1 /* @generated by `generate-fortify-tests.lua "unistd"` */ 2 3 #define _FORTIFY_SOURCE 2 4 #define TMPFILE_SIZE (1024 * 32) 5 6 #include <sys/param.h> 7 #include <sys/random.h> 8 #include <sys/resource.h> 9 #include <sys/time.h> 10 #include <sys/wait.h> 11 #include <dirent.h> 12 #include <errno.h> 13 #include <fcntl.h> 14 #include <limits.h> 15 #include <poll.h> 16 #include <signal.h> 17 #include <stdio.h> 18 #include <stdlib.h> 19 #include <string.h> 20 #include <strings.h> 21 #include <sysexits.h> 22 #include <unistd.h> 23 #include <wchar.h> 24 #include <atf-c.h> 25 26 static FILE * __unused 27 new_fp(size_t __len) 28 { 29 static char fpbuf[LINE_MAX]; 30 FILE *fp; 31 32 ATF_REQUIRE(__len <= sizeof(fpbuf)); 33 34 memset(fpbuf, 'A', sizeof(fpbuf) - 1); 35 fpbuf[sizeof(fpbuf) - 1] = '\0'; 36 37 fp = fmemopen(fpbuf, sizeof(fpbuf), "rb"); 38 ATF_REQUIRE(fp != NULL); 39 40 return (fp); 41 } 42 43 /* 44 * Create a new symlink to use for readlink(2) style tests, we'll just use a 45 * random target name to have something interesting to look at. 46 */ 47 static const char * __unused 48 new_symlink(size_t __len) 49 { 50 static const char linkname[] = "link"; 51 char target[MAXNAMLEN]; 52 int error; 53 54 ATF_REQUIRE(__len <= sizeof(target)); 55 56 arc4random_buf(target, sizeof(target)); 57 58 error = unlink(linkname); 59 ATF_REQUIRE(error == 0 || errno == ENOENT); 60 61 error = symlink(target, linkname); 62 ATF_REQUIRE(error == 0); 63 64 return (linkname); 65 } 66 67 /* 68 * Constructs a tmpfile that we can use for testing read(2) and friends. 69 */ 70 static int __unused 71 new_tmpfile(void) 72 { 73 char buf[1024]; 74 ssize_t rv; 75 size_t written; 76 int fd; 77 78 fd = open("tmpfile", O_RDWR | O_CREAT | O_TRUNC, 0644); 79 ATF_REQUIRE(fd >= 0); 80 81 written = 0; 82 while (written < TMPFILE_SIZE) { 83 rv = write(fd, buf, sizeof(buf)); 84 ATF_REQUIRE(rv > 0); 85 86 written += rv; 87 } 88 89 ATF_REQUIRE_EQ(0, lseek(fd, 0, SEEK_SET)); 90 return (fd); 91 } 92 93 static void 94 disable_coredumps(void) 95 { 96 struct rlimit rl = { 0 }; 97 98 if (setrlimit(RLIMIT_CORE, &rl) == -1) 99 _exit(EX_OSERR); 100 } 101 102 /* 103 * Replaces stdin with a file that we can actually read from, for tests where 104 * we want a FILE * or fd that we can get data from. 105 */ 106 static void __unused 107 replace_stdin(void) 108 { 109 int fd; 110 111 fd = new_tmpfile(); 112 113 (void)dup2(fd, STDIN_FILENO); 114 if (fd != STDIN_FILENO) 115 close(fd); 116 } 117 118 ATF_TC_WITHOUT_HEAD(getcwd_before_end); 119 ATF_TC_BODY(getcwd_before_end, tc) 120 { 121 #define BUF &__stack.__buf 122 struct { 123 uint8_t padding_l; 124 unsigned char __buf[8]; 125 uint8_t padding_r; 126 } __stack; 127 const size_t __bufsz __unused = sizeof(__stack.__buf); 128 const size_t __len = 8 - 1; 129 const size_t __idx __unused = __len - 1; 130 131 getcwd(__stack.__buf, __len); 132 #undef BUF 133 134 } 135 136 ATF_TC_WITHOUT_HEAD(getcwd_end); 137 ATF_TC_BODY(getcwd_end, tc) 138 { 139 #define BUF &__stack.__buf 140 struct { 141 uint8_t padding_l; 142 unsigned char __buf[8]; 143 uint8_t padding_r; 144 } __stack; 145 const size_t __bufsz __unused = sizeof(__stack.__buf); 146 const size_t __len = 8; 147 const size_t __idx __unused = __len - 1; 148 149 getcwd(__stack.__buf, __len); 150 #undef BUF 151 152 } 153 154 ATF_TC_WITHOUT_HEAD(getcwd_heap_before_end); 155 ATF_TC_BODY(getcwd_heap_before_end, tc) 156 { 157 #define BUF __stack.__buf 158 struct { 159 uint8_t padding_l; 160 unsigned char * __buf; 161 uint8_t padding_r; 162 } __stack; 163 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (8); 164 const size_t __len = 8 - 1; 165 const size_t __idx __unused = __len - 1; 166 167 __stack.__buf = malloc(__bufsz); 168 169 getcwd(__stack.__buf, __len); 170 #undef BUF 171 172 } 173 174 ATF_TC_WITHOUT_HEAD(getcwd_heap_end); 175 ATF_TC_BODY(getcwd_heap_end, tc) 176 { 177 #define BUF __stack.__buf 178 struct { 179 uint8_t padding_l; 180 unsigned char * __buf; 181 uint8_t padding_r; 182 } __stack; 183 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (8); 184 const size_t __len = 8; 185 const size_t __idx __unused = __len - 1; 186 187 __stack.__buf = malloc(__bufsz); 188 189 getcwd(__stack.__buf, __len); 190 #undef BUF 191 192 } 193 194 ATF_TC_WITHOUT_HEAD(getcwd_heap_after_end); 195 ATF_TC_BODY(getcwd_heap_after_end, tc) 196 { 197 #define BUF __stack.__buf 198 struct { 199 uint8_t padding_l; 200 unsigned char * __buf; 201 uint8_t padding_r; 202 } __stack; 203 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (8); 204 const size_t __len = 8 + 1; 205 const size_t __idx __unused = __len - 1; 206 pid_t __child; 207 int __status; 208 209 __child = fork(); 210 ATF_REQUIRE(__child >= 0); 211 if (__child > 0) 212 goto monitor; 213 214 /* Child */ 215 disable_coredumps(); 216 __stack.__buf = malloc(__bufsz); 217 218 getcwd(__stack.__buf, __len); 219 _exit(EX_SOFTWARE); /* Should have aborted. */ 220 221 monitor: 222 while (waitpid(__child, &__status, 0) != __child) { 223 ATF_REQUIRE_EQ(EINTR, errno); 224 } 225 226 if (!WIFSIGNALED(__status)) { 227 switch (WEXITSTATUS(__status)) { 228 case EX_SOFTWARE: 229 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 230 break; 231 case EX_OSERR: 232 atf_tc_fail("setrlimit(2) failed"); 233 break; 234 default: 235 atf_tc_fail("child exited with status %d", 236 WEXITSTATUS(__status)); 237 } 238 } else { 239 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 240 } 241 #undef BUF 242 243 } 244 245 ATF_TC_WITHOUT_HEAD(getgrouplist_before_end); 246 ATF_TC_BODY(getgrouplist_before_end, tc) 247 { 248 #define BUF &__stack.__buf 249 struct { 250 uint8_t padding_l; 251 gid_t __buf[4]; 252 uint8_t padding_r; 253 } __stack; 254 const size_t __bufsz __unused = sizeof(__stack.__buf); 255 const size_t __len = 4 - 1; 256 const size_t __idx __unused = __len - 1; 257 int intlen = (int)__len; 258 259 getgrouplist("root", 0, __stack.__buf, &intlen); 260 #undef BUF 261 262 } 263 264 ATF_TC_WITHOUT_HEAD(getgrouplist_end); 265 ATF_TC_BODY(getgrouplist_end, tc) 266 { 267 #define BUF &__stack.__buf 268 struct { 269 uint8_t padding_l; 270 gid_t __buf[4]; 271 uint8_t padding_r; 272 } __stack; 273 const size_t __bufsz __unused = sizeof(__stack.