1 /* Copyright (C) 2004-2015 Free Software Foundation, Inc.
2 This file is part of the GNU C Library.
3 Contributed by Jakub Jelinek <jakub@redhat.com>, 2004.
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, see
17 <http://www.gnu.org/licenses/>. */
31 #include <sys/select.h>
32 #include <sys/socket.h>
36 #define obstack_chunk_alloc malloc
37 #define obstack_chunk_free free
40 static void do_prepare (void);
41 static int do_test (void);
42 #define PREPARE(argc, argv) do_prepare ()
43 #define TEST_FUNCTION do_test ()
44 #include "../test-skeleton.c"
49 int temp_fd
= create_temp_file ("tst-chk1.", &temp_filename
);
52 printf ("cannot create temporary file: %m\n");
56 const char *strs
= "abcdefgh\nABCDEFGHI\nabcdefghij\nABCDEFGHIJ";
57 if ((size_t) write (temp_fd
, strs
, strlen (strs
)) != strlen (strs
))
59 puts ("could not write test strings into file");
60 unlink (temp_filename
);
65 volatile int chk_fail_ok
;
75 longjmp (chk_fail_buf
, 1);
86 const char *str1
= "JIHGFEDCBA";
87 const char *str2
= "F";
88 const char *str3
= "%s%n%s%n";
89 const char *str4
= "Hello, ";
90 const char *str5
= "World!\n";
91 const wchar_t *wstr1
= L
"JIHGFEDCBA";
92 const wchar_t *wstr2
= L
"F";
93 const wchar_t *wstr3
= L
"%s%n%s%n";
94 const wchar_t *wstr4
= L
"Hello, ";
95 const wchar_t *wstr5
= L
"World!\n";
101 do { printf ("Failure on line %d\n", __LINE__); ret = 1; } while (0)
102 #define CHK_FAIL_START \
104 if (! setjmp (chk_fail_buf)) \
106 #define CHK_FAIL_END \
110 #if __USE_FORTIFY_LEVEL >= 2 && (!defined __cplusplus || defined __va_arg_pack)
111 # define CHK_FAIL2_START CHK_FAIL_START
112 # define CHK_FAIL2_END CHK_FAIL_END
114 # define CHK_FAIL2_START
115 # define CHK_FAIL2_END
121 set_fortify_handler (handler
);
123 struct A
{ char buf1
[9]; char buf2
[1]; } a
;
124 struct wA
{ wchar_t buf1
[9]; wchar_t buf2
[1]; } wa
;
126 printf ("Test checking routines at fortify level %d\n",
127 #ifdef __USE_FORTIFY_LEVEL
128 (int) __USE_FORTIFY_LEVEL
134 #if defined __USE_FORTIFY_LEVEL && !defined __fortify_function
135 printf ("Test skipped");
140 /* These ops can be done without runtime checking of object size. */
141 memcpy (buf
, "abcdefghij", 10);
142 memmove (buf
+ 1, buf
, 9);
143 if (memcmp (buf
, "aabcdefghi", 10))
146 if (mempcpy (buf
+ 5, "abcde", 5) != buf
+ 10
147 || memcmp (buf
, "aabcdabcde", 10))
150 memset (buf
+ 8, 'j', 2);
151 if (memcmp (buf
, "aabcdabcjj", 10))
154 strcpy (buf
+ 4, "EDCBA");
155 if (memcmp (buf
, "aabcEDCBA", 10))
158 if (stpcpy (buf
+ 8, "F") != buf
+ 9 || memcmp (buf
, "aabcEDCBF", 10))
161 strncpy (buf
+ 6, "X", 4);
162 if (memcmp (buf
, "aabcEDX\0\0", 10))
165 if (sprintf (buf
+ 7, "%s", "67") != 2 || memcmp (buf
, "aabcEDX67", 10))
168 if (snprintf (buf
+ 7, 3, "%s", "987654") != 6
169 || memcmp (buf
, "aabcEDX98", 10))
172 /* These ops need runtime checking, but shouldn't __chk_fail. */
173 memcpy (buf
, "abcdefghij", l0
+ 10);
174 memmove (buf
+ 1, buf
, l0
+ 9);
175 if (memcmp (buf
, "aabcdefghi", 10))
178 if (mempcpy (buf
+ 5, "abcde", l0
+ 5) != buf
+ 10
179 || memcmp (buf
, "aabcdabcde", 10))
182 memset (buf
+ 8, 'j', l0
+ 2);
183 if (memcmp (buf
, "aabcdabcjj", 10))
186 strcpy (buf
+ 4, str1
+ 5);
187 if (memcmp (buf
, "aabcEDCBA", 10))
190 if (stpcpy (buf
+ 8, str2
) != buf
+ 9 || memcmp (buf
, "aabcEDCBF", 10))
193 strncpy (buf
+ 6, "X", l0
+ 4);
194 if (memcmp (buf
, "aabcEDX\0\0", 10))
