1 /* Copyright (C) 2004, 2005 Free Software Foundation, Inc.
2 This file is part of the GNU C Library.
3 Contributed by Jakub Jelinek <jakub@redhat.com>, 2004.
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, write to the Free
17 Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
20 /* Hack: make sure GCC doesn't know __chk_fail () will not return. */
33 #include <sys/socket.h>
37 static void do_prepare (void);
38 static int do_test (void);
39 #define PREPARE(argc, argv) do_prepare ()
40 #define TEST_FUNCTION do_test ()
41 #include "../test-skeleton.c"
46 int temp_fd
= create_temp_file ("tst-chk1.", &temp_filename
);
49 printf ("cannot create temporary file: %m\n");
53 const char *strs
= "abcdefgh\nABCDEFGHI\nabcdefghij\nABCDEFGHIJ";
54 if (write (temp_fd
, strs
, strlen (strs
)) != strlen (strs
))
56 puts ("could not write test strings into file");
57 unlink (temp_filename
);
62 volatile int chk_fail_ok
;
72 longjmp (chk_fail_buf
, 1);
83 const char *str1
= "JIHGFEDCBA";
84 const char *str2
= "F";
85 const char *str3
= "%s%n%s%n";
86 const char *str4
= "Hello, ";
87 const char *str5
= "World!\n";
88 const wchar_t *wstr1
= L
"JIHGFEDCBA";
89 const wchar_t *wstr2
= L
"F";
90 const wchar_t *wstr3
= L
"%s%n%s%n";
91 const wchar_t *wstr4
= L
"Hello, ";
92 const wchar_t *wstr5
= L
"World!\n";
98 do { printf ("Failure on line %d\n", __LINE__); ret = 1; } while (0)
99 #define CHK_FAIL_START \
101 if (! setjmp (chk_fail_buf)) \
103 #define CHK_FAIL_END \
107 #if __USE_FORTIFY_LEVEL >= 2
108 #define CHK_FAIL2_START CHK_FAIL_START
109 #define CHK_FAIL2_END CHK_FAIL_END
111 #define CHK_FAIL2_START
112 #define CHK_FAIL2_END
119 sa
.sa_handler
= handler
;
121 sigemptyset (&sa
.sa_mask
);
123 sigaction (SIGABRT
, &sa
, NULL
);
125 /* Avoid all the buffer overflow messages on stderr. */
126 int fd
= open (_PATH_DEVNULL
, O_WRONLY
);
128 close (STDERR_FILENO
);
131 dup2 (fd
, STDERR_FILENO
);
134 setenv ("LIBC_FATAL_STDERR_", "1", 1);
136 struct A
{ char buf1
[9]; char buf2
[1]; } a
;
137 struct wA
{ wchar_t buf1
[9]; wchar_t buf2
[1]; } wa
;
139 printf ("Test checking routines at fortify level %d\n",
140 #ifdef __USE_FORTIFY_LEVEL
141 (int) __USE_FORTIFY_LEVEL
147 /* These ops can be done without runtime checking of object size. */
148 memcpy (buf
, "abcdefghij", 10);
149 memmove (buf
+ 1, buf
, 9);
150 if (memcmp (buf
, "aabcdefghi", 10))
153 if (mempcpy (buf
+ 5, "abcde", 5) != buf
+ 10
154 || memcmp (buf
, "aabcdabcde", 10))
157 memset (buf
+ 8, 'j', 2);
158 if (memcmp (buf
, "aabcdabcjj", 10))
161 strcpy (buf
+ 4, "EDCBA");
162 if (memcmp (buf
, "aabcEDCBA", 10))
165 if (stpcpy (buf
+ 8, "F") != buf
+ 9 || memcmp (buf
, "aabcEDCBF", 10))
168 strncpy (buf
+ 6, "X", 4);
169 if (memcmp (buf
, "aabcEDX\0\0", 10))
172 if (sprintf (buf
+ 7, "%s", "67") != 2 || memcmp (buf
, "aabcEDX67", 10))
