search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
* misc/error.c [_LIBC]: Include <stdbool.h> and <stdint.h>.
[glibc.git] / debug / tst-chk1.c
blob755052c52ba79684ac652396b37a4ff3a18b590c
1 /* Copyright (C) 2004, 2005 Free Software Foundation, Inc.
2 This file is part of the GNU C Library.
3 Contributed by Jakub Jelinek <jakub@redhat.com>, 2004.
4
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
9
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
14
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, write to the Free
17 Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
18 02111-1307 USA. */
19
20 #include <fcntl.h>
21 #include <locale.h>
22 #include <paths.h>
23 #include <setjmp.h>
24 #include <signal.h>
25 #include <stdio.h>
26 #include <stdlib.h>
27 #include <string.h>
28 #include <unistd.h>
29 #include <wchar.h>
30 #include <sys/socket.h>
31 #include <sys/un.h>
32
33 char *temp_filename;
34 static void do_prepare (void);
35 static int do_test (void);
36 #define PREPARE(argc, argv) do_prepare ()
37 #define TEST_FUNCTION do_test ()
38 #include "../test-skeleton.c"
39
40 static void
41 do_prepare (void)
42 {
43 int temp_fd = create_temp_file ("tst-chk1.", &temp_filename);
44 if (temp_fd == -1)
45 {
46 printf ("cannot create temporary file: %m\n");
47 exit (1);
48 }
49
50 const char *strs = "abcdefgh\nABCDEFGHI\nabcdefghij\nABCDEFGHIJ";
51 if (write (temp_fd, strs, strlen (strs)) != strlen (strs))
52 {
53 puts ("could not write test strings into file");
54 unlink (temp_filename);
55 exit (1);
56 }
57 }
58
59 volatile int chk_fail_ok;
60 volatile int ret;
61 jmp_buf chk_fail_buf;
62
63 static void
64 handler (int sig)
65 {
66 if (chk_fail_ok)
67 {
68 chk_fail_ok = 0;
69 longjmp (chk_fail_buf, 1);
70 }
71 else
72 _exit (127);
73 }
74
75 char buf[10];
76 wchar_t wbuf[10];
77 volatile size_t l0;
78 volatile char *p;
79 volatile wchar_t *wp;
80 const char *str1 = "JIHGFEDCBA";
81 const char *str2 = "F";
82 const char *str3 = "%s%n%s%n";
83 const char *str4 = "Hello, ";
84 const char *str5 = "World!\n";
85 const wchar_t *wstr1 = L"JIHGFEDCBA";
86 const wchar_t *wstr2 = L"F";
87 const wchar_t *wstr3 = L"%s%n%s%n";
88 const wchar_t *wstr4 = L"Hello, ";
89 const wchar_t *wstr5 = L"World!\n";
90 char buf2[10] = "%s";
91 int num1 = 67;
92 int num2 = 987654;
93
94 #define FAIL() \
95 do { printf ("Failure on line %d\n", __LINE__); ret = 1; } while (0)
96 #define CHK_FAIL_START \
97 chk_fail_ok = 1; \
98 if (! setjmp (chk_fail_buf)) \
99 {
100 #define CHK_FAIL_END \
101 chk_fail_ok = 0; \
102 FAIL (); \
103 }
104 #if __USE_FORTIFY_LEVEL >= 2
105 #define CHK_FAIL2_START CHK_FAIL_START
106 #define CHK_FAIL2_END CHK_FAIL_END
107 #else
108 #define CHK_FAIL2_START
109 #define CHK_FAIL2_END
110 #endif
111
112 static int
113 do_test (void)
114 {
115 struct sigaction sa;
116 sa.sa_handler = handler;
117 sa.sa_flags = 0;
118 sigemptyset (&sa.sa_mask);
119
120 sigaction (SIGABRT, &sa, NULL);
121
122 /* Avoid all the buffer overflow messages on stderr. */
123 int fd = open (_PATH_DEVNULL, O_WRONLY);
124 if (fd == -1)
125 close (STDERR_FILENO);
126 else
127 {
128 dup2 (fd, STDERR_FILENO);
129 close (fd);
130 }
131 setenv ("LIBC_FATAL_STDERR_", "1", 1);
132
133 struct A { char buf1[9]; char buf2[1]; } a;
134 struct wA { wchar_t buf1[9]; wchar_t buf2[1]; } wa;
135
136 printf ("Test checking routines at fortify level %d\n",
137 #ifdef __USE_FORTIFY_LEVEL
138 (int) __USE_FORTIFY_LEVEL
139 #else
140 0
141 #endif
142 );
143
144 /* These ops can be done without runtime checking of object size. */
145 memcpy (buf, "abcdefghij", 10);
146 memmove (buf + 1, buf, 9);
147 if (memcmp (buf, "aabcdefghi", 10))
148 FAIL ();
149
150 if (mempcpy (buf + 5, "abcde", 5) != buf + 10
151 || memcmp (buf, "aabcdabcde", 10))
152 FAIL ();
153
154 memset (buf + 8, 'j', 2);
155 if (memcmp (buf, "aabcdabcjj", 10))
156 FAIL ();
157
158 strcpy (buf + 4, "EDCBA");
159 if (memcmp (buf, "aabcEDCBA", 10))
160 FAIL ();
161