197 if (stpncpy (buf
+ 5, "cd", l0
+ 5) != buf
+ 7
198 || memcmp (buf
, "aabcEcd\0\0", 10))
201 if (sprintf (buf
+ 7, "%d", num1
) != 2 || memcmp (buf
, "aabcEcd67", 10))
204 if (snprintf (buf
+ 7, 3, "%d", num2
) != 6 || memcmp (buf
, "aabcEcd98", 10))
209 if (memcmp (buf
, "aabcEcd9A", 10))
213 strncat (buf
, "ZYXWV", l0
+ 2);
214 if (memcmp (buf
, "aabcEcdZY", 10))
217 memcpy (a
.buf1
, "abcdefghij", l0
+ 10);
218 memmove (a
.buf1
+ 1, a
.buf1
, l0
+ 9);
219 if (memcmp (a
.buf1
, "aabcdefghi", 10))
222 if (mempcpy (a
.buf1
+ 5, "abcde", l0
+ 5) != a
.buf1
+ 10
223 || memcmp (a
.buf1
, "aabcdabcde", 10))
226 memset (a
.buf1
+ 8, 'j', l0
+ 2);
227 if (memcmp (a
.buf1
, "aabcdabcjj", 10))
230 #if __USE_FORTIFY_LEVEL < 2
231 /* The following tests are supposed to crash with -D_FORTIFY_SOURCE=2
232 and sufficient GCC support, as the string operations overflow
233 from a.buf1 into a.buf2. */
234 strcpy (a
.buf1
+ 4, str1
+ 5);
235 if (memcmp (a
.buf1
, "aabcEDCBA", 10))
238 if (stpcpy (a
.buf1
+ 8, str2
) != a
.buf1
+ 9
239 || memcmp (a
.buf1
, "aabcEDCBF", 10))
242 strncpy (a
.buf1
+ 6, "X", l0
+ 4);
243 if (memcmp (a
.buf1
, "aabcEDX\0\0", 10))
246 if (sprintf (a
.buf1
+ 7, "%d", num1
) != 2
247 || memcmp (a
.buf1
, "aabcEDX67", 10))
250 if (snprintf (a
.buf1
+ 7, 3, "%d", num2
) != 6
251 || memcmp (a
.buf1
, "aabcEDX98", 10))
254 a
.buf1
[l0
+ 8] = '\0';
255 strcat (a
.buf1
, "A");
256 if (memcmp (a
.buf1
, "aabcEDX9A", 10))
259 a
.buf1
[l0
+ 7] = '\0';
260 strncat (a
.buf1
, "ZYXWV", l0
+ 2);
261 if (memcmp (a
.buf1
, "aabcEDXZY", 10))
266 #if __USE_FORTIFY_LEVEL >= 1
267 /* Now check if all buffer overflows are caught at runtime.
268 N.B. All tests involving a length parameter need to be done
269 twice: once with the length a compile-time constant, once without. */
272 memcpy (buf
+ 1, "abcdefghij", 10);
276 memcpy (buf
+ 1, "abcdefghij", l0
+ 10);
280 memmove (buf
+ 2, buf
+ 1, 9);
284 memmove (buf
+ 2, buf
+ 1, l0
+ 9);
288 p
= (char *) mempcpy (buf
+ 6, "abcde", 5);
292 p
= (char *) mempcpy (buf
+ 6, "abcde", l0
+ 5);
296 memset (buf
+ 9, 'j', 2);
300 memset (buf
+ 9, 'j', l0
+ 2);
304 strcpy (buf
+ 5, str1
+ 5);
308 p
= stpcpy (buf
+ 9, str2
);
312 strncpy (buf
+ 7, "X", 4);
316 strncpy (buf
+ 7, "X", l0
+ 4);
320 stpncpy (buf
+ 6, "cd", 5);
324 stpncpy (buf
+ 6, "cd", l0
+ 5);
327 # if !defined __cplusplus || defined __va_arg_pack
329 sprintf (buf
+ 8, "%d", num1
);
333 snprintf (buf
+ 8, 3, "%d", num2
);
337 snprintf (buf
+ 8, l0
+ 3, "%d", num2
);
341 swprintf (wbuf
+ 8, 3, L
"%d", num1
);
345 swprintf (wbuf
+ 8, l0
+ 3, L
"%d", num1
);
349 memcpy (buf
, str1
+ 2, 9);
354 memcpy (buf
, str1
+ 3, 8);
356 strncat (buf
, "ZYXWV", 3);
359 memcpy (buf
, str1
+ 3, 8);
361 strncat (buf
, "ZYXWV", l0
+ 3);
365 memcpy (a
.buf1
+ 1, "abcdefghij", 10);
369 memcpy (a
.buf1
+ 1, "abcdefghij", l0
+ 10);
373 memmove (a
.buf1
+ 2, a
.buf1
+ 1, 9);
377 memmove (a
.buf1
+ 2, a
.buf1
+ 1, l0
+ 9);
381 p
= (char *) mempcpy (a
.buf1
+ 6, "abcde", 5);
385 p
= (char *) mempcpy (a
.buf1
+ 6, "abcde", l0
+ 5);
389 memset (a
.buf1
+ 9, 'j', 2);
393 memset (a
.buf1
+ 9, 'j', l0
+ 2);
396 # if __USE_FORTIFY_LEVEL >= 2
403 strcpy (a
.buf1
+ (O
+ 4), str1
+ 5);
407 p
= stpcpy (a
.buf1
+ (O
+ 8), str2
);
411 strncpy (a
.buf1
+ (O
+ 6), "X", 4);
415 strncpy (a
.buf1
+ (O
+ 6), "X", l0
+ 4);
418 # if !defined __cplusplus || defined __va_arg_pack
420 sprintf (a
