1 /* @generated by `generate-fortify-tests.lua "unistd"` */
2
3 #define _FORTIFY_SOURCE 2
4 #define TMPFILE_SIZE (1024 * 32)
5
6 #include <sys/param.h>
7 #include <sys/random.h>
8 #include <sys/resource.h>
9 #include <sys/select.h>
10 #include <sys/socket.h>
11 #include <sys/time.h>
12 #include <sys/uio.h>
13 #include <sys/wait.h>
14 #include <dirent.h>
15 #include <errno.h>
16 #include <fcntl.h>
17 #include <limits.h>
18 #include <poll.h>
19 #include <signal.h>
20 #include <stdio.h>
21 #include <stdlib.h>
22 #include <string.h>
23 #include <strings.h>
24 #include <sysexits.h>
25 #include <unistd.h>
26 #include <wchar.h>
27 #include <atf-c.h>
28
29 static FILE * __unused
new_fp(size_t __len)30 new_fp(size_t __len)
31 {
32 static char fpbuf[LINE_MAX];
33 FILE *fp;
34
35 ATF_REQUIRE(__len <= sizeof(fpbuf));
36
37 memset(fpbuf, 'A', sizeof(fpbuf) - 1);
38 fpbuf[sizeof(fpbuf) - 1] = '\0';
39
40 fp = fmemopen(fpbuf, sizeof(fpbuf), "rb");
41 ATF_REQUIRE(fp != NULL);
42
43 return (fp);
44 }
45
46 /*
47 * Create a new symlink to use for readlink(2) style tests, we'll just use a
48 * random target name to have something interesting to look at.
49 */
50 static const char * __unused
new_symlink(size_t __len)51 new_symlink(size_t __len)
52 {
53 static const char linkname[] = "link";
54 char target[MAXNAMLEN];
55 int error;
56
57 ATF_REQUIRE(__len <= sizeof(target));
58
59 arc4random_buf(target, sizeof(target));
60
61 error = unlink(linkname);
62 ATF_REQUIRE(error == 0 || errno == ENOENT);
63
64 error = symlink(target, linkname);
65 ATF_REQUIRE(error == 0);
66
67 return (linkname);
68 }
69
70 /*
71 * For our purposes, first descriptor will be the reader; we'll send both
72 * raw data and a control message over it so that the result can be used for
73 * any of our recv*() tests.
74 */
75 static void __unused
new_socket(int sock[2])76 new_socket(int sock[2])
77 {
78 unsigned char ctrl[CMSG_SPACE(sizeof(int))] = { 0 };
79 static char sockbuf[256];
80 ssize_t rv;
81 size_t total = 0;
82 struct msghdr hdr = { 0 };
83 struct cmsghdr *cmsg;
84 int error, fd;
85
86 error = socketpair(AF_UNIX, SOCK_STREAM, 0, sock);
87 ATF_REQUIRE(error == 0);
88
89 while (total != sizeof(sockbuf)) {
90 rv = send(sock[1], &sockbuf[total], sizeof(sockbuf) - total, 0);
91
92 ATF_REQUIRE_MSG(rv > 0,
93 "expected bytes sent, got %zd with %zu left (size %zu, total %zu)",
94 rv, sizeof(sockbuf) - total, sizeof(sockbuf), total);
95 ATF_REQUIRE_MSG(total + (size_t)rv <= sizeof(sockbuf),
96 "%zd exceeds total %zu", rv, sizeof(sockbuf));
97 total += rv;
98 }
99
100 hdr.msg_control = ctrl;
101 hdr.msg_controllen = sizeof(ctrl);
102
103 cmsg = CMSG_FIRSTHDR(&hdr);
104 cmsg->cmsg_level = SOL_SOCKET;
105 cmsg->cmsg_type = SCM_RIGHTS;
106 cmsg->cmsg_len = CMSG_LEN(sizeof(fd));
107 fd = STDIN_FILENO;
108 memcpy(CMSG_DATA(cmsg), &fd, sizeof(fd));
109
110 error = sendmsg(sock[1], &hdr, 0);
111 ATF_REQUIRE(error != -1);
112 }
113
114 /*
115 * Constructs a tmpfile that we can use for testing read(2) and friends.
116 */
117 static int __unused
new_tmpfile(void)118 new_tmpfile(void)
119 {
120 char buf[1024];
121 ssize_t rv;
122 size_t written;
123 int fd;
124
125 fd = open("tmpfile", O_RDWR | O_CREAT | O_TRUNC, 0644);
126 ATF_REQUIRE(fd >= 0);
127
128 written = 0;
129 while (written < TMPFILE_SIZE) {
130 rv = write(fd, buf, sizeof(buf));
131 ATF_REQUIRE(rv > 0);
132
133 written += rv;
134 }
135
136 ATF_REQUIRE_EQ(0, lseek(fd, 0, SEEK_SET));
137 return (fd);
138 }
139
140 static void
disable_coredumps(void)141 disable_coredumps(void)
142 {
143 struct rlimit rl = { 0 };
144
145 if (setrlimit(RLIMIT_CORE, &rl) == -1)
146 _exit(EX_OSERR);
147 }
148
149 /*
150 * Replaces stdin with a file that we can actually read from, for tests where
151 * we want a FILE * or fd that we can get data from.
152 */
153 static void __unused
replace_stdin(void)154 replace_stdin(void)
155 {
156 int fd;
157
158 fd = new_tmpfile();
159
160 (void)dup2(fd, STDIN_FILENO);
161 if (fd != STDIN_FILENO)
162 close(fd);
163 }
164
165 ATF_TC_WITHOUT_HEAD(getcwd_before_end);
ATF_TC_BODY(getcwd_before_end,tc)166 ATF_TC_BODY(getcwd_before_end, tc)
167 {
168 #define BUF &__stack.__buf
169 struct {
170 uint8_t padding_l;
171 unsigned char __buf[8];
172 uint8_t padding_r;
173 } __stack;
174 const size_t __bufsz __unused = sizeof(__stack.__buf);
175 const size_t __len = 8 - 1;
176 const size_t __idx __unused = __len - 1;
177
178 getcwd(__stack.__buf, __len);
179 #undef BUF
180
181 }
182
183 ATF_TC_WITHOUT_HEAD(getcwd_end);
ATF_TC_BODY(getcwd_end,tc)184 ATF_TC_BODY(getcwd_end, tc)
185 {
186 #define BUF &__stack.__buf
187 struct {
188 uint8_t padding_l;
189 unsigned char __buf[8];
190 uint8_t padding_r;
191 } __stack;
192 const size_t __bufsz __unused = sizeof(__stack.__buf);
193 const size_t __len = 8;
194 const size_t __idx __unused = __len - 1;
195
196 getcwd(__stack.__buf, __len);
197 #undef BUF
198
199 }
200
201 ATF_TC_WITHOUT_HEAD(getcwd_heap_before_end);
ATF_TC_BODY(getcwd_heap_before_end,tc)202 ATF_TC_BODY(getcwd_heap_before_end, tc)
203 {
204 #define BUF __stack.__buf
205 struct {
206 uint8_t padding_l;
207 unsigned char * __buf;
208 uint8_t padding_r;
209 } __stack;
210 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (8);
211 const size_t __len = 8 - 1;
212 const size_t __idx __unused = __len - 1;
213
214 __stack.__buf = malloc(__bufsz);
215
216 getcwd(__stack.__buf, __len);
217 #undef BUF
218
219 }
220
221 ATF_TC_WITHOUT_HEAD(getcwd_heap_end);
ATF_TC_BODY(getcwd_heap_end,tc)222 ATF_TC_BODY(getcwd_heap_end, tc)
223 {
224 #define BUF __stack.__buf
225 struct {
226 uint8_t padding_l;
227 unsigned char * __buf;
228 uint8_t padding_r;
229 } __stack;
230 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (8);
231 const size_t __len = 8;
232 const size_t __idx __unused = __len - 1;
233
234 __stack.__buf = malloc(__bufsz);
235
236 getcwd(__stack.__buf, __len);
237 #undef BUF
238
239 }
240
241 ATF_TC_WITHOUT_HEAD(getcwd_heap_after_end);
ATF_TC_BODY(getcwd_heap_after_end,tc)242 ATF_TC_BODY(getcwd_heap_after_end, tc)
243 {
244 #define BUF __stack.__buf
245 struct {
246 uint8_t padding_l;
247 unsigned char * __buf;
248 uint8_t padding_r;
249 } __stack;
250 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (8);
251 const size_t __len = 8 + 1;
252 const size_t __idx __unused = __len - 1;
253 pid_t __child;
254 int __status;
255
256 __child = fork();
257 ATF_REQUIRE(__child >= 0);
258 if (__child > 0)
259 goto monitor;
260
261 /* Child */
262 disable_coredumps();
263 __stack.__buf = malloc(__bufsz);
264
265 getcwd(__stack.__buf, __len);
266 _exit(EX_SOFTWARE); /* Should have aborted. */
267
268 monitor:
269 while (waitpid(__child, &__status, 0) != __child) {
270 ATF_REQUIRE_EQ(EINTR, errno);
271 }
272
273 if (!WIFSIGNALED(__status)) {
274 switch (WEXITSTATUS(__status)) {
275 case EX_SOFTWARE:
276 atf_tc_fail("FORTIFY_SOURCE failed to abort");
277 break;
278 case EX_OSERR:
279 atf_tc_fail("setrlimit(2) failed");
280 break;
281 default:
282 atf_tc_fail("child exited with status %d",
283 WEXITSTATUS(__status));
284 }
285 } else {
286 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
287 }
288 #undef BUF
289
290 }
291
292 ATF_TC_WITHOUT_HEAD(getgrouplist_before_end);
ATF_TC_BODY(getgrouplist_before_end,tc)293 ATF_TC_BODY(getgrouplist_before_end, tc)
294 {
295 #define BUF &__stack.__buf
296 struct {
297 uint8_t padding_l;
298 gid_t __buf[4];
299 uint8_t padding_r;
300 } __stack;
301 const size_t __bufsz __unused = sizeof(__stack.__buf);
302 const size_t __len = 4 - 1;
303 const size_t __idx __unused = __len - 1;
304 int intlen = (int)__len;
305
306 getgrouplist("root", 0, __stack.__buf, &intlen);
307 #undef BUF
308
309 }
310
311 ATF_TC_WITHOUT_HEAD(getgrouplist_end);
ATF_TC_BODY(getgrouplist_end,tc)312 ATF_TC_BODY(getgrouplist_end, tc)
313 {
314 #define BUF &__stack.__buf
315 struct {
316 uint8_t padding_l;
317 gid_t __buf[4];
318 uint8_t padding_r;
319 } __stack;
320 const size_t __bufsz __unused = sizeof(__stack.__buf);
321 const size_t __len = 4;
322 const size_t __idx __unused = __len - 1;
323 int intlen = (int)__len;
324
325 getgrouplist("root", 0, __stack.__buf, &intlen);
326 #undef BUF
327
328 }
329
330 ATF_TC_WITHOUT_HEAD(getgrouplist_heap_before_end);
ATF_TC_BODY(getgrouplist_heap_before_end,tc)331 ATF_TC_BODY(getgrouplist_heap_before_end, tc)
332 {
333 #define BUF __stack.__buf
334 struct {
335 uint8_t padding_l;
336 gid_t * __buf;
337 uint8_t padding_r;
338 } __stack;
339 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4);
340 const size_t __len = 4 - 1;
341 const size_t __idx __unused = __len - 1;
342 int intlen = (int)__len;
343
344 __stack.__buf = malloc(__bufsz);
345
346 getgrouplist("root", 0, __stack.__buf, &intlen);
347 #undef BUF
348
349 }
350
351 ATF_TC_WITHOUT_HEAD(getgrouplist_heap_end);
ATF_TC_BODY(getgrouplist_heap_end,tc)352 ATF_TC_BODY(getgrouplist_heap_end, tc)
353 {
354 #define BUF __stack.__buf
355 struct {
356 uint8_t padding_l;
357 gid_t * __buf;
358 uint8_t padding_r;
359 } __stack;
360 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4);
361 const size_t __len = 4;
362 const size_t __idx __unused = __len - 1;
363 int intlen = (int)__len;
364
365 __stack.__buf = malloc(__bufsz);
366
367 getgrouplist("root", 0, __stack.__buf, &intlen);
368 #undef BUF
369
370 }
371
372 ATF_TC_WITHOUT_HEAD(getgrouplist_heap_after_end);
ATF_TC_BODY(getgrouplist_heap_after_end,tc)373 ATF_TC_BODY(getgrouplist_heap_after_end, tc)
374 {
375 #define BUF __stack.__buf
376 struct {
377 uint8_t padding_l;
378 gid_t * __buf;
379 uint8_t padding_r;
380 } __stack;
381 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4);
382 const size_t __len = 4 + 1;
383 const size_t __idx __unused = __len - 1;
384 pid_t __child;
385 int __status;
386 int intlen = (int)__len;
387
388 __child = fork();
389 ATF_REQUIRE(__child >= 0);
390 if (__child > 0)
391 goto monitor;
392
393 /* Child */
394 disable_coredumps();
395 __stack.__buf = malloc(__bufsz);
396
397 getgrouplist("root", 0, __stack.__buf, &intlen);
398 _exit(EX_SOFTWARE); /* Should have aborted. */
399
400 monitor:
401 while (waitpid(__child, &__status, 0) != __child) {
402 ATF_REQUIRE_EQ(EINTR, errno);
403 }
404
405 if (!WIFSIGNALED(__status)) {
406 switch (WEXITSTATUS(__status)) {
407 case EX_SOFTWARE:
408 atf_tc_fail("FORTIFY_SOURCE failed to abort");
409 break;
410 case EX_OSERR:
411 atf_tc_fail("setrlimit(2) failed");
412 break;
413 default:
414 atf_tc_fail("child exited with status %d",
415 WEXITSTATUS(__status));
416 }
417 } else {
418 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
419 }
420 #undef BUF
421
422 }
423
424 ATF_TC_WITHOUT_HEAD(getgroups_before_end);
ATF_TC_BODY(getgroups_before_end,tc)425 ATF_TC_BODY(getgroups_before_end, tc)
426 {
427 #define BUF &__stack.__buf
428 struct {
429 uint8_t padding_l;
430 gid_t __buf[4];
431 uint8_t padding_r;
432 } __stack;
433 const size_t __bufsz __unused = sizeof(__stack.__buf);
434 const size_t __len = 4 - 1;
435 const size_t __idx __unused = __len - 1;
436
437 getgroups(__len, __stack.__buf);
438 #undef BUF
439
440 }
441
442 ATF_TC_WITHOUT_HEAD(getgroups_end);
ATF_TC_BODY(getgroups_end,tc)443 ATF_TC_BODY(getgroups_end, tc)
444 {
445 #define BUF &__stack.__buf
446 struct {
447 uint8_t padding_l;
448 gid_t __buf[4];
449 uint8_t padding_r;
450 } __stack;
451 const size_t __bufsz __unused = sizeof(__stack.__buf);
452 const size_t __len = 4;
453 const size_t __idx __unused = __len - 1;
454
455 getgroups(__len, __stack.__buf);
456 #undef BUF
457
458 }
459
460 ATF_TC_WITHOUT_HEAD(getgroups_heap_before_end);
ATF_TC_BODY(getgroups_heap_before_end,tc)461 ATF_TC_BODY(getgroups_heap_before_end, tc)
462 {
463 #define BUF __stack.__buf
464 struct {
465 uint8_t padding_l;
466 gid_t * __buf;
467 uint8_t padding_r;
468 } __stack;
469 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4);
470 const size_t __len = 4 - 1;
471 const size_t __idx __unused = __len - 1;
472
473 __stack.__buf = malloc(__bufsz);
474
475 getgroups(__len, __stack.__buf);
476 #undef BUF
477
478 }
479
480 ATF_TC_WITHOUT_HEAD(getgroups_heap_end);
ATF_TC_BODY(getgroups_heap_end,tc)481 ATF_TC_BODY(getgroups_heap_end, tc)
482 {
483 #define BUF __stack.__buf
484 struct {
485 uint8_t padding_l;
486 gid_t * __buf;
487 uint8_t padding_r;
488 } __stack;
489 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4);
490 const size_t __len = 4;
491 const size_t __idx __unused = __len - 1;
492
493 __stack.__buf = malloc(__bufsz);
494
495 getgroups(__len, __stack.__buf);
496 #undef BUF
497
498 }
499
500 ATF_TC_WITHOUT_HEAD(getgroups_heap_after_end);
ATF_TC_BODY(getgroups_heap_after_end,tc)501 ATF_TC_BODY(getgroups_heap_after_end, tc)
502 {
503 #define BUF __stack.__buf
504 struct {
505 uint8_t padding_l;
506 gid_t * __buf;
507 uint8_t padding_r;
508 } __stack;
509 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4);
510 const size_t __len = 4 + 1;
511 const size_t __idx __unused = __len - 1;
512 pid_t __child;
513 int __status;
514
515 __child = fork();
516 ATF_REQUIRE(__child >= 0);
517 if (__child > 0)
518 goto monitor;
519
520 /* Child */
521 disable_coredumps();
522 __stack.__buf = malloc(__bufsz);
523
524 getgroups(__len, __stack.__buf);
525 _exit(EX_SOFTWARE); /* Should have aborted. */
526
527 monitor:
528 while (waitpid(__child, &__status, 0) != __child) {
529 ATF_REQUIRE_EQ(EINTR, errno);
530 }
531
532 if (!WIFSIGNALED(__status)) {
533 switch (WEXITSTATUS(__status)) {
534 case EX_SOFTWARE:
535 atf_tc_fail("FORTIFY_SOURCE failed to abort");
536 break;
537 case EX_OSERR:
538 atf_tc_fail("setrlimit(2) failed");
539 break;
540 default:
541 atf_tc_fail("child exited with status %d",
542 WEXITSTATUS(__status));
543 }
544 } else {
545 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
546 }
547 #undef BUF
548
549 }
550
551 ATF_TC_WITHOUT_HEAD(getloginclass_before_end);
ATF_TC_BODY(getloginclass_before_end,tc)552 ATF_TC_BODY(getloginclass_before_end, tc)
553 {
554 #define BUF &__stack.__buf
555 struct {
556 uint8_t padding_l;
557 unsigned char __buf[42];
558 uint8_t padding_r;
559 } __stack;
560 const size_t __bufsz __unused = sizeof(__stack.__buf);
561 const size_t __len = 42 - 1;
562 const size_t __idx __unused = __len - 1;
563
564 getloginclass(__stack.__buf, __len);
565 #undef BUF
566
567 }
568
569 ATF_TC_WITHOUT_HEAD(getloginclass_end);
ATF_TC_BODY(getloginclass_end,tc)570 ATF_TC_BODY(getloginclass_end, tc)
571 {
572 #define BUF &__stack.__buf
573 struct {
574 uint8_t padding_l;
575 unsigned char __buf[42];
576 uint8_t padding_r;
577 } __stack;
578 const size_t __bufsz __unused = sizeof(__stack.__buf);
579 const size_t __len = 42;
580 const size_t __idx __unused = __len - 1;
581
582 getloginclass(__stack.__buf, __len);
583 #undef BUF
584
585 }
586
587 ATF_TC_WITHOUT_HEAD(getloginclass_heap_before_end);
ATF_TC_BODY(getloginclass_heap_before_end,tc)588 ATF_TC_BODY(getloginclass_heap_before_end, tc)
589 {
590 #define BUF __stack.__buf
591 struct {
592 uint8_t padding_l;
593 unsigned char * __buf;
594 uint8_t padding_r;
595 } __stack;
596 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
597 const size_t __len = 42 - 1;
598 const size_t __idx __unused = __len - 1;
599
600 __stack.__buf = malloc(__bufsz);
601
602 getloginclass(__stack.__buf, __len);
603 #undef BUF
604
605 }
606
607 ATF_TC_WITHOUT_HEAD(getloginclass_heap_end);
ATF_TC_BODY(getloginclass_heap_end,tc)608 ATF_TC_BODY(getloginclass_heap_end, tc)
609 {
610 #define BUF __stack.__buf
611 struct {
612 uint8_t padding_l;
613 unsigned char * __buf;
614 uint8_t padding_r;
615 } __stack;
616 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
617 const size_t __len = 42;
618 const size_t __idx __unused = __len - 1;
619
620 __stack.__buf = malloc(__bufsz);
621
622 getloginclass(__stack.__buf, __len);
623 #undef BUF
624
625 }
626
627 ATF_TC_WITHOUT_HEAD(getloginclass_heap_after_end);
ATF_TC_BODY(getloginclass_heap_after_end,tc)628 ATF_TC_BODY(getloginclass_heap_after_end, tc)
629 {
630 #define BUF __stack.__buf
631 struct {
632 uint8_t padding_l;
633 unsigned char * __buf;
634 uint8_t padding_r;
635 } __stack;
636 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
637 const size_t __len = 42 + 1;
638 const size_t __idx __unused = __len - 1;
639 pid_t __child;
640 int __status;
641
642 __child = fork();
643 ATF_REQUIRE(__child >= 0);
644 if (__child > 0)
645 goto monitor;
646
647 /* Child */
648 disable_coredumps();
649 __stack.__buf = malloc(__bufsz);
650
651 getloginclass(__stack.__buf, __len);
652 _exit(EX_SOFTWARE); /* Should have aborted. */
653
654 monitor:
655 while (waitpid(__child, &__status, 0) != __child) {
656 ATF_REQUIRE_EQ(EINTR, errno);
657 }
658
659 if (!WIFSIGNALED(__status)) {
660 switch (WEXITSTATUS(__status)) {
661 case EX_SOFTWARE:
662 atf_tc_fail("FORTIFY_SOURCE failed to abort");
663 break;
664 case EX_OSERR:
665 atf_tc_fail("setrlimit(2) failed");
666 break;
667 default:
668 atf_tc_fail("child exited with status %d",
669 WEXITSTATUS(__status));
670 }
671 } else {
672 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
673 }
674 #undef BUF
675
676 }
677
678 ATF_TC_WITHOUT_HEAD(pread_before_end);
ATF_TC_BODY(pread_before_end,tc)679 ATF_TC_BODY(pread_before_end, tc)
680 {
681 #define BUF &__stack.__buf
682 struct {
683 uint8_t padding_l;
684 unsigned char __buf[41];
685 uint8_t padding_r;
686 } __stack;
687 const size_t __bufsz __unused = sizeof(__stack.__buf);
688 const size_t __len = 41 - 1;
689 const size_t __idx __unused = __len - 1;
690 int fd;
691
692 fd = new_tmpfile(); /* Cannot fail */
693
694 pread(fd, __stack.__buf, __len, 0);
695 #undef BUF
696
697 }
698
699 ATF_TC_WITHOUT_HEAD(pread_end);
ATF_TC_BODY(pread_end,tc)700 ATF_TC_BODY(pread_end, tc)
701 {
702 #define BUF &__stack.__buf
703 struct {
704 uint8_t padding_l;
705 unsigned char __buf[41];
706 uint8_t padding_r;
707 } __stack;
708 const size_t __bufsz __unused = sizeof(__stack.__buf);
709 const size_t __len = 41;
710 const size_t __idx __unused = __len - 1;
711 int fd;
712
713 fd = new_tmpfile(); /* Cannot fail */
714
715 pread(fd, __stack.__buf, __len, 0);
716 #undef BUF
717
718 }
719
720 ATF_TC_WITHOUT_HEAD(pread_heap_before_end);
ATF_TC_BODY(pread_heap_before_end,tc)721 ATF_TC_BODY(pread_heap_before_end, tc)
722 {
723 #define BUF __stack.__buf
724 struct {
725 uint8_t padding_l;
726 unsigned char * __buf;
727 uint8_t padding_r;
728 } __stack;
729 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41);
730 const size_t __len = 41 - 1;
731 const size_t __idx __unused = __len - 1;
732 int fd;
733
734 __stack.__buf = malloc(__bufsz);
735 fd = new_tmpfile(); /* Cannot fail */
736
737 pread(fd, __stack.__buf, __len, 0);
738 #undef BUF
739
740 }
741
742 ATF_TC_WITHOUT_HEAD(pread_heap_end);
ATF_TC_BODY(pread_heap_end,tc)743 ATF_TC_BODY(pread_heap_end, tc)
744 {
745 #define BUF __stack.__buf
746 struct {
747 uint8_t padding_l;
748 unsigned char * __buf;
749 uint8_t padding_r;
750 } __stack;
751 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41);
752 const size_t __len = 41;
753 const size_t __idx __unused = __len - 1;
754 int fd;
755
756 __stack.__buf = malloc(__bufsz);
757 fd = new_tmpfile(); /* Cannot fail */
758
759 pread(fd, __stack.__buf, __len, 0);
760 #undef BUF
761
762 }
763
764 ATF_TC_WITHOUT_HEAD(pread_heap_after_end);
ATF_TC_BODY(pread_heap_after_end,tc)765 ATF_TC_BODY(pread_heap_after_end, tc)
766 {
767 #define BUF __stack.__buf
768 struct {
769 uint8_t padding_l;
770 unsigned char * __buf;
771 uint8_t padding_r;
772 } __stack;
773 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41);
774 const size_t __len = 41 + 1;
775 const size_t __idx __unused = __len - 1;
776 pid_t __child;
777 int __status;
778 int fd;
779
780 __child = fork();
781 ATF_REQUIRE(__child >= 0);
782 if (__child > 0)
783 goto monitor;
784
785 /* Child */
786 disable_coredumps();
787 __stack.__buf = malloc(__bufsz);
788 fd = new_tmpfile(); /* Cannot fail */
789
790 pread(fd, __stack.__buf, __len, 0);
791 _exit(EX_SOFTWARE); /* Should have aborted. */
792
793 monitor:
794 while (waitpid(__child, &__status, 0) != __child) {
795 ATF_REQUIRE_EQ(EINTR, errno);
796 }
797
798 if (!WIFSIGNALED(__status)) {
799 switch (WEXITSTATUS(__status)) {
800 case EX_SOFTWARE:
801 atf_tc_fail("FORTIFY_SOURCE failed to abort");
802 break;
803 case EX_OSERR:
804 atf_tc_fail("setrlimit(2) failed");
805 break;
806 default:
807 atf_tc_fail("child exited with status %d",
808 WEXITSTATUS(__status));
809 }
810 } else {
811 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
812 }
813 #undef BUF
814
815 }
816
817 ATF_TC_WITHOUT_HEAD(read_before_end);
ATF_TC_BODY(read_before_end,tc)818 ATF_TC_BODY(read_before_end, tc)
819 {
820 #define BUF &__stack.__buf
821 struct {
822 uint8_t padding_l;
823 unsigned char __buf[41];
824 uint8_t padding_r;
825 } __stack;
826 const size_t __bufsz __unused = sizeof(__stack.__buf);
827 const size_t __len = 41 - 1;
828 const size_t __idx __unused = __len - 1;
829 int fd;
830
831 fd = new_tmpfile(); /* Cannot fail */
832
833 read(fd, __stack.__buf, __len);
834 #undef BUF
835
836 }
837
838 ATF_TC_WITHOUT_HEAD(read_end);
ATF_TC_BODY(read_end,tc)839 ATF_TC_BODY(read_end, tc)
840 {
841 #define BUF &__stack.__buf
842 struct {
843 uint8_t padding_l;
844 unsigned char __buf[41];
845 uint8_t padding_r;
846 } __stack;
847 const size_t __bufsz __unused = sizeof(__stack.__buf);
848 const size_t __len = 41;
849 const size_t __idx __unused = __len - 1;
850 int fd;
851
852 fd = new_tmpfile(); /* Cannot fail */
853
854 read(fd, __stack.__buf, __len);
855 #undef BUF
856
857 }
858
859 ATF_TC_WITHOUT_HEAD(read_heap_before_end);
ATF_TC_BODY(read_heap_before_end,tc)860 ATF_TC_BODY(read_heap_before_end, tc)
861 {
862 #define BUF __stack.__buf
863 struct {
864 uint8_t padding_l;
865 unsigned char * __buf;
866 uint8_t padding_r;
867 } __stack;
868 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41);
869 const size_t __len = 41 - 1;
870 const size_t __idx __unused = __len - 1;
871 int fd;
872
873 __stack.__buf = malloc(__bufsz);
874 fd = new_tmpfile(); /* Cannot fail */
875
876 read(fd, __stack.__buf, __len);
877 #undef BUF
878
879 }
880
881 ATF_TC_WITHOUT_HEAD(read_heap_end);
ATF_TC_BODY(read_heap_end,tc)882 ATF_TC_BODY(read_heap_end, tc)
883 {
884 #define BUF __stack.__buf
885 struct {
886 uint8_t padding_l;
887 unsigned char * __buf;
888 uint8_t padding_r;
889 } __stack;
890 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41);
891 const size_t __len = 41;
892 const size_t __idx __unused = __len - 1;
893 int fd;
894
895 __stack.__buf = malloc(__bufsz);
896 fd = new_tmpfile(); /* Cannot fail */
897
898 read(fd, __stack.__buf, __len);
899 #undef BUF
900
901 }
902
903 ATF_TC_WITHOUT_HEAD(read_heap_after_end);
ATF_TC_BODY(read_heap_after_end,tc)904 ATF_TC_BODY(read_heap_after_end, tc)
905 {
906 #define BUF __stack.__buf
907 struct {
908 uint8_t padding_l;
909 unsigned char * __buf;
910 uint8_t padding_r;
911 } __stack;
912 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41);
913 const size_t __len = 41 + 1;
914 const size_t __idx __unused = __len - 1;
915 pid_t __child;
916 int __status;
917 int fd;
918
919 __child = fork();
920 ATF_REQUIRE(__child >= 0);
921 if (__child > 0)
922 goto monitor;
923
924 /* Child */
925 disable_coredumps();
926 __stack.__buf = malloc(__bufsz);
927 fd = new_tmpfile(); /* Cannot fail */
928
929 read(fd, __stack.__buf, __len);
930 _exit(EX_SOFTWARE); /* Should have aborted. */
931
932 monitor:
933 while (waitpid(__child, &__status, 0) != __child) {
934 ATF_REQUIRE_EQ(EINTR, errno);
935 }
936
937 if (!WIFSIGNALED(__status)) {
938 switch (WEXITSTATUS(__status)) {
939 case EX_SOFTWARE:
940 atf_tc_fail("FORTIFY_SOURCE failed to abort");
941 break;
942 case EX_OSERR:
943 atf_tc_fail("setrlimit(2) failed");
944 break;
945 default:
946 atf_tc_fail("child exited with status %d",
947 WEXITSTATUS(__status));
948 }
949 } else {
950 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
951 }
952 #undef BUF
953
954 }
955
956 ATF_TC_WITHOUT_HEAD(readlink_before_end);
ATF_TC_BODY(readlink_before_end,tc)957 ATF_TC_BODY(readlink_before_end, tc)
958 {
959 #define BUF &__stack.__buf
960 struct {
961 uint8_t padding_l;
962 unsigned char __buf[42];
963 uint8_t padding_r;
964 } __stack;
965 const size_t __bufsz __unused = sizeof(__stack.__buf);
966 const size_t __len = 42 - 1;
967 const size_t __idx __unused = __len - 1;
968 const char *path;
969
970 path = new_symlink(__len); /* Cannot fail */
971
972 readlink(path, __stack.__buf, __len);
973 #undef BUF
974
975 }
976
977 ATF_TC_WITHOUT_HEAD(readlink_end);
ATF_TC_BODY(readlink_end,tc)978 ATF_TC_BODY(readlink_end, tc)
979 {
980 #define BUF &__stack.__buf
981 struct {
982 uint8_t padding_l;
983 unsigned char __buf[42];
984 uint8_t padding_r;
985 } __stack;
986 const size_t __bufsz __unused = sizeof(__stack.__buf);
987 const size_t __len = 42;
988 const size_t __idx __unused = __len - 1;
989 const char *path;
990
991 path = new_symlink(__len); /* Cannot fail */
992
993 readlink(path, __stack.__buf, __len);
994 #undef BUF
995
996 }
997
998 ATF_TC_WITHOUT_HEAD(readlink_heap_before_end);
ATF_TC_BODY(readlink_heap_before_end,tc)999 ATF_TC_BODY(readlink_heap_before_end, tc)
1000 {
1001 #define BUF __stack.__buf
1002 struct {
1003 uint8_t padding_l;
1004 unsigned char * __buf;
1005 uint8_t padding_r;
1006 } __stack;
1007 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
1008 const size_t __len = 42 - 1;
1009 const size_t __idx __unused = __len - 1;
1010 const char *path;
1011
1012 __stack.__buf = malloc(__bufsz);
1013 path = new_symlink(__len); /* Cannot fail */
1014
1015 readlink(path, __stack.__buf, __len);
1016 #undef BUF
1017
1018 }
1019
1020 ATF_TC_WITHOUT_HEAD(readlink_heap_end);
ATF_TC_BODY(readlink_heap_end,tc)1021 ATF_TC_BODY(readlink_heap_end, tc)
1022 {
1023 #define BUF __stack.__buf
1024 struct {
1025 uint8_t padding_l;
1026 unsigned char * __buf;
1027 uint8_t padding_r;
1028 } __stack;
1029 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
1030 const size_t __len = 42;
1031 const size_t __idx __unused = __len - 1;
1032 const char *path;
1033
1034 __stack.__buf = malloc(__bufsz);
1035 path = new_symlink(__len); /* Cannot fail */
1036
1037 readlink(path, __stack.__buf, __len);
1038 #undef BUF
1039
1040 }
1041
1042 ATF_TC_WITHOUT_HEAD(readlink_heap_after_end);
ATF_TC_BODY(readlink_heap_after_end,tc)1043 ATF_TC_BODY(readlink_heap_after_end, tc)
1044 {
1045 #define BUF __stack.__buf
1046 struct {
1047 uint8_t padding_l;
1048 unsigned char * __buf;
1049 uint8_t padding_r;
1050 } __stack;
1051 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
1052 const size_t __len = 42 + 1;
1053 const size_t __idx __unused = __len - 1;
1054 pid_t __child;
1055 int __status;
1056 const char *path;
1057
1058 __child = fork();
1059 ATF_REQUIRE(__child >= 0);
1060 if (__child > 0)
1061 goto monitor;
1062
1063 /* Child */
1064 disable_coredumps();
1065 __stack.__buf = malloc(__bufsz);