__buf); 274 const size_t __len = 4; 275 const size_t __idx __unused = __len - 1; 276 int intlen = (int)__len; 277 278 getgrouplist("root", 0, __stack.__buf, &intlen); 279 #undef BUF 280 281 } 282 283 ATF_TC_WITHOUT_HEAD(getgrouplist_heap_before_end); 284 ATF_TC_BODY(getgrouplist_heap_before_end, tc) 285 { 286 #define BUF __stack.__buf 287 struct { 288 uint8_t padding_l; 289 gid_t * __buf; 290 uint8_t padding_r; 291 } __stack; 292 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 293 const size_t __len = 4 - 1; 294 const size_t __idx __unused = __len - 1; 295 int intlen = (int)__len; 296 297 __stack.__buf = malloc(__bufsz); 298 299 getgrouplist("root", 0, __stack.__buf, &intlen); 300 #undef BUF 301 302 } 303 304 ATF_TC_WITHOUT_HEAD(getgrouplist_heap_end); 305 ATF_TC_BODY(getgrouplist_heap_end, tc) 306 { 307 #define BUF __stack.__buf 308 struct { 309 uint8_t padding_l; 310 gid_t * __buf; 311 uint8_t padding_r; 312 } __stack; 313 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 314 const size_t __len = 4; 315 const size_t __idx __unused = __len - 1; 316 int intlen = (int)__len; 317 318 __stack.__buf = malloc(__bufsz); 319 320 getgrouplist("root", 0, __stack.__buf, &intlen); 321 #undef BUF 322 323 } 324 325 ATF_TC_WITHOUT_HEAD(getgrouplist_heap_after_end); 326 ATF_TC_BODY(getgrouplist_heap_after_end, tc) 327 { 328 #define BUF __stack.__buf 329 struct { 330 uint8_t padding_l; 331 gid_t * __buf; 332 uint8_t padding_r; 333 } __stack; 334 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 335 const size_t __len = 4 + 1; 336 const size_t __idx __unused = __len - 1; 337 pid_t __child; 338 int __status; 339 int intlen = (int)__len; 340 341 __child = fork(); 342 ATF_REQUIRE(__child >= 0); 343 if (__child > 0) 344 goto monitor; 345 346 /* Child */ 347 disable_coredumps(); 348 __stack.__buf = malloc(__bufsz); 349 350 getgrouplist("root", 0, __stack.__buf, &intlen); 351 _exit(EX_SOFTWARE); /* Should have aborted. */ 352 353 monitor: 354 while (waitpid(__child, &__status, 0) != __child) { 355 ATF_REQUIRE_EQ(EINTR, errno); 356 } 357 358 if (!WIFSIGNALED(__status)) { 359 switch (WEXITSTATUS(__status)) { 360 case EX_SOFTWARE: 361 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 362 break; 363 case EX_OSERR: 364 atf_tc_fail("setrlimit(2) failed"); 365 break; 366 default: 367 atf_tc_fail("child exited with status %d", 368 WEXITSTATUS(__status)); 369 } 370 } else { 371 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 372 } 373 #undef BUF 374 375 } 376 377 ATF_TC_WITHOUT_HEAD(getgroups_before_end); 378 ATF_TC_BODY(getgroups_before_end, tc) 379 { 380 #define BUF &__stack.__buf 381 struct { 382 uint8_t padding_l; 383 gid_t __buf[4]; 384 uint8_t padding_r; 385 } __stack; 386 const size_t __bufsz __unused = sizeof(__stack.__buf); 387 const size_t __len = 4 - 1; 388 const size_t __idx __unused = __len - 1; 389 390 getgroups(__len, __stack.__buf); 391 #undef BUF 392 393 } 394 395 ATF_TC_WITHOUT_HEAD(getgroups_end); 396 ATF_TC_BODY(getgroups_end, tc) 397 { 398 #define BUF &__stack.__buf 399 struct { 400 uint8_t padding_l; 401 gid_t __buf[4]; 402 uint8_t padding_r; 403 } __stack; 404 const size_t __bufsz __unused = sizeof(__stack.__buf); 405 const size_t __len = 4; 406 const size_t __idx __unused = __len - 1; 407 408 getgroups(__len, __stack.__buf); 409 #undef BUF 410 411 } 412 413 ATF_TC_WITHOUT_HEAD(getgroups_heap_before_end); 414 ATF_TC_BODY(getgroups_heap_before_end, tc) 415 { 416 #define BUF __stack.__buf 417 struct { 418 uint8_t padding_l; 419 gid_t * __buf; 420 uint8_t padding_r; 421 } __stack; 422 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 423 const size_t __len = 4 - 1; 424 const size_t __idx __unused = __len - 1; 425 426 __stack.__buf = malloc(__bufsz); 427 428 getgroups(__len, __stack.__buf); 429 #undef BUF 430 431 } 432 433 ATF_TC_WITHOUT_HEAD(getgroups_heap_end); 434 ATF_TC_BODY(getgroups_heap_end, tc) 435 { 436 #define BUF __stack.__buf 437 struct { 438 uint8_t padding_l; 439 gid_t * __buf; 440 uint8_t padding_r; 441 } __stack; 442 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 443 const size_t __len = 4; 444 const size_t __idx __unused = __len - 1; 445 446 __stack.__buf = malloc(__bufsz); 447 448 getgroups(__len, __stack.__buf); 449 #undef BUF 450 451 } 452 453 ATF_TC_WITHOUT_HEAD(getgroups_heap_after_end); 454 ATF_TC_BODY(getgroups_heap_after_end, tc) 455 { 456 #define BUF __stack.__buf 457 struct { 458 uint8_t padding_l; 459 gid_t * __buf; 460 uint8_t padding_r; 461 } __stack; 462 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 463 const size_t __len = 4 + 1; 464 const size_t __idx __unused = __len - 1; 465 pid_t __child; 466 int __status; 467 468 __child = fork(); 469 ATF_REQUIRE(__child >= 0); 470 if (__child > 0) 471 goto monitor; 472 473 /* Child */ 474 disable_coredumps(); 475 __stack.__buf = malloc(__bufsz); 476 477 getgroups(__len, __stack.__buf); 478 _exit(EX_SOFTWARE); /* Should have aborted. */ 479 480 monitor: 481 while (waitpid(__child, &__status, 0) != __child) { 482 ATF_REQUIRE_EQ(EINTR, errno); 483 } 484 485 if (!WIFSIGNALED(__status)) { 486 switch (WEXITSTATUS(__status)) { 487 case EX_SOFTWARE: 488 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 489 break; 490 case EX_OSERR: 491 atf_tc_fail("setrlimit(2) failed"); 492 break; 493 default: 494 atf_tc_fail("child exited with status %d", 495 WEXITSTATUS(__status)); 496 } 497 } else { 498 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 499 } 500 #undef BUF 501 502 } 503 504 ATF_TC_WITHOUT_HEAD(getloginclass_before_end); 505 ATF_TC_BODY(getloginclass_before_end, tc) 506 { 507 #define BUF &__stack.__buf 508 struct { 509 uint8_t padding_l; 510 unsigned char __buf[42]; 511 uint8_t padding_r; 512 } __stack; 513 const size_t __bufsz __unused = sizeof(__stack.__buf); 514 const size_t __len = 42 - 1; 515 const size_t __idx __unused = __len - 1; 516 517 getloginclass(__stack.__buf, __len); 518 #undef BUF 519 520 } 521 522 ATF_TC_WITHOUT_HEAD(getloginclass_end); 523 ATF_TC_BODY(getloginclass_end, tc) 524 { 525 #define BUF &__stack.__buf 526 struct { 527 uint8_t padding_l; 528 unsigned char __buf[42]; 529 uint8_t padding_r; 530 } __stack; 531 const size_t __bufsz __unused = sizeof(__stack.