175 if (snprintf (buf
+ 7, 3, "%s", "987654") != 6
176 || memcmp (buf
, "aabcEDX98", 10))
179 /* These ops need runtime checking, but shouldn't __chk_fail. */
180 memcpy (buf
, "abcdefghij", l0
+ 10);
181 memmove (buf
+ 1, buf
, l0
+ 9);
182 if (memcmp (buf
, "aabcdefghi", 10))
185 if (mempcpy (buf
+ 5, "abcde", l0
+ 5) != buf
+ 10
186 || memcmp (buf
, "aabcdabcde", 10))
189 memset (buf
+ 8, 'j', l0
+ 2);
190 if (memcmp (buf
, "aabcdabcjj", 10))
193 strcpy (buf
+ 4, str1
+ 5);
194 if (memcmp (buf
, "aabcEDCBA", 10))
197 if (stpcpy (buf
+ 8, str2
) != buf
+ 9 || memcmp (buf
, "aabcEDCBF", 10))
200 strncpy (buf
+ 6, "X", l0
+ 4);
201 if (memcmp (buf
, "aabcEDX\0\0", 10))
204 if (stpncpy (buf
+ 5, "cd", l0
+ 5) != buf
+ 7
205 || memcmp (buf
, "aabcEcd\0\0", 10))
208 if (sprintf (buf
+ 7, "%d", num1
) != 2 || memcmp (buf
, "aabcEcd67", 10))
211 if (snprintf (buf
+ 7, 3, "%d", num2
) != 6 || memcmp (buf
, "aabcEcd98", 10))
216 if (memcmp (buf
, "aabcEcd9A", 10))
220 strncat (buf
, "ZYXWV", l0
+ 2);
221 if (memcmp (buf
, "aabcEcdZY", 10))
224 memcpy (a
.buf1
, "abcdefghij", l0
+ 10);
225 memmove (a
.buf1
+ 1, a
.buf1
, l0
+ 9);
226 if (memcmp (a
.buf1
, "aabcdefghi", 10))
229 if (mempcpy (a
.buf1
+ 5, "abcde", l0
+ 5) != a
.buf1
+ 10
230 || memcmp (a
.buf1
, "aabcdabcde", 10))
233 memset (a
.buf1
+ 8, 'j', l0
+ 2);
234 if (memcmp (a
.buf1
, "aabcdabcjj", 10))
237 #if __USE_FORTIFY_LEVEL < 2 || !__GNUC_PREREQ (4, 0)
238 /* The following tests are supposed to crash with -D_FORTIFY_SOURCE=2
239 and sufficient GCC support, as the string operations overflow
240 from a.buf1 into a.buf2. */
241 strcpy (a
.buf1
+ 4, str1
+ 5);
242 if (memcmp (a
.buf1
, "aabcEDCBA", 10))
245 if (stpcpy (a
.buf1
+ 8, str2
) != a
.buf1
+ 9
246 || memcmp (a
.buf1
, "aabcEDCBF", 10))
249 strncpy (a
.buf1
+ 6, "X", l0
+ 4);
250 if (memcmp (a
.buf1
, "aabcEDX\0\0", 10))
253 if (sprintf (a
.buf1
+ 7, "%d", num1
) != 2
254 || memcmp (a
.buf1
, "aabcEDX67", 10))
257 if (snprintf (a
.buf1
+ 7, 3, "%d", num2
) != 6
258 || memcmp (a
.buf1
, "aabcEDX98", 10))
261 a
.buf1
[l0
+ 8] = '\0';
262 strcat (a
.buf1
, "A");
263 if (memcmp (a
.buf1
, "aabcEDX9A", 10))
266 a
.buf1
[l0
+ 7] = '\0';
267 strncat (a
.buf1
, "ZYXWV", l0
+ 2);
268 if (memcmp (a
.buf1
, "aabcEDXZY", 10))
273 #if __USE_FORTIFY_LEVEL >= 1
274 /* Now check if all buffer overflows are caught at runtime. */
277 memcpy (buf
+ 1, "abcdefghij", l0
+ 10);
281 memmove (buf
+ 2, buf
+ 1, l0
+ 9);
285 p
= mempcpy (buf
+ 6, "abcde", l0
+ 5);
289 memset (buf
+ 9, 'j', l0
+ 2);
293 strcpy (buf
+ 5, str1
+ 5);
297 p
= stpcpy (buf
+ 9, str2
);
301 strncpy (buf
+ 7, "X", l0
+ 4);
305 stpncpy (buf
+ 6, "cd", l0
+ 5);
309 sprintf (buf
+ 8, "%d", num1
);
313 snprintf (buf
+ 8, l0
+ 3, "%d", num2
);
316 memcpy (buf
, str1
+ 2, l0
+ 9);
321 memcpy (buf
, str1
+ 3, l0
+ 8);
323 strncat (buf
, "ZYXWV", l0
