1 /* @generated by `generate-fortify-tests.lua "unistd"` */ 2 3 #define _FORTIFY_SOURCE 2 4 #define TMPFILE_SIZE (1024 * 32) 5 6 #include <sys/param.h> 7 #include <sys/random.h> 8 #include <sys/resource.h> 9 #include <sys/time.h> 10 #include <sys/uio.h> 11 #include <sys/wait.h> 12 #include <dirent.h> 13 #include <errno.h> 14 #include <fcntl.h> 15 #include <limits.h> 16 #include <poll.h> 17 #include <signal.h> 18 #include <stdio.h> 19 #include <stdlib.h> 20 #include <string.h> 21 #include <strings.h> 22 #include <sysexits.h> 23 #include <unistd.h> 24 #include <wchar.h> 25 #include <atf-c.h> 26 27 static FILE * __unused 28 new_fp(size_t __len) 29 { 30 static char fpbuf[LINE_MAX]; 31 FILE *fp; 32 33 ATF_REQUIRE(__len <= sizeof(fpbuf)); 34 35 memset(fpbuf, 'A', sizeof(fpbuf) - 1); 36 fpbuf[sizeof(fpbuf) - 1] = '\0'; 37 38 fp = fmemopen(fpbuf, sizeof(fpbuf), "rb"); 39 ATF_REQUIRE(fp != NULL); 40 41 return (fp); 42 } 43 44 /* 45 * Create a new symlink to use for readlink(2) style tests, we'll just use a 46 * random target name to have something interesting to look at. 47 */ 48 static const char * __unused 49 new_symlink(size_t __len) 50 { 51 static const char linkname[] = "link"; 52 char target[MAXNAMLEN]; 53 int error; 54 55 ATF_REQUIRE(__len <= sizeof(target)); 56 57 arc4random_buf(target, sizeof(target)); 58 59 error = unlink(linkname); 60 ATF_REQUIRE(error == 0 || errno == ENOENT); 61 62 error = symlink(target, linkname); 63 ATF_REQUIRE(error == 0); 64 65 return (linkname); 66 } 67 68 /* 69 * Constructs a tmpfile that we can use for testing read(2) and friends. 70 */ 71 static int __unused 72 new_tmpfile(void) 73 { 74 char buf[1024]; 75 ssize_t rv; 76 size_t written; 77 int fd; 78 79 fd = open("tmpfile", O_RDWR | O_CREAT | O_TRUNC, 0644); 80 ATF_REQUIRE(fd >= 0); 81 82 written = 0; 83 while (written < TMPFILE_SIZE) { 84 rv = write(fd, buf, sizeof(buf)); 85 ATF_REQUIRE(rv > 0); 86 87 written += rv; 88 } 89 90 ATF_REQUIRE_EQ(0, lseek(fd, 0, SEEK_SET)); 91 return (fd); 92 } 93 94 static void 95 disable_coredumps(void) 96 { 97 struct rlimit rl = { 0 }; 98 99 if (setrlimit(RLIMIT_CORE, &rl) == -1) 100 _exit(EX_OSERR); 101 } 102 103 /* 104 * Replaces stdin with a file that we can actually read from, for tests where 105 * we want a FILE * or fd that we can get data from. 106 */ 107 static void __unused 108 replace_stdin(void) 109 { 110 int fd; 111 112 fd = new_tmpfile(); 113 114 (void)dup2(fd, STDIN_FILENO); 115 if (fd != STDIN_FILENO) 116 close(fd); 117 } 118 119 ATF_TC_WITHOUT_HEAD(getcwd_before_end); 120 ATF_TC_BODY(getcwd_before_end, tc) 121 { 122 #define BUF &__stack.__buf 123 struct { 124 uint8_t padding_l; 125 unsigned char __buf[8]; 126 uint8_t padding_r; 127 } __stack; 128 const size_t __bufsz __unused = sizeof(__stack.__buf); 129 const size_t __len = 8 - 1; 130 const size_t __idx __unused = __len - 1; 131 132 getcwd(__stack.__buf, __len); 133 #undef BUF 134 135 } 136 137 ATF_TC_WITHOUT_HEAD(getcwd_end); 138 ATF_TC_BODY(getcwd_end, tc) 139 { 140 #define BUF &__stack.__buf 141 struct { 142 uint8_t padding_l; 143 unsigned char __buf[8]; 144 uint8_t padding_r; 145 } __stack; 146 const size_t __bufsz __unused = sizeof(__stack.__buf); 147 const size_t __len = 8; 148 const size_t __idx __unused = __len - 1; 149 150 getcwd(__stack.__buf, __len); 151 #undef BUF 152 153 } 154 155 ATF_TC_WITHOUT_HEAD(getcwd_heap_before_end); 156 ATF_TC_BODY(getcwd_heap_before_end, tc) 157 { 158 #define BUF __stack.__buf 159 struct { 160 uint8_t padding_l; 161 unsigned char * __buf; 162 uint8_t padding_r; 163 } __stack; 164 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (8); 165 const size_t __len = 8 - 1; 166 const size_t __idx __unused = __len - 1; 167 168 __stack.__buf = malloc(__bufsz); 169 170 getcwd(__stack.__buf, __len); 171 #undef BUF 172 173 } 174 175 ATF_TC_WITHOUT_HEAD(getcwd_heap_end); 176 ATF_TC_BODY(getcwd_heap_end, tc) 177 { 178 #define BUF __stack.__buf 179 struct { 180 uint8_t padding_l; 181 unsigned char * __buf; 182 uint8_t padding_r; 183 } __stack; 184 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (8); 185 const size_t __len = 8; 186 const size_t __idx __unused = __len - 1; 187 188 __stack.