.buf1
+ (O
+ 7), "%d", num1
);
424 snprintf (a
.buf1
+ (O
+ 7), 3, "%d", num2
);
428 snprintf (a
.buf1
+ (O
+ 7), l0
+ 3, "%d", num2
);
432 memcpy (a
.buf1
, str1
+ (3 - O
), 8 + O
);
434 strcat (a
.buf1
, "AB");
437 memcpy (a
.buf1
, str1
+ (4 - O
), 7 + O
);
439 strncat (a
.buf1
, "ZYXWV", l0
+ 3);
444 /* These ops can be done without runtime checking of object size. */
445 wmemcpy (wbuf
, L
"abcdefghij", 10);
446 wmemmove (wbuf
+ 1, wbuf
, 9);
447 if (wmemcmp (wbuf
, L
"aabcdefghi", 10))
450 if (wmempcpy (wbuf
+ 5, L
"abcde", 5) != wbuf
+ 10
451 || wmemcmp (wbuf
, L
"aabcdabcde", 10))
454 wmemset (wbuf
+ 8, L
'j', 2);
455 if (wmemcmp (wbuf
, L
"aabcdabcjj", 10))
458 wcscpy (wbuf
+ 4, L
"EDCBA");
459 if (wmemcmp (wbuf
, L
"aabcEDCBA", 10))
462 if (wcpcpy (wbuf
+ 8, L
"F") != wbuf
+ 9 || wmemcmp (wbuf
, L
"aabcEDCBF", 10))
465 wcsncpy (wbuf
+ 6, L
"X", 4);
466 if (wmemcmp (wbuf
, L
"aabcEDX\0\0", 10))
469 if (swprintf (wbuf
+ 7, 3, L
"%ls", L
"987654") >= 0
470 || wmemcmp (wbuf
, L
"aabcEDX98", 10))
473 if (swprintf (wbuf
+ 7, 3, L
"64") != 2
474 || wmemcmp (wbuf
, L
"aabcEDX64", 10))
477 /* These ops need runtime checking, but shouldn't __chk_fail. */
478 wmemcpy (wbuf
, L
"abcdefghij", l0
+ 10);
479 wmemmove (wbuf
+ 1, wbuf
, l0
+ 9);
480 if (wmemcmp (wbuf
, L
"aabcdefghi", 10))
483 if (wmempcpy (wbuf
+ 5, L
"abcde", l0
+ 5) != wbuf
+ 10
484 || wmemcmp (wbuf
, L
"aabcdabcde", 10))
487 wmemset (wbuf
+ 8, L
'j', l0
+ 2);
488 if (wmemcmp (wbuf
, L
"aabcdabcjj", 10))
491 wcscpy (wbuf
+ 4, wstr1
+ 5);
492 if (wmemcmp (wbuf
, L
"aabcEDCBA", 10))
495 if (wcpcpy (wbuf
+ 8, wstr2
) != wbuf
+ 9 || wmemcmp (wbuf
, L
"aabcEDCBF", 10))
498 wcsncpy (wbuf
+ 6, L
"X", l0
+ 4);
499 if (wmemcmp (wbuf
, L
"aabcEDX\0\0", 10))
502 if (wcpncpy (wbuf
+ 5, L
"cd", l0
+ 5) != wbuf
+ 7
503 || wmemcmp (wbuf
, L
"aabcEcd\0\0", 10))
506 if (swprintf (wbuf
+ 7, 3, L
"%d", num2
) >= 0
507 || wmemcmp (wbuf
, L
"aabcEcd98", 10))
510 wbuf
[l0
+ 8] = L
'\0';
512 if (wmemcmp (wbuf
, L
"aabcEcd9A", 10))
515 wbuf
[l0
+ 7] = L
'\0';
516 wcsncat (wbuf
, L
"ZYXWV", l0
+ 2);
517 if (wmemcmp (wbuf
, L
"aabcEcdZY", 10))
520 wmemcpy (wa
.buf1
, L
"abcdefghij", l0
+ 10);
521 wmemmove (wa
.buf1
+ 1, wa
.buf1
, l0
+ 9);
522 if (wmemcmp (wa
.buf1
, L
"aabcdefghi", 10))
525 if (wmempcpy (wa
.buf1
+ 5, L
"abcde", l0
+ 5) != wa
.buf1
+ 10
526 || wmemcmp (wa
.buf1
, L
"aabcdabcde", 10))
529 wmemset (wa
.buf1
+ 8, L
'j', l0
+ 2);
530 if (wmemcmp (wa
.buf1
, L
"aabcdabcjj", 10))
533 #if __USE_FORTIFY_LEVEL < 2
534 /* The following tests are supposed to crash with -D_FORTIFY_SOURCE=2
535 and sufficient GCC support, as the string operations overflow
536 from a.buf1 into a.buf2. */
537 wcscpy (wa
.buf1
+ 4, wstr1
+ 5);
538 if (wmemcmp (wa
.buf1
, L
"aabcEDCBA", 10))
541 if (wcpcpy (wa
.buf1
+ 8, wstr2
) != wa
.buf1
+ 9
542 || wmemcmp (wa
.buf1
, L
"aabcEDCBF", 10))
545 wcsncpy (wa
.buf1
+ 6, L
"X", l0
+ 4);
546 if (wmemcmp (wa
.buf1
, L
"aabcEDX\0\0", 10))
549 if (swprintf (wa
.buf1
+ 7, 3, L
"%d", num2
) >= 0
550 || wmemcmp (wa
.buf1
, L
"aabcEDX98", 10))
553 wa
.buf1
[l0
+ 8] = L
'\0';
554 wcscat (wa
.buf1
, L
"A");
555 if (wmemcmp (wa
.buf1
, L
"aabcEDX9A", 10))
558 wa
.buf1
[l0
+ 7] = L
'\0';
559 wcsncat (wa
.buf1
, L
"ZYXWV", l0
+ 2);
560 if (wmemcmp (wa
.buf1
, L
"aabcEDXZY", 10))
565 #if __USE_FORTIFY_LEVEL >= 1
566 /* Now check if all buffer overflows are caught at runtime.