162 if (stpcpy (buf + 8, "F") != buf + 9 || memcmp (buf, "aabcEDCBF", 10))
163 FAIL ();
164
165 strncpy (buf + 6, "X", 4);
166 if (memcmp (buf, "aabcEDX\0\0", 10))
167 FAIL ();
168
169 if (sprintf (buf + 7, "%s", "67") != 2 || memcmp (buf, "aabcEDX67", 10))
170 FAIL ();
171
172 if (snprintf (buf + 7, 3, "%s", "987654") != 6
173 || memcmp (buf, "aabcEDX98", 10))
174 FAIL ();
175
176 /* These ops need runtime checking, but shouldn't __chk_fail. */
177 memcpy (buf, "abcdefghij", l0 + 10);
178 memmove (buf + 1, buf, l0 + 9);
179 if (memcmp (buf, "aabcdefghi", 10))
180 FAIL ();
181
182 if (mempcpy (buf + 5, "abcde", l0 + 5) != buf + 10
183 || memcmp (buf, "aabcdabcde", 10))
184 FAIL ();
185
186 memset (buf + 8, 'j', l0 + 2);
187 if (memcmp (buf, "aabcdabcjj", 10))
188 FAIL ();
189
190 strcpy (buf + 4, str1 + 5);
191 if (memcmp (buf, "aabcEDCBA", 10))
192 FAIL ();
193
194 if (stpcpy (buf + 8, str2) != buf + 9 || memcmp (buf, "aabcEDCBF", 10))
195 FAIL ();
196
197 strncpy (buf + 6, "X", l0 + 4);
198 if (memcmp (buf, "aabcEDX\0\0", 10))
199 FAIL ();
200
201 if (stpncpy (buf + 5, "cd", l0 + 5) != buf + 7
202 || memcmp (buf, "aabcEcd\0\0", 10))
203 FAIL ();
204
205 if (sprintf (buf + 7, "%d", num1) != 2 || memcmp (buf, "aabcEcd67", 10))
206 FAIL ();
207
208 if (snprintf (buf + 7, 3, "%d", num2) != 6 || memcmp (buf, "aabcEcd98", 10))
209 FAIL ();
210
211 buf[l0 + 8] = '\0';
212 strcat (buf, "A");
213 if (memcmp (buf, "aabcEcd9A", 10))
214 FAIL ();
215
216 buf[l0 + 7] = '\0';
217 strncat (buf, "ZYXWV", l0 + 2);
218 if (memcmp (buf, "aabcEcdZY", 10))
219 FAIL ();
220
221 memcpy (a.buf1, "abcdefghij", l0 + 10);
222 memmove (a.buf1 + 1, a.buf1, l0 + 9);
223 if (memcmp (a.buf1, "aabcdefghi", 10))
224 FAIL ();
225
226 if (mempcpy (a.buf1 + 5, "abcde", l0 + 5) != a.buf1 + 10
227 || memcmp (a.buf1, "aabcdabcde", 10))
228 FAIL ();
229
230 memset (a.buf1 + 8, 'j', l0 + 2);
231 if (memcmp (a.buf1, "aabcdabcjj", 10))
232 FAIL ();
233
234 #if __USE_FORTIFY_LEVEL < 2
235 /* The following tests are supposed to crash with -D_FORTIFY_SOURCE=2
236 and sufficient GCC support, as the string operations overflow
237 from a.buf1 into a.buf2. */
238 strcpy (a.buf1 + 4, str1 + 5);
239 if (memcmp (a.buf1, "aabcEDCBA", 10))
240 FAIL ();
241
242 if (stpcpy (a.buf1 + 8, str2) != a.buf1 + 9
243 || memcmp (a.buf1, "aabcEDCBF", 10))
244 FAIL ();
245
246 strncpy (a.buf1 + 6, "X", l0 + 4);
247 if (memcmp (a.buf1, "aabcEDX\0\0", 10))
248 FAIL ();
249
250 if (sprintf (a.buf1 + 7, "%d", num1) != 2
251 || memcmp (a.buf1, "aabcEDX67", 10))
252 FAIL ();
253
254 if (snprintf (a.buf1 + 7, 3, "%d", num2) != 6
255 || memcmp (a.buf1, "aabcEDX98", 10))
256 FAIL ();
257
258 a.buf1[l0 + 8] = '\0';
259 strcat (a.buf1, "A");
260 if (memcmp (a.buf1, "aabcEDX9A", 10))
261 FAIL ();
262
263 a.buf1[l0 + 7] = '\0';
264 strncat (a.buf1, "ZYXWV", l0 + 2);
265 if (memcmp (a.buf1, "aabcEDXZY", 10))
266 FAIL ();
267
268 #endif
269
270 #if __USE_FORTIFY_LEVEL >= 1
271 /* Now check if all buffer overflows are caught at runtime. */
272
273 CHK_FAIL_START
274 memcpy (buf + 1, "abcdefghij", l0 + 10);
275 CHK_FAIL_END
276
277 CHK_FAIL_START
278 memmove (buf + 2, buf + 1, l0 + 9);
279 CHK_FAIL_END
280
281 CHK_FAIL_START
282 p = mempcpy (buf + 6, "abcde", l0 + 5);
283 CHK_FAIL_END
284
285 CHK_FAIL_START
286 memset (buf + 9, 'j', l0 + 2);
287 CHK_FAIL_END
288
289 CHK_FAIL_START
290 strcpy (buf + 5, str1 + 5);
291 CHK_FAIL_END
292
293 CHK_FAIL_START
294 p = stpcpy (buf + 9, str2);
295 CHK_FAIL_END
296
297 CHK_FAIL_START
298 strncpy (buf + 7, "X", l0 + 4);
299 CHK_FAIL_END
300
301 CHK_FAIL_START
302 stpncpy (buf + 6, "cd", l0 + 5);
303 CHK_FAIL_END
304
305 CHK_FAIL_START
306 sprintf (buf + 8, "%d", num1);
307 CHK_FAIL_END
308
309 CHK_FAIL_START
310 snprintf (buf + 8, l0 + 3, "%d", num2);
311 CHK_FAIL_END
312
313 memcpy (buf, str1 + 2, l0 + 9);
314 CHK_FAIL_START
315 strcat (buf, "AB");
316 CHK_FAIL_END
317
318 memcpy (buf, str1 + 3, l0 + 8);
319 CHK_FAIL_START