__buf = malloc(__bufsz); 189 190 getcwd(__stack.__buf, __len); 191 #undef BUF 192 193 } 194 195 ATF_TC_WITHOUT_HEAD(getcwd_heap_after_end); 196 ATF_TC_BODY(getcwd_heap_after_end, tc) 197 { 198 #define BUF __stack.__buf 199 struct { 200 uint8_t padding_l; 201 unsigned char * __buf; 202 uint8_t padding_r; 203 } __stack; 204 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (8); 205 const size_t __len = 8 + 1; 206 const size_t __idx __unused = __len - 1; 207 pid_t __child; 208 int __status; 209 210 __child = fork(); 211 ATF_REQUIRE(__child >= 0); 212 if (__child > 0) 213 goto monitor; 214 215 /* Child */ 216 disable_coredumps(); 217 __stack.__buf = malloc(__bufsz); 218 219 getcwd(__stack.__buf, __len); 220 _exit(EX_SOFTWARE); /* Should have aborted. */ 221 222 monitor: 223 while (waitpid(__child, &__status, 0) != __child) { 224 ATF_REQUIRE_EQ(EINTR, errno); 225 } 226 227 if (!WIFSIGNALED(__status)) { 228 switch (WEXITSTATUS(__status)) { 229 case EX_SOFTWARE: 230 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 231 break; 232 case EX_OSERR: 233 atf_tc_fail("setrlimit(2) failed"); 234 break; 235 default: 236 atf_tc_fail("child exited with status %d", 237 WEXITSTATUS(__status)); 238 } 239 } else { 240 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 241 } 242 #undef BUF 243 244 } 245 246 ATF_TC_WITHOUT_HEAD(getgrouplist_before_end); 247 ATF_TC_BODY(getgrouplist_before_end, tc) 248 { 249 #define BUF &__stack.__buf 250 struct { 251 uint8_t padding_l; 252 gid_t __buf[4]; 253 uint8_t padding_r; 254 } __stack; 255 const size_t __bufsz __unused = sizeof(__stack.__buf); 256 const size_t __len = 4 - 1; 257 const size_t __idx __unused = __len - 1; 258 int intlen = (int)__len; 259 260 getgrouplist("root", 0, __stack.__buf, &intlen); 261 #undef BUF 262 263 } 264 265 ATF_TC_WITHOUT_HEAD(getgrouplist_end); 266 ATF_TC_BODY(getgrouplist_end, tc) 267 { 268 #define BUF &__stack.__buf 269 struct { 270 uint8_t padding_l; 271 gid_t __buf[4]; 272 uint8_t padding_r; 273 } __stack; 274 const size_t __bufsz __unused = sizeof(__stack.__buf); 275 const size_t __len = 4; 276 const size_t __idx __unused = __len - 1; 277 int intlen = (int)__len; 278 279 getgrouplist("root", 0, __stack.__buf, &intlen); 280 #undef BUF 281 282 } 283 284 ATF_TC_WITHOUT_HEAD(getgrouplist_heap_before_end); 285 ATF_TC_BODY(getgrouplist_heap_before_end, tc) 286 { 287 #define BUF __stack.__buf 288 struct { 289 uint8_t padding_l; 290 gid_t * __buf; 291 uint8_t padding_r; 292 } __stack; 293 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 294 const size_t __len = 4 - 1; 295 const size_t __idx __unused = __len - 1; 296 int intlen = (int)__len; 297 298 __stack.__buf = malloc(__bufsz); 299 300 getgrouplist("root", 0, __stack.__buf, &intlen); 301 #undef BUF 302 303 } 304 305 ATF_TC_WITHOUT_HEAD(getgrouplist_heap_end); 306 ATF_TC_BODY(getgrouplist_heap_end, tc) 307 { 308 #define BUF __stack.__buf 309 struct { 310 uint8_t padding_l; 311 gid_t * __buf; 312 uint8_t padding_r; 313 } __stack; 314 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 315 const size_t __len = 4; 316 const size_t __idx __unused = __len - 1; 317 int intlen = (int)__len; 318 319 __stack.__buf = malloc(__bufsz); 320 321 getgrouplist("root", 0, __stack.__buf, &intlen); 322 #undef BUF 323 324 } 325 326 ATF_TC_WITHOUT_HEAD(getgrouplist_heap_after_end); 327 ATF_TC_BODY(getgrouplist_heap_after_end, tc) 328 { 329 #define BUF __stack.__buf 330 struct { 331 uint8_t padding_l; 332 gid_t * __buf; 333 uint8_t padding_r; 334 } __stack; 335 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 336 const size_t __len = 4 + 1; 337 const size_t __idx __unused = __len - 1; 338 pid_t __child; 339 int __status; 340 int intlen = (int)__len; 341 342 __child = fork(); 343 ATF_REQUIRE(__child >= 0); 344 if (__child > 0) 345 goto monitor; 346 347 /* Child */ 348 disable_coredumps(); 349 __stack.__buf = malloc(__bufsz); 350 351 getgrouplist("root", 0, __stack.