567 N.B. All tests involving a length parameter need to be done
568 twice: once with the length a compile-time constant, once without. */
571 wmemcpy (wbuf
+ 1, L
"abcdefghij", 10);
575 wmemcpy (wbuf
+ 1, L
"abcdefghij", l0
+ 10);
579 wmemcpy (wbuf
+ 9, L
"abcdefghij", 10);
583 wmemcpy (wbuf
+ 9, L
"abcdefghij", l0
+ 10);
587 wmemmove (wbuf
+ 2, wbuf
+ 1, 9);
591 wmemmove (wbuf
+ 2, wbuf
+ 1, l0
+ 9);
595 wp
= wmempcpy (wbuf
+ 6, L
"abcde", 5);
599 wp
= wmempcpy (wbuf
+ 6, L
"abcde", l0
+ 5);
603 wmemset (wbuf
+ 9, L
'j', 2);
607 wmemset (wbuf
+ 9, L
'j', l0
+ 2);
611 wcscpy (wbuf
+ 5, wstr1
+ 5);
615 wp
= wcpcpy (wbuf
+ 9, wstr2
);
619 wcsncpy (wbuf
+ 7, L
"X", 4);
623 wcsncpy (wbuf
+ 7, L
"X", l0
+ 4);
627 wcsncpy (wbuf
+ 9, L
"XABCDEFGH", 8);
631 wcpncpy (wbuf
+ 9, L
"XABCDEFGH", 8);
635 wcpncpy (wbuf
+ 6, L
"cd", 5);
639 wcpncpy (wbuf
+ 6, L
"cd", l0
+ 5);
642 wmemcpy (wbuf
, wstr1
+ 2, 9);
644 wcscat (wbuf
, L
"AB");
647 wmemcpy (wbuf
, wstr1
+ 3, 8);
649 wcsncat (wbuf
, L
"ZYXWV", l0
+ 3);
653 wmemcpy (wa
.buf1
+ 1, L
"abcdefghij", 10);
657 wmemcpy (wa
.buf1
+ 1, L
"abcdefghij", l0
+ 10);
661 wmemmove (wa
.buf1
+ 2, wa
.buf1
+ 1, 9);
665 wmemmove (wa
.buf1
+ 2, wa
.buf1
+ 1, l0
+ 9);
669 wp
= wmempcpy (wa
.buf1
+ 6, L
"abcde", 5);
673 wp
= wmempcpy (wa
.buf1
+ 6, L
"abcde", l0
+ 5);
677 wmemset (wa
.buf1
+ 9, L
'j', 2);
681 wmemset (wa
.buf1
+ 9, L
'j', l0
+ 2);
684 #if __USE_FORTIFY_LEVEL >= 2
691 wcscpy (wa
.buf1
+ (O
+ 4), wstr1
+ 5);
695 wp
= wcpcpy (wa
.buf1
+ (O
+ 8), wstr2
);
699 wcsncpy (wa
.buf1
+ (O
+ 6), L
"X", 4);
703 wcsncpy (wa
.buf1
+ (O
+ 6), L
"X", l0
+ 4);
706 wmemcpy (wa
.buf1
, wstr1
+ (3 - O
), 8 + O
);
708 wcscat (wa
.buf1
, L
"AB");
711 wmemcpy (wa
.buf1
, wstr1
+ (4 - O
), 7 + O
);
713 wcsncat (wa
.buf1
, L
"ZYXWV", l0
+ 3);
718 /* Now checks for %n protection. */
720 /* Constant literals passed directly are always ok
721 (even with warnings about possible bugs from GCC). */
723 if (sprintf (buf
, "%s%n%s%n", str2
, &n1
, str2
, &n2
) != 2
724 || n1
!= 1 || n2
!= 2)
727 /* In this case the format string is not known at compile time,
728 but resides in read-only memory, so is ok. */
729 if (snprintf (buf
, 4, str3
, str2
, &n1
, str2
, &n2
) != 2
730 || n1
!= 1 || n2
!= 2)
733 strcpy (buf2
+ 2, "%n%s%n");
734 /* When the format string is writable and contains %n,
735 with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */
737 if (sprintf (buf
, buf2
, str2
, &n1
, str2
, &n1
) != 2)
742 if (snprintf (buf
, 3, buf2
, str2
, &n1
, str2
, &n1
) != 2)
746 /* But if there is no %n, even writable format string
749 if (sprintf (buf
, buf2
+ 4, str2
) != 1)
752 /* Constant literals passed directly are always ok
753 (even with warnings about possible bugs from GCC). */
754 if (printf ("%s%n%s%n", str4
, &n1
, str5
, &n2
) != 14
755 || n1
!= 7 || n2
!= 14)
758 /* In this case the format string is not known at compile time,
759 but resides in read-only memory, so is ok. */
760 if (printf (str3
, str4
, &n1
, str5
, &n2
) != 14
761 || n1
!= 7 || n2
!= 14)
764 strcpy (buf2
+ 2, "%n%s%n");
765 /* When the format string is writable and contains %n,
766 with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */
768 if (printf (buf2
, str4
, &n1
, str5
, &n1
) != 14)
772 /* But if there is no %n, even writable format string
775 if (printf (buf2
+ 4, str5
) != 7)
780 /* Constant literals passed directly are always ok
781 (even with warnings about possible bugs from GCC). */
782 if (fprintf (fp
, "%s%n%s%n", str4
, &n1
, str5
, &n2
) != 14
783 || n1
!= 7 || n2
!= 14)
786 /* In this case the format string is not known at compile time,
787 but resides in read-only memory, so is ok. */