__buf); 532 const size_t __len = 42; 533 const size_t __idx __unused = __len - 1; 534 535 getloginclass(__stack.__buf, __len); 536 #undef BUF 537 538 } 539 540 ATF_TC_WITHOUT_HEAD(getloginclass_heap_before_end); 541 ATF_TC_BODY(getloginclass_heap_before_end, tc) 542 { 543 #define BUF __stack.__buf 544 struct { 545 uint8_t padding_l; 546 unsigned char * __buf; 547 uint8_t padding_r; 548 } __stack; 549 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 550 const size_t __len = 42 - 1; 551 const size_t __idx __unused = __len - 1; 552 553 __stack.__buf = malloc(__bufsz); 554 555 getloginclass(__stack.__buf, __len); 556 #undef BUF 557 558 } 559 560 ATF_TC_WITHOUT_HEAD(getloginclass_heap_end); 561 ATF_TC_BODY(getloginclass_heap_end, tc) 562 { 563 #define BUF __stack.__buf 564 struct { 565 uint8_t padding_l; 566 unsigned char * __buf; 567 uint8_t padding_r; 568 } __stack; 569 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 570 const size_t __len = 42; 571 const size_t __idx __unused = __len - 1; 572 573 __stack.__buf = malloc(__bufsz); 574 575 getloginclass(__stack.__buf, __len); 576 #undef BUF 577 578 } 579 580 ATF_TC_WITHOUT_HEAD(getloginclass_heap_after_end); 581 ATF_TC_BODY(getloginclass_heap_after_end, tc) 582 { 583 #define BUF __stack.__buf 584 struct { 585 uint8_t padding_l; 586 unsigned char * __buf; 587 uint8_t padding_r; 588 } __stack; 589 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 590 const size_t __len = 42 + 1; 591 const size_t __idx __unused = __len - 1; 592 pid_t __child; 593 int __status; 594 595 __child = fork(); 596 ATF_REQUIRE(__child >= 0); 597 if (__child > 0) 598 goto monitor; 599 600 /* Child */ 601 disable_coredumps(); 602 __stack.__buf = malloc(__bufsz); 603 604 getloginclass(__stack.__buf, __len); 605 _exit(EX_SOFTWARE); /* Should have aborted. */ 606 607 monitor: 608 while (waitpid(__child, &__status, 0) != __child) { 609 ATF_REQUIRE_EQ(EINTR, errno); 610 } 611 612 if (!WIFSIGNALED(__status)) { 613 switch (WEXITSTATUS(__status)) { 614 case EX_SOFTWARE: 615 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 616 break; 617 case EX_OSERR: 618 atf_tc_fail("setrlimit(2) failed"); 619 break; 620 default: 621 atf_tc_fail("child exited with status %d", 622 WEXITSTATUS(__status)); 623 } 624 } else { 625 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 626 } 627 #undef BUF 628 629 } 630 631 ATF_TC_WITHOUT_HEAD(pread_before_end); 632 ATF_TC_BODY(pread_before_end, tc) 633 { 634 #define BUF &__stack.__buf 635 struct { 636 uint8_t padding_l; 637 unsigned char __buf[41]; 638 uint8_t padding_r; 639 } __stack; 640 const size_t __bufsz __unused = sizeof(__stack.__buf); 641 const size_t __len = 41 - 1; 642 const size_t __idx __unused = __len - 1; 643 int fd; 644 645 fd = new_tmpfile(); /* Cannot fail */ 646 647 pread(fd, __stack.__buf, __len, 0); 648 #undef BUF 649 650 } 651 652 ATF_TC_WITHOUT_HEAD(pread_end); 653 ATF_TC_BODY(pread_end, tc) 654 { 655 #define BUF &__stack.__buf 656 struct { 657 uint8_t padding_l; 658 unsigned char __buf[41]; 659 uint8_t padding_r; 660 } __stack; 661 const size_t __bufsz __unused = sizeof(__stack.__buf); 662 const size_t __len = 41; 663 const size_t __idx __unused = __len - 1; 664 int fd; 665 666 fd = new_tmpfile(); /* Cannot fail */ 667 668 pread(fd, __stack.__buf, __len, 0); 669 #undef BUF 670 671 } 672 673 ATF_TC_WITHOUT_HEAD(pread_heap_before_end); 674 ATF_TC_BODY(pread_heap_before_end, tc) 675 { 676 #define BUF __stack.__buf 677 struct { 678 uint8_t padding_l; 679 unsigned char * __buf; 680 uint8_t padding_r; 681 } __stack; 682 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 683 const size_t __len = 41 - 1; 684 const size_t __idx __unused = __len - 1; 685 int fd; 686 687 __stack.__buf = malloc(__bufsz); 688 fd = new_tmpfile(); /* Cannot fail */ 689 690 pread(fd, __stack.__buf, __len, 0); 691 #undef BUF 692 693 } 694 695 ATF_TC_WITHOUT_HEAD(pread_heap_end); 696 ATF_TC_BODY(pread_heap_end, tc) 697 { 698 #define BUF __stack.__buf 699 struct { 700 uint8_t padding_l; 701 unsigned char * __buf; 702 uint8_t padding_r; 703 } __stack; 704 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 705 const size_t __len = 41; 706 const size_t __idx __unused = __len - 1; 707 int fd; 708 709 __stack.__buf = malloc(__bufsz); 710 fd = new_tmpfile(); /* Cannot fail */ 711 712 pread(fd, __stack.__buf, __len, 0); 713 #undef BUF 714 715 } 716 717 ATF_TC_WITHOUT_HEAD(pread_heap_after_end); 718 ATF_TC_BODY(pread_heap_after_end, tc) 719 { 720 #define BUF __stack.__buf 721 struct { 722 uint8_t padding_l; 723 unsigned char * __buf; 724 uint8_t padding_r; 725 } __stack; 726 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 727 const size_t __len = 41 + 1; 728 const size_t __idx __unused = __len - 1; 729 pid_t __child; 730 int __status; 731 int fd; 732 733 __child = fork(); 734 ATF_REQUIRE(__child >= 0); 735 if (__child > 0) 736 goto monitor; 737 738 /* Child */ 739 disable_coredumps(); 740 __stack.__buf = malloc(__bufsz); 741 fd = new_tmpfile(); /* Cannot fail */ 742 743 pread(fd, __stack.__buf, __len, 0); 744 _exit(EX_SOFTWARE); /* Should have aborted. */ 745 746 monitor: 747 while (waitpid(__child, &__status, 0) != __child) { 748 ATF_REQUIRE_EQ(EINTR, errno); 749 } 750 751 if (!WIFSIGNALED(__status)) { 752 switch (WEXITSTATUS(__status)) { 753 case EX_SOFTWARE: 754 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 755 break; 756 case EX_OSERR: 757 atf_tc_fail("setrlimit(2) failed"); 758 break; 759 default: 760 atf_tc_fail("child exited with status %d", 761 WEXITSTATUS(__status)); 762 } 763 } else { 764 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 765 } 766 #undef BUF 767 768 } 769 770 ATF_TC_WITHOUT_HEAD(read_before_end); 771 ATF_TC_BODY(read_before_end, tc) 772 { 773 #define BUF &__stack.__buf 774 struct { 775 uint8_t padding_l; 776 unsigned char __buf[41]; 777 uint8_t padding_r; 778 } __stack; 779 const size_t __bufsz __unused = sizeof(__stack.__buf); 780 const size_t __len = 41 - 1; 781 const size_t __idx __unused = __len - 1; 782 int fd; 783 784 fd = new_tmpfile(); /* Cannot fail */ 785 786 read(fd, __stack.__buf, __len); 787 #undef BUF 788 789 } 790 791 ATF_TC_WITHOUT_HEAD(read_end); 792 ATF_TC_BODY(read_end, tc) 793 { 794 #define BUF &__stack.