printf (buf2
+ 4, str5
) != 7)
651 /* Constant literals passed directly are always ok
652 (even with warnings about possible bugs from GCC). */
653 if (fprintf (fp
, "%s%n%s%n", str4
, &n1
, str5
, &n2
) != 14
654 || n1
!= 7 || n2
!= 14)
657 /* In this case the format string is not known at compile time,
658 but resides in read-only memory, so is ok. */
659 if (fprintf (fp
, str3
, str4
, &n1
, str5
, &n2
) != 14
660 || n1
!= 7 || n2
!= 14)
663 strcpy (buf2
+ 2, "%n%s%n");
664 /* When the format string is writable and contains %n,
665 with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */
667 if (fprintf (fp
, buf2
, str4
, &n1
, str5
, &n1
) != 14)
671 /* But if there is no %n, even writable format string
674 if (fprintf (fp
, buf2
+ 4, str5
) != 7)
677 if (freopen (temp_filename
, "r", stdin
) == NULL
)
679 puts ("could not open temporary file");
683 if (gets (buf
) != buf
|| memcmp (buf
, "abcdefgh", 9))
685 if (gets (buf
) != buf
|| memcmp (buf
, "ABCDEFGHI", 10))
688 #if __USE_FORTIFY_LEVEL >= 1
690 if (gets (buf
) != buf
)
697 if (fgets (buf
, sizeof (buf
), stdin
) != buf
698 || memcmp (buf
, "abcdefgh\n", 10))
700 if (fgets (buf
, sizeof (buf
), stdin
) != buf
|| memcmp (buf
, "ABCDEFGHI", 10))
705 if (fgets (buf
, l0
+ sizeof (buf
), stdin
) != buf
706 || memcmp (buf
, "abcdefgh\n", 10))
709 #if __USE_FORTIFY_LEVEL >= 1
711 if (fgets (buf
, sizeof (buf
) + 1, stdin
) != buf
)
716 if (fgets (buf
, l0
+ sizeof (buf
) + 1, stdin
) != buf
)
723 if (fgets_unlocked (buf
, sizeof (buf
), stdin
) != buf
724 || memcmp (buf
, "abcdefgh\n", 10))
726 if (fgets_unlocked (buf
, sizeof (buf
), stdin
) != buf
727 || memcmp (buf
, "ABCDEFGHI", 10))
732 if (fgets_unlocked (buf
, l0
+ sizeof (buf
), stdin
) != buf
733 || memcmp (buf
, "abcdefgh\n", 10))
736 #if __USE_FORTIFY_LEVEL >= 1
738 if (fgets_unlocked (buf
, sizeof (buf
) + 1, stdin
) != buf
)
743 if (fgets_unlocked (buf
, l0
+ sizeof (buf
) + 1, stdin
) != buf
)
748 lseek (fileno (stdin
), 0, SEEK_SET
);
750 if (read (fileno (stdin
), buf
, sizeof (buf
) - 1) != sizeof (buf
) - 1
751 || memcmp (buf
, "abcdefgh\n", 9))
753 if (read (fileno (stdin
), buf
, sizeof (buf
) - 1) != sizeof (buf
) - 1
754 || memcmp (buf
, "ABCDEFGHI", 9))
757 lseek (fileno (stdin
), 0, SEEK_SET
);
759 if (read (fileno (stdin
), buf
, l0
+ sizeof (buf
) - 1) != sizeof (buf
) - 1
760 || memcmp (buf
, "abcdefgh\n", 9))
763 #if __USE_FORTIFY_LEVEL >= 1
765 if (read (fileno (stdin
), buf
, sizeof (buf
) + 1) != sizeof (buf
) + 1)
770 if (pread (fileno (stdin
), buf
, sizeof (buf
) - 1, sizeof (buf
) - 2)
772 || memcmp (buf
, "\nABCDEFGH", 9))
774 if (pread (fileno (stdin
), buf
, sizeof (buf
) - 1, 0) != sizeof (buf