788 if (fprintf (fp
, str3
, str4
, &n1
, str5
, &n2
) != 14
789 || n1
!= 7 || n2
!= 14)
792 strcpy (buf2
+ 2, "%n%s%n");
793 /* When the format string is writable and contains %n,
794 with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */
796 if (fprintf (fp
, buf2
, str4
, &n1
, str5
, &n1
) != 14)
800 /* But if there is no %n, even writable format string
803 if (fprintf (fp
, buf2
+ 4, str5
) != 7)
807 strcpy (buf2
+ 2, "%n%s%n");
808 /* When the format string is writable and contains %n,
809 with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */
811 if (asprintf (&my_ptr
, buf2
, str4
, &n1
, str5
, &n1
) != 14)
820 if (obstack_printf (&obs
, buf2
, str4
, &n1
, str5
, &n1
) != 14)
823 obstack_free (&obs
, NULL
);
826 if (asprintf (&my_ptr
, "%s%n%s%n", str4
, &n1
, str5
, &n1
) != 14)
832 if (obstack_printf (&obs
, "%s%n%s%n", str4
, &n1
, str5
, &n1
) != 14)
834 obstack_free (&obs
, NULL
);
836 if (freopen (temp_filename
, "r", stdin
) == NULL
)
838 puts ("could not open temporary file");
842 if (gets (buf
) != buf
|| memcmp (buf
, "abcdefgh", 9))
844 if (gets (buf
) != buf
|| memcmp (buf
, "ABCDEFGHI", 10))
847 #if __USE_FORTIFY_LEVEL >= 1
849 if (gets (buf
) != buf
)
856 if (fgets (buf
, sizeof (buf
), stdin
) != buf
857 || memcmp (buf
, "abcdefgh\n", 10))
859 if (fgets (buf
, sizeof (buf
), stdin
) != buf
|| memcmp (buf
, "ABCDEFGHI", 10))
864 if (fgets (buf
, l0
+ sizeof (buf
), stdin
) != buf
865 || memcmp (buf
, "abcdefgh\n", 10))
868 #if __USE_FORTIFY_LEVEL >= 1
870 if (fgets (buf
, sizeof (buf
) + 1, stdin
) != buf
)
875 if (fgets (buf
, l0
+ sizeof (buf
) + 1, stdin
) != buf
)
882 if (fgets_unlocked (buf
, sizeof (buf
), stdin
) != buf
883 || memcmp (buf
, "abcdefgh\n", 10))
885 if (fgets_unlocked (buf
, sizeof (buf
), stdin
) != buf
886 || memcmp (buf
, "ABCDEFGHI", 10))
891 if (fgets_unlocked (buf
, l0
+ sizeof (buf
), stdin
) != buf
892 || memcmp (buf
, "abcdefgh\n", 10))
895 #if __USE_FORTIFY_LEVEL >= 1
897 if (fgets_unlocked (buf
, sizeof (buf
) + 1, stdin
) != buf
)
902 if (fgets_unlocked (buf
, l0
+ sizeof (buf
) + 1, stdin
) != buf
)
909 if (fread (buf
, 1, sizeof (buf
), stdin
) != sizeof (buf
)
910 || memcmp (buf
, "abcdefgh\nA", 10))
912 if (fread (buf
, sizeof (buf
), 1, stdin
) != 1
913 || memcmp (buf
, "BCDEFGHI\na", 10))
918 if (fread (buf
, l0
+ 1, sizeof (buf
), stdin
) != sizeof (buf
)
919 || memcmp (buf
, "abcdefgh\nA", 10))
921 if (fread (buf
, sizeof (buf
), l0
+ 1, stdin
) != 1
922 || memcmp (buf
, "BCDEFGHI\na", 10))
925 #if __USE_FORTIFY_LEVEL >= 1
927 if (fread (buf
, 1, sizeof (buf
) + 1, stdin
) != sizeof (buf
) + 1)
932 if (fread (buf
, sizeof (buf
) + 1, l0
+ 1, stdin
) != 1)
939 if (fread_unlocked (buf
, 1, sizeof (buf
), stdin
) != sizeof (buf
)
940 || memcmp (buf
, "abcdefgh\nA", 10))
942 if (fread_unlocked (buf
, sizeof (buf
), 1, stdin
) != 1
943 || memcmp (buf
, "BCDEFGHI\na", 10))
948 if (fread_unlocked (buf
, 1, 4, stdin
) != 4
949 || memcmp (buf
, "abcdFGHI\na", 10))
951 if (fread_unlocked (buf
, 4, 1, stdin
) != 1
952 || memcmp (buf
, "efghFGHI\na", 10))
957 if (fread_unlocked (buf
, l0
+ 1, sizeof (buf
), stdin
) != sizeof (buf
)
958 || memcmp (buf
, "abcdefgh\nA", 10))
960 if (fread_unlocked (buf
, sizeof (buf
), l0
+ 1, stdin
) != 1
961 || memcmp (buf
, "BCDEFGHI\na", 10))
964 #if __USE_FORTIFY_LEVEL >= 1
966 if (fread_unlocked (buf
, 1, sizeof (buf
) + 1, stdin
) != sizeof (buf
) + 1)
971 if (fread_unlocked (buf
, sizeof (buf
) + 1, l0
+ 1, stdin
) != 1)
976 lseek (fileno (stdin
), 0, SEEK_SET
);
978 if (read (fileno (stdin
), buf
, sizeof (buf
) - 1) != sizeof (buf
) - 1
979 || memcmp (buf