__buf, &intlen); 352 _exit(EX_SOFTWARE); /* Should have aborted. */ 353 354 monitor: 355 while (waitpid(__child, &__status, 0) != __child) { 356 ATF_REQUIRE_EQ(EINTR, errno); 357 } 358 359 if (!WIFSIGNALED(__status)) { 360 switch (WEXITSTATUS(__status)) { 361 case EX_SOFTWARE: 362 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 363 break; 364 case EX_OSERR: 365 atf_tc_fail("setrlimit(2) failed"); 366 break; 367 default: 368 atf_tc_fail("child exited with status %d", 369 WEXITSTATUS(__status)); 370 } 371 } else { 372 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 373 } 374 #undef BUF 375 376 } 377 378 ATF_TC_WITHOUT_HEAD(getgroups_before_end); 379 ATF_TC_BODY(getgroups_before_end, tc) 380 { 381 #define BUF &__stack.__buf 382 struct { 383 uint8_t padding_l; 384 gid_t __buf[4]; 385 uint8_t padding_r; 386 } __stack; 387 const size_t __bufsz __unused = sizeof(__stack.__buf); 388 const size_t __len = 4 - 1; 389 const size_t __idx __unused = __len - 1; 390 391 getgroups(__len, __stack.__buf); 392 #undef BUF 393 394 } 395 396 ATF_TC_WITHOUT_HEAD(getgroups_end); 397 ATF_TC_BODY(getgroups_end, tc) 398 { 399 #define BUF &__stack.__buf 400 struct { 401 uint8_t padding_l; 402 gid_t __buf[4]; 403 uint8_t padding_r; 404 } __stack; 405 const size_t __bufsz __unused = sizeof(__stack.__buf); 406 const size_t __len = 4; 407 const size_t __idx __unused = __len - 1; 408 409 getgroups(__len, __stack.__buf); 410 #undef BUF 411 412 } 413 414 ATF_TC_WITHOUT_HEAD(getgroups_heap_before_end); 415 ATF_TC_BODY(getgroups_heap_before_end, tc) 416 { 417 #define BUF __stack.__buf 418 struct { 419 uint8_t padding_l; 420 gid_t * __buf; 421 uint8_t padding_r; 422 } __stack; 423 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 424 const size_t __len = 4 - 1; 425 const size_t __idx __unused = __len - 1; 426 427 __stack.__buf = malloc(__bufsz); 428 429 getgroups(__len, __stack.__buf); 430 #undef BUF 431 432 } 433 434 ATF_TC_WITHOUT_HEAD(getgroups_heap_end); 435 ATF_TC_BODY(getgroups_heap_end, tc) 436 { 437 #define BUF __stack.__buf 438 struct { 439 uint8_t padding_l; 440 gid_t * __buf; 441 uint8_t padding_r; 442 } __stack; 443 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 444 const size_t __len = 4; 445 const size_t __idx __unused = __len - 1; 446 447 __stack.__buf = malloc(__bufsz); 448 449 getgroups(__len, __stack.__buf); 450 #undef BUF 451 452 } 453 454 ATF_TC_WITHOUT_HEAD(getgroups_heap_after_end); 455 ATF_TC_BODY(getgroups_heap_after_end, tc) 456 { 457 #define BUF __stack.__buf 458 struct { 459 uint8_t padding_l; 460 gid_t * __buf; 461 uint8_t padding_r; 462 } __stack; 463 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 464 const size_t __len = 4 + 1; 465 const size_t __idx __unused = __len - 1; 466 pid_t __child; 467 int __status; 468 469 __child = fork(); 470 ATF_REQUIRE(__child >= 0); 471 if (__child > 0) 472 goto monitor; 473 474 /* Child */ 475 disable_coredumps(); 476 __stack.__buf = malloc(__bufsz); 477 478 getgroups(__len, __stack.__buf); 479 _exit(EX_SOFTWARE); /* Should have aborted. */ 480 481 monitor: 482 while (waitpid(__child, &__status, 0) != __child) { 483 ATF_REQUIRE_EQ(EINTR, errno); 484 } 485 486 if (!WIFSIGNALED(__status)) { 487 switch (WEXITSTATUS(__status)) { 488 case EX_SOFTWARE: 489 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 490 break; 491 case EX_OSERR: 492 atf_tc_fail("setrlimit(2) failed"); 493 break; 494 default: 495 atf_tc_fail("child exited with status %d", 496 WEXITSTATUS(__status)); 497 } 498 } else { 499 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 500 } 501 #undef BUF 502 503 } 504 505 ATF_TC_WITHOUT_HEAD(getloginclass_before_end); 506 ATF_TC_BODY(getloginclass_before_end, tc) 507 { 508 #define BUF &__stack.__buf 509 struct { 510 uint8_t padding_l; 511 unsigned char __buf[42]; 512 uint8_t padding_r; 513 } __stack; 514 const size_t __bufsz __unused = sizeof(__stack.__buf); 515 const size_t __len = 42 - 1; 516 const size_t __idx __unused = __len - 1; 517 518 getloginclass(__stack.