320 strncat (buf, "ZYXWV", l0 + 3);
321 CHK_FAIL_END
322
323 CHK_FAIL_START
324 memcpy (a.buf1 + 1, "abcdefghij", l0 + 10);
325 CHK_FAIL_END
326
327 CHK_FAIL_START
328 memmove (a.buf1 + 2, a.buf1 + 1, l0 + 9);
329 CHK_FAIL_END
330
331 CHK_FAIL_START
332 p = mempcpy (a.buf1 + 6, "abcde", l0 + 5);
333 CHK_FAIL_END
334
335 CHK_FAIL_START
336 memset (a.buf1 + 9, 'j', l0 + 2);
337 CHK_FAIL_END
338
339 #if __USE_FORTIFY_LEVEL >= 2
340 # define O 0
341 #else
342 # define O 1
343 #endif
344
345 CHK_FAIL_START
346 strcpy (a.buf1 + (O + 4), str1 + 5);
347 CHK_FAIL_END
348
349 CHK_FAIL_START
350 p = stpcpy (a.buf1 + (O + 8), str2);
351 CHK_FAIL_END
352
353 CHK_FAIL_START
354 strncpy (a.buf1 + (O + 6), "X", l0 + 4);
355 CHK_FAIL_END
356
357 CHK_FAIL_START
358 sprintf (a.buf1 + (O + 7), "%d", num1);
359 CHK_FAIL_END
360
361 CHK_FAIL_START
362 snprintf (a.buf1 + (O + 7), l0 + 3, "%d", num2);
363 CHK_FAIL_END
364
365 memcpy (a.buf1, str1 + (3 - O), l0 + 8 + O);
366 CHK_FAIL_START
367 strcat (a.buf1, "AB");
368 CHK_FAIL_END
369
370 memcpy (a.buf1, str1 + (4 - O), l0 + 7 + O);
371 CHK_FAIL_START
372 strncat (a.buf1, "ZYXWV", l0 + 3);
373 CHK_FAIL_END
374 #endif
375
376
377 /* These ops can be done without runtime checking of object size. */
378 wmemcpy (wbuf, L"abcdefghij", 10);
379 wmemmove (wbuf + 1, wbuf, 9);
380 if (wmemcmp (wbuf, L"aabcdefghi", 10))
381 FAIL ();
382
383 if (wmempcpy (wbuf + 5, L"abcde", 5) != wbuf + 10
384 || wmemcmp (wbuf, L"aabcdabcde", 10))
385 FAIL ();
386
387 wmemset (wbuf + 8, L'j', 2);
388 if (wmemcmp (wbuf, L"aabcdabcjj", 10))
389 FAIL ();
390
391 wcscpy (wbuf + 4, L"EDCBA");
392 if (wmemcmp (wbuf, L"aabcEDCBA", 10))
393 FAIL ();
394
395 if (wcpcpy (wbuf + 8, L"F") != wbuf + 9 || wmemcmp (wbuf, L"aabcEDCBF", 10))
396 FAIL ();
397
398 wcsncpy (wbuf + 6, L"X", 4);
399 if (wmemcmp (wbuf, L"aabcEDX\0\0", 10))
400 FAIL ();
401
402 if (swprintf (wbuf + 7, 3, L"%ls", L"987654") >= 0
403 || wmemcmp (wbuf, L"aabcEDX98", 10))
404 FAIL ();
405
406 if (swprintf (wbuf + 7, 3, L"64") != 2
407 || wmemcmp (wbuf, L"aabcEDX64", 10))
408 FAIL ();
409
410 /* These ops need runtime checking, but shouldn't __chk_fail. */
411 wmemcpy (wbuf, L"abcdefghij", l0 + 10);
412 wmemmove (wbuf + 1, wbuf, l0 + 9);
413 if (wmemcmp (wbuf, L"aabcdefghi", 10))
414 FAIL ();
415
416 if (wmempcpy (wbuf + 5, L"abcde", l0 + 5) != wbuf + 10
417 || wmemcmp (wbuf, L"aabcdabcde", 10))
418 FAIL ();
419
420 wmemset (wbuf + 8, L'j', l0 + 2);
421 if (wmemcmp (wbuf, L"aabcdabcjj", 10))
422 FAIL ();
423
424 wcscpy (wbuf + 4, wstr1 + 5);
425 if (wmemcmp (wbuf, L"aabcEDCBA", 10))
426 FAIL ();
427
428 if (wcpcpy (wbuf + 8, wstr2) != wbuf + 9 || wmemcmp (wbuf, L"aabcEDCBF", 10))
429 FAIL ();
430
431 wcsncpy (wbuf + 6, L"X", l0 + 4);
432 if (wmemcmp (wbuf, L"aabcEDX\0\0", 10))
433 FAIL ();
434
435 if (wcpncpy (wbuf + 5, L"cd", l0 + 5) != wbuf + 7
436 || wmemcmp (wbuf, L"aabcEcd\0\0", 10))
437 FAIL ();
438
439 if (swprintf (wbuf + 7, 3, L"%d", num2) >= 0
440 || wmemcmp (wbuf, L"aabcEcd98", 10))
441 FAIL ();
442
443 wbuf[l0 + 8] = L'\0';
444 wcscat (wbuf, L"A");
445 if (wmemcmp (wbuf, L"aabcEcd9A", 10))
446 FAIL ();
447
448 wbuf[l0 + 7] = L'\0';
449 wcsncat (wbuf, L"ZYXWV", l0 + 2);
450 if (wmemcmp (wbuf, L"aabcEcdZY", 10))
451 FAIL ();
452
453 wmemcpy (wa.buf1, L"abcdefghij", l0 + 10);
454 wmemmove (wa.buf1 + 1, wa.buf1, l0 + 9);
455 if (wmemcmp (wa.buf1, L"aabcdefghi", 10))
456 FAIL ();
457
458 if (wmempcpy (wa.buf1 + 5, L"abcde", l0 + 5) != wa.buf1 + 10
459 || wmemcmp (wa.buf1, L"aabcdabcde", 10))
460 FAIL ();
461
462 wmemset (wa.buf1 + 8, L'j', l0 + 2);
463 if (wmemcmp (wa.buf1, L"aabcdabcjj", 10))
464 FAIL ();
465
466 #if __USE_FORTIFY_LEVEL < 2
467 /* The following tests are supposed to crash with -D_FORTIFY_SOURCE=2
468 and sufficient GCC support, as the string operations overflow
469 from a.buf1 into a.buf2. */
470 wcscpy (wa.buf1 + 4, wstr1 + 5);
471 if (wmemcmp (wa.buf1, L"aabcEDCBA", 10))
472 FAIL ();
473
474 if (wcpcpy (wa.buf1 + 8, wstr2) != wa.buf1 + 9