+ 3);
327 memcpy (a
.buf1
+ 1, "abcdefghij", l0
+ 10);
331 memmove (a
.buf1
+ 2, a
.buf1
+ 1, l0
+ 9);
335 p
= mempcpy (a
.buf1
+ 6, "abcde", l0
+ 5);
339 memset (a
.buf1
+ 9, 'j', l0
+ 2);
342 #if __USE_FORTIFY_LEVEL >= 2 && __GNUC_PREREQ (4, 0)
349 strcpy (a
.buf1
+ (O
+ 4), str1
+ 5);
353 p
= stpcpy (a
.buf1
+ (O
+ 8), str2
);
357 strncpy (a
.buf1
+ (O
+ 6), "X", l0
+ 4);
361 sprintf (a
.buf1
+ (O
+ 7), "%d", num1
);
365 snprintf (a
.buf1
+ (O
+ 7), l0
+ 3, "%d", num2
);
368 memcpy (a
.buf1
, str1
+ (3 - O
), l0
+ 8 + O
);
370 strcat (a
.buf1
, "AB");
373 memcpy (a
.buf1
, str1
+ (4 - O
), l0
+ 7 + O
);
375 strncat (a
.buf1
, "ZYXWV", l0
+ 3);
380 /* These ops can be done without runtime checking of object size. */
381 wmemcpy (wbuf
, L
"abcdefghij", 10);
382 wmemmove (wbuf
+ 1, wbuf
, 9);
383 if (wmemcmp (wbuf
, L
"aabcdefghi", 10))
386 if (wmempcpy (wbuf
+ 5, L
"abcde", 5) != wbuf
+ 10
387 || wmemcmp (wbuf
, L
"aabcdabcde", 10))
390 wmemset (wbuf
+ 8, L
'j', 2);
391 if (wmemcmp (wbuf
, L
"aabcdabcjj", 10))
394 wcscpy (wbuf
+ 4, L
"EDCBA");
395 if (wmemcmp (wbuf
, L
"aabcEDCBA", 10))
398 if (wcpcpy (wbuf
+ 8, L
"F") != wbuf
+ 9 || wmemcmp (wbuf
, L
"aabcEDCBF", 10))
401 wcsncpy (wbuf
+ 6, L
"X", 4);
402 if (wmemcmp (wbuf
, L
"aabcEDX\0\0", 10))
405 if (swprintf (wbuf
+ 7, 3, L
"%ls", L
"987654") >= 0
406 || wmemcmp (wbuf
, L
"aabcEDX98", 10))
409 if (swprintf (wbuf
+ 7, 3, L
"64") != 2
410 || wmemcmp (wbuf
, L
"aabcEDX64", 10))
413 /* These ops need runtime checking, but shouldn't __chk_fail. */
414 wmemcpy (wbuf
, L
"abcdefghij", l0
+ 10);
415 wmemmove (wbuf
+ 1, wbuf
, l0
+ 9);
416 if (wmemcmp (wbuf
, L
"aabcdefghi", 10))
419 if (wmempcpy (wbuf
+ 5, L
"abcde", l0
+ 5) != wbuf
+ 10
420 || wmemcmp (wbuf
, L
"aabcdabcde", 10))
423 wmemset (wbuf
+ 8, L
'j', l0
+ 2);
424 if (wmemcmp (wbuf
, L
"aabcdabcjj", 10))
427 wcscpy (wbuf
+ 4, wstr1
+ 5);
428 if (wmemcmp (wbuf
, L
"aabcEDCBA", 10))
431 if (wcpcpy (wbuf
+ 8, wstr2
) != wbuf
+ 9 || wmemcmp (wbuf
, L
"aabcEDCBF", 10))
434 wcsncpy (wbuf
+ 6, L
"X", l0
+ 4);
435 if (wmemcmp (wbuf
, L
"aabcEDX\0\0", 10))
438 if (wcpncpy (wbuf
+ 5, L
"cd", l0
+ 5) != wbuf
+ 7
439 || wmemcmp (wbuf
, L
"aabcEcd\0\0", 10))
442 if (swprintf (wbuf
+ 7, 3, L
"%d", num2
) >= 0
443 || wmemcmp (wbuf
, L
"aabcEcd98", 10))
446 wbuf
[l0
+ 8] = L
'\0';
448 if (wmemcmp (wbuf
, L
"aabcEcd9A", 10))
451 wbuf
[l0
+ 7] = L
'\0';
452 wcsncat (wbuf
, L
"ZYXWV", l0
+ 2);
453 if (wmemcmp (wbuf
, L
"aabcEcdZY", 10))
456 wmemcpy (wa
.buf1
, L
"abcdefghij", l0
+ 10);
457 wmemmove (wa
.buf1
+ 1, wa
.buf1
, l0
+ 9);
458 if (wmemcmp (wa
.buf1
, L
"aabcdefghi", 10))
461 if (wmempcpy (wa
.buf1
+ 5, L
"abcde", l0
+ 5) != wa
.buf1
+ 10
462 || wmemcmp (wa
.buf1
, L
"aabcdabcde", 10))
465 wmemset (wa
.buf1
+ 8, L
'j', l0
+ 2);
466 if (wmemcmp (wa
.buf1
, L
"aabcdabcjj", 10))
469 #if __USE_FORTIFY_LEVEL < 2