__buf, __len); 519 #undef BUF 520 521 } 522 523 ATF_TC_WITHOUT_HEAD(getloginclass_end); 524 ATF_TC_BODY(getloginclass_end, tc) 525 { 526 #define BUF &__stack.__buf 527 struct { 528 uint8_t padding_l; 529 unsigned char __buf[42]; 530 uint8_t padding_r; 531 } __stack; 532 const size_t __bufsz __unused = sizeof(__stack.__buf); 533 const size_t __len = 42; 534 const size_t __idx __unused = __len - 1; 535 536 getloginclass(__stack.__buf, __len); 537 #undef BUF 538 539 } 540 541 ATF_TC_WITHOUT_HEAD(getloginclass_heap_before_end); 542 ATF_TC_BODY(getloginclass_heap_before_end, tc) 543 { 544 #define BUF __stack.__buf 545 struct { 546 uint8_t padding_l; 547 unsigned char * __buf; 548 uint8_t padding_r; 549 } __stack; 550 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 551 const size_t __len = 42 - 1; 552 const size_t __idx __unused = __len - 1; 553 554 __stack.__buf = malloc(__bufsz); 555 556 getloginclass(__stack.__buf, __len); 557 #undef BUF 558 559 } 560 561 ATF_TC_WITHOUT_HEAD(getloginclass_heap_end); 562 ATF_TC_BODY(getloginclass_heap_end, tc) 563 { 564 #define BUF __stack.__buf 565 struct { 566 uint8_t padding_l; 567 unsigned char * __buf; 568 uint8_t padding_r; 569 } __stack; 570 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 571 const size_t __len = 42; 572 const size_t __idx __unused = __len - 1; 573 574 __stack.__buf = malloc(__bufsz); 575 576 getloginclass(__stack.__buf, __len); 577 #undef BUF 578 579 } 580 581 ATF_TC_WITHOUT_HEAD(getloginclass_heap_after_end); 582 ATF_TC_BODY(getloginclass_heap_after_end, tc) 583 { 584 #define BUF __stack.__buf 585 struct { 586 uint8_t padding_l; 587 unsigned char * __buf; 588 uint8_t padding_r; 589 } __stack; 590 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 591 const size_t __len = 42 + 1; 592 const size_t __idx __unused = __len - 1; 593 pid_t __child; 594 int __status; 595 596 __child = fork(); 597 ATF_REQUIRE(__child >= 0); 598 if (__child > 0) 599 goto monitor; 600 601 /* Child */ 602 disable_coredumps(); 603 __stack.__buf = malloc(__bufsz); 604 605 getloginclass(__stack.__buf, __len); 606 _exit(EX_SOFTWARE); /* Should have aborted. */ 607 608 monitor: 609 while (waitpid(__child, &__status, 0) != __child) { 610 ATF_REQUIRE_EQ(EINTR, errno); 611 } 612 613 if (!WIFSIGNALED(__status)) { 614 switch (WEXITSTATUS(__status)) { 615 case EX_SOFTWARE: 616 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 617 break; 618 case EX_OSERR: 619 atf_tc_fail("setrlimit(2) failed"); 620 break; 621 default: 622 atf_tc_fail("child exited with status %d", 623 WEXITSTATUS(__status)); 624 } 625 } else { 626 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 627 } 628 #undef BUF 629 630 } 631 632 ATF_TC_WITHOUT_HEAD(pread_before_end); 633 ATF_TC_BODY(pread_before_end, tc) 634 { 635 #define BUF &__stack.__buf 636 struct { 637 uint8_t padding_l; 638 unsigned char __buf[41]; 639 uint8_t padding_r; 640 } __stack; 641 const size_t __bufsz __unused = sizeof(__stack.__buf); 642 const size_t __len = 41 - 1; 643 const size_t __idx __unused = __len - 1; 644 int fd; 645 646 fd = new_tmpfile(); /* Cannot fail */ 647 648 pread(fd, __stack.__buf, __len, 0); 649 #undef BUF 650 651 } 652 653 ATF_TC_WITHOUT_HEAD(pread_end); 654 ATF_TC_BODY(pread_end, tc) 655 { 656 #define BUF &__stack.__buf 657 struct { 658 uint8_t padding_l; 659 unsigned char __buf[41]; 660 uint8_t padding_r; 661 } __stack; 662 const size_t __bufsz __unused = sizeof(__stack.__buf); 663 const size_t __len = 41; 664 const size_t __idx __unused = __len - 1; 665 int fd; 666 667 fd = new_tmpfile(); /* Cannot fail */ 668 669 pread(fd, __stack.__buf, __len, 0); 670 #undef BUF 671 672 } 673 674 ATF_TC_WITHOUT_HEAD(pread_heap_before_end); 675 ATF_TC_BODY(pread_heap_before_end, tc) 676 { 677 #define BUF __stack.__buf 678 struct { 679 uint8_t padding_l; 680 unsigned char * __buf; 681 uint8_t padding_r; 682 } __stack; 683 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 684 const size_t __len = 41 - 1; 685 const size_t __idx __unused = __len - 1; 686 int fd; 687 688 __stack.__buf = malloc(__bufsz); 689 fd = new_tmpfile(); /* Cannot fail */ 690 691 pread(fd, __stack.