475 || wmemcmp (wa.buf1, L"aabcEDCBF", 10))
476 FAIL ();
477
478 wcsncpy (wa.buf1 + 6, L"X", l0 + 4);
479 if (wmemcmp (wa.buf1, L"aabcEDX\0\0", 10))
480 FAIL ();
481
482 if (swprintf (wa.buf1 + 7, 3, L"%d", num2) >= 0
483 || wmemcmp (wa.buf1, L"aabcEDX98", 10))
484 FAIL ();
485
486 wa.buf1[l0 + 8] = L'\0';
487 wcscat (wa.buf1, L"A");
488 if (wmemcmp (wa.buf1, L"aabcEDX9A", 10))
489 FAIL ();
490
491 wa.buf1[l0 + 7] = L'\0';
492 wcsncat (wa.buf1, L"ZYXWV", l0 + 2);
493 if (wmemcmp (wa.buf1, L"aabcEDXZY", 10))
494 FAIL ();
495
496 #endif
497
498 #if __USE_FORTIFY_LEVEL >= 1
499 /* Now check if all buffer overflows are caught at runtime. */
500
501 CHK_FAIL_START
502 wmemcpy (wbuf + 1, L"abcdefghij", l0 + 10);
503 CHK_FAIL_END
504
505 CHK_FAIL_START
506 wmemmove (wbuf + 2, wbuf + 1, l0 + 9);
507 CHK_FAIL_END
508
509 CHK_FAIL_START
510 wp = wmempcpy (wbuf + 6, L"abcde", l0 + 5);
511 CHK_FAIL_END
512
513 CHK_FAIL_START
514 wmemset (wbuf + 9, L'j', l0 + 2);
515 CHK_FAIL_END
516
517 CHK_FAIL_START
518 wcscpy (wbuf + 5, wstr1 + 5);
519 CHK_FAIL_END
520
521 CHK_FAIL_START
522 wp = wcpcpy (wbuf + 9, wstr2);
523 CHK_FAIL_END
524
525 CHK_FAIL_START
526 wcsncpy (wbuf + 7, L"X", l0 + 4);
527 CHK_FAIL_END
528
529 CHK_FAIL_START
530 wcpncpy (wbuf + 6, L"cd", l0 + 5);
531 CHK_FAIL_END
532
533 wmemcpy (wbuf, wstr1 + 2, l0 + 9);
534 CHK_FAIL_START
535 wcscat (wbuf, L"AB");
536 CHK_FAIL_END
537
538 wmemcpy (wbuf, wstr1 + 3, l0 + 8);
539 CHK_FAIL_START
540 wcsncat (wbuf, L"ZYXWV", l0 + 3);
541 CHK_FAIL_END
542
543 CHK_FAIL_START
544 wmemcpy (wa.buf1 + 1, L"abcdefghij", l0 + 10);
545 CHK_FAIL_END
546
547 CHK_FAIL_START
548 wmemmove (wa.buf1 + 2, wa.buf1 + 1, l0 + 9);
549 CHK_FAIL_END
550
551 CHK_FAIL_START
552 wp = wmempcpy (wa.buf1 + 6, L"abcde", l0 + 5);
553 CHK_FAIL_END
554
555 CHK_FAIL_START
556 wmemset (wa.buf1 + 9, L'j', l0 + 2);
557 CHK_FAIL_END
558
559 #if __USE_FORTIFY_LEVEL >= 2
560 # define O 0
561 #else
562 # define O 1
563 #endif
564
565 CHK_FAIL_START
566 wcscpy (wa.buf1 + (O + 4), wstr1 + 5);
567 CHK_FAIL_END
568
569 CHK_FAIL_START
570 wp = wcpcpy (wa.buf1 + (O + 8), wstr2);
571 CHK_FAIL_END
572
573 CHK_FAIL_START
574 wcsncpy (wa.buf1 + (O + 6), L"X", l0 + 4);
575 CHK_FAIL_END
576
577 wmemcpy (wa.buf1, wstr1 + (3 - O), l0 + 8 + O);
578 CHK_FAIL_START
579 wcscat (wa.buf1, L"AB");
580 CHK_FAIL_END
581
582 wmemcpy (wa.buf1, wstr1 + (4 - O), l0 + 7 + O);
583 CHK_FAIL_START
584 wcsncat (wa.buf1, L"ZYXWV", l0 + 3);
585 CHK_FAIL_END
586 #endif
587
588
589 /* Now checks for %n protection. */
590
591 /* Constant literals passed directly are always ok
592 (even with warnings about possible bugs from GCC). */
593 int n1, n2;
594 if (sprintf (buf, "%s%n%s%n", str2, &n1, str2, &n2) != 2
595 || n1 != 1 || n2 != 2)
596 FAIL ();
597
598 /* In this case the format string is not known at compile time,
599 but resides in read-only memory, so is ok. */
600 if (snprintf (buf, 4, str3, str2, &n1, str2, &n2) != 2
601 || n1 != 1 || n2 != 2)
602 FAIL ();
603
604 strcpy (buf2 + 2, "%n%s%n");
605 /* When the format string is writable and contains %n,
606 with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */
607 CHK_FAIL2_START
608 if (sprintf (buf, buf2, str2, &n1, str2, &n1) != 2)
609 FAIL ();
610 CHK_FAIL2_END
611
612 CHK_FAIL2_START
613 if (snprintf (buf, 3, buf2, str2, &n1, str2, &n1) != 2)
614 FAIL ();
615 CHK_FAIL2_END
616
617 /* But if there is no %n, even writable format string
618 should work. */
619 buf2[6] = '\0';
620 if (sprintf (buf, buf2 + 4, str2) != 1)
621 FAIL ();
622
623 /* Constant literals passed directly are always ok
624 (even with warnings about possible bugs from GCC). */
625 if (printf ("%s%n%s%n", str4, &n1, str5, &n2) != 14
626 || n1 != 7 || n2 != 14)
627 FAIL ();
628
629 /* In this case the format string is not known at compile time,
630 but resides in read-only memory, so is ok. */
631 if (printf (str3, str4, &n1, str5, &n2) != 14
632 || n1 != 7 || n2 != 14)
633 FAIL ();