) - 1
775 || memcmp (buf
, "abcdefgh\n", 9))
777 if (pread (fileno (stdin
), buf
, l0
+ sizeof (buf
) - 1, sizeof (buf
) - 3)
779 || memcmp (buf
, "h\nABCDEFG", 9))
782 #if __USE_FORTIFY_LEVEL >= 1
784 if (pread (fileno (stdin
), buf
, sizeof (buf
) + 1, 2 * sizeof (buf
))
790 if (pread64 (fileno (stdin
), buf
, sizeof (buf
) - 1, sizeof (buf
) - 2)
792 || memcmp (buf
, "\nABCDEFGH", 9))
794 if (pread64 (fileno (stdin
), buf
, sizeof (buf
) - 1, 0) != sizeof (buf
) - 1
795 || memcmp (buf
, "abcdefgh\n", 9))
797 if (pread64 (fileno (stdin
), buf
, l0
+ sizeof (buf
) - 1, sizeof (buf
) - 3)
799 || memcmp (buf
, "h\nABCDEFG", 9))
802 #if __USE_FORTIFY_LEVEL >= 1
804 if (pread64 (fileno (stdin
), buf
, sizeof (buf
) + 1, 2 * sizeof (buf
))
810 if (freopen (temp_filename
, "r", stdin
) == NULL
)
812 puts ("could not open temporary file");
816 if (fseek (stdin
, 9 + 10 + 11, SEEK_SET
))
818 puts ("could not seek in test file");
822 #if __USE_FORTIFY_LEVEL >= 1
824 if (gets (buf
) != buf
)
829 /* Check whether missing N$ formats are detected. */
831 printf ("%3$d\n", 1, 2, 3, 4);
835 fprintf (stdout
, "%3$d\n", 1, 2, 3, 4);
839 sprintf (buf
, "%3$d\n", 1, 2, 3, 4);
843 snprintf (buf
, sizeof (buf
), "%3$d\n", 1, 2, 3, 4);
847 if (socketpair (PF_UNIX
, SOCK_STREAM
, 0, sp
))
851 const char *sendstr
= "abcdefgh\nABCDEFGH\n0123456789\n";
852 if (send (sp
[0], sendstr
, strlen (sendstr
), 0) != strlen (sendstr
))
856 if (recv (sp
[1], recvbuf
, sizeof recvbuf
, MSG_PEEK
)
858 || memcmp (recvbuf
, sendstr
, sizeof recvbuf
) != 0)
861 if (recv (sp
[1], recvbuf
+ 6, l0
+ sizeof recvbuf
- 7, MSG_PEEK
)
862 != sizeof recvbuf
- 7
863 || memcmp (recvbuf
+ 6, sendstr
, sizeof recvbuf
- 7) != 0)
866 #if __USE_FORTIFY_LEVEL >= 1
868 if (recv (sp
[1], recvbuf
+ 1, sizeof recvbuf
, MSG_PEEK
)
874 if (recv (sp
[1], recvbuf
+ 4, l0
+ sizeof recvbuf
- 3, MSG_PEEK
)
875 != sizeof recvbuf
- 3)
881 struct sockaddr_un sa_un
;
884 if (recvfrom (sp
[1], recvbuf
, sizeof recvbuf
, MSG_PEEK
, &sa_un
, &sl
)
886 || memcmp (recvbuf
, sendstr
, sizeof recvbuf
) != 0)
890 if (recvfrom (sp
[1], recvbuf
+ 6, l0
+ sizeof recvbuf
- 7, MSG_PEEK
,
891 &sa_un
, &sl
) != sizeof recvbuf
- 7
892 || memcmp (recvbuf
+ 6, sendstr
, sizeof recvbuf
- 7) != 0)
895 #if __USE_FORTIFY_LEVEL >= 1
898 if (recvfrom (sp
[1], recvbuf
+ 1, sizeof recvbuf
, MSG_PEEK
, &sa_un
, &sl
)
905 if (recvfrom (sp
[1], recvbuf
+ 4, l0
+ sizeof recvbuf
- 3, MSG_PEEK
,
906 &sa_un
, &sl
) != sizeof recvbuf
- 3)
915 char fname
[] = "/tmp/tst-chk1-dir-XXXXXX\0foo";
916 char *enddir
= strchr (fname
, '\0');
917 if (mkdtemp (fname
) == NULL
)
919 printf ("mkdtemp failed: %m\n");
923 if (symlink ("bar", fname
) != 0)