__buf, __len, 0); 692 #undef BUF 693 694 } 695 696 ATF_TC_WITHOUT_HEAD(pread_heap_end); 697 ATF_TC_BODY(pread_heap_end, tc) 698 { 699 #define BUF __stack.__buf 700 struct { 701 uint8_t padding_l; 702 unsigned char * __buf; 703 uint8_t padding_r; 704 } __stack; 705 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 706 const size_t __len = 41; 707 const size_t __idx __unused = __len - 1; 708 int fd; 709 710 __stack.__buf = malloc(__bufsz); 711 fd = new_tmpfile(); /* Cannot fail */ 712 713 pread(fd, __stack.__buf, __len, 0); 714 #undef BUF 715 716 } 717 718 ATF_TC_WITHOUT_HEAD(pread_heap_after_end); 719 ATF_TC_BODY(pread_heap_after_end, tc) 720 { 721 #define BUF __stack.__buf 722 struct { 723 uint8_t padding_l; 724 unsigned char * __buf; 725 uint8_t padding_r; 726 } __stack; 727 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 728 const size_t __len = 41 + 1; 729 const size_t __idx __unused = __len - 1; 730 pid_t __child; 731 int __status; 732 int fd; 733 734 __child = fork(); 735 ATF_REQUIRE(__child >= 0); 736 if (__child > 0) 737 goto monitor; 738 739 /* Child */ 740 disable_coredumps(); 741 __stack.__buf = malloc(__bufsz); 742 fd = new_tmpfile(); /* Cannot fail */ 743 744 pread(fd, __stack.__buf, __len, 0); 745 _exit(EX_SOFTWARE); /* Should have aborted. */ 746 747 monitor: 748 while (waitpid(__child, &__status, 0) != __child) { 749 ATF_REQUIRE_EQ(EINTR, errno); 750 } 751 752 if (!WIFSIGNALED(__status)) { 753 switch (WEXITSTATUS(__status)) { 754 case EX_SOFTWARE: 755 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 756 break; 757 case EX_OSERR: 758 atf_tc_fail("setrlimit(2) failed"); 759 break; 760 default: 761 atf_tc_fail("child exited with status %d", 762 WEXITSTATUS(__status)); 763 } 764 } else { 765 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 766 } 767 #undef BUF 768 769 } 770 771 ATF_TC_WITHOUT_HEAD(read_before_end); 772 ATF_TC_BODY(read_before_end, tc) 773 { 774 #define BUF &__stack.__buf 775 struct { 776 uint8_t padding_l; 777 unsigned char __buf[41]; 778 uint8_t padding_r; 779 } __stack; 780 const size_t __bufsz __unused = sizeof(__stack.__buf); 781 const size_t __len = 41 - 1; 782 const size_t __idx __unused = __len - 1; 783 int fd; 784 785 fd = new_tmpfile(); /* Cannot fail */ 786 787 read(fd, __stack.__buf, __len); 788 #undef BUF 789 790 } 791 792 ATF_TC_WITHOUT_HEAD(read_end); 793 ATF_TC_BODY(read_end, tc) 794 { 795 #define BUF &__stack.__buf 796 struct { 797 uint8_t padding_l; 798 unsigned char __buf[41]; 799 uint8_t padding_r; 800 } __stack; 801 const size_t __bufsz __unused = sizeof(__stack.__buf); 802 const size_t __len = 41; 803 const size_t __idx __unused = __len - 1; 804 int fd; 805 806 fd = new_tmpfile(); /* Cannot fail */ 807 808 read(fd, __stack.__buf, __len); 809 #undef BUF 810 811 } 812 813 ATF_TC_WITHOUT_HEAD(read_heap_before_end); 814 ATF_TC_BODY(read_heap_before_end, tc) 815 { 816 #define BUF __stack.__buf 817 struct { 818 uint8_t padding_l; 819 unsigned char * __buf; 820 uint8_t padding_r; 821 } __stack; 822 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 823 const size_t __len = 41 - 1; 824 const size_t __idx __unused = __len - 1; 825 int fd; 826 827 __stack.__buf = malloc(__bufsz); 828 fd = new_tmpfile(); /* Cannot fail */ 829 830 read(fd, __stack.__buf, __len); 831 #undef BUF 832 833 } 834 835 ATF_TC_WITHOUT_HEAD(read_heap_end); 836 ATF_TC_BODY(read_heap_end, tc) 837 { 838 #define BUF __stack.__buf 839 struct { 840 uint8_t padding_l; 841 unsigned char * __buf; 842 uint8_t padding_r; 843 } __stack; 844 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 845 const size_t __len = 41; 846 const size_t __idx __unused = __len - 1; 847 int fd; 848 849 __stack.__buf = malloc(__bufsz); 850 fd = new_tmpfile(); /* Cannot fail */ 851 852 read(fd, __stack.__buf, __len); 853 #undef BUF 854 855 } 856 857 ATF_TC_WITHOUT_HEAD(read_heap_after_end); 858 ATF_TC_BODY(read_heap_after_end, tc) 859 { 860 #define BUF __stack.