634
635 strcpy (buf2 + 2, "%n%s%n");
636 /* When the format string is writable and contains %n,
637 with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */
638 CHK_FAIL2_START
639 if (printf (buf2, str4, &n1, str5, &n1) != 14)
640 FAIL ();
641 CHK_FAIL2_END
642
643 /* But if there is no %n, even writable format string
644 should work. */
645 buf2[6] = '\0';
646 if (printf (buf2 + 4, str5) != 7)
647 FAIL ();
648
649 FILE *fp = stdout;
650
651 /* Constant literals passed directly are always ok
652 (even with warnings about possible bugs from GCC). */
653 if (fprintf (fp, "%s%n%s%n", str4, &n1, str5, &n2) != 14
654 || n1 != 7 || n2 != 14)
655 FAIL ();
656
657 /* In this case the format string is not known at compile time,
658 but resides in read-only memory, so is ok. */
659 if (fprintf (fp, str3, str4, &n1, str5, &n2) != 14
660 || n1 != 7 || n2 != 14)
661 FAIL ();
662
663 strcpy (buf2 + 2, "%n%s%n");
664 /* When the format string is writable and contains %n,
665 with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */
666 CHK_FAIL2_START
667 if (fprintf (fp, buf2, str4, &n1, str5, &n1) != 14)
668 FAIL ();
669 CHK_FAIL2_END
670
671 /* But if there is no %n, even writable format string
672 should work. */
673 buf2[6] = '\0';
674 if (fprintf (fp, buf2 + 4, str5) != 7)
675 FAIL ();
676
677 if (freopen (temp_filename, "r", stdin) == NULL)
678 {
679 puts ("could not open temporary file");
680 exit (1);
681 }
682
683 if (gets (buf) != buf || memcmp (buf, "abcdefgh", 9))
684 FAIL ();
685 if (gets (buf) != buf || memcmp (buf, "ABCDEFGHI", 10))
686 FAIL ();
687
688 #if __USE_FORTIFY_LEVEL >= 1
689 CHK_FAIL_START
690 if (gets (buf) != buf)
691 FAIL ();
692 CHK_FAIL_END
693 #endif
694
695 rewind (stdin);
696
697 if (fgets (buf, sizeof (buf), stdin) != buf
698 || memcmp (buf, "abcdefgh\n", 10))
699 FAIL ();
700 if (fgets (buf, sizeof (buf), stdin) != buf || memcmp (buf, "ABCDEFGHI", 10))
701 FAIL ();
702
703 rewind (stdin);
704
705 if (fgets (buf, l0 + sizeof (buf), stdin) != buf
706 || memcmp (buf, "abcdefgh\n", 10))
707 FAIL ();
708
709 #if __USE_FORTIFY_LEVEL >= 1
710 CHK_FAIL_START
711 if (fgets (buf, sizeof (buf) + 1, stdin) != buf)
712 FAIL ();
713 CHK_FAIL_END
714
715 CHK_FAIL_START
716 if (fgets (buf, l0 + sizeof (buf) + 1, stdin) != buf)
717 FAIL ();
718 CHK_FAIL_END
719 #endif
720
721 rewind (stdin);
722
723 if (fgets_unlocked (buf, sizeof (buf), stdin) != buf
724 || memcmp (buf, "abcdefgh\n", 10))
725 FAIL ();
726 if (fgets_unlocked (buf, sizeof (buf), stdin) != buf
727 || memcmp (buf, "ABCDEFGHI", 10))
728 FAIL ();
729
730 rewind (stdin);
731
732 if (fgets_unlocked (buf, l0 + sizeof (buf), stdin) != buf
733 || memcmp (buf, "abcdefgh\n", 10))
734 FAIL ();
735
736 #if __USE_FORTIFY_LEVEL >= 1
737 CHK_FAIL_START
738 if (fgets_unlocked (buf, sizeof (buf) + 1, stdin) != buf)
739 FAIL ();
740 CHK_FAIL_END
741
742 CHK_FAIL_START
743 if (fgets_unlocked (buf, l0 + sizeof (buf) + 1, stdin) != buf)
744 FAIL ();
745 CHK_FAIL_END
746 #endif
747
748 lseek (fileno (stdin), 0, SEEK_SET);
749
750 if (read (fileno (stdin), buf, sizeof (buf) - 1) != sizeof (buf) - 1
751 || memcmp (buf, "abcdefgh\n", 9))
752 FAIL ();
753 if (read (fileno (stdin), buf, sizeof (buf) - 1) != sizeof (buf) - 1
754 || memcmp (buf, "ABCDEFGHI", 9))
755 FAIL ();
756
757 lseek (fileno (stdin), 0, SEEK_SET);
758
759 if (read (fileno (stdin), buf, l0 + sizeof (buf) - 1) != sizeof (buf) - 1
760 || memcmp (buf, "abcdefgh\n", 9))
761 FAIL ();
762
763 #if __USE_FORTIFY_LEVEL >= 1
764 CHK_FAIL_START
765 if (read (fileno (stdin), buf, sizeof (buf) + 1) != sizeof (buf) + 1)
766 FAIL ();
767 CHK_FAIL_END
768 #endif
769
770 if (pread (fileno (stdin), buf, sizeof (buf) - 1, sizeof (buf) - 2)
771 != sizeof (buf) - 1
772 || memcmp (buf, "\nABCDEFGH", 9))
773 FAIL ();
774 if (pread (fileno (stdin), buf, sizeof (buf) - 1, 0) != sizeof (buf) - 1
775 || memcmp (buf, "abcdefgh\n", 9))
776 FAIL ();
777 if (pread (fileno (stdin), buf, l0 + sizeof (buf) - 1, sizeof (buf) - 3)