, "abcdefgh\n", 9))
981 if (read (fileno (stdin
), buf
, sizeof (buf
) - 1) != sizeof (buf
) - 1
982 || memcmp (buf
, "ABCDEFGHI", 9))
985 lseek (fileno (stdin
), 0, SEEK_SET
);
987 if (read (fileno (stdin
), buf
, l0
+ sizeof (buf
) - 1) != sizeof (buf
) - 1
988 || memcmp (buf
, "abcdefgh\n", 9))
991 #if __USE_FORTIFY_LEVEL >= 1
993 if (read (fileno (stdin
), buf
, sizeof (buf
) + 1) != sizeof (buf
) + 1)
998 if (read (fileno (stdin
), buf
, l0
+ sizeof (buf
) + 1) != sizeof (buf
) + 1)
1003 if (pread (fileno (stdin
), buf
, sizeof (buf
) - 1, sizeof (buf
) - 2)
1005 || memcmp (buf
, "\nABCDEFGH", 9))
1007 if (pread (fileno (stdin
), buf
, sizeof (buf
) - 1, 0) != sizeof (buf
) - 1
1008 || memcmp (buf
, "abcdefgh\n", 9))
1010 if (pread (fileno (stdin
), buf
, l0
+ sizeof (buf
) - 1, sizeof (buf
) - 3)
1012 || memcmp (buf
, "h\nABCDEFG", 9))
1015 #if __USE_FORTIFY_LEVEL >= 1
1017 if (pread (fileno (stdin
), buf
, sizeof (buf
) + 1, 2 * sizeof (buf
))
1018 != sizeof (buf
) + 1)
1023 if (pread (fileno (stdin
), buf
, l0
+ sizeof (buf
) + 1, 2 * sizeof (buf
))
1024 != sizeof (buf
) + 1)
1029 if (pread64 (fileno (stdin
), buf
, sizeof (buf
) - 1, sizeof (buf
) - 2)
1031 || memcmp (buf
, "\nABCDEFGH", 9))
1033 if (pread64 (fileno (stdin
), buf
, sizeof (buf
) - 1, 0) != sizeof (buf
) - 1
1034 || memcmp (buf
, "abcdefgh\n", 9))
1036 if (pread64 (fileno (stdin
), buf
, l0
+ sizeof (buf
) - 1, sizeof (buf
) - 3)
1038 || memcmp (buf
, "h\nABCDEFG", 9))
1041 #if __USE_FORTIFY_LEVEL >= 1
1043 if (pread64 (fileno (stdin
), buf
, sizeof (buf
) + 1, 2 * sizeof (buf
))
1044 != sizeof (buf
) + 1)
1049 if (pread64 (fileno (stdin
), buf
, l0
+ sizeof (buf
) + 1, 2 * sizeof (buf
))
1050 != sizeof (buf
) + 1)
1055 if (freopen (temp_filename
, "r", stdin
) == NULL
)
1057 puts ("could not open temporary file");
1061 if (fseek (stdin
, 9 + 10 + 11, SEEK_SET
))
1063 puts ("could not seek in test file");
1067 #if __USE_FORTIFY_LEVEL >= 1
1069 if (gets (buf
) != buf
)
1074 /* Check whether missing N$ formats are detected. */
1076 printf ("%3$d\n", 1, 2, 3, 4);
1080 fprintf (stdout
, "%3$d\n", 1, 2, 3, 4);
1084 sprintf (buf
, "%3$d\n", 1, 2, 3, 4);
1088 snprintf (buf
, sizeof (buf
), "%3$d\n", 1, 2, 3, 4);
1092 if (socketpair (PF_UNIX
, SOCK_STREAM
, 0, sp
))
1096 const char *sendstr
= "abcdefgh\nABCDEFGH\n0123456789\n";
1097 if ((size_t) send (sp
[0], sendstr
, strlen (sendstr
), 0)
1098 != strlen (sendstr
))
1102 if (recv (sp
[1], recvbuf
, sizeof recvbuf
, MSG_PEEK
)
1104 || memcmp (recvbuf
, sendstr
, sizeof recvbuf
) != 0)
1107 if (recv (sp
[1], recvbuf
+ 6, l0
+ sizeof recvbuf
- 7, MSG_PEEK
)
1108 != sizeof recvbuf
- 7
1109 || memcmp (recvbuf
+ 6, sendstr
, sizeof recvbuf
- 7) != 0)
1112 #if __USE_FORTIFY_LEVEL >= 1
1114 if (recv (sp
[1], recvbuf
+ 1, sizeof recvbuf
, MSG_PEEK
)
1120 if (recv (sp
[1], recvbuf
+ 4, l0
+ sizeof recvbuf
- 3, MSG_PEEK
)
1121 != sizeof recvbuf
- 3)
1127 struct sockaddr_un sa_un
;
1129 sl
= sizeof (sa_un
);
1130 if (recvfrom (sp
[1], recvbuf
, sizeof recvbuf
, MSG_PEEK
,
1131 (struct sockaddr
*) &sa_un
, &sl
)
1133 || memcmp (recvbuf
, sendstr
, sizeof recvbuf
) != 0)
1136 sl
= sizeof (sa_un
);
1137 if (recvfrom (sp
[1], recvbuf
+ 6, l0
+ sizeof recvbuf
- 7, MSG_PEEK
,
1138 (struct sockaddr
*) &sa_un
, &sl
) != sizeof recvbuf
- 7
1139 || memcmp (recvbuf
+ 6, sendstr
, sizeof recvbuf
- 7) != 0)
1142 #if __USE_FORTIFY_LEVEL >= 1
1144 sl
= sizeof (sa_un
);
1145 if (recvfrom (sp
[1], recvbuf
+ 1, sizeof recvbuf
, MSG_PEEK
,
1146 (struct sockaddr
*) &sa_un
, &sl
) != sizeof recvbuf
)
1151 sl
= sizeof (sa_un
);
1152 if (recvfrom (sp
[1], recvbuf
+ 4, l0
+ sizeof recvbuf