__buf 795 struct { 796 uint8_t padding_l; 797 unsigned char __buf[41]; 798 uint8_t padding_r; 799 } __stack; 800 const size_t __bufsz __unused = sizeof(__stack.__buf); 801 const size_t __len = 41; 802 const size_t __idx __unused = __len - 1; 803 int fd; 804 805 fd = new_tmpfile(); /* Cannot fail */ 806 807 read(fd, __stack.__buf, __len); 808 #undef BUF 809 810 } 811 812 ATF_TC_WITHOUT_HEAD(read_heap_before_end); 813 ATF_TC_BODY(read_heap_before_end, tc) 814 { 815 #define BUF __stack.__buf 816 struct { 817 uint8_t padding_l; 818 unsigned char * __buf; 819 uint8_t padding_r; 820 } __stack; 821 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 822 const size_t __len = 41 - 1; 823 const size_t __idx __unused = __len - 1; 824 int fd; 825 826 __stack.__buf = malloc(__bufsz); 827 fd = new_tmpfile(); /* Cannot fail */ 828 829 read(fd, __stack.__buf, __len); 830 #undef BUF 831 832 } 833 834 ATF_TC_WITHOUT_HEAD(read_heap_end); 835 ATF_TC_BODY(read_heap_end, tc) 836 { 837 #define BUF __stack.__buf 838 struct { 839 uint8_t padding_l; 840 unsigned char * __buf; 841 uint8_t padding_r; 842 } __stack; 843 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 844 const size_t __len = 41; 845 const size_t __idx __unused = __len - 1; 846 int fd; 847 848 __stack.__buf = malloc(__bufsz); 849 fd = new_tmpfile(); /* Cannot fail */ 850 851 read(fd, __stack.__buf, __len); 852 #undef BUF 853 854 } 855 856 ATF_TC_WITHOUT_HEAD(read_heap_after_end); 857 ATF_TC_BODY(read_heap_after_end, tc) 858 { 859 #define BUF __stack.__buf 860 struct { 861 uint8_t padding_l; 862 unsigned char * __buf; 863 uint8_t padding_r; 864 } __stack; 865 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 866 const size_t __len = 41 + 1; 867 const size_t __idx __unused = __len - 1; 868 pid_t __child; 869 int __status; 870 int fd; 871 872 __child = fork(); 873 ATF_REQUIRE(__child >= 0); 874 if (__child > 0) 875 goto monitor; 876 877 /* Child */ 878 disable_coredumps(); 879 __stack.__buf = malloc(__bufsz); 880 fd = new_tmpfile(); /* Cannot fail */ 881 882 read(fd, __stack.__buf, __len); 883 _exit(EX_SOFTWARE); /* Should have aborted. */ 884 885 monitor: 886 while (waitpid(__child, &__status, 0) != __child) { 887 ATF_REQUIRE_EQ(EINTR, errno); 888 } 889 890 if (!WIFSIGNALED(__status)) { 891 switch (WEXITSTATUS(__status)) { 892 case EX_SOFTWARE: 893 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 894 break; 895 case EX_OSERR: 896 atf_tc_fail("setrlimit(2) failed"); 897 break; 898 default: 899 atf_tc_fail("child exited with status %d", 900 WEXITSTATUS(__status)); 901 } 902 } else { 903 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 904 } 905 #undef BUF 906 907 } 908 909 ATF_TC_WITHOUT_HEAD(readlink_before_end); 910 ATF_TC_BODY(readlink_before_end, tc) 911 { 912 #define BUF &__stack.__buf 913 struct { 914 uint8_t padding_l; 915 unsigned char __buf[42]; 916 uint8_t padding_r; 917 } __stack; 918 const size_t __bufsz __unused = sizeof(__stack.__buf); 919 const size_t __len = 42 - 1; 920 const size_t __idx __unused = __len - 1; 921 const char *path; 922 923 path = new_symlink(__len); /* Cannot fail */ 924 925 readlink(path, __stack.__buf, __len); 926 #undef BUF 927 928 } 929 930 ATF_TC_WITHOUT_HEAD(readlink_end); 931 ATF_TC_BODY(readlink_end, tc) 932 { 933 #define BUF &__stack.__buf 934 struct { 935 uint8_t padding_l; 936 unsigned char __buf[42]; 937 uint8_t padding_r; 938 } __stack; 939 const size_t __bufsz __unused = sizeof(__stack.__buf); 940 const size_t __len = 42; 941 const size_t __idx __unused = __len - 1; 942 const char *path; 943 944 path = new_symlink(__len); /* Cannot fail */ 945 946 readlink(path, __stack.__buf, __len); 947 #undef BUF 948 949 } 950 951 ATF_TC_WITHOUT_HEAD(readlink_heap_before_end); 952 ATF_TC_BODY(readlink_heap_before_end, tc) 953 { 954 #define BUF __stack.__buf 955 struct { 956 uint8_t padding_l; 957 unsigned char * __buf; 958 uint8_t padding_r; 959 } __stack; 960 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 961 const size_t __len = 42 - 1; 962 const size_t __idx __unused = __len - 1; 963 const char *path; 964 965 __stack.__buf = malloc(__bufsz); 966 path = new_symlink(__len); /* Cannot fail */ 967 968 readlink(path, __stack.__buf, __len); 969 #undef BUF 970 971 } 972 973 ATF_TC_WITHOUT_HEAD(readlink_heap_end); 974 ATF_TC_BODY(readlink_heap_end, tc) 975 { 976 #define BUF __stack.__buf 977 struct { 978 uint8_t padding_l; 979 unsigned char * __buf; 980 uint8_t padding_r; 981 } __stack; 982 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 983 const size_t __len = 42; 984 const size_t __idx __unused = __len - 1; 985 const char *path; 986 987 __stack.__buf = malloc(__bufsz); 988 path = new_symlink(__len); /* Cannot fail */ 989 990 readlink(path, __stack.__buf, __len); 991 #undef BUF 992 993 } 994 995 ATF_TC_WITHOUT_HEAD(readlink_heap_after_end); 996 ATF_TC_BODY(readlink_heap_after_end, tc) 997 { 998 #define BUF __stack.__buf 999 struct { 1000 uint8_t padding_l; 1001 unsigned char * __buf; 1002 uint8_t padding_r; 1003 } __stack; 1004 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1005 const size_t __len = 42 + 1; 1006 const size_t __idx __unused = __len - 1; 1007 pid_t __child; 1008 int __status; 1009 const char *path; 1010 1011 __child = fork(); 1012 ATF_REQUIRE(__child >= 0); 1013 if (__child > 0) 1014 goto monitor; 1015 1016 /* Child */ 1017 disable_coredumps(); 1018 __stack.__buf = malloc(__bufsz); 1019 path = new_symlink(__len); /* Cannot fail */ 1020 1021 readlink(path, __stack.__buf, __len); 1022 _exit(EX_SOFTWARE); /* Should have aborted. */ 1023 1024 monitor: 1025 while (waitpid(__child, &__status, 0) != __child) { 1026 ATF_REQUIRE_EQ(EINTR, errno); 1027 } 1028 1029 if (!WIFSIGNALED(__status)) { 1030 switch (WEXITSTATUS(__status)) { 1031 case EX_SOFTWARE: 1032 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1033 break; 1034 case EX_OSERR: 1035 atf_tc_fail("setrlimit(2) failed"); 1036 break; 1037 default: 1038 atf_tc_fail("child exited with status %d", 1039 WEXITSTATUS(__status)); 1040 } 1041 } else { 1042 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1043 } 1044 #undef BUF 1045 1046 } 1047 1048 ATF_TC_WITHOUT_HEAD(readlinkat_before_end); 1049 ATF_TC_BODY(readlinkat_before_end, tc) 1050 { 1051 #define BUF &__stack.