778 != sizeof (buf) - 1
779 || memcmp (buf, "h\nABCDEFG", 9))
780 FAIL ();
781
782 #if __USE_FORTIFY_LEVEL >= 1
783 CHK_FAIL_START
784 if (pread (fileno (stdin), buf, sizeof (buf) + 1, 2 * sizeof (buf))
785 != sizeof (buf) + 1)
786 FAIL ();
787 CHK_FAIL_END
788 #endif
789
790 if (pread64 (fileno (stdin), buf, sizeof (buf) - 1, sizeof (buf) - 2)
791 != sizeof (buf) - 1
792 || memcmp (buf, "\nABCDEFGH", 9))
793 FAIL ();
794 if (pread64 (fileno (stdin), buf, sizeof (buf) - 1, 0) != sizeof (buf) - 1
795 || memcmp (buf, "abcdefgh\n", 9))
796 FAIL ();
797 if (pread64 (fileno (stdin), buf, l0 + sizeof (buf) - 1, sizeof (buf) - 3)
798 != sizeof (buf) - 1
799 || memcmp (buf, "h\nABCDEFG", 9))
800 FAIL ();
801
802 #if __USE_FORTIFY_LEVEL >= 1
803 CHK_FAIL_START
804 if (pread64 (fileno (stdin), buf, sizeof (buf) + 1, 2 * sizeof (buf))
805 != sizeof (buf) + 1)
806 FAIL ();
807 CHK_FAIL_END
808 #endif
809
810 if (freopen (temp_filename, "r", stdin) == NULL)
811 {
812 puts ("could not open temporary file");
813 exit (1);
814 }
815
816 if (fseek (stdin, 9 + 10 + 11, SEEK_SET))
817 {
818 puts ("could not seek in test file");
819 exit (1);
820 }
821
822 #if __USE_FORTIFY_LEVEL >= 1
823 CHK_FAIL_START
824 if (gets (buf) != buf)
825 FAIL ();
826 CHK_FAIL_END
827 #endif
828
829 /* Check whether missing N$ formats are detected. */
830 CHK_FAIL2_START
831 printf ("%3$d\n", 1, 2, 3, 4);
832 CHK_FAIL2_END
833
834 CHK_FAIL2_START
835 fprintf (stdout, "%3$d\n", 1, 2, 3, 4);
836 CHK_FAIL2_END
837
838 CHK_FAIL2_START
839 sprintf (buf, "%3$d\n", 1, 2, 3, 4);
840 CHK_FAIL2_END
841
842 CHK_FAIL2_START
843 snprintf (buf, sizeof (buf), "%3$d\n", 1, 2, 3, 4);
844 CHK_FAIL2_END
845
846 int sp[2];
847 if (socketpair (PF_UNIX, SOCK_STREAM, 0, sp))
848 FAIL ();
849 else
850 {
851 const char *sendstr = "abcdefgh\nABCDEFGH\n0123456789\n";
852 if (send (sp[0], sendstr, strlen (sendstr), 0) != strlen (sendstr))
853 FAIL ();
854
855 char recvbuf[12];
856 if (recv (sp[1], recvbuf, sizeof recvbuf, MSG_PEEK)
857 != sizeof recvbuf
858 || memcmp (recvbuf, sendstr, sizeof recvbuf) != 0)
859 FAIL ();
860
861 if (recv (sp[1], recvbuf + 6, l0 + sizeof recvbuf - 7, MSG_PEEK)
862 != sizeof recvbuf - 7
863 || memcmp (recvbuf + 6, sendstr, sizeof recvbuf - 7) != 0)
864 FAIL ();
865
866 #if __USE_FORTIFY_LEVEL >= 1
867 CHK_FAIL_START
868 if (recv (sp[1], recvbuf + 1, sizeof recvbuf, MSG_PEEK)
869 != sizeof recvbuf)
870 FAIL ();
871 CHK_FAIL_END
872
873 CHK_FAIL_START
874 if (recv (sp[1], recvbuf + 4, l0 + sizeof recvbuf - 3, MSG_PEEK)
875 != sizeof recvbuf - 3)
876 FAIL ();
877 CHK_FAIL_END
878 #endif
879
880 socklen_t sl;
881 struct sockaddr_un sa_un;
882
883 sl = sizeof (sa_un);
884 if (recvfrom (sp[1], recvbuf, sizeof recvbuf, MSG_PEEK, &sa_un, &sl)
885 != sizeof recvbuf
886 || memcmp (recvbuf, sendstr, sizeof recvbuf) != 0)
887 FAIL ();
888
889 sl = sizeof (sa_un);
890 if (recvfrom (sp[1], recvbuf + 6, l0 + sizeof recvbuf - 7, MSG_PEEK,
891 &sa_un, &sl) != sizeof recvbuf - 7
892 || memcmp (recvbuf + 6, sendstr, sizeof recvbuf - 7) != 0)
893 FAIL ();
894
895 #if __USE_FORTIFY_LEVEL >= 1
896 CHK_FAIL_START
897 sl = sizeof (sa_un);
898 if (recvfrom (sp[1], recvbuf + 1, sizeof recvbuf, MSG_PEEK, &sa_un, &sl)
899 != sizeof recvbuf)
900 FAIL ();
901 CHK_FAIL_END
902
903 CHK_FAIL_START
904 sl = sizeof (sa_un);
905 if (recvfrom (sp[1], recvbuf + 4, l0 + sizeof recvbuf - 3, MSG_PEEK,
906 &sa_un, &sl) != sizeof recvbuf - 3)
907 FAIL ();
908 CHK_FAIL_END
909 #endif
910
911 close (sp[0]);
912 close (sp[1]);
913 }
914
915 char fname[] = "/tmp/tst-chk1-dir-XXXXXX\0foo";
916 char *enddir = strchr (fname, '\0');
917 if (mkdtemp (fname) == NULL)
918 {
919 printf ("mkdtemp failed: %m\n");
920 return 1;
921 }
922 *enddir = '/';
923 if (symlink ("bar", fname) != 0)
924 FAIL ();
925
926 char readlinkbuf[4];
927 if (readlink (fname, readlinkbuf, 4) != 3
928 || memcmp (readlinkbuf, "bar", 3) != 0)
929 FAIL ();
930 if (readlink (fname, readlinkbuf + 1, l0 + 3) != 3