927 if (readlink (fname
, readlinkbuf
, 4) != 3
928 || memcmp (readlinkbuf
, "bar", 3) != 0)
930 if (readlink (fname
, readlinkbuf
+ 1, l0
+ 3) != 3
931 || memcmp (readlinkbuf
, "bbar", 4) != 0)
934 #if __USE_FORTIFY_LEVEL >= 1
936 if (readlink (fname
, readlinkbuf
+ 2, l0
+ 3) != 3)
941 if (readlink (fname
, readlinkbuf
+ 3, 4) != 3)
946 char *cwd1
= getcwd (NULL
, 0);
950 char *cwd2
= getcwd (NULL
, 250);
956 if (strcmp (cwd1
, cwd2
) != 0)
963 char *cwd3
= getcwd (NULL
, 0);
966 if (strcmp (fname
, cwd3
) != 0)
967 printf ("getcwd after chdir is '%s' != '%s',"
968 "get{c,}wd tests skipped\n", cwd3
, fname
);
971 char getcwdbuf
[sizeof fname
- 3];
973 char *cwd4
= getcwd (getcwdbuf
, sizeof getcwdbuf
);
974 if (cwd4
!= getcwdbuf
975 || strcmp (getcwdbuf
, fname
) != 0)
978 cwd4
= getcwd (getcwdbuf
+ 1, l0
+ sizeof getcwdbuf
- 1);
979 if (cwd4
!= getcwdbuf
+ 1
980 || getcwdbuf
[0] != fname
[0]
981 || strcmp (getcwdbuf
+ 1, fname
) != 0)
984 #if __USE_FORTIFY_LEVEL >= 1
986 if (getcwd (getcwdbuf
+ 2, l0
+ sizeof getcwdbuf
)
992 if (getcwd (getcwdbuf
+ 2, sizeof getcwdbuf
)
998 if (getwd (getcwdbuf
) != getcwdbuf
999 || strcmp (getcwdbuf
, fname
) != 0)
1002 if (getwd (getcwdbuf
+ 1) != getcwdbuf
+ 1
1003 || strcmp (getcwdbuf
+ 1, fname
) != 0)
1006 #if __USE_FORTIFY_LEVEL >= 1
1008 if (getwd (getcwdbuf
+ 2) != getcwdbuf
+ 2)
1014 if (chdir (cwd1
) != 0)
1022 if (unlink (fname
) != 0)
1026 if (rmdir (fname
) != 0)
1031 char largebuf
[PATH_MAX
];
1032 char *realres
= realpath (".", largebuf
);
1034 #if __USE_FORTIFY_LEVEL >= 1
1037 realres
= realpath (".", realbuf
);
1041 if (setlocale (LC_ALL
, "de_DE.UTF-8") != NULL
)
1043 /* First a simple test. */
1044 char enough
[MB_CUR_MAX
];
1045 if (wctomb (enough
, L
'A') != 1)
1047 puts ("first wctomb test failed");
1051 #if __USE_FORTIFY_LEVEL >= 1
1052 /* We know the wchar_t encoding is ISO 10646. So pick a
1053 character which has a multibyte representation which does not
1057 if (wctomb (smallbuf
, L
'\x100') != 2)
1059 puts ("second wctomb test failed");
1066 memset (&s
, '\0', sizeof (s
));
1067 if (wcrtomb (enough
, L
'A', &s
) != 1)
1069 puts ("first wcrtomb test failed");
1073 #if __USE_FORTIFY_LEVEL >= 1
1074 /* We know the wchar_t encoding is ISO 10646. So pick a
1075 character which has a multibyte representation which does not
1079 if (wcrtomb (smallbuf
, L
'\x100', &s
) != 2)
1081 puts ("second wcrtomb test failed");
1087 wchar_t wenough
[10];
1088 memset (&s
, '\0', sizeof (s
));
1089 const char *cp
= "A";
1090 if (mbsrtowcs (wenough
, &cp
, 10, &s
) != 1)
1092 puts ("first mbsrtowcs test failed");
1096 #if __USE_FORTIFY_LEVEL >= 1
1097 /* We know the wchar_t encoding is ISO 10646. So pick a