- 3, MSG_PEEK
,
1153 (struct sockaddr
*) &sa_un
, &sl
) != sizeof recvbuf
- 3)
1162 char fname
[] = "/tmp/tst-chk1-dir-XXXXXX\0foo";
1163 char *enddir
= strchr (fname
, '\0');
1164 if (mkdtemp (fname
) == NULL
)
1166 printf ("mkdtemp failed: %m\n");
1170 if (symlink ("bar", fname
) != 0)
1173 char readlinkbuf
[4];
1174 if (readlink (fname
, readlinkbuf
, 4) != 3
1175 || memcmp (readlinkbuf
, "bar", 3) != 0)
1177 if (readlink (fname
, readlinkbuf
+ 1, l0
+ 3) != 3
1178 || memcmp (readlinkbuf
, "bbar", 4) != 0)
1181 #if __USE_FORTIFY_LEVEL >= 1
1183 if (readlink (fname
, readlinkbuf
+ 2, l0
+ 3) != 3)
1188 if (readlink (fname
, readlinkbuf
+ 3, 4) != 3)
1193 int tmpfd
= open ("/tmp", O_RDONLY
| O_DIRECTORY
);
1197 if (readlinkat (tmpfd
, fname
+ sizeof ("/tmp/") - 1, readlinkbuf
, 4) != 3
1198 || memcmp (readlinkbuf
, "bar", 3) != 0)
1200 if (readlinkat (tmpfd
, fname
+ sizeof ("/tmp/") - 1, readlinkbuf
+ 1,
1202 || memcmp (readlinkbuf
, "bbar", 4) != 0)
1205 #if __USE_FORTIFY_LEVEL >= 1
1207 if (readlinkat (tmpfd
, fname
+ sizeof ("/tmp/") - 1, readlinkbuf
+ 2,
1213 if (readlinkat (tmpfd
, fname
+ sizeof ("/tmp/") - 1, readlinkbuf
+ 3,
1221 char *cwd1
= getcwd (NULL
, 0);
1225 char *cwd2
= getcwd (NULL
, 250);
1231 if (strcmp (cwd1
, cwd2
) != 0)
1238 char *cwd3
= getcwd (NULL
, 0);
1241 if (strcmp (fname
, cwd3
) != 0)
1242 printf ("getcwd after chdir is '%s' != '%s',"
1243 "get{c,}wd tests skipped\n", cwd3
, fname
);
1246 char getcwdbuf
[sizeof fname
- 3];
1248 char *cwd4
= getcwd (getcwdbuf
, sizeof getcwdbuf
);
1249 if (cwd4
!= getcwdbuf
1250 || strcmp (getcwdbuf
, fname
) != 0)
1253 cwd4
= getcwd (getcwdbuf
+ 1, l0
+ sizeof getcwdbuf
- 1);
1254 if (cwd4
!= getcwdbuf
+ 1
1255 || getcwdbuf
[0] != fname
[0]
1256 || strcmp (getcwdbuf
+ 1, fname
) != 0)
1259 #if __USE_FORTIFY_LEVEL >= 1
1261 if (getcwd (getcwdbuf
+ 2, l0
+ sizeof getcwdbuf
)
1267 if (getcwd (getcwdbuf
+ 2, sizeof getcwdbuf
)
1273 if (getwd (getcwdbuf
) != getcwdbuf
1274 || strcmp (getcwdbuf
, fname
) != 0)
1277 if (getwd (getcwdbuf
+ 1) != getcwdbuf
+ 1
1278 || strcmp (getcwdbuf
+ 1, fname
) != 0)
1281 #if __USE_FORTIFY_LEVEL >= 1
1283 if (getwd (getcwdbuf
+ 2) != getcwdbuf
+ 2)
1289 if (chdir (cwd1
) != 0)
1297 if (unlink (fname
) != 0)
1301 if (rmdir (fname
) != 0)
1306 char largebuf
[PATH_MAX
];
1307 char *realres
= realpath (".", largebuf
);
1308 if (realres
!= largebuf
)
1311 # if __USE_FORTIFY_LEVEL >= 1
1314 realres
= realpath (".", realbuf
);
1315 if (realres
!= realbuf
)
1321 if (setlocale (LC_ALL
, "de_DE.UTF-8") != NULL
)
1323 assert (MB_CUR_MAX
<= 10);
1325 /* First a simple test. */
1327 if (wctomb (enough
, L
'A') != 1)
1330 #if __USE_FORTIFY_LEVEL >= 1
1331 /* We know the wchar_t encoding is ISO 10646. So pick a
1332 character which has a multibyte representation which does not
1336 if (wctomb (smallbuf
, L
'\x100') != 2)
1342 memset (&s
, '\0', sizeof (s
));
1343 if (wcrtomb (enough
, L
'D', &s
) != 1 || enough
[0] != 'D')
1346 #if __USE_FORTIFY_LEVEL >= 1
1347 /* We know the wchar_t encoding is ISO 10646. So pick a
1348 character which has a multibyte representation which does not
1352 if (wcrtomb (smallbuf
, L
'\x100', &s
) != 2)
1357 wchar_t wenough
[10];
1358 memset (&s
, '\0', sizeof (s
));
1359 const char *cp
= "A";
1360 if (mbsrtowcs (wenough
, &cp
, 10, &s
) != 1
1361 || wcscmp (wenough
, L
"A") != 0)
1365 if (mbsrtowcs (wenough
, &cp
, l0
+ 10, &s
) != 2
1366 || wcscmp (wenough
, L
"BC") != 0)
1369 #if __USE_FORTIFY_LEVEL >= 1
1371 wchar_t wsmallbuf
[2];
1373 mbsrtowcs (wsmallbuf
, &cp
, 10, &s
);
1378 if (mbstowcs (wenough
, cp
, 10) != 1
1379 || wcscmp (wenough
, L
"A") != 0)