931 || memcmp (readlinkbuf, "bbar", 4) != 0)
932 FAIL ();
933
934 #if __USE_FORTIFY_LEVEL >= 1
935 CHK_FAIL_START
936 if (readlink (fname, readlinkbuf + 2, l0 + 3) != 3)
937 FAIL ();
938 CHK_FAIL_END
939
940 CHK_FAIL_START
941 if (readlink (fname, readlinkbuf + 3, 4) != 3)
942 FAIL ();
943 CHK_FAIL_END
944 #endif
945
946 char *cwd1 = getcwd (NULL, 0);
947 if (cwd1 == NULL)
948 FAIL ();
949
950 char *cwd2 = getcwd (NULL, 250);
951 if (cwd2 == NULL)
952 FAIL ();
953
954 if (cwd1 && cwd2)
955 {
956 if (strcmp (cwd1, cwd2) != 0)
957 FAIL ();
958
959 *enddir = '\0';
960 if (chdir (fname))
961 FAIL ();
962
963 char *cwd3 = getcwd (NULL, 0);
964 if (cwd3 == NULL)
965 FAIL ();
966 if (strcmp (fname, cwd3) != 0)
967 printf ("getcwd after chdir is '%s' != '%s',"
968 "get{c,}wd tests skipped\n", cwd3, fname);
969 else
970 {
971 char getcwdbuf[sizeof fname - 3];
972
973 char *cwd4 = getcwd (getcwdbuf, sizeof getcwdbuf);
974 if (cwd4 != getcwdbuf
975 || strcmp (getcwdbuf, fname) != 0)
976 FAIL ();
977
978 cwd4 = getcwd (getcwdbuf + 1, l0 + sizeof getcwdbuf - 1);
979 if (cwd4 != getcwdbuf + 1
980 || getcwdbuf[0] != fname[0]
981 || strcmp (getcwdbuf + 1, fname) != 0)
982 FAIL ();
983
984 #if __USE_FORTIFY_LEVEL >= 1
985 CHK_FAIL_START
986 if (getcwd (getcwdbuf + 2, l0 + sizeof getcwdbuf)
987 != getcwdbuf + 2)
988 FAIL ();
989 CHK_FAIL_END
990
991 CHK_FAIL_START
992 if (getcwd (getcwdbuf + 2, sizeof getcwdbuf)
993 != getcwdbuf + 2)
994 FAIL ();
995 CHK_FAIL_END
996 #endif
997
998 if (getwd (getcwdbuf) != getcwdbuf
999 || strcmp (getcwdbuf, fname) != 0)
1000 FAIL ();
1001
1002 if (getwd (getcwdbuf + 1) != getcwdbuf + 1
1003 || strcmp (getcwdbuf + 1, fname) != 0)
1004 FAIL ();
1005
1006 #if __USE_FORTIFY_LEVEL >= 1
1007 CHK_FAIL_START
1008 if (getwd (getcwdbuf + 2) != getcwdbuf + 2)
1009 FAIL ();
1010 CHK_FAIL_END
1011 #endif
1012 }
1013
1014 if (chdir (cwd1) != 0)
1015 FAIL ();
1016 free (cwd3);
1017 }
1018
1019 free (cwd1);
1020 free (cwd2);
1021 *enddir = '/';
1022 if (unlink (fname) != 0)
1023 FAIL ();
1024
1025 *enddir = '\0';
1026 if (rmdir (fname) != 0)
1027 FAIL ();
1028
1029
1030 #if PATH_MAX > 0
1031 char largebuf[PATH_MAX];
1032 char *realres = realpath (".", largebuf);
1033 #endif
1034 #if __USE_FORTIFY_LEVEL >= 1
1035 CHK_FAIL_START
1036 char realbuf[1];
1037 realres = realpath (".", realbuf);
1038 CHK_FAIL_END
1039 #endif
1040
1041 if (setlocale (LC_ALL, "de_DE.UTF-8") != NULL)
1042 {
1043 /* First a simple test. */
1044 char enough[MB_CUR_MAX];
1045 if (wctomb (enough, L'A') != 1)
1046 {
1047 puts ("first wctomb test failed");
1048 ret = 1;
1049 }
1050
1051 #if __USE_FORTIFY_LEVEL >= 1
1052 /* We know the wchar_t encoding is ISO 10646. So pick a
1053 character which has a multibyte representation which does not
1054 fit. */
1055 CHK_FAIL_START
1056 char smallbuf[2];
1057 if (wctomb (smallbuf, L'\x100') != 2)
1058 {
1059 puts ("second wctomb test failed");
1060 ret = 1;
1061 }
1062 CHK_FAIL_END
1063 #endif
1064
1065 mbstate_t s;
1066 memset (&s, '\0', sizeof (s));
1067 if (wcrtomb (enough, L'A', &s) != 1)
1068 {
1069 puts ("first wcrtomb test failed");
1070 ret = 1;
1071 }
1072
1073 #if __USE_FORTIFY_LEVEL >= 1
1074 /* We know the wchar_t encoding is ISO 10646. So pick a
1075 character which has a multibyte representation which does not
1076 fit. */
1077 CHK_FAIL_START
1078 char smallbuf[2];
1079 if (wcrtomb (smallbuf, L'\x100', &s) != 2)
1080 {
1081 puts ("second wcrtomb test failed");
1082 ret = 1;
1083 }
1084 CHK_FAIL_END
1085 #endif
1086
1087 wchar_t wenough[10];
1088 memset (&s, '\0', sizeof (s));
1089 const char *cp = "A";
1090 if (mbsrtowcs (wenough, &cp, 10, &s) != 1)
1091 {
1092 puts ("first mbsrtowcs test failed");
1093 ret = 1;
1094 }
1095
1096 #if __USE_FORTIFY_LEVEL >= 1
1097 /* We know the wchar_t encoding is ISO 10646. So pick a
1098 character which has a multibyte representation which does not
1099 fit. */
1100 CHK_FAIL_START
1101 wchar_t wsmallbuf[2];