__buf 1052 struct { 1053 uint8_t padding_l; 1054 unsigned char __buf[42]; 1055 uint8_t padding_r; 1056 } __stack; 1057 const size_t __bufsz __unused = sizeof(__stack.__buf); 1058 const size_t __len = 42 - 1; 1059 const size_t __idx __unused = __len - 1; 1060 const char *path; 1061 1062 path = new_symlink(__len); /* Cannot fail */ 1063 1064 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1065 #undef BUF 1066 1067 } 1068 1069 ATF_TC_WITHOUT_HEAD(readlinkat_end); 1070 ATF_TC_BODY(readlinkat_end, tc) 1071 { 1072 #define BUF &__stack.__buf 1073 struct { 1074 uint8_t padding_l; 1075 unsigned char __buf[42]; 1076 uint8_t padding_r; 1077 } __stack; 1078 const size_t __bufsz __unused = sizeof(__stack.__buf); 1079 const size_t __len = 42; 1080 const size_t __idx __unused = __len - 1; 1081 const char *path; 1082 1083 path = new_symlink(__len); /* Cannot fail */ 1084 1085 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1086 #undef BUF 1087 1088 } 1089 1090 ATF_TC_WITHOUT_HEAD(readlinkat_heap_before_end); 1091 ATF_TC_BODY(readlinkat_heap_before_end, tc) 1092 { 1093 #define BUF __stack.__buf 1094 struct { 1095 uint8_t padding_l; 1096 unsigned char * __buf; 1097 uint8_t padding_r; 1098 } __stack; 1099 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1100 const size_t __len = 42 - 1; 1101 const size_t __idx __unused = __len - 1; 1102 const char *path; 1103 1104 __stack.__buf = malloc(__bufsz); 1105 path = new_symlink(__len); /* Cannot fail */ 1106 1107 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1108 #undef BUF 1109 1110 } 1111 1112 ATF_TC_WITHOUT_HEAD(readlinkat_heap_end); 1113 ATF_TC_BODY(readlinkat_heap_end, tc) 1114 { 1115 #define BUF __stack.__buf 1116 struct { 1117 uint8_t padding_l; 1118 unsigned char * __buf; 1119 uint8_t padding_r; 1120 } __stack; 1121 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1122 const size_t __len = 42; 1123 const size_t __idx __unused = __len - 1; 1124 const char *path; 1125 1126 __stack.__buf = malloc(__bufsz); 1127 path = new_symlink(__len); /* Cannot fail */ 1128 1129 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1130 #undef BUF 1131 1132 } 1133 1134 ATF_TC_WITHOUT_HEAD(readlinkat_heap_after_end); 1135 ATF_TC_BODY(readlinkat_heap_after_end, tc) 1136 { 1137 #define BUF __stack.__buf 1138 struct { 1139 uint8_t padding_l; 1140 unsigned char * __buf; 1141 uint8_t padding_r; 1142 } __stack; 1143 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1144 const size_t __len = 42 + 1; 1145 const size_t __idx __unused = __len - 1; 1146 pid_t __child; 1147 int __status; 1148 const char *path; 1149 1150 __child = fork(); 1151 ATF_REQUIRE(__child >= 0); 1152 if (__child > 0) 1153 goto monitor; 1154 1155 /* Child */ 1156 disable_coredumps(); 1157 __stack.__buf = malloc(__bufsz); 1158 path = new_symlink(__len); /* Cannot fail */ 1159 1160 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1161 _exit(EX_SOFTWARE); /* Should have aborted. */ 1162 1163 monitor: 1164 while (waitpid(__child, &__status, 0) != __child) { 1165 ATF_REQUIRE_EQ(EINTR, errno); 1166 } 1167 1168 if (!WIFSIGNALED(__status)) { 1169 switch (WEXITSTATUS(__status)) { 1170 case EX_SOFTWARE: 1171 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1172 break; 1173 case EX_OSERR: 1174 atf_tc_fail("setrlimit(2) failed"); 1175 break; 1176 default: 1177 atf_tc_fail("child exited with status %d", 1178 WEXITSTATUS(__status)); 1179 } 1180 } else { 1181 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1182 } 1183 #undef BUF 1184 1185 } 1186 1187 ATF_TC_WITHOUT_HEAD(getdomainname_before_end); 1188 ATF_TC_BODY(getdomainname_before_end, tc) 1189 { 1190 #define BUF &__stack.__buf 1191 struct { 1192 uint8_t padding_l; 1193 unsigned char __buf[4]; 1194 uint8_t padding_r; 1195 } __stack; 1196 const size_t __bufsz __unused = sizeof(__stack.__buf); 1197 const size_t __len = 4 - 1; 1198 const size_t __idx __unused = __len - 1; 1199 char sysdomain[256]; 1200 1201 (void)getdomainname(sysdomain, __len); 1202 if (strlen(sysdomain) <= __len) 1203 atf_tc_skip("domain name too short for testing"); 1204 1205 getdomainname(__stack.__buf, __len); 1206 #undef BUF 1207 1208 } 1209 1210 ATF_TC_WITHOUT_HEAD(getdomainname_end); 1211 ATF_TC_BODY(getdomainname_end, tc) 1212 { 1213 #define BUF &__stack.__buf 1214 struct { 1215 uint8_t padding_l; 1216 unsigned char __buf[4]; 1217 uint8_t padding_r; 1218 } __stack; 1219 const size_t __bufsz __unused = sizeof(__stack.__buf); 1220 const size_t __len = 4; 1221 const size_t __idx __unused = __len - 1; 1222 char sysdomain[256]; 1223 1224 (void)getdomainname(sysdomain, __len); 1225 if (strlen(sysdomain) <= __len) 1226 atf_tc_skip("domain name too short for testing"); 1227 1228 getdomainname(__stack.__buf, __len); 1229 #undef BUF 1230 1231 } 1232 1233 ATF_TC_WITHOUT_HEAD(getdomainname_heap_before_end); 1234 ATF_TC_BODY(getdomainname_heap_before_end, tc) 1235 { 1236 #define BUF __stack.__buf 1237 struct { 1238 uint8_t padding_l; 1239 unsigned char * __buf; 1240 uint8_t padding_r; 1241 } __stack; 1242 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1243 const size_t __len = 4 - 1; 1244 const size_t __idx __unused = __len - 1; 1245 char sysdomain[256]; 1246 1247 (void)getdomainname(sysdomain, __len); 1248 if (strlen(sysdomain) <= __len) 1249 atf_tc_skip("domain name too short for testing"); 1250 1251 __stack.__buf = malloc(__bufsz); 1252 1253 getdomainname(__stack.__buf, __len); 1254 #undef BUF 1255 1256 } 1257 1258 ATF_TC_WITHOUT_HEAD(getdomainname_heap_end); 1259 ATF_TC_BODY(getdomainname_heap_end, tc) 1260 { 1261 #define BUF __stack.__buf 1262 struct { 1263 uint8_t padding_l; 1264 unsigned char * __buf; 1265 uint8_t padding_r; 1266 } __stack; 1267 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1268 const size_t __len = 4; 1269 const size_t __idx __unused = __len - 1; 1270 char sysdomain[256]; 1271 1272 (void)getdomainname(sysdomain, __len); 1273 if (strlen(sysdomain) <= __len) 1274 atf_tc_skip("domain name too short for testing"); 1275 1276 __stack.__buf = malloc(__bufsz); 1277 1278 getdomainname(__stack.__buf, __len); 1279 #undef BUF 1280 1281 } 1282 1283 ATF_TC_WITHOUT_HEAD(getdomainname_heap_after_end); 1284 ATF_TC_BODY(getdomainname_heap_after_end, tc) 1285 { 1286 #define BUF __stack.