__buf 861 struct { 862 uint8_t padding_l; 863 unsigned char * __buf; 864 uint8_t padding_r; 865 } __stack; 866 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 867 const size_t __len = 41 + 1; 868 const size_t __idx __unused = __len - 1; 869 pid_t __child; 870 int __status; 871 int fd; 872 873 __child = fork(); 874 ATF_REQUIRE(__child >= 0); 875 if (__child > 0) 876 goto monitor; 877 878 /* Child */ 879 disable_coredumps(); 880 __stack.__buf = malloc(__bufsz); 881 fd = new_tmpfile(); /* Cannot fail */ 882 883 read(fd, __stack.__buf, __len); 884 _exit(EX_SOFTWARE); /* Should have aborted. */ 885 886 monitor: 887 while (waitpid(__child, &__status, 0) != __child) { 888 ATF_REQUIRE_EQ(EINTR, errno); 889 } 890 891 if (!WIFSIGNALED(__status)) { 892 switch (WEXITSTATUS(__status)) { 893 case EX_SOFTWARE: 894 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 895 break; 896 case EX_OSERR: 897 atf_tc_fail("setrlimit(2) failed"); 898 break; 899 default: 900 atf_tc_fail("child exited with status %d", 901 WEXITSTATUS(__status)); 902 } 903 } else { 904 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 905 } 906 #undef BUF 907 908 } 909 910 ATF_TC_WITHOUT_HEAD(readlink_before_end); 911 ATF_TC_BODY(readlink_before_end, tc) 912 { 913 #define BUF &__stack.__buf 914 struct { 915 uint8_t padding_l; 916 unsigned char __buf[42]; 917 uint8_t padding_r; 918 } __stack; 919 const size_t __bufsz __unused = sizeof(__stack.__buf); 920 const size_t __len = 42 - 1; 921 const size_t __idx __unused = __len - 1; 922 const char *path; 923 924 path = new_symlink(__len); /* Cannot fail */ 925 926 readlink(path, __stack.__buf, __len); 927 #undef BUF 928 929 } 930 931 ATF_TC_WITHOUT_HEAD(readlink_end); 932 ATF_TC_BODY(readlink_end, tc) 933 { 934 #define BUF &__stack.__buf 935 struct { 936 uint8_t padding_l; 937 unsigned char __buf[42]; 938 uint8_t padding_r; 939 } __stack; 940 const size_t __bufsz __unused = sizeof(__stack.__buf); 941 const size_t __len = 42; 942 const size_t __idx __unused = __len - 1; 943 const char *path; 944 945 path = new_symlink(__len); /* Cannot fail */ 946 947 readlink(path, __stack.__buf, __len); 948 #undef BUF 949 950 } 951 952 ATF_TC_WITHOUT_HEAD(readlink_heap_before_end); 953 ATF_TC_BODY(readlink_heap_before_end, tc) 954 { 955 #define BUF __stack.__buf 956 struct { 957 uint8_t padding_l; 958 unsigned char * __buf; 959 uint8_t padding_r; 960 } __stack; 961 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 962 const size_t __len = 42 - 1; 963 const size_t __idx __unused = __len - 1; 964 const char *path; 965 966 __stack.__buf = malloc(__bufsz); 967 path = new_symlink(__len); /* Cannot fail */ 968 969 readlink(path, __stack.__buf, __len); 970 #undef BUF 971 972 } 973 974 ATF_TC_WITHOUT_HEAD(readlink_heap_end); 975 ATF_TC_BODY(readlink_heap_end, tc) 976 { 977 #define BUF __stack.__buf 978 struct { 979 uint8_t padding_l; 980 unsigned char * __buf; 981 uint8_t padding_r; 982 } __stack; 983 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 984 const size_t __len = 42; 985 const size_t __idx __unused = __len - 1; 986 const char *path; 987 988 __stack.__buf = malloc(__bufsz); 989 path = new_symlink(__len); /* Cannot fail */ 990 991 readlink(path, __stack.__buf, __len); 992 #undef BUF 993 994 } 995 996 ATF_TC_WITHOUT_HEAD(readlink_heap_after_end); 997 ATF_TC_BODY(readlink_heap_after_end, tc) 998 { 999 #define BUF __stack.__buf 1000 struct { 1001 uint8_t padding_l; 1002 unsigned char * __buf; 1003 uint8_t padding_r; 1004 } __stack; 1005 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1006 const size_t __len = 42 + 1; 1007 const size_t __idx __unused = __len - 1; 1008 pid_t __child; 1009 int __status; 1010 const char *path; 1011 1012 __child = fork(); 1013 ATF_REQUIRE(__child >= 0); 1014 if (__child > 0) 1015 goto monitor; 1016 1017 /* Child */ 1018 disable_coredumps(); 1019 __stack.__buf = malloc(__bufsz); 1020 path = new_symlink(__len); /* Cannot fail */ 1021 1022 readlink(path, __stack.