1102 cp = "ABC";
1103 mbsrtowcs (wsmallbuf, &cp, 10, &s);
1104 CHK_FAIL_END
1105 #endif
1106
1107 memset (&s, '\0', sizeof (s));
1108 cp = "A";
1109 if (mbsnrtowcs (wenough, &cp, 1, 10, &s) != 1)
1110 {
1111 puts ("first mbsnrtowcs test failed");
1112 ret = 1;
1113 }
1114
1115 #if __USE_FORTIFY_LEVEL >= 1
1116 /* We know the wchar_t encoding is ISO 10646. So pick a
1117 character which has a multibyte representation which does not
1118 fit. */
1119 CHK_FAIL_START
1120 wchar_t wsmallbuf[2];
1121 cp = "ABC";
1122 mbsnrtowcs (wsmallbuf, &cp, 3, 10, &s);
1123 CHK_FAIL_END
1124 #endif
1125
1126 memset (&s, '\0', sizeof (s));
1127 const wchar_t *wcp = L"A";
1128 if (wcsrtombs (enough, &wcp, 10, &s) != 1)
1129 {
1130 puts ("first wcsrtombs test failed");
1131 ret = 1;
1132 }
1133
1134 #if __USE_FORTIFY_LEVEL >= 1
1135 /* We know the wchar_t encoding is ISO 10646. So pick a
1136 character which has a multibyte representation which does not
1137 fit. */
1138 CHK_FAIL_START
1139 char smallbuf[2];
1140 wcp = L"ABC";
1141 wcsrtombs (smallbuf, &wcp, 10, &s);
1142 CHK_FAIL_END
1143 #endif
1144
1145 memset (&s, '\0', sizeof (s));
1146 wcp = L"A";
1147 if (wcsnrtombs (enough, &wcp, 1, 10, &s) != 1)
1148 {
1149 puts ("first wcsnrtombs test failed");
1150 ret = 1;
1151 }
1152
1153 #if __USE_FORTIFY_LEVEL >= 1
1154 /* We know the wchar_t encoding is ISO 10646. So pick a
1155 character which has a multibyte representation which does not
1156 fit. */
1157 CHK_FAIL_START
1158 char smallbuf[2];
1159 wcp = L"ABC";
1160 wcsnrtombs (smallbuf, &wcp, 3, 10, &s);
1161 CHK_FAIL_END
1162 #endif
1163 }
1164 else
1165 {
1166 puts ("cannot set locale");
1167 ret = 1;
1168 }
1169
1170 fd = posix_openpt (O_RDWR);
1171 if (fd != -1)
1172 {
1173 char enough[1000];
1174 if (ptsname_r (fd, enough, sizeof (enough)) != 0)
1175 {
1176 puts ("first ptsname_r failed");
1177 ret = 1;
1178 }
1179
1180 #if __USE_FORTIFY_LEVEL >= 1
1181 CHK_FAIL_START
1182 char smallbuf[2];
1183 if (ptsname_r (fd, smallbuf, sizeof (smallbuf) + 1) == 0)
1184 {
1185 puts ("second ptsname_r somehow suceeded");
1186 ret = 1;
1187 }
1188 CHK_FAIL_END
1189 #endif
1190 close (fd);
1191 }
1192
1193 confstr (_CS_GNU_LIBC_VERSION, largebuf, sizeof (largebuf));
1194 #if __USE_FORTIFY_LEVEL >= 1
1195 CHK_FAIL_START
1196 char smallbuf[1];
1197 confstr (_CS_GNU_LIBC_VERSION, smallbuf, sizeof (largebuf));
1198 CHK_FAIL_END
1199 #endif
1200
1201 gid_t grpslarge[5];
1202 int ngr = getgroups (5, grpslarge);
1203 #if __USE_FORTIFY_LEVEL >= 1
1204 CHK_FAIL_START
1205 char smallbuf[1];
1206 ngr = getgroups (5, (gid_t *) smallbuf);
1207 CHK_FAIL_END
1208 #endif
1209
1210 fd = open (_PATH_TTY, O_RDONLY);
1211 if (fd != -1)
1212 {
1213 char enough[1000];
1214 if (ttyname_r (fd, enough, sizeof (enough)) != 0)
1215 {
1216 puts ("first ttyname_r failed");
1217 ret = 1;
1218 }
1219
1220 #if __USE_FORTIFY_LEVEL >= 1
1221 CHK_FAIL_START
1222 char smallbuf[2];
1223 if (ttyname_r (fd, smallbuf, sizeof (smallbuf) + 1) == 0)
1224 {
1225 puts ("second ttyname_r somehow suceeded");
1226 ret = 1;
1227 }
1228 CHK_FAIL_END
1229 #endif
1230 close (fd);
1231 }
1232
1233 char hostnamelarge[1000];
1234 gethostname (hostnamelarge, sizeof (hostnamelarge));
1235 #if __USE_FORTIFY_LEVEL >= 1
1236 CHK_FAIL_START
1237 char smallbuf[1];
1238 gethostname (smallbuf, sizeof (hostnamelarge));
1239 CHK_FAIL_END
1240 #endif
1241
1242 char loginlarge[1000];
1243 getlogin_r (loginlarge, sizeof (hostnamelarge));
1244 #if __USE_FORTIFY_LEVEL >= 1
1245 CHK_FAIL_START
1246 char smallbuf[1];
1247 getlogin_r (smallbuf, sizeof (loginlarge));
1248 CHK_FAIL_END
1249 #endif
1250
1251 char domainnamelarge[1000];
1252 int res = getdomainname (domainnamelarge, sizeof (domainnamelarge));
1253 #if __USE_FORTIFY_LEVEL >= 1
1254 CHK_FAIL_START
1255 char smallbuf[1];
1256 res = getdomainname (smallbuf, sizeof (domainnamelarge));
1257 CHK_FAIL_END
1258 #endif
1259
1260 return ret;
1261 }
sources.redhat.com git mirror of glibc CVS