1383 if (mbstowcs (wenough
, cp
, l0
+ 10) != 3
1384 || wcscmp (wenough
, L
"DEF") != 0)
1387 #if __USE_FORTIFY_LEVEL >= 1
1389 wchar_t wsmallbuf
[2];
1391 mbstowcs (wsmallbuf
, cp
, 10);
1395 memset (&s
, '\0', sizeof (s
));
1397 wcscpy (wenough
, L
"DEF");
1398 if (mbsnrtowcs (wenough
, &cp
, 1, 10, &s
) != 1
1399 || wcscmp (wenough
, L
"AEF") != 0)
1403 if (mbsnrtowcs (wenough
, &cp
, 1, l0
+ 10, &s
) != 1
1404 || wcscmp (wenough
, L
"IEF") != 0)
1407 #if __USE_FORTIFY_LEVEL >= 1
1409 wchar_t wsmallbuf
[2];
1411 mbsnrtowcs (wsmallbuf
, &cp
, 3, 10, &s
);
1415 memset (&s
, '\0', sizeof (s
));
1416 const wchar_t *wcp
= L
"A";
1417 if (wcsrtombs (enough
, &wcp
, 10, &s
) != 1
1418 || strcmp (enough
, "A") != 0)
1422 if (wcsrtombs (enough
, &wcp
, l0
+ 10, &s
) != 2
1423 || strcmp (enough
, "BC") != 0)
1426 #if __USE_FORTIFY_LEVEL >= 1
1430 wcsrtombs (smallbuf
, &wcp
, 10, &s
);
1434 memset (enough
, 'Z', sizeof (enough
));
1436 if (wcstombs (enough
, wcp
, 10) != 2
1437 || strcmp (enough
, "EF") != 0)
1441 if (wcstombs (enough
, wcp
, l0
+ 10) != 1
1442 || strcmp (enough
, "G") != 0)
1445 #if __USE_FORTIFY_LEVEL >= 1
1449 wcstombs (smallbuf
, wcp
, 10);
1453 memset (&s
, '\0', sizeof (s
));
1455 if (wcsnrtombs (enough
, &wcp
, 1, 10, &s
) != 1
1456 || strcmp (enough
, "A") != 0)
1460 if (wcsnrtombs (enough
, &wcp
, 1, l0
+ 10, &s
) != 1
1461 || strcmp (enough
, "B") != 0)
1464 #if __USE_FORTIFY_LEVEL >= 1
1468 wcsnrtombs (smallbuf
, &wcp
, 3, 10, &s
);
1474 puts ("cannot set locale");
1478 int fd
= posix_openpt (O_RDWR
);
1482 if (ptsname_r (fd
, enough
, sizeof (enough
)) != 0)
1485 #if __USE_FORTIFY_LEVEL >= 1
1488 if (ptsname_r (fd
, smallbuf
, sizeof (smallbuf
) + 1) == 0)
1496 confstr (_CS_GNU_LIBC_VERSION
, largebuf
, sizeof (largebuf
));
1497 # if __USE_FORTIFY_LEVEL >= 1
1500 confstr (_CS_GNU_LIBC_VERSION
, smallbuf
, sizeof (largebuf
));
1506 int ngr
= getgroups (5, grpslarge
);
1507 asm volatile ("" : : "r" (ngr
));
1508 #if __USE_FORTIFY_LEVEL >= 1
1511 ngr
= getgroups (5, (gid_t
*) smallbuf
);
1512 asm volatile ("" : : "r" (ngr
));
1516 fd
= open (_PATH_TTY
, O_RDONLY
);
1520 if (ttyname_r (fd
, enough
, sizeof (enough
)) != 0)
1523 #if __USE_FORTIFY_LEVEL >= 1
1526 if (ttyname_r (fd
, smallbuf
, sizeof (smallbuf
) + 1) == 0)
1533 char hostnamelarge
[1000];
1534 gethostname (hostnamelarge
, sizeof (hostnamelarge
));
1535 #if __USE_FORTIFY_LEVEL >= 1
1538 gethostname (smallbuf
, sizeof (hostnamelarge
));
1542 char loginlarge
[1000];
1543 getlogin_r (loginlarge
, sizeof (hostnamelarge
));
1544 #if __USE_FORTIFY_LEVEL >= 1
1547 getlogin_r (smallbuf
, sizeof (loginlarge
));
1551 char domainnamelarge
[1000];
1552 int res
= getdomainname (domainnamelarge
, sizeof (domainnamelarge
));
1553 asm volatile ("" : : "r" (res
));
1554 #if __USE_FORTIFY_LEVEL >= 1
1557 res
= getdomainname (smallbuf
, sizeof (domainnamelarge
));
1558 asm volatile ("" : : "r" (res
));
1565 FD_SET (FD_SETSIZE
- 1, &s
);
1566 #if __USE_FORTIFY_LEVEL >= 1
1568 FD_SET (FD_SETSIZE
, &s
);
1572 FD_SET (l0
+ FD_SETSIZE
, &s
);
1576 FD_CLR (FD_SETSIZE
- 1, &s
);
1577 #if __USE_FORTIFY_LEVEL >= 1
1579 FD_CLR (FD_SETSIZE
, &s
);
1583 FD_SET (l0
+ FD_SETSIZE
, &s
);
1587 FD_ISSET (FD_SETSIZE
- 1, &s
);
1588 #if __USE_FORTIFY_LEVEL >= 1
1590 FD_ISSET (FD_SETSIZE
, &s
);
1594 FD_ISSET (l0
+ FD_SETSIZE
, &s
);
1598 struct pollfd fds
[1];
1599 fds
[0].fd
= STDOUT_FILENO
;
1600 fds
[0].events
= POLLOUT
;
1602 #if __USE_FORTIFY_LEVEL >= 1
1608 poll (fds
, l0
+ 2, 0);
1611 ppoll (fds
, 1, NULL
, NULL
);
1612 #if __USE_FORTIFY_LEVEL >= 1
1614 ppoll (fds
, 2, NULL
, NULL
);
1618 ppoll (fds
, l0
+ 2, NULL
, NULL
);