470 /* The following tests are supposed to crash with -D_FORTIFY_SOURCE=2
471 and sufficient GCC support, as the string operations overflow
472 from a.buf1 into a.buf2. */
473 wcscpy (wa
.buf1
+ 4, wstr1
+ 5);
474 if (wmemcmp (wa
.buf1
, L
"aabcEDCBA", 10))
477 if (wcpcpy (wa
.buf1
+ 8, wstr2
) != wa
.buf1
+ 9
478 || wmemcmp (wa
.buf1
, L
"aabcEDCBF", 10))
481 wcsncpy (wa
.buf1
+ 6, L
"X", l0
+ 4);
482 if (wmemcmp (wa
.buf1
, L
"aabcEDX\0\0", 10))
485 if (swprintf (wa
.buf1
+ 7, 3, L
"%d", num2
) >= 0
486 || wmemcmp (wa
.buf1
, L
"aabcEDX98", 10))
489 wa
.buf1
[l0
+ 8] = L
'\0';
490 wcscat (wa
.buf1
, L
"A");
491 if (wmemcmp (wa
.buf1
, L
"aabcEDX9A", 10))
494 wa
.buf1
[l0
+ 7] = L
'\0';
495 wcsncat (wa
.buf1
, L
"ZYXWV", l0
+ 2);
496 if (wmemcmp (wa
.buf1
, L
"aabcEDXZY", 10))
501 #if __USE_FORTIFY_LEVEL >= 1
502 /* Now check if all buffer overflows are caught at runtime. */
505 wmemcpy (wbuf
+ 1, L
"abcdefghij", l0
+ 10);
509 wmemmove (wbuf
+ 2, wbuf
+ 1, l0
+ 9);
513 wp
= wmempcpy (wbuf
+ 6, L
"abcde", l0
+ 5);
517 wmemset (wbuf
+ 9, L
'j', l0
+ 2);
521 wcscpy (wbuf
+ 5, wstr1
+ 5);
525 wp
= wcpcpy (wbuf
+ 9, wstr2
);
529 wcsncpy (wbuf
+ 7, L
"X", l0
+ 4);
533 wcpncpy (wbuf
+ 6, L
"cd", l0
+ 5);
536 wmemcpy (wbuf
, wstr1
+ 2, l0
+ 9);
538 wcscat (wbuf
, L
"AB");
541 wmemcpy (wbuf
, wstr1
+ 3, l0
+ 8);
543 wcsncat (wbuf
, L
"ZYXWV", l0
+ 3);
547 wmemcpy (wa
.buf1
+ 1, L
"abcdefghij", l0
+ 10);
551 wmemmove (wa
.buf1
+ 2, wa
.buf1
+ 1, l0
+ 9);
555 wp
= wmempcpy (wa
.buf1
+ 6, L
"abcde", l0
+ 5);
559 wmemset (wa
.buf1
+ 9, L
'j', l0
+ 2);
562 #if __USE_FORTIFY_LEVEL >= 2
569 wcscpy (wa
.buf1
+ (O
+ 4), wstr1
+ 5);
573 wp
= wcpcpy (wa
.buf1
+ (O
+ 8), wstr2
);
577 wcsncpy (wa
.buf1
+ (O
+ 6), L
"X", l0
+ 4);
580 wmemcpy (wa
.buf1
, wstr1
+ (3 - O
), l0
+ 8 + O
);
582 wcscat (wa
.buf1
, L
"AB");
585 wmemcpy (wa
.buf1
, wstr1
+ (4 - O
), l0
+ 7 + O
);
587 wcsncat (wa
.buf1
, L
"ZYXWV", l0
+ 3);
592 /* Now checks for %n protection. */
594 /* Constant literals passed directly are always ok
595 (even with warnings about possible bugs from GCC). */
597 if (sprintf (buf
, "%s%n%s%n", str2
, &n1
, str2
, &n2
) != 2
598 || n1
!= 1 || n2
!= 2)
601 /* In this case the format string is not known at compile time,
602 but resides in read-only memory, so is ok. */
603 if (snprintf (buf
, 4, str3
, str2
, &n1
, str2
, &n2
) != 2
604 || n1
!= 1 || n2
!= 2)
607 strcpy (buf2
+ 2, "%n%s%n");
608 /* When the format string is writable and contains %n,
609 with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */
611 if (sprintf (buf
, buf2
, str2
, &n1
, str2
, &n1
) != 2)
616 if (snprintf (buf
, 3, buf2
, str2
, &n1
, str2
, &n1
) != 2)
620 /* But if there is no %n, even writable format string
623 if (sprintf (buf
, buf2
+ 4, str2
) != 1)
626 /* Constant literals passed directly are always ok
627 (even with warnings about possible bugs from GCC). */
628 if (printf ("%s%n%s%n", str4
, &n1
, str5
, &n2
) != 14
629 || n1
!= 7 || n2
!= 14)
632 /* In this case the format string is not known at compile time,
633 but resides in read-only memory, so is ok. */
634 if (printf (str3
, str4
, &n1
, str5
, &n2
) != 14
635 || n1
!= 7 || n2
!= 14)
638 strcpy (buf2
+ 2, "%n%s%n");
639 /* When the format string is writable and contains %n,
640 with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */
642 if (printf (buf2
, str4
, &n1
, str5
, &n1
) != 14)
646 /* But if there is no %n, even writable format string
649 if (printf (buf2
+ 4, str5
) != 7)
654 /* Constant literals passed directly are always ok
655 (even with warnings about possible bugs from GCC). */
656 if (fprintf (fp
, "%s%n%s%n", str4
, &n1
, str5
, &n2
) != 14
657 || n1
!= 7 || n2
!= 14)
660 /* In this case the format string is not known at compile time,
661 but resides in read-only memory, so is ok. */
662 if (fprintf (fp
, str3
, str4
, &n1
, str5
, &n2
) != 14
663 || n1
!= 7 || n2
!= 14)
666 strcpy (buf2
+ 2, "%n%s%n");
667 /* When the format string is writable and contains %n,
668 with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */
670 if (fprintf (fp
, buf2
, str4
, &n1
, str5
, &n1
) != 14)
674 /* But if there is no %n, even writable format string
677 if (fprintf (fp
, buf2
+ 4, str5
) != 7)
680 if (freopen (temp_filename
, "r", stdin
) == NULL
)
682 puts ("could not open temporary file");
686 if (gets (buf
) != buf
|| memcmp (buf
, "abcdefgh", 9))
688 if (gets (buf
) != buf
|| memcmp (buf
, "ABCDEFGHI", 10))
691 #if __USE_FORTIFY_LEVEL >= 1
693 if (gets (buf
) != buf
)
700 if (fgets (buf
, sizeof (buf
), stdin
) != buf
701 || memcmp (buf
, "abcdefgh\n", 10))
703 if (fgets (buf
, sizeof (buf
), stdin
) != buf
|| memcmp (buf
, "ABCDEFGHI", 10))
708 if (fgets (buf
, l0
+ sizeof (buf
), stdin
) != buf
709 || memcmp (buf
, "abcdefgh\n", 10))
712 #if __USE_FORTIFY_LEVEL >= 1
714 if (fgets (buf
, sizeof (buf
) + 1, stdin
) != buf
)
719 if (fgets (buf
, l0
+ sizeof (buf
) + 1, stdin
) != buf
)
726 if (fgets_unlocked (buf
, sizeof (buf
), stdin
) != buf
727 || memcmp (buf
, "abcdefgh\n", 10))
729 if (fgets_unlocked (buf
, sizeof (buf
), stdin
) != buf
730 || memcmp (buf
, "ABCDEFGHI", 10))
735 if (fgets_unlocked (buf
, l0
+ sizeof (buf
), stdin
) != buf
736 || memcmp (buf
, "abcdefgh\n", 10))
739 #if __USE_FORTIFY_LEVEL >= 1
741 if (fgets_unlocked (buf
, sizeof (buf
) + 1, stdin
) != buf
)
746 if (fgets_unlocked (buf
, l0
+ sizeof (buf
) + 1, stdin
) != buf
)
751 lseek (fileno (stdin
), 0, SEEK_SET
);
753 if (read (fileno (stdin
), buf
, sizeof (buf
) - 1) != sizeof (buf
) - 1
754 || memcmp (buf
, "abcdefgh\n", 9))
756 if (read (fileno (stdin
), buf
, sizeof (buf
) - 1) != sizeof (buf
) - 1
757 || memcmp (buf
, "ABCDEFGHI", 9))
760 lseek (fileno (stdin
), 0, SEEK_SET
);
762 if (read (fileno (stdin
), buf
, l0
+ sizeof (buf
) - 1) != sizeof (buf
) - 1
763 || memcmp (buf
, "abcdefgh\n", 9))
766 #if __USE_FORTIFY_LEVEL >= 1
768 if (read (fileno (stdin
), buf
, sizeof (buf
) + 1) != sizeof (buf
) + 1)
773 if (pread (fileno (stdin
), buf
, sizeof (buf
) - 1, sizeof (buf
) - 2)
775 || memcmp (buf
, "\nABCDEFGH", 9))
777 if (pread (fileno (stdin
), buf
, sizeof (buf
) - 1, 0) != sizeof (buf
) - 1
778 || memcmp (buf
, "abcdefgh\n", 9))
780 if (pread (fileno (stdin
), buf
, l0
+ sizeof (buf
) - 1, sizeof (buf
) - 3)
782 || memcmp (buf
, "h\nABCDEFG", 9))
785 #if __USE_FORTIFY_LEVEL >= 1
787 if (pread (fileno (stdin
), buf
, sizeof (buf
) + 1, 2 * sizeof (buf
))
793 if (pread64 (fileno (stdin
), buf
, sizeof (buf
) - 1, sizeof (buf
) - 2)
795 || memcmp (buf
, "\nABCDEFGH", 9))
797 if (pread64 (fileno (stdin
), buf
, sizeof (buf
) - 1, 0) != sizeof (buf
) - 1
798 || memcmp (buf
, "abcdefgh\n", 9))
800 if (pread64 (fileno (stdin
), buf
, l0
+ sizeof (buf
) - 1, sizeof (buf
) - 3)
802 || memcmp (buf
, "h\nABCDEFG", 9))
805 #if __USE_FORTIFY_LEVEL >= 1
807 if (pread64 (fileno (stdin
), buf
, sizeof (buf
) + 1, 2 * sizeof (buf
))
813 if (freopen (temp_filename
, "r", stdin
) == NULL
)
815 puts ("could not open temporary file");
819 if (fseek (stdin
, 9 + 10 + 11, SEEK_SET
))
821 puts ("could not seek in test file");
825 #if __USE_FORTIFY_LEVEL >= 1
827 if (gets (buf
) != buf
)
832 /* Check whether missing N$ formats are detected. */
834 printf ("%3$d\n", 1, 2, 3, 4);
838 fprintf (stdout
, "%3$d\n", 1, 2, 3, 4);
842 sprintf (buf
, "%3$d\n", 1, 2, 3, 4);
846 snprintf (buf
, sizeof (buf
), "%3$d\n", 1, 2, 3, 4);
850 if (socketpair (PF_UNIX
, SOCK_STREAM
, 0, sp
))
854 const char *sendstr
= "abcdefgh\nABCDEFGH\n0123456789\n";
855 if (send (sp
[0], sendstr
, strlen (sendstr
), 0) != strlen (sendstr
))
859 if (recv (sp
[1], recvbuf
, sizeof recvbuf
, MSG_PEEK
)
861 || memcmp (recvbuf
, sendstr
, sizeof recvbuf
) != 0)
864 if (recv (sp
[1], recvbuf
+ 6, l0
+ sizeof recvbuf
- 7, MSG_PEEK
)
865 != sizeof recvbuf
- 7
866 || memcmp (recvbuf
+ 6, sendstr
, sizeof recvbuf
- 7) != 0)
869 #if __USE_FORTIFY_LEVEL >= 1
871 if (recv (sp
[1], recvbuf
+ 1, sizeof recvbuf
, MSG_PEEK
)
877 if (recv (sp
[1], recvbuf
+ 4, l0
+ sizeof recvbuf
- 3, MSG_PEEK
)
878 != sizeof recvbuf
- 3)
884 struct sockaddr_un sa_un
;
887 if (recvfrom (sp
[1], recvbuf
, sizeof recvbuf
, MSG_PEEK
, &sa_un
, &sl
)
889 || memcmp (recvbuf
, sendstr
, sizeof recvbuf
) != 0)
893 if (recvfrom (sp
[1], recvbuf
+ 6, l0
+ sizeof recvbuf
- 7, MSG_PEEK
,
894 &sa_un
, &sl
) != sizeof recvbuf
- 7
895 || memcmp (recvbuf
+ 6, sendstr
, sizeof recvbuf
- 7) != 0)
898 #if __USE_FORTIFY_LEVEL >= 1
901 if (recvfrom (sp
[1], recvbuf
+ 1, sizeof recvbuf
, MSG_PEEK
, &sa_un
, &sl
)
908 if (recvfrom (sp
[1], recvbuf
+ 4, l0
+ sizeof recvbuf
- 3, MSG_PEEK
,
909 &sa_un
, &sl
) != sizeof recvbuf
- 3)
918 char fname
[] = "/tmp/tst-chk1-dir-XXXXXX\0foo";
919 char *enddir
= strchr (fname
, '\0');
920 if (mkdtemp (fname
) == NULL
)
922 printf ("mkdtemp failed: %m\n");
926 if (symlink ("bar", fname
) != 0)
930 if (readlink (fname
, readlinkbuf
, 4) != 3
931 || memcmp (readlinkbuf
, "bar", 3) != 0)
933 if (readlink (fname
, readlinkbuf
+ 1, l0
+ 3) != 3
934 || memcmp (readlinkbuf
, "bbar", 4) != 0)
937 #if __USE_FORTIFY_LEVEL >= 1
939 if (readlink (fname
, readlinkbuf
+ 2, l0
+ 3) != 3)
944 if (readlink (fname
, readlinkbuf
+ 3, 4) != 3)
949 char *cwd1
= getcwd (NULL
, 0);
953 char *cwd2
= getcwd (NULL
, 250);
959 if (strcmp (cwd1
, cwd2
) != 0)
966 char *cwd3
= getcwd (NULL
, 0);
969 if (strcmp (fname
, cwd3
) != 0)
970 printf ("getcwd after chdir is '%s' != '%s',"
971 "get{c,}wd tests skipped\n", cwd3
, fname
);
974 char getcwdbuf
[sizeof fname
- 3];
976 char *cwd4
= getcwd (getcwdbuf
, sizeof getcwdbuf
);
977 if (cwd4
!= getcwdbuf
978 || strcmp (getcwdbuf
, fname
) != 0)
981 cwd4
= getcwd (getcwdbuf
+ 1, l0
+ sizeof getcwdbuf
- 1);
982 if (cwd4
!= getcwdbuf
+ 1
983 || getcwdbuf
[0] != fname
[0]
984 || strcmp (getcwdbuf
+ 1, fname
) != 0)
987 #if __USE_FORTIFY_LEVEL >= 1
989 if (getcwd (getcwdbuf
+ 2, l0
+ sizeof getcwdbuf
)
995 if (getcwd (getcwdbuf
+ 2, sizeof getcwdbuf
)
1001 if (getwd (getcwdbuf
) != getcwdbuf
1002 || strcmp (getcwdbuf
, fname
) != 0)
1005 if (getwd (getcwdbuf
+ 1) != getcwdbuf
+ 1
1006 || strcmp (getcwdbuf
+ 1, fname
) != 0)
1009 #if __USE_FORTIFY_LEVEL >= 1
1011 if (getwd (getcwdbuf
+ 2) != getcwdbuf
+ 2)
1017 if (chdir (cwd1
) != 0)
1025 if (unlink (fname
) != 0)
1029 if (rmdir (fname
) != 0)
1034 char largebuf
[PATH_MAX
];
1035 char *realres
= realpath (".", largebuf
);
1037 #if __USE_FORTIFY_LEVEL >= 1
1040 realres
= realpath (".", realbuf
);
1044 if (setlocale (LC_ALL
, "de_DE.UTF-8") != NULL
)
1046 /* First a simple test. */
1047 char enough
[MB_CUR_MAX
];
1048 if (wctomb (enough
, L
'A') != 1)
1050 puts ("first wctomb test failed");
1054 #if __USE_FORTIFY_LEVEL >= 1
1055 /* We know the wchar_t encoding is ISO 10646. So pick a
1056 character which has a multibyte representation which does not
1060 if (wctomb (smallbuf
, L
'\x100') != 2)
1062 puts ("second wctomb test failed");
1069 memset (&s
, '\0', sizeof (s
));
1070 if (wcrtomb (enough
, L
'A', &s
) != 1)
1072 puts ("first wcrtomb test failed");
1076 #if __USE_FORTIFY_LEVEL >= 1
1077 /* We know the wchar_t encoding is ISO 10646. So pick a
1078 character which has a multibyte representation which does not
1082 if (wcrtomb (smallbuf
, L
'\x100', &s
) != 2)
1084 puts ("second wcrtomb test failed");
1090 wchar_t wenough
[10];
1091 memset (&s
, '\0', sizeof (s
));
1092 const char *cp
= "A";
1093 if (mbsrtowcs (wenough
, &cp
, 10, &s
) != 1)
1095 puts ("first mbsrtowcs test failed");
1099 #if __USE_FORTIFY_LEVEL >= 1
1100 /* We know the wchar_t encoding is ISO 10646. So pick a
1101 character which has a multibyte representation which does not
1104 wchar_t wsmallbuf
[2];
1106 mbsrtowcs (wsmallbuf
, &cp
, 10, &s
);
1110 memset (&s
, '\0', sizeof (s
));
1112 if (mbsnrtowcs (wenough
, &cp
, 1, 10, &s
) != 1)
1114 puts ("first mbsnrtowcs test failed");
1118 #if __USE_FORTIFY_LEVEL >= 1
1119 /* We know the wchar_t encoding is ISO 10646. So pick a
1120 character which has a multibyte representation which does not
1123 wchar_t wsmallbuf
[2];
1125 mbsnrtowcs (wsmallbuf
, &cp
, 3, 10, &s
);
1129 memset (&s
, '\0', sizeof (s
));
1130 const wchar_t *wcp
= L
"A";
1131 if (wcsrtombs (enough
, &wcp
, 10, &s
) != 1)
1133 puts ("first wcsrtombs test failed");
1137 #if __USE_FORTIFY_LEVEL >= 1
1138 /* We know the wchar_t encoding is ISO 10646. So pick a
1139 character which has a multibyte representation which does not
1144 wcsrtombs (smallbuf
, &wcp
, 10, &s
);
1148 memset (&s
, '\0', sizeof (s
));
1150 if (wcsnrtombs (enough
, &wcp
, 1, 10, &s
) != 1)
1152 puts ("first wcsnrtombs test failed");
1156 #if __USE_FORTIFY_LEVEL >= 1
1157 /* We know the wchar_t encoding is ISO 10646. So pick a
1158 character which has a multibyte representation which does not
1163 wcsnrtombs (smallbuf
, &wcp
, 3, 10, &s
);
1169 puts ("cannot set locale");
1173 fd
= posix_openpt (O_RDWR
);
1177 if (ptsname_r (fd
, enough
, sizeof (enough
)) != 0)
1179 puts ("first ptsname_r failed");
1183 #if __USE_FORTIFY_LEVEL >= 1
1186 if (ptsname_r (fd
, smallbuf
, sizeof (smallbuf
) + 1) == 0)
1188 puts ("second ptsname_r somehow suceeded");
1196 confstr (_CS_GNU_LIBC_VERSION
, largebuf
, sizeof (largebuf
));
1197 #if __USE_FORTIFY_LEVEL >= 1
1200 confstr (_CS_GNU_LIBC_VERSION
, smallbuf
, sizeof (largebuf
));
1205 int ngr
= getgroups (5, grpslarge
);
1206 #if __USE_FORTIFY_LEVEL >= 1
1209 ngr
= getgroups (5, (gid_t
*) smallbuf
);
1213 fd
= open (_PATH_TTY
, O_RDONLY
);
1217 if (ttyname_r (fd
, enough
, sizeof (enough
)) != 0)
1219 puts ("first ttyname_r failed");
1223 #if __USE_FORTIFY_LEVEL >= 1
1226 if (ttyname_r (fd
, smallbuf
, sizeof (smallbuf
) + 1) == 0)
1228 puts ("second ttyname_r somehow suceeded");
1236 char hostnamelarge
[1000];
1237 gethostname (hostnamelarge
, sizeof (hostnamelarge
));
1238 #if __USE_FORTIFY_LEVEL >= 1
1241 gethostname (smallbuf
, sizeof (hostnamelarge
));
1245 char loginlarge
[1000];
1246 getlogin_r (loginlarge
, sizeof (hostnamelarge
));
1247 #if __USE_FORTIFY_LEVEL >= 1
1250 getlogin_r (smallbuf
, sizeof (loginlarge
));
1254 char domainnamelarge
[1000];
1255 int res
= getdomainname (domainnamelarge
, sizeof (domainnamelarge
));
1256 #if __USE_FORTIFY_LEVEL >= 1
1259 res
= getdomainname (smallbuf
, sizeof (domainnamelarge
));