__buf, __len); 1023 _exit(EX_SOFTWARE); /* Should have aborted. */ 1024 1025 monitor: 1026 while (waitpid(__child, &__status, 0) != __child) { 1027 ATF_REQUIRE_EQ(EINTR, errno); 1028 } 1029 1030 if (!WIFSIGNALED(__status)) { 1031 switch (WEXITSTATUS(__status)) { 1032 case EX_SOFTWARE: 1033 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1034 break; 1035 case EX_OSERR: 1036 atf_tc_fail("setrlimit(2) failed"); 1037 break; 1038 default: 1039 atf_tc_fail("child exited with status %d", 1040 WEXITSTATUS(__status)); 1041 } 1042 } else { 1043 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1044 } 1045 #undef BUF 1046 1047 } 1048 1049 ATF_TC_WITHOUT_HEAD(readlinkat_before_end); 1050 ATF_TC_BODY(readlinkat_before_end, tc) 1051 { 1052 #define BUF &__stack.__buf 1053 struct { 1054 uint8_t padding_l; 1055 unsigned char __buf[42]; 1056 uint8_t padding_r; 1057 } __stack; 1058 const size_t __bufsz __unused = sizeof(__stack.__buf); 1059 const size_t __len = 42 - 1; 1060 const size_t __idx __unused = __len - 1; 1061 const char *path; 1062 1063 path = new_symlink(__len); /* Cannot fail */ 1064 1065 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1066 #undef BUF 1067 1068 } 1069 1070 ATF_TC_WITHOUT_HEAD(readlinkat_end); 1071 ATF_TC_BODY(readlinkat_end, tc) 1072 { 1073 #define BUF &__stack.__buf 1074 struct { 1075 uint8_t padding_l; 1076 unsigned char __buf[42]; 1077 uint8_t padding_r; 1078 } __stack; 1079 const size_t __bufsz __unused = sizeof(__stack.__buf); 1080 const size_t __len = 42; 1081 const size_t __idx __unused = __len - 1; 1082 const char *path; 1083 1084 path = new_symlink(__len); /* Cannot fail */ 1085 1086 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1087 #undef BUF 1088 1089 } 1090 1091 ATF_TC_WITHOUT_HEAD(readlinkat_heap_before_end); 1092 ATF_TC_BODY(readlinkat_heap_before_end, tc) 1093 { 1094 #define BUF __stack.__buf 1095 struct { 1096 uint8_t padding_l; 1097 unsigned char * __buf; 1098 uint8_t padding_r; 1099 } __stack; 1100 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1101 const size_t __len = 42 - 1; 1102 const size_t __idx __unused = __len - 1; 1103 const char *path; 1104 1105 __stack.__buf = malloc(__bufsz); 1106 path = new_symlink(__len); /* Cannot fail */ 1107 1108 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1109 #undef BUF 1110 1111 } 1112 1113 ATF_TC_WITHOUT_HEAD(readlinkat_heap_end); 1114 ATF_TC_BODY(readlinkat_heap_end, tc) 1115 { 1116 #define BUF __stack.__buf 1117 struct { 1118 uint8_t padding_l; 1119 unsigned char * __buf; 1120 uint8_t padding_r; 1121 } __stack; 1122 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1123 const size_t __len = 42; 1124 const size_t __idx __unused = __len - 1; 1125 const char *path; 1126 1127 __stack.__buf = malloc(__bufsz); 1128 path = new_symlink(__len); /* Cannot fail */ 1129 1130 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1131 #undef BUF 1132 1133 } 1134 1135 ATF_TC_WITHOUT_HEAD(readlinkat_heap_after_end); 1136 ATF_TC_BODY(readlinkat_heap_after_end, tc) 1137 { 1138 #define BUF __stack.__buf 1139 struct { 1140 uint8_t padding_l; 1141 unsigned char * __buf; 1142 uint8_t padding_r; 1143 } __stack; 1144 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1145 const size_t __len = 42 + 1; 1146 const size_t __idx __unused = __len - 1; 1147 pid_t __child; 1148 int __status; 1149 const char *path; 1150 1151 __child = fork(); 1152 ATF_REQUIRE(__child >= 0); 1153 if (__child > 0) 1154 goto monitor; 1155 1156 /* Child */ 1157 disable_coredumps(); 1158 __stack.__buf = malloc(__bufsz); 1159 path = new_symlink(__len); /* Cannot fail */ 1160 1161 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1162 _exit(EX_SOFTWARE); /* Should have aborted. */ 1163 1164 monitor: 1165 while (waitpid(__child, &__status, 0) != __child) { 1166 ATF_REQUIRE_EQ(EINTR, errno); 1167 } 1168 1169 if (!WIFSIGNALED(__status)) { 1170 switch (WEXITSTATUS(__status)) { 1171 case EX_SOFTWARE: 1172 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1173 break; 1174 case EX_OSERR: 1175 atf_tc_fail("setrlimit(2) failed"); 1176 break; 1177 default: 1178 atf_tc_fail("child exited with status %d", 1179 WEXITSTATUS(__status)); 1180 } 1181 } else { 1182 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1183 } 1184 #undef BUF 1185 1186 } 1187 1188 ATF_TC_WITHOUT_HEAD(getdomainname_before_end); 1189 ATF_TC_BODY(getdomainname_before_end, tc) 1190 { 1191 #define BUF &__stack.