1098 character which has a multibyte representation which does not
1101 wchar_t wsmallbuf
[2];
1103 mbsrtowcs (wsmallbuf
, &cp
, 10, &s
);
1107 memset (&s
, '\0', sizeof (s
));
1109 if (mbsnrtowcs (wenough
, &cp
, 1, 10, &s
) != 1)
1111 puts ("first mbsnrtowcs test failed");
1115 #if __USE_FORTIFY_LEVEL >= 1
1116 /* We know the wchar_t encoding is ISO 10646. So pick a
1117 character which has a multibyte representation which does not
1120 wchar_t wsmallbuf
[2];
1122 mbsnrtowcs (wsmallbuf
, &cp
, 3, 10, &s
);
1126 memset (&s
, '\0', sizeof (s
));
1127 const wchar_t *wcp
= L
"A";
1128 if (wcsrtombs (enough
, &wcp
, 10, &s
) != 1)
1130 puts ("first wcsrtombs test failed");
1134 #if __USE_FORTIFY_LEVEL >= 1
1135 /* We know the wchar_t encoding is ISO 10646. So pick a
1136 character which has a multibyte representation which does not
1141 wcsrtombs (smallbuf
, &wcp
, 10, &s
);
1145 memset (&s
, '\0', sizeof (s
));
1147 if (wcsnrtombs (enough
, &wcp
, 1, 10, &s
) != 1)
1149 puts ("first wcsnrtombs test failed");
1153 #if __USE_FORTIFY_LEVEL >= 1
1154 /* We know the wchar_t encoding is ISO 10646. So pick a
1155 character which has a multibyte representation which does not
1160 wcsnrtombs (smallbuf
, &wcp
, 3, 10, &s
);
1166 puts ("cannot set locale");
1170 fd
= posix_openpt (O_RDWR
);
1174 if (ptsname_r (fd
, enough
, sizeof (enough
)) != 0)
1176 puts ("first ptsname_r failed");
1180 #if __USE_FORTIFY_LEVEL >= 1
1183 if (ptsname_r (fd
, smallbuf
, sizeof (smallbuf
) + 1) == 0)
1185 puts ("second ptsname_r somehow suceeded");
1193 confstr (_CS_GNU_LIBC_VERSION
, largebuf
, sizeof (largebuf
));
1194 #if __USE_FORTIFY_LEVEL >= 1
1197 confstr (_CS_GNU_LIBC_VERSION
, smallbuf
, sizeof (largebuf
));
1202 int ngr
= getgroups (5, grpslarge
);
1203 #if __USE_FORTIFY_LEVEL >= 1
1206 ngr
= getgroups (5, (gid_t
*) smallbuf
);
1210 fd
= open (_PATH_TTY
, O_RDONLY
);
1214 if (ttyname_r (fd
, enough
, sizeof (enough
)) != 0)
1216 puts ("first ttyname_r failed");
1220 #if __USE_FORTIFY_LEVEL >= 1
1223 if (ttyname_r (fd
, smallbuf
, sizeof (smallbuf
) + 1) == 0)
1225 puts ("second ttyname_r somehow suceeded");
1233 char hostnamelarge
[1000];
1234 gethostname (hostnamelarge
, sizeof (hostnamelarge
));
1235 #if __USE_FORTIFY_LEVEL >= 1
1238 gethostname (smallbuf
, sizeof (hostnamelarge
));
1242 char loginlarge
[1000];
1243 getlogin_r (loginlarge
, sizeof (hostnamelarge
));
1244 #if __USE_FORTIFY_LEVEL >= 1
1247 getlogin_r (smallbuf
, sizeof (loginlarge
));
1251 char domainnamelarge
[1000];
1252 int res
= getdomainname (domainnamelarge
, sizeof (domainnamelarge
));
1253 #if __USE_FORTIFY_LEVEL >= 1
1256 res
= getdomainname (smallbuf
, sizeof (domainnamelarge
));