__buf 1287 struct { 1288 uint8_t padding_l; 1289 unsigned char * __buf; 1290 uint8_t padding_r; 1291 } __stack; 1292 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1293 const size_t __len = 4 + 1; 1294 const size_t __idx __unused = __len - 1; 1295 pid_t __child; 1296 int __status; 1297 char sysdomain[256]; 1298 1299 (void)getdomainname(sysdomain, __len); 1300 if (strlen(sysdomain) <= __len) 1301 atf_tc_skip("domain name too short for testing"); 1302 1303 __child = fork(); 1304 ATF_REQUIRE(__child >= 0); 1305 if (__child > 0) 1306 goto monitor; 1307 1308 /* Child */ 1309 disable_coredumps(); 1310 __stack.__buf = malloc(__bufsz); 1311 1312 getdomainname(__stack.__buf, __len); 1313 _exit(EX_SOFTWARE); /* Should have aborted. */ 1314 1315 monitor: 1316 while (waitpid(__child, &__status, 0) != __child) { 1317 ATF_REQUIRE_EQ(EINTR, errno); 1318 } 1319 1320 if (!WIFSIGNALED(__status)) { 1321 switch (WEXITSTATUS(__status)) { 1322 case EX_SOFTWARE: 1323 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1324 break; 1325 case EX_OSERR: 1326 atf_tc_fail("setrlimit(2) failed"); 1327 break; 1328 default: 1329 atf_tc_fail("child exited with status %d", 1330 WEXITSTATUS(__status)); 1331 } 1332 } else { 1333 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1334 } 1335 #undef BUF 1336 1337 } 1338 1339 ATF_TC_WITHOUT_HEAD(getentropy_before_end); 1340 ATF_TC_BODY(getentropy_before_end, tc) 1341 { 1342 #define BUF &__stack.__buf 1343 struct { 1344 uint8_t padding_l; 1345 unsigned char __buf[42]; 1346 uint8_t padding_r; 1347 } __stack; 1348 const size_t __bufsz __unused = sizeof(__stack.__buf); 1349 const size_t __len = 42 - 1; 1350 const size_t __idx __unused = __len - 1; 1351 1352 getentropy(__stack.__buf, __len); 1353 #undef BUF 1354 1355 } 1356 1357 ATF_TC_WITHOUT_HEAD(getentropy_end); 1358 ATF_TC_BODY(getentropy_end, tc) 1359 { 1360 #define BUF &__stack.__buf 1361 struct { 1362 uint8_t padding_l; 1363 unsigned char __buf[42]; 1364 uint8_t padding_r; 1365 } __stack; 1366 const size_t __bufsz __unused = sizeof(__stack.__buf); 1367 const size_t __len = 42; 1368 const size_t __idx __unused = __len - 1; 1369 1370 getentropy(__stack.__buf, __len); 1371 #undef BUF 1372 1373 } 1374 1375 ATF_TC_WITHOUT_HEAD(getentropy_heap_before_end); 1376 ATF_TC_BODY(getentropy_heap_before_end, tc) 1377 { 1378 #define BUF __stack.__buf 1379 struct { 1380 uint8_t padding_l; 1381 unsigned char * __buf; 1382 uint8_t padding_r; 1383 } __stack; 1384 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1385 const size_t __len = 42 - 1; 1386 const size_t __idx __unused = __len - 1; 1387 1388 __stack.__buf = malloc(__bufsz); 1389 1390 getentropy(__stack.__buf, __len); 1391 #undef BUF 1392 1393 } 1394 1395 ATF_TC_WITHOUT_HEAD(getentropy_heap_end); 1396 ATF_TC_BODY(getentropy_heap_end, tc) 1397 { 1398 #define BUF __stack.__buf 1399 struct { 1400 uint8_t padding_l; 1401 unsigned char * __buf; 1402 uint8_t padding_r; 1403 } __stack; 1404 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1405 const size_t __len = 42; 1406 const size_t __idx __unused = __len - 1; 1407 1408 __stack.__buf = malloc(__bufsz); 1409 1410 getentropy(__stack.__buf, __len); 1411 #undef BUF 1412 1413 } 1414 1415 ATF_TC_WITHOUT_HEAD(getentropy_heap_after_end); 1416 ATF_TC_BODY(getentropy_heap_after_end, tc) 1417 { 1418 #define BUF __stack.__buf 1419 struct { 1420 uint8_t padding_l; 1421 unsigned char * __buf; 1422 uint8_t padding_r; 1423 } __stack; 1424 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1425 const size_t __len = 42 + 1; 1426 const size_t __idx __unused = __len - 1; 1427 pid_t __child; 1428 int __status; 1429 1430 __child = fork(); 1431 ATF_REQUIRE(__child >= 0); 1432 if (__child > 0) 1433 goto monitor; 1434 1435 /* Child */ 1436 disable_coredumps(); 1437 __stack.__buf = malloc(__bufsz); 1438 1439 getentropy(__stack.__buf, __len); 1440 _exit(EX_SOFTWARE); /* Should have aborted. */ 1441 1442 monitor: 1443 while (waitpid(__child, &__status, 0) != __child) { 1444 ATF_REQUIRE_EQ(EINTR, errno); 1445 } 1446 1447 if (!WIFSIGNALED(__status)) { 1448 switch (WEXITSTATUS(__status)) { 1449 case EX_SOFTWARE: 1450 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1451 break; 1452 case EX_OSERR: 1453 atf_tc_fail("setrlimit(2) failed"); 1454 break; 1455 default: 1456 atf_tc_fail("child exited with status %d", 1457 WEXITSTATUS(__status)); 1458 } 1459 } else { 1460 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1461 } 1462 #undef BUF 1463 1464 } 1465 1466 ATF_TC_WITHOUT_HEAD(gethostname_before_end); 1467 ATF_TC_BODY(gethostname_before_end, tc) 1468 { 1469 #define BUF &__stack.__buf 1470 struct { 1471 uint8_t padding_l; 1472 unsigned char __buf[4]; 1473 uint8_t padding_r; 1474 } __stack; 1475 const size_t __bufsz __unused = sizeof(__stack.__buf); 1476 const size_t __len = 4 - 1; 1477 const size_t __idx __unused = __len - 1; 1478 char syshost[256]; 1479 int error; 1480 1481 error = gethostname(syshost, __len); 1482 if (error != 0 || strlen(syshost) <= __len) 1483 atf_tc_skip("hostname too short for testing"); 1484 1485 gethostname(__stack.__buf, __len); 1486 #undef BUF 1487 1488 } 1489 1490 ATF_TC_WITHOUT_HEAD(gethostname_end); 1491 ATF_TC_BODY(gethostname_end, tc) 1492 { 1493 #define BUF &__stack.__buf 1494 struct { 1495 uint8_t padding_l; 1496 unsigned char __buf[4]; 1497 uint8_t padding_r; 1498 } __stack; 1499 const size_t __bufsz __unused = sizeof(__stack.__buf); 1500 const size_t __len = 4; 1501 const size_t __idx __unused = __len - 1; 1502 char syshost[256]; 1503 int error; 1504 1505 error = gethostname(syshost, __len); 1506 if (error != 0 || strlen(syshost) <= __len) 1507 atf_tc_skip("hostname too short for testing"); 1508 1509 gethostname(__stack.__buf, __len); 1510 #undef BUF 1511 1512 } 1513 1514 ATF_TC_WITHOUT_HEAD(gethostname_heap_before_end); 1515 ATF_TC_BODY(gethostname_heap_before_end, tc) 1516 { 1517 #define BUF __stack.__buf 1518 struct { 1519 uint8_t padding_l; 1520 unsigned char * __buf; 1521 uint8_t padding_r; 1522 } __stack; 1523 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1524 const size_t __len = 4 - 1; 1525 const size_t __idx __unused = __len - 1; 1526 char syshost[256]; 1527 int error; 1528 1529 error = gethostname(syshost, __len); 1530 if (error != 0 || strlen(syshost) <= __len) 1531 atf_tc_skip("hostname too short for testing"); 1532 1533 __stack.__buf = malloc(__bufsz); 1534 1535 gethostname(__stack.__buf, __len); 1536 #undef BUF 1537 1538 } 1539 1540 ATF_TC_WITHOUT_HEAD(gethostname_heap_end); 1541 ATF_TC_BODY(gethostname_heap_end, tc) 1542 { 1543 #define BUF __stack.__buf 1544 struct { 1545 uint8_t padding_l; 1546 unsigned char * __buf; 1547 uint8_t padding_r; 1548 } __stack; 1549 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1550 const size_t __len = 4; 1551 const size_t __idx __unused = __len - 1; 1552 char syshost[256]; 1553 int error; 1554 1555 error = gethostname(syshost, __len); 1556 if (error != 0 || strlen(syshost) <= __len) 1557 atf_tc_skip("hostname too short for testing"); 1558 1559 __stack.__buf = malloc(__bufsz); 1560 1561 gethostname(__stack.__buf, __len); 1562 #undef BUF 1563 1564 } 1565 1566 ATF_TC_WITHOUT_HEAD(gethostname_heap_after_end); 1567 ATF_TC_BODY(gethostname_heap_after_end, tc) 1568 { 1569 #define BUF __stack.__buf 1570 struct { 1571 uint8_t padding_l; 1572 unsigned char * __buf; 1573 uint8_t padding_r; 1574 } __stack; 1575 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1576 const size_t __len = 4 + 1; 1577 const size_t __idx __unused = __len - 1; 1578 pid_t __child; 1579 int __status; 1580 char syshost[256]; 1581 int error; 1582 1583 error = gethostname(syshost, __len); 1584 if (error != 0 || strlen(syshost) <= __len) 1585 atf_tc_skip("hostname too short for testing"); 1586 1587 __child = fork(); 1588 ATF_REQUIRE(__child >= 0); 1589 if (__child > 0) 1590 goto monitor; 1591 1592 /* Child */ 1593 disable_coredumps(); 1594 __stack.__buf = malloc(__bufsz); 1595 1596 gethostname(__stack.__buf, __len); 1597 _exit(EX_SOFTWARE); /* Should have aborted. */ 1598 1599 monitor: 1600 while (waitpid(__child, &__status, 0) != __child) { 1601 ATF_REQUIRE_EQ(EINTR, errno); 1602 } 1603 1604 if (!WIFSIGNALED(__status)) { 1605 switch (WEXITSTATUS(__status)) { 1606 case EX_SOFTWARE: 1607 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1608 break; 1609 case EX_OSERR: 1610 atf_tc_fail("setrlimit(2) failed"); 1611 break; 1612 default: 1613 atf_tc_fail("child exited with status %d", 1614 WEXITSTATUS(__status)); 1615 } 1616 } else { 1617 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1618 } 1619 #undef BUF 1620 1621 } 1622 1623 ATF_TC_WITHOUT_HEAD(getlogin_r_before_end); 1624 ATF_TC_BODY(getlogin_r_before_end, tc) 1625 { 1626 #define BUF &__stack.__buf 1627 struct { 1628 uint8_t padding_l; 1629 unsigned char __buf[MAXLOGNAME + 1]; 1630 uint8_t padding_r; 1631 } __stack; 1632 const size_t __bufsz __unused = sizeof(__stack.__buf); 1633 const size_t __len = MAXLOGNAME + 1 - 1; 1634 const size_t __idx __unused = __len - 1; 1635 1636 getlogin_r(__stack.__buf, __len); 1637 #undef BUF 1638 1639 } 1640 1641 ATF_TC_WITHOUT_HEAD(getlogin_r_end); 1642 ATF_TC_BODY(getlogin_r_end, tc) 1643 { 1644 #define BUF &__stack.__buf 1645 struct { 1646 uint8_t padding_l; 1647 unsigned char __buf[MAXLOGNAME + 1]; 1648 uint8_t padding_r; 1649 } __stack; 1650 const size_t __bufsz __unused = sizeof(__stack.__buf); 1651 const size_t __len = MAXLOGNAME + 1; 1652 const size_t __idx __unused = __len - 1; 1653 1654 getlogin_r(__stack.__buf, __len); 1655 #undef BUF 1656 1657 } 1658 1659 ATF_TC_WITHOUT_HEAD(getlogin_r_heap_before_end); 1660 ATF_TC_BODY(getlogin_r_heap_before_end, tc) 1661 { 1662 #define BUF __stack.__buf 1663 struct { 1664 uint8_t padding_l; 1665 unsigned char * __buf; 1666 uint8_t padding_r; 1667 } __stack; 1668 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (MAXLOGNAME + 1); 1669 const size_t __len = MAXLOGNAME + 1 - 1; 1670 const size_t __idx __unused = __len - 1; 1671 1672 __stack.__buf = malloc(__bufsz); 1673 1674 getlogin_r(__stack.__buf, __len); 1675 #undef BUF 1676 1677 } 1678 1679 ATF_TC_WITHOUT_HEAD(getlogin_r_heap_end); 1680 ATF_TC_BODY(getlogin_r_heap_end, tc) 1681 { 1682 #define BUF __stack.__buf 1683 struct { 1684 uint8_t padding_l; 1685 unsigned char * __buf; 1686 uint8_t padding_r; 1687 } __stack; 1688 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (MAXLOGNAME + 1); 1689 const size_t __len = MAXLOGNAME + 1; 1690 const size_t __idx __unused = __len - 1; 1691 1692 __stack.__buf = malloc(__bufsz); 1693 1694 getlogin_r(__stack.__buf, __len); 1695 #undef BUF 1696 1697 } 1698 1699 ATF_TC_WITHOUT_HEAD(getlogin_r_heap_after_end); 1700 ATF_TC_BODY(getlogin_r_heap_after_end, tc) 1701 { 1702 #define BUF __stack.__buf 1703 struct { 1704 uint8_t padding_l; 1705 unsigned char * __buf; 1706 uint8_t padding_r; 1707 } __stack; 1708 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (MAXLOGNAME + 1); 1709 const size_t __len = MAXLOGNAME + 1 + 1; 1710 const size_t __idx __unused = __len - 1; 1711 pid_t __child; 1712 int __status; 1713 1714 __child = fork(); 1715 ATF_REQUIRE(__child >= 0); 1716 if (__child > 0) 1717 goto monitor; 1718 1719 /* Child */ 1720 disable_coredumps(); 1721 __stack.__buf = malloc(__bufsz); 1722 1723 getlogin_r(__stack.__buf, __len); 1724 _exit(EX_SOFTWARE); /* Should have aborted. */ 1725 1726 monitor: 1727 while (waitpid(__child, &__status, 0) != __child) { 1728 ATF_REQUIRE_EQ(EINTR, errno); 1729 } 1730 1731 if (!WIFSIGNALED(__status)) { 1732 switch (WEXITSTATUS(__status)) { 1733 case EX_SOFTWARE: 1734 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1735 break; 1736 case EX_OSERR: 1737 atf_tc_fail("setrlimit(2) failed"); 1738 break; 1739 default: 1740 atf_tc_fail("child exited with status %d", 1741 WEXITSTATUS(__status)); 1742 } 1743 } else { 1744 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1745 } 1746 #undef BUF 1747 1748 } 1749 1750 ATF_TC_WITHOUT_HEAD(ttyname_r_before_end); 1751 ATF_TC_BODY(ttyname_r_before_end, tc) 1752 { 1753 #define BUF &__stack.__buf 1754 struct { 1755 uint8_t padding_l; 1756 unsigned char __buf[42]; 1757 uint8_t padding_r; 1758 } __stack; 1759 const size_t __bufsz __unused = sizeof(__stack.__buf); 1760 const size_t __len = 42 - 1; 1761 const size_t __idx __unused = __len - 1; 1762 int fd; 1763 1764 fd = STDIN_FILENO; 1765 if (!isatty(fd)) 1766 atf_tc_skip("stdin is not an fd"); 1767 1768 ttyname_r(fd, __stack.__buf, __len); 1769 #undef BUF 1770 1771 } 1772 1773 ATF_TC_WITHOUT_HEAD(ttyname_r_end); 1774 ATF_TC_BODY(ttyname_r_end, tc) 1775 { 1776 #define BUF &__stack.__buf 1777 struct { 1778 uint8_t padding_l; 1779 unsigned char __buf[42]; 1780 uint8_t padding_r; 1781 } __stack; 1782 const size_t __bufsz __unused = sizeof(__stack.__buf); 1783 const size_t __len = 42; 1784 const size_t __idx __unused = __len - 1; 1785 int fd; 1786 1787 fd = STDIN_FILENO; 1788 if (!isatty(fd)) 1789 atf_tc_skip("stdin is not an fd"); 1790 1791 ttyname_r(fd, __stack.__buf, __len); 1792 #undef BUF 1793 1794 } 1795 1796 ATF_TC_WITHOUT_HEAD(ttyname_r_heap_before_end); 1797 ATF_TC_BODY(ttyname_r_heap_before_end, tc) 1798 { 1799 #define BUF __stack.__buf 1800 struct { 1801 uint8_t padding_l; 1802 unsigned char * __buf; 1803 uint8_t padding_r; 1804 } __stack; 1805 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1806 const size_t __len = 42 - 1; 1807 const size_t __idx __unused = __len - 1; 1808 int fd; 1809 1810 fd = STDIN_FILENO; 1811 if (!isatty(fd)) 1812 atf_tc_skip("stdin is not an fd"); 1813 1814 __stack.__buf = malloc(__bufsz); 1815 1816 ttyname_r(fd, __stack.__buf, __len); 1817 #undef BUF 1818 1819 } 1820 1821 ATF_TC_WITHOUT_HEAD(ttyname_r_heap_end); 1822 ATF_TC_BODY(ttyname_r_heap_end, tc) 1823 { 1824 #define BUF __stack.__buf 1825 struct { 1826 uint8_t padding_l; 1827 unsigned char * __buf; 1828 uint8_t padding_r; 1829 } __stack; 1830 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1831 const size_t __len = 42; 1832 const size_t __idx __unused = __len - 1; 1833 int fd; 1834 1835 fd = STDIN_FILENO; 1836 if (!isatty(fd)) 1837 atf_tc_skip("stdin is not an fd"); 1838 1839 __stack.__buf = malloc(__bufsz); 1840 1841 ttyname_r(fd, __stack.__buf, __len); 1842 #undef BUF 1843 1844 } 1845 1846 ATF_TC_WITHOUT_HEAD(ttyname_r_heap_after_end); 1847 ATF_TC_BODY(ttyname_r_heap_after_end, tc) 1848 { 1849 #define BUF __stack.__buf 1850 struct { 1851 uint8_t padding_l; 1852 unsigned char * __buf; 1853 uint8_t padding_r; 1854 } __stack; 1855 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1856 const size_t __len = 42 + 1; 1857 const size_t __idx __unused = __len - 1; 1858 pid_t __child; 1859 int __status; 1860 int fd; 1861 1862 fd = STDIN_FILENO; 1863 if (!isatty(fd)) 1864 atf_tc_skip("stdin is not an fd"); 1865 1866 __child = fork(); 1867 ATF_REQUIRE(__child >= 0); 1868 if (__child > 0) 1869 goto monitor; 1870 1871 /* Child */ 1872 disable_coredumps(); 1873 __stack.__buf = malloc(__bufsz); 1874 1875 ttyname_r(fd, __stack.__buf, __len); 1876 _exit(EX_SOFTWARE); /* Should have aborted. */ 1877 1878 monitor: 1879 while (waitpid(__child, &__status, 0) != __child) { 1880 ATF_REQUIRE_EQ(EINTR, errno); 1881 } 1882 1883 if (!WIFSIGNALED(__status)) { 1884 switch (WEXITSTATUS(__status)) { 1885 case EX_SOFTWARE: 1886 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1887 break; 1888 case EX_OSERR: 1889 atf_tc_fail("setrlimit(2) failed"); 1890 break; 1891 default: 1892 atf_tc_fail("child exited with status %d", 1893 WEXITSTATUS(__status)); 1894 } 1895 } else { 1896 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1897 } 1898 #undef BUF 1899 1900 } 1901 1902 ATF_TP_ADD_TCS(tp) 1903 { 1904 ATF_TP_ADD_TC(tp, getcwd_before_end); 1905 ATF_TP_ADD_TC(tp, getcwd_end); 1906 ATF_TP_ADD_TC(tp, getcwd_heap_before_end); 1907 ATF_TP_ADD_TC(tp, getcwd_heap_end); 1908 ATF_TP_ADD_TC(tp, getcwd_heap_after_end); 1909 ATF_TP_ADD_TC(tp, getgrouplist_before_end); 1910 ATF_TP_ADD_TC(tp, getgrouplist_end); 1911 ATF_TP_ADD_TC(tp, getgrouplist_heap_before_end); 1912 ATF_TP_ADD_TC(tp, getgrouplist_heap_end); 1913 ATF_TP_ADD_TC(tp, getgrouplist_heap_after_end); 1914 ATF_TP_ADD_TC(tp, getgroups_before_end); 1915 ATF_TP_ADD_TC(tp, getgroups_end); 1916 ATF_TP_ADD_TC(tp, getgroups_heap_before_end); 1917 ATF_TP_ADD_TC(tp, getgroups_heap_end); 1918 ATF_TP_ADD_TC(tp, getgroups_heap_after_end); 1919 ATF_TP_ADD_TC(tp, getloginclass_before_end); 1920 ATF_TP_ADD_TC(tp, getloginclass_end); 1921 ATF_TP_ADD_TC(tp, getloginclass_heap_before_end); 1922 ATF_TP_ADD_TC(tp, getloginclass_heap_end); 1923 ATF_TP_ADD_TC(tp, getloginclass_heap_after_end); 1924 ATF_TP_ADD_TC(tp, pread_before_end); 1925 ATF_TP_ADD_TC(tp, pread_end); 1926 ATF_TP_ADD_TC(tp, pread_heap_before_end); 1927 ATF_TP_ADD_TC(tp, pread_heap_end); 1928 ATF_TP_ADD_TC(tp, pread_heap_after_end); 1929 ATF_TP_ADD_TC(tp, read_before_end); 1930 ATF_TP_ADD_TC(tp, read_end); 1931 ATF_TP_ADD_TC(tp, read_heap_before_end); 1932 ATF_TP_ADD_TC(tp, read_heap_end); 1933 ATF_TP_ADD_TC(tp, read_heap_after_end); 1934 ATF_TP_ADD_TC(tp, readlink_before_end); 1935 ATF_TP_ADD_TC(tp, readlink_end); 1936 ATF_TP_ADD_TC(tp, readlink_heap_before_end); 1937 ATF_TP_ADD_TC(tp, readlink_heap_end); 1938 ATF_TP_ADD_TC(tp, readlink_heap_after_end); 1939 ATF_TP_ADD_TC(tp, readlinkat_before_end); 1940 ATF_TP_ADD_TC(tp, readlinkat_end); 1941 ATF_TP_ADD_TC(tp, readlinkat_heap_before_end); 1942 ATF_TP_ADD_TC(tp, readlinkat_heap_end); 1943 ATF_TP_ADD_TC(tp, readlinkat_heap_after_end); 1944 ATF_TP_ADD_TC(tp, getdomainname_before_end); 1945 ATF_TP_ADD_TC(tp, getdomainname_end); 1946 ATF_TP_ADD_TC(tp, getdomainname_heap_before_end); 1947 ATF_TP_ADD_TC(tp, getdomainname_heap_end); 1948 ATF_TP_ADD_TC(tp, getdomainname_heap_after_end); 1949 ATF_TP_ADD_TC(tp, getentropy_before_end); 1950 ATF_TP_ADD_TC(tp, getentropy_end); 1951 ATF_TP_ADD_TC(tp, getentropy_heap_before_end); 1952 ATF_TP_ADD_TC(tp, getentropy_heap_end); 1953 ATF_TP_ADD_TC(tp, getentropy_heap_after_end); 1954 ATF_TP_ADD_TC(tp, gethostname_before_end); 1955 ATF_TP_ADD_TC(tp, gethostname_end); 1956 ATF_TP_ADD_TC(tp, gethostname_heap_before_end); 1957 ATF_TP_ADD_TC(tp, gethostname_heap_end); 1958 ATF_TP_ADD_TC(tp, gethostname_heap_after_end); 1959 ATF_TP_ADD_TC(tp, getlogin_r_before_end); 1960 ATF_TP_ADD_TC(tp, getlogin_r_end); 1961 ATF_TP_ADD_TC(tp, getlogin_r_heap_before_end); 1962 ATF_TP_ADD_TC(tp, getlogin_r_heap_end); 1963 ATF_TP_ADD_TC(tp, getlogin_r_heap_after_end); 1964 ATF_TP_ADD_TC(tp, ttyname_r_before_end); 1965 ATF_TP_ADD_TC(tp, ttyname_r_end); 1966 ATF_TP_ADD_TC(tp, ttyname_r_heap_before_end); 1967 ATF_TP_ADD_TC(tp, ttyname_r_heap_end); 1968 ATF_TP_ADD_TC(tp, ttyname_r_heap_after_end); 1969 return (atf_no_error()); 1970 } 1971