__buf 1192 struct { 1193 uint8_t padding_l; 1194 unsigned char __buf[4]; 1195 uint8_t padding_r; 1196 } __stack; 1197 const size_t __bufsz __unused = sizeof(__stack.__buf); 1198 const size_t __len = 4 - 1; 1199 const size_t __idx __unused = __len - 1; 1200 char sysdomain[256]; 1201 1202 (void)getdomainname(sysdomain, __len); 1203 if (strlen(sysdomain) <= __len) 1204 atf_tc_skip("domain name too short for testing"); 1205 1206 getdomainname(__stack.__buf, __len); 1207 #undef BUF 1208 1209 } 1210 1211 ATF_TC_WITHOUT_HEAD(getdomainname_end); 1212 ATF_TC_BODY(getdomainname_end, tc) 1213 { 1214 #define BUF &__stack.__buf 1215 struct { 1216 uint8_t padding_l; 1217 unsigned char __buf[4]; 1218 uint8_t padding_r; 1219 } __stack; 1220 const size_t __bufsz __unused = sizeof(__stack.__buf); 1221 const size_t __len = 4; 1222 const size_t __idx __unused = __len - 1; 1223 char sysdomain[256]; 1224 1225 (void)getdomainname(sysdomain, __len); 1226 if (strlen(sysdomain) <= __len) 1227 atf_tc_skip("domain name too short for testing"); 1228 1229 getdomainname(__stack.__buf, __len); 1230 #undef BUF 1231 1232 } 1233 1234 ATF_TC_WITHOUT_HEAD(getdomainname_heap_before_end); 1235 ATF_TC_BODY(getdomainname_heap_before_end, tc) 1236 { 1237 #define BUF __stack.__buf 1238 struct { 1239 uint8_t padding_l; 1240 unsigned char * __buf; 1241 uint8_t padding_r; 1242 } __stack; 1243 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1244 const size_t __len = 4 - 1; 1245 const size_t __idx __unused = __len - 1; 1246 char sysdomain[256]; 1247 1248 (void)getdomainname(sysdomain, __len); 1249 if (strlen(sysdomain) <= __len) 1250 atf_tc_skip("domain name too short for testing"); 1251 1252 __stack.__buf = malloc(__bufsz); 1253 1254 getdomainname(__stack.__buf, __len); 1255 #undef BUF 1256 1257 } 1258 1259 ATF_TC_WITHOUT_HEAD(getdomainname_heap_end); 1260 ATF_TC_BODY(getdomainname_heap_end, tc) 1261 { 1262 #define BUF __stack.__buf 1263 struct { 1264 uint8_t padding_l; 1265 unsigned char * __buf; 1266 uint8_t padding_r; 1267 } __stack; 1268 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1269 const size_t __len = 4; 1270 const size_t __idx __unused = __len - 1; 1271 char sysdomain[256]; 1272 1273 (void)getdomainname(sysdomain, __len); 1274 if (strlen(sysdomain) <= __len) 1275 atf_tc_skip("domain name too short for testing"); 1276 1277 __stack.__buf = malloc(__bufsz); 1278 1279 getdomainname(__stack.__buf, __len); 1280 #undef BUF 1281 1282 } 1283 1284 ATF_TC_WITHOUT_HEAD(getdomainname_heap_after_end); 1285 ATF_TC_BODY(getdomainname_heap_after_end, tc) 1286 { 1287 #define BUF __stack.__buf 1288 struct { 1289 uint8_t padding_l; 1290 unsigned char * __buf; 1291 uint8_t padding_r; 1292 } __stack; 1293 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1294 const size_t __len = 4 + 1; 1295 const size_t __idx __unused = __len - 1; 1296 pid_t __child; 1297 int __status; 1298 char sysdomain[256]; 1299 1300 (void)getdomainname(sysdomain, __len); 1301 if (strlen(sysdomain) <= __len) 1302 atf_tc_skip("domain name too short for testing"); 1303 1304 __child = fork(); 1305 ATF_REQUIRE(__child >= 0); 1306 if (__child > 0) 1307 goto monitor; 1308 1309 /* Child */ 1310 disable_coredumps(); 1311 __stack.__buf = malloc(__bufsz); 1312 1313 getdomainname(__stack.__buf, __len); 1314 _exit(EX_SOFTWARE); /* Should have aborted. */ 1315 1316 monitor: 1317 while (waitpid(__child, &__status, 0) != __child) { 1318 ATF_REQUIRE_EQ(EINTR, errno); 1319 } 1320 1321 if (!WIFSIGNALED(__status)) { 1322 switch (WEXITSTATUS(__status)) { 1323 case EX_SOFTWARE: 1324 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1325 break; 1326 case EX_OSERR: 1327 atf_tc_fail("setrlimit(2) failed"); 1328 break; 1329 default: 1330 atf_tc_fail("child exited with status %d", 1331 WEXITSTATUS(__status)); 1332 } 1333 } else { 1334 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1335 } 1336 #undef BUF 1337 1338 } 1339 1340 ATF_TC_WITHOUