Document CVE-2024-2961
[glibc.git] / stdio-common / tst-printf-bz18872.sh
blob3b283f49a64f2b16eff9b6fbca62c5136ccf69ba
1 #!/bin/bash
2 # Copyright (C) 2015-2024 Free Software Foundation, Inc.
3 # This file is part of the GNU C Library.
5 # The GNU C Library is free software; you can redistribute it and/or
6 # modify it under the terms of the GNU Lesser General Public
7 # License as published by the Free Software Foundation; either
8 # version 2.1 of the License, or (at your option) any later version.
10 # The GNU C Library is distributed in the hope that it will be useful,
11 # but WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 # Lesser General Public License for more details.
15 # You should have received a copy of the GNU Lesser General Public
16 # License along with the GNU C Library; if not, see
17 # <https://www.gnu.org/licenses/>.
19 # To test BZ #18872, we need a printf() with 10K arguments.
20 # Such a printf could be generated with non-trivial macro
21 # application, but it's simpler to generate the test source
22 # via this script.
24 n_args=10000
26 cat <<'EOF'
27 #include <stdio.h>
28 #include <mcheck.h>
31 Compile do_test without optimization: GCC 4.9/5.0/6.0 takes a long time
32 to build this source. https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67396 */
34 __attribute__ ((optimize ("-O0")))
35 int do_test (void)
37 mtrace ();
38 printf (
39 EOF
41 for ((j = 0; j < $n_args / 10; j++)); do
42 for ((k = 0; k < 10; k++)); do
43 printf '"%%%d$s" ' $((10 * $j + $k + 1))
44 done
45 printf "\n"
46 done
48 printf '"%%%d$s",\n' $(($n_args + 1))
50 for ((j = 0; j < $n_args / 10; j++)); do
51 for ((k = 0; k < 10; k++)); do
52 printf '"a", '
53 done
54 printf " /* %4d */\n" $((10 * $j + $k))
55 done
57 printf '"\\n");'
60 cat <<'EOF'
62 return 0;
65 #define TEST_FUNCTION do_test ()
66 #include "../test-skeleton.c"
68 EOF