1066 path = new_symlink(__len); /* Cannot fail */
1067
1068 readlink(path, __stack.__buf, __len);
1069 _exit(EX_SOFTWARE); /* Should have aborted. */
1070
1071 monitor:
1072 while (waitpid(__child, &__status, 0) != __child) {
1073 ATF_REQUIRE_EQ(EINTR, errno);
1074 }
1075
1076 if (!WIFSIGNALED(__status)) {
1077 switch (WEXITSTATUS(__status)) {
1078 case EX_SOFTWARE:
1079 atf_tc_fail("FORTIFY_SOURCE failed to abort");
1080 break;
1081 case EX_OSERR:
1082 atf_tc_fail("setrlimit(2) failed");
1083 break;
1084 default:
1085 atf_tc_fail("child exited with status %d",
1086 WEXITSTATUS(__status));
1087 }
1088 } else {
1089 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
1090 }
1091 #undef BUF
1092
1093 }
1094
1095 ATF_TC_WITHOUT_HEAD(readlinkat_before_end);
ATF_TC_BODY(readlinkat_before_end,tc)1096 ATF_TC_BODY(readlinkat_before_end, tc)
1097 {
1098 #define BUF &__stack.__buf
1099 struct {
1100 uint8_t padding_l;
1101 unsigned char __buf[42];
1102 uint8_t padding_r;
1103 } __stack;
1104 const size_t __bufsz __unused = sizeof(__stack.__buf);
1105 const size_t __len = 42 - 1;
1106 const size_t __idx __unused = __len - 1;
1107 const char *path;
1108
1109 path = new_symlink(__len); /* Cannot fail */
1110
1111 readlinkat(AT_FDCWD, path, __stack.__buf, __len);
1112 #undef BUF
1113
1114 }
1115
1116 ATF_TC_WITHOUT_HEAD(readlinkat_end);
ATF_TC_BODY(readlinkat_end,tc)1117 ATF_TC_BODY(readlinkat_end, tc)
1118 {
1119 #define BUF &__stack.__buf
1120 struct {
1121 uint8_t padding_l;
1122 unsigned char __buf[42];
1123 uint8_t padding_r;
1124 } __stack;
1125 const size_t __bufsz __unused = sizeof(__stack.__buf);
1126 const size_t __len = 42;
1127 const size_t __idx __unused = __len - 1;
1128 const char *path;
1129
1130 path = new_symlink(__len); /* Cannot fail */
1131
1132 readlinkat(AT_FDCWD, path, __stack.__buf, __len);
1133 #undef BUF
1134
1135 }
1136
1137 ATF_TC_WITHOUT_HEAD(readlinkat_heap_before_end);
ATF_TC_BODY(readlinkat_heap_before_end,tc)1138 ATF_TC_BODY(readlinkat_heap_before_end, tc)
1139 {
1140 #define BUF __stack.__buf
1141 struct {
1142 uint8_t padding_l;
1143 unsigned char * __buf;
1144 uint8_t padding_r;
1145 } __stack;
1146 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
1147 const size_t __len = 42 - 1;
1148 const size_t __idx __unused = __len - 1;
1149 const char *path;
1150
1151 __stack.__buf = malloc(__bufsz);
1152 path = new_symlink(__len); /* Cannot fail */
1153
1154 readlinkat(AT_FDCWD, path, __stack.__buf, __len);
1155 #undef BUF
1156
1157 }
1158
1159 ATF_TC_WITHOUT_HEAD(readlinkat_heap_end);
ATF_TC_BODY(readlinkat_heap_end,tc)1160 ATF_TC_BODY(readlinkat_heap_end, tc)
1161 {
1162 #define BUF __stack.__buf
1163 struct {
1164 uint8_t padding_l;
1165 unsigned char * __buf;
1166 uint8_t padding_r;
1167 } __stack;
1168 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
1169 const size_t __len = 42;
1170 const size_t __idx __unused = __len - 1;
1171 const char *path;
1172
1173 __stack.__buf = malloc(__bufsz);
1174 path = new_symlink(__len); /* Cannot fail */
1175
1176 readlinkat(AT_FDCWD, path, __stack.__buf, __len);
1177 #undef BUF
1178
1179 }
1180
1181 ATF_TC_WITHOUT_HEAD(readlinkat_heap_after_end);
ATF_TC_BODY(readlinkat_heap_after_end,tc)1182 ATF_TC_BODY(readlinkat_heap_after_end, tc)
1183 {
1184 #define BUF __stack.__buf
1185 struct {
1186 uint8_t padding_l;
1187 unsigned char * __buf;
1188 uint8_t padding_r;
1189 } __stack;
1190 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
1191 const size_t __len = 42 + 1;
1192 const size_t __idx __unused = __len - 1;
1193 pid_t __child;
1194 int __status;
1195 const char *path;
1196
1197 __child = fork();
1198 ATF_REQUIRE(__child >= 0);
1199 if (__child > 0)
1200 goto monitor;
1201
1202 /* Child */
1203 disable_coredumps();
1204 __stack.__buf = malloc(__bufsz);
1205 path = new_symlink(__len); /* Cannot fail */
1206
1207 readlinkat(AT_FDCWD, path, __stack.__buf, __len);
1208 _exit(EX_SOFTWARE); /* Should have aborted. */
1209
1210 monitor:
1211 while (waitpid(__child, &__status, 0) != __child) {
1212 ATF_REQUIRE_EQ(EINTR, errno);
1213 }
1214
1215 if (!WIFSIGNALED(__status)) {
1216 switch (WEXITSTATUS(__status)) {
1217 case EX_SOFTWARE:
1218 atf_tc_fail("FORTIFY_SOURCE failed to abort");
1219 break;
1220 case EX_OSERR:
1221 atf_tc_fail("setrlimit(2) failed");
1222 break;
1223 default:
1224 atf_tc_fail("child exited with status %d",
1225 WEXITSTATUS(__status));
1226 }
1227 } else {
1228 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
1229 }
1230 #undef BUF
1231
1232 }
1233
1234 ATF_TC_WITHOUT_HEAD(getdomainname_before_end);
ATF_TC_BODY(getdomainname_before_end,tc)1235 ATF_TC_BODY(getdomainname_before_end, tc)
1236 {
1237 #define BUF &__stack.__buf
1238 struct {
1239 uint8_t padding_l;
1240 unsigned char __buf[4];
1241 uint8_t padding_r;
1242 } __stack;
1243 const size_t __bufsz __unused = sizeof(__stack.__buf);
1244 const size_t __len = 4 - 1;
1245 const size_t __idx __unused = __len - 1;
1246 char sysdomain[256];
1247
1248 (void)getdomainname(sysdomain, __len);
1249 if (strlen(sysdomain) <= __len)
1250 atf_tc_skip("domain name too short for testing");
1251
1252 getdomainname(__stack.__buf, __len);
1253 #undef BUF
1254
1255 }
1256
1257 ATF_TC_WITHOUT_HEAD(getdomainname_end);
ATF_TC_BODY(getdomainname_end,tc)1258 ATF_TC_BODY(getdomainname_end, tc)
1259 {
1260 #define BUF &__stack.__buf
1261 struct {
1262 uint8_t padding_l;
1263 unsigned char __buf[4];
1264 uint8_t padding_r;
1265 } __stack;
1266 const size_t __bufsz __unused = sizeof(__stack.__buf);
1267 const size_t __len = 4;
1268 const size_t __idx __unused = __len - 1;
1269 char sysdomain[256];
1270
1271 (void)getdomainname(sysdomain, __len);
1272 if (strlen(sysdomain) <= __len)
1273 atf_tc_skip("domain name too short for testing");
1274
1275 getdomainname(__stack.__buf, __len);
1276 #undef BUF
1277
1278 }
1279
1280 ATF_TC_WITHOUT_HEAD(getdomainname_heap_before_end);
ATF_TC_BODY(getdomainname_heap_before_end,tc)1281 ATF_TC_BODY(getdomainname_heap_before_end, tc)
1282 {
1283 #define BUF __stack.__buf
1284 struct {
1285 uint8_t padding_l;
1286 unsigned char * __buf;
1287 uint8_t padding_r;
1288 } __stack;
1289 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4);
1290 const size_t __len = 4 - 1;
1291 const size_t __idx __unused = __len - 1;
1292 char sysdomain[256];
1293
1294 (void)getdomainname(sysdomain, __len);
1295 if (strlen(sysdomain) <= __len)
1296 atf_tc_skip("domain name too short for testing");
1297
1298 __stack.__buf = malloc(__bufsz);
1299
1300 getdomainname(__stack.__buf, __len);
1301 #undef BUF
1302
1303 }
1304
1305 ATF_TC_WITHOUT_HEAD(getdomainname_heap_end);
ATF_TC_BODY(getdomainname_heap_end,tc)1306 ATF_TC_BODY(getdomainname_heap_end, tc)
1307 {
1308 #define BUF __stack.__buf
1309 struct {
1310 uint8_t padding_l;
1311 unsigned char * __buf;
1312 uint8_t padding_r;
1313 } __stack;
1314 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4);
1315 const size_t __len = 4;
1316 const size_t __idx __unused = __len - 1;
1317 char sysdomain[256];
1318
1319 (void)getdomainname(sysdomain, __len);
1320 if (strlen(sysdomain) <= __len)
1321 atf_tc_skip("domain name too short for testing");
1322
1323 __stack.__buf = malloc(__bufsz);
1324
1325 getdomainname(__stack.__buf, __len);
1326 #undef BUF
1327
1328 }
1329
1330 ATF_TC_WITHOUT_HEAD(getdomainname_heap_after_end);
ATF_TC_BODY(getdomainname_heap_after_end,tc)1331 ATF_TC_BODY(getdomainname_heap_after_end, tc)
1332 {
1333 #define BUF __stack.__buf
1334 struct {
1335 uint8_t padding_l;
1336 unsigned char * __buf;
1337 uint8_t padding_r;
1338 } __stack;
1339 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4);
1340 const size_t __len = 4 + 1;
1341 const size_t __idx __unused = __len - 1;
1342 pid_t __child;
1343 int __status;
1344 char sysdomain[256];
1345
1346 (void)getdomainname(sysdomain, __len);
1347 if (strlen(sysdomain) <= __len)
1348 atf_tc_skip("domain name too short for testing");
1349
1350 __child = fork();
1351 ATF_REQUIRE(__child >= 0);
1352 if (__child > 0)
1353 goto monitor;
1354
1355 /* Child */
1356 disable_coredumps();
1357 __stack.__buf = malloc(__bufsz);
1358
1359 getdomainname(__stack.__buf, __len);
1360 _exit(EX_SOFTWARE); /* Should have aborted. */
1361
1362 monitor:
1363 while (waitpid(__child, &__status, 0) != __child) {
1364 ATF_REQUIRE_EQ(EINTR, errno);
1365 }
1366
1367 if (!WIFSIGNALED(__status)) {
1368 switch (WEXITSTATUS(__status)) {
1369 case EX_SOFTWARE:
1370 atf_tc_fail("FORTIFY_SOURCE failed to abort");
1371 break;
1372 case EX_OSERR:
1373 atf_tc_fail("setrlimit(2) failed");
1374 break;
1375 default:
1376 atf_tc_fail("child exited with status %d",
1377 WEXITSTATUS(__status));
1378 }
1379 } else {
1380 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
1381 }
1382 #undef BUF
1383
1384 }
1385
1386 ATF_TC_WITHOUT_HEAD(getentropy_before_end);
ATF_TC_BODY(getentropy_before_end,tc)1387 ATF_TC_BODY(getentropy_before_end, tc)
1388 {
1389 #define BUF &__stack.__buf
1390 struct {
1391 uint8_t padding_l;
1392 unsigned char __buf[42];
1393 uint8_t padding_r;
1394 } __stack;
1395 const size_t __bufsz __unused = sizeof(__stack.__buf);
1396 const size_t __len = 42 - 1;
1397 const size_t __idx __unused = __len - 1;
1398
1399 getentropy(__stack.__buf, __len);
1400 #undef BUF
1401
1402 }
1403
1404 ATF_TC_WITHOUT_HEAD(getentropy_end);
ATF_TC_BODY(getentropy_end,tc)1405 ATF_TC_BODY(getentropy_end, tc)
1406 {
1407 #define BUF &__stack.__buf
1408 struct {
1409 uint8_t padding_l;
1410 unsigned char __buf[42];
1411 uint8_t padding_r;
1412 } __stack;
1413 const size_t __bufsz __unused = sizeof(__stack.__buf);
1414 const size_t __len = 42;
1415 const size_t __idx __unused = __len - 1;
1416
1417 getentropy(__stack.__buf, __len);
1418 #undef BUF
1419
1420 }
1421
1422 ATF_TC_WITHOUT_HEAD(getentropy_heap_before_end);
ATF_TC_BODY(getentropy_heap_before_end,tc)1423 ATF_TC_BODY(getentropy_heap_before_end, tc)
1424 {
1425 #define BUF __stack.__buf
1426 struct {
1427 uint8_t padding_l;
1428 unsigned char * __buf;
1429 uint8_t padding_r;
1430 } __stack;
1431 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
1432 const size_t __len = 42 - 1;
1433 const size_t __idx __unused = __len - 1;
1434
1435 __stack.__buf = malloc(__bufsz);
1436
1437 getentropy(__stack.__buf, __len);
1438 #undef BUF
1439
1440 }
1441
1442 ATF_TC_WITHOUT_HEAD(getentropy_heap_end);
ATF_TC_BODY(getentropy_heap_end,tc)1443 ATF_TC_BODY(getentropy_heap_end, tc)
1444 {
1445 #define BUF __stack.__buf
1446 struct {
1447 uint8_t padding_l;
1448 unsigned char * __buf;
1449 uint8_t padding_r;
1450 } __stack;
1451 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
1452 const size_t __len = 42;
1453 const size_t __idx __unused = __len - 1;
1454
1455 __stack.__buf = malloc(__bufsz);
1456
1457 getentropy(__stack.__buf, __len);
1458 #undef BUF
1459
1460 }
1461
1462 ATF_TC_WITHOUT_HEAD(getentropy_heap_after_end);
ATF_TC_BODY(getentropy_heap_after_end,tc)1463 ATF_TC_BODY(getentropy_heap_after_end, tc)
1464 {
1465 #define BUF __stack.__buf
1466 struct {
1467 uint8_t padding_l;
1468 unsigned char * __buf;
1469 uint8_t padding_r;
1470 } __stack;
1471 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
1472 const size_t __len = 42 + 1;
1473 const size_t __idx __unused = __len - 1;
1474 pid_t __child;
1475 int __status;
1476
1477 __child = fork();
1478 ATF_REQUIRE(__child >= 0);
1479 if (__child > 0)
1480 goto monitor;
1481
1482 /* Child */
1483 disable_coredumps();
1484 __stack.__buf = malloc(__bufsz);
1485
1486 getentropy(__stack.__buf, __len);
1487 _exit(EX_SOFTWARE); /* Should have aborted. */
1488
1489 monitor:
1490 while (waitpid(__child, &__status, 0) != __child) {
1491 ATF_REQUIRE_EQ(EINTR, errno);
1492 }
1493
1494 if (!WIFSIGNALED(__status)) {
1495 switch (WEXITSTATUS(__status)) {
1496 case EX_SOFTWARE:
1497 atf_tc_fail("FORTIFY_SOURCE failed to abort");
1498 break;
1499 case EX_OSERR:
1500 atf_tc_fail("setrlimit(2) failed");
1501 break;
1502 default:
1503 atf_tc_fail("child exited with status %d",
1504 WEXITSTATUS(__status));
1505 }
1506 } else {
1507 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
1508 }
1509 #undef BUF
1510
1511 }
1512
1513 ATF_TC_WITHOUT_HEAD(gethostname_before_end);
ATF_TC_BODY(gethostname_before_end,tc)1514 ATF_TC_BODY(gethostname_before_end, tc)
1515 {
1516 #define BUF &__stack.__buf
1517 struct {
1518 uint8_t padding_l;
1519 unsigned char __buf[4];
1520 uint8_t padding_r;
1521 } __stack;
1522 const size_t __bufsz __unused = sizeof(__stack.__buf);
1523 const size_t __len = 4 - 1;
1524 const size_t __idx __unused = __len - 1;
1525 char syshost[256];
1526 int error;
1527
1528 error = gethostname(syshost, __len);
1529 if (error != 0 || strlen(syshost) <= __len)
1530 atf_tc_skip("hostname too short for testing");
1531
1532 gethostname(__stack.__buf, __len);
1533 #undef BUF
1534
1535 }
1536
1537 ATF_TC_WITHOUT_HEAD(gethostname_end);
ATF_TC_BODY(gethostname_end,tc)1538 ATF_TC_BODY(gethostname_end, tc)
1539 {
1540 #define BUF &__stack.__buf
1541 struct {
1542 uint8_t padding_l;
1543 unsigned char __buf[4];
1544 uint8_t padding_r;
1545 } __stack;
1546 const size_t __bufsz __unused = sizeof(__stack.__buf);
1547 const size_t __len = 4;
1548 const size_t __idx __unused = __len - 1;
1549 char syshost[256];
1550 int error;
1551
1552 error = gethostname(syshost, __len);
1553 if (error != 0 || strlen(syshost) <= __len)
1554 atf_tc_skip("hostname too short for testing");
1555
1556 gethostname(__stack.__buf, __len);
1557 #undef BUF
1558
1559 }
1560
1561 ATF_TC_WITHOUT_HEAD(gethostname_heap_before_end);
ATF_TC_BODY(gethostname_heap_before_end,tc)1562 ATF_TC_BODY(gethostname_heap_before_end, tc)
1563 {
1564 #define BUF __stack.__buf
1565 struct {
1566 uint8_t padding_l;
1567 unsigned char * __buf;
1568 uint8_t padding_r;
1569 } __stack;
1570 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4);
1571 const size_t __len = 4 - 1;
1572 const size_t __idx __unused = __len - 1;
1573 char syshost[256];
1574 int error;
1575
1576 error = gethostname(syshost, __len);
1577 if (error != 0 || strlen(syshost) <= __len)
1578 atf_tc_skip("hostname too short for testing");
1579
1580 __stack.__buf = malloc(__bufsz);
1581
1582 gethostname(__stack.__buf, __len);
1583 #undef BUF
1584
1585 }
1586
1587 ATF_TC_WITHOUT_HEAD(gethostname_heap_end);
ATF_TC_BODY(gethostname_heap_end,tc)1588 ATF_TC_BODY(gethostname_heap_end, tc)
1589 {
1590 #define BUF __stack.__buf
1591 struct {
1592 uint8_t padding_l;
1593 unsigned char * __buf;
1594 uint8_t padding_r;
1595 } __stack;
1596 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4);
1597 const size_t __len = 4;
1598 const size_t __idx __unused = __len - 1;
1599 char syshost[256];
1600 int error;
1601
1602 error = gethostname(syshost, __len);
1603 if (error != 0 || strlen(syshost) <= __len)
1604 atf_tc_skip("hostname too short for testing");
1605
1606 __stack.__buf = malloc(__bufsz);
1607
1608 gethostname(__stack.__buf, __len);
1609 #undef BUF
1610
1611 }
1612
1613 ATF_TC_WITHOUT_HEAD(gethostname_heap_after_end);
ATF_TC_BODY(gethostname_heap_after_end,tc)1614 ATF_TC_BODY(gethostname_heap_after_end, tc)
1615 {
1616 #define BUF __stack.__buf
1617 struct {
1618 uint8_t padding_l;
1619 unsigned char * __buf;
1620 uint8_t padding_r;
1621 } __stack;
1622 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4);
1623 const size_t __len = 4 + 1;
1624 const size_t __idx __unused = __len - 1;
1625 pid_t __child;
1626 int __status;
1627 char syshost[256];
1628 int error;
1629
1630 error = gethostname(syshost, __len);
1631 if (error != 0 || strlen(syshost) <= __len)
1632 atf_tc_skip("hostname too short for testing");
1633
1634 __child = fork();
1635 ATF_REQUIRE(__child >= 0);
1636 if (__child > 0)
1637 goto monitor;
1638
1639 /* Child */
1640 disable_coredumps();
1641 __stack.__buf = malloc(__bufsz);
1642
1643 gethostname(__stack.__buf, __len);
1644 _exit(EX_SOFTWARE); /* Should have aborted. */
1645
1646 monitor:
1647 while (waitpid(__child, &__status, 0) != __child) {
1648 ATF_REQUIRE_EQ(EINTR, errno);
1649 }
1650
1651 if (!WIFSIGNALED(__status)) {
1652 switch (WEXITSTATUS(__status)) {
1653 case EX_SOFTWARE:
1654 atf_tc_fail("FORTIFY_SOURCE failed to abort");
1655 break;
1656 case EX_OSERR:
1657 atf_tc_fail("setrlimit(2) failed");
1658 break;
1659 default:
1660 atf_tc_fail("child exited with status %d",
1661 WEXITSTATUS(__status));
1662 }
1663 } else {
1664 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
1665 }
1666 #undef BUF
1667
1668 }
1669
1670 ATF_TC_WITHOUT_HEAD(getlogin_r_before_end);
ATF_TC_BODY(getlogin_r_before_end,tc)1671 ATF_TC_BODY(getlogin_r_before_end, tc)
1672 {
1673 #define BUF &__stack.__buf
1674 struct {
1675 uint8_t padding_l;
1676 unsigned char __buf[MAXLOGNAME + 1];
1677 uint8_t padding_r;
1678 } __stack;
1679 const size_t __bufsz __unused = sizeof(__stack.__buf);
1680 const size_t __len = MAXLOGNAME + 1 - 1;
1681 const size_t __idx __unused = __len - 1;
1682
1683 getlogin_r(__stack.__buf, __len);
1684 #undef BUF
1685
1686 }
1687
1688 ATF_TC_WITHOUT_HEAD(getlogin_r_end);
ATF_TC_BODY(getlogin_r_end,tc)1689 ATF_TC_BODY(getlogin_r_end, tc)
1690 {
1691 #define BUF &__stack.__buf
1692 struct {
1693 uint8_t padding_l;
1694 unsigned char __buf[MAXLOGNAME + 1];
1695 uint8_t padding_r;
1696 } __stack;
1697 const size_t __bufsz __unused = sizeof(__stack.__buf);
1698 const size_t __len = MAXLOGNAME + 1;
1699 const size_t __idx __unused = __len - 1;
1700
1701 getlogin_r(__stack.__buf, __len);
1702 #undef BUF
1703
1704 }
1705
1706 ATF_TC_WITHOUT_HEAD(getlogin_r_heap_before_end);
ATF_TC_BODY(getlogin_r_heap_before_end,tc)1707 ATF_TC_BODY(getlogin_r_heap_before_end, tc)
1708 {
1709 #define BUF __stack.__buf
1710 struct {
1711 uint8_t padding_l;
1712 unsigned char * __buf;
1713 uint8_t padding_r;
1714 } __stack;
1715 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (MAXLOGNAME + 1);
1716 const size_t __len = MAXLOGNAME + 1 - 1;
1717 const size_t __idx __unused = __len - 1;
1718
1719 __stack.__buf = malloc(__bufsz);
1720
1721 getlogin_r(__stack.__buf, __len);
1722 #undef BUF
1723
1724 }
1725
1726 ATF_TC_WITHOUT_HEAD(getlogin_r_heap_end);
ATF_TC_BODY(getlogin_r_heap_end,tc)1727 ATF_TC_BODY(getlogin_r_heap_end, tc)
1728 {
1729 #define BUF __stack.__buf
1730 struct {
1731 uint8_t padding_l;
1732 unsigned char * __buf;
1733 uint8_t padding_r;
1734 } __stack;
1735 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (MAXLOGNAME + 1);
1736 const size_t __len = MAXLOGNAME + 1;
1737 const size_t __idx __unused = __len - 1;
1738
1739 __stack.__buf = malloc(__bufsz);
1740
1741 getlogin_r(__stack.__buf, __len);
1742 #undef BUF
1743
1744 }
1745
1746 ATF_TC_WITHOUT_HEAD(getlogin_r_heap_after_end);
ATF_TC_BODY(getlogin_r_heap_after_end,tc)1747 ATF_TC_BODY(getlogin_r_heap_after_end, tc)
1748 {
1749 #define BUF __stack.__buf
1750 struct {
1751 uint8_t padding_l;
1752 unsigned char * __buf;
1753 uint8_t padding_r;
1754 } __stack;
1755 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (MAXLOGNAME + 1);
1756 const size_t __len = MAXLOGNAME + 1 + 1;
1757 const size_t __idx __unused = __len - 1;
1758 pid_t __child;
1759 int __status;
1760
1761 __child = fork();
1762 ATF_REQUIRE(__child >= 0);
1763 if (__child > 0)
1764 goto monitor;
1765
1766 /* Child */
1767 disable_coredumps();
1768 __stack.__buf = malloc(__bufsz);
1769
1770 getlogin_r(__stack.__buf, __len);
1771 _exit(EX_SOFTWARE); /* Should have aborted. */
1772
1773 monitor:
1774 while (waitpid(__child, &__status, 0) != __child) {
1775 ATF_REQUIRE_EQ(EINTR, errno);
1776 }
1777
1778 if (!WIFSIGNALED(__status)) {
1779 switch (WEXITSTATUS(__status)) {
1780 case EX_SOFTWARE:
1781 atf_tc_fail("FORTIFY_SOURCE failed to abort");
1782 break;
1783 case EX_OSERR:
1784 atf_tc_fail("setrlimit(2) failed");
1785 break;
1786 default:
1787 atf_tc_fail("child exited with status %d",
1788 WEXITSTATUS(__status));
1789 }
1790 } else {
1791 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
1792 }
1793 #undef BUF
1794
1795 }
1796
1797 ATF_TC_WITHOUT_HEAD(ttyname_r_before_end);
ATF_TC_BODY(ttyname_r_before_end,tc)1798 ATF_TC_BODY(ttyname_r_before_end, tc)
1799 {
1800 #define BUF &__stack.__buf
1801 struct {
1802 uint8_t padding_l;
1803 unsigned char __buf[42];
1804 uint8_t padding_r;
1805 } __stack;
1806 const size_t __bufsz __unused = sizeof(__stack.__buf);
1807 const size_t __len = 42 - 1;
1808 const size_t __idx __unused = __len - 1;
1809 int fd;
1810
1811 fd = STDIN_FILENO;
1812 if (!isatty(fd))
1813 atf_tc_skip("stdin is not an fd");
1814
1815 ttyname_r(fd, __stack.__buf, __len);
1816 #undef BUF
1817
1818 }
1819
1820 ATF_TC_WITHOUT_HEAD(ttyname_r_end);
ATF_TC_BODY(ttyname_r_end,tc)1821 ATF_TC_BODY(ttyname_r_end, tc)
1822 {
1823 #define BUF &__stack.__buf
1824 struct {
1825 uint8_t padding_l;
1826 unsigned char __buf[42];
1827 uint8_t padding_r;
1828 } __stack;
1829 const size_t __bufsz __unused = sizeof(__stack.__buf);
1830 const size_t __len = 42;
1831 const size_t __idx __unused = __len - 1;
1832 int fd;
1833
1834 fd = STDIN_FILENO;
1835 if (!isatty(fd))
1836 atf_tc_skip("stdin is not an fd");
1837
1838 ttyname_r(fd, __stack.__buf, __len);
1839 #undef BUF
1840
1841 }
1842
1843 ATF_TC_WITHOUT_HEAD(ttyname_r_heap_before_end);
ATF_TC_BODY(ttyname_r_heap_before_end,tc)1844 ATF_TC_BODY(ttyname_r_heap_before_end, tc)
1845 {
1846 #define BUF __stack.__buf
1847 struct {
1848 uint8_t padding_l;
1849 unsigned char * __buf;
1850 uint8_t padding_r;
1851 } __stack;
1852 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
1853 const size_t __len = 42 - 1;
1854 const size_t __idx __unused = __len - 1;
1855 int fd;
1856
1857 fd = STDIN_FILENO;
1858 if (!isatty(fd))
1859 atf_tc_skip("stdin is not an fd");
1860
1861 __stack.__buf = malloc(__bufsz);
1862
1863 ttyname_r(fd, __stack.__buf, __len);
1864 #undef BUF
1865
1866 }
1867
1868 ATF_TC_WITHOUT_HEAD(ttyname_r_heap_end);
ATF_TC_BODY(ttyname_r_heap_end,tc)1869 ATF_TC_BODY(ttyname_r_heap_end, tc)
1870 {
1871 #define BUF __stack.__buf
1872 struct {
1873 uint8_t padding_l;
1874 unsigned char * __buf;
1875 uint8_t padding_r;
1876 } __stack;
1877 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
1878 const size_t __len = 42;
1879 const size_t __idx __unused = __len - 1;
1880 int fd;
1881
1882 fd = STDIN_FILENO;
1883 if (!isatty(fd))
1884 atf_tc_skip("stdin is not an fd");
1885
1886 __stack.__buf = malloc(__bufsz);
1887
1888 ttyname_r(fd, __stack.__buf, __len);
1889 #undef BUF
1890
1891 }
1892
1893 ATF_TC_WITHOUT_HEAD(ttyname_r_heap_after_end);
ATF_TC_BODY(ttyname_r_heap_after_end,tc)1894 ATF_TC_BODY(ttyname_r_heap_after_end, tc)
1895 {
1896 #define BUF __stack.__buf
1897 struct {
1898 uint8_t padding_l;
1899 unsigned char * __buf;
1900 uint8_t padding_r;
1901 } __stack;
1902 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
1903 const size_t __len = 42 + 1;
1904 const size_t __idx __unused = __len - 1;
1905 pid_t __child;
1906 int __status;
1907 int fd;
1908
1909 fd = STDIN_FILENO;
1910 if (!isatty(fd))
1911 atf_tc_skip("stdin is not an fd");
1912
1913 __child = fork();
1914 ATF_REQUIRE(__child >= 0);
1915 if (__child > 0)
1916 goto monitor;
1917
1918 /* Child */
1919 disable_coredumps();
1920 __stack.__buf = malloc(__bufsz);
1921
1922 ttyname_r(fd, __stack.__buf, __len);
1923 _exit(EX_SOFTWARE); /* Should have aborted. */
1924
1925 monitor:
1926 while (waitpid(__child, &__status, 0) != __child) {
1927 ATF_REQUIRE_EQ(EINTR, errno);
1928 }
1929
1930 if (!WIFSIGNALED(__status)) {
1931 switch (WEXITSTATUS(__status)) {
1932 case EX_SOFTWARE:
1933 atf_tc_fail("FORTIFY_SOURCE failed to abort");
1934 break;
1935 case EX_OSERR:
1936 atf_tc_fail("setrlimit(2) failed");
1937 break;
1938 default:
1939 atf_tc_fail("child exited with status %d",
1940 WEXITSTATUS(__status));
1941 }
1942 } else {
1943 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
1944 }
1945 #undef BUF
1946
1947 }
1948
ATF_TP_ADD_TCS(tp)1949 ATF_TP_ADD_TCS(tp)
1950 {
1951 ATF_TP_ADD_TC(tp, getcwd_before_end);
1952 ATF_TP_ADD_TC(tp, getcwd_end);
1953 ATF_TP_ADD_TC(tp, getcwd_heap_before_end);
1954 ATF_TP_ADD_TC(tp, getcwd_heap_end);
1955 ATF_TP_ADD_TC(tp, getcwd_heap_after_end);
1956 ATF_TP_ADD_TC(tp, getgrouplist_before_end);
1957 ATF_TP_ADD_TC(tp, getgrouplist_end);
1958 ATF_TP_ADD_TC(tp, getgrouplist_heap_before_end);
1959 ATF_TP_ADD_TC(tp, getgrouplist_heap_end);
1960 ATF_TP_ADD_TC(tp, getgrouplist_heap_after_end);
1961 ATF_TP_ADD_TC(tp, getgroups_before_end);
1962 ATF_TP_ADD_TC(tp, getgroups_end);
1963 ATF_TP_ADD_TC(tp, getgroups_heap_before_end);
1964 ATF_TP_ADD_TC(tp, getgroups_heap_end);
1965 ATF_TP_ADD_TC(tp, getgroups_heap_after_end);
1966 ATF_TP_ADD_TC(tp, getloginclass_before_end);
1967 ATF_TP_ADD_TC(tp, getloginclass_end);
1968 ATF_TP_ADD_TC(tp, getloginclass_heap_before_end);
1969 ATF_TP_ADD_TC(tp, getloginclass_heap_end);
1970 ATF_TP_ADD_TC(tp, getloginclass_heap_after_end);
1971 ATF_TP_ADD_TC(tp, pread_before_end);
1972 ATF_TP_ADD_TC(tp, pread_end);
1973 ATF_TP_ADD_TC(tp, pread_heap_before_end);
1974 ATF_TP_ADD_TC(tp, pread_heap_end);
1975 ATF_TP_ADD_TC(tp, pread_heap_after_end);
1976 ATF_TP_ADD_TC(tp, read_before_end);
1977 ATF_TP_ADD_TC(tp, read_end);
1978 ATF_TP_ADD_TC(tp, read_heap_before_end);
1979 ATF_TP_ADD_TC(tp, read_heap_end);
1980 ATF_TP_ADD_TC(tp, read_heap_after_end);
1981 ATF_TP_ADD_TC(tp, readlink_before_end);
1982 ATF_TP_ADD_TC(tp, readlink_end);
1983 ATF_TP_ADD_TC(tp, readlink_heap_before_end);
1984 ATF_TP_ADD_TC(tp, readlink_heap_end);
1985 ATF_TP_ADD_TC(tp, readlink_heap_after_end);
1986 ATF_TP_ADD_TC(tp, readlinkat_before_end);
1987 ATF_TP_ADD_TC(tp, readlinkat_end);
1988 ATF_TP_ADD_TC(tp, readlinkat_heap_before_end);
1989 ATF_TP_ADD_TC(tp, readlinkat_heap_end);
1990 ATF_TP_ADD_TC(tp, readlinkat_heap_after_end);
1991 ATF_TP_ADD_TC(tp, getdomainname_before_end);
1992 ATF_TP_ADD_TC(tp, getdomainname_end);
1993 ATF_TP_ADD_TC(tp, getdomainname_heap_before_end);
1994 ATF_TP_ADD_TC(tp, getdomainname_heap_end);
1995 ATF_TP_ADD_TC(tp, getdomainname_heap_after_end);
1996 ATF_TP_ADD_TC(tp, getentropy_before_end);
1997 ATF_TP_ADD_TC(tp, getentropy_end);
1998 ATF_TP_ADD_TC(tp, getentropy_heap_before_end);
1999 ATF_TP_ADD_TC(tp, getentropy_heap_end);
2000 ATF_TP_ADD_TC(tp, getentropy_heap_after_end);
2001 ATF_TP_ADD_TC(tp, gethostname_before_end);
2002 ATF_TP_ADD_TC(tp, gethostname_end);
2003 ATF_TP_ADD_TC(tp, gethostname_heap_before_end);
2004 ATF_TP_ADD_TC(tp, gethostname_heap_end);
2005 ATF_TP_ADD_TC(tp, gethostname_heap_after_end);
2006 ATF_TP_ADD_TC(tp, getlogin_r_before_end);
2007 ATF_TP_ADD_TC(tp, getlogin_r_end);
2008 ATF_TP_ADD_TC(tp, getlogin_r_heap_before_end);
2009 ATF_TP_ADD_TC(tp, getlogin_r_heap_end);
2010 ATF_TP_ADD_TC(tp, getlogin_r_heap_after_end);
2011 ATF_TP_ADD_TC(tp, ttyname_r_before_end);
2012 ATF_TP_ADD_TC(tp, ttyname_r_end);
2013 ATF_TP_ADD_TC(tp, ttyname_r_heap_before_end);
2014 ATF_TP_ADD_TC(tp, ttyname_r_heap_end);
2015 ATF_TP_ADD_TC(tp, ttyname_r_heap_after_end);
2016 return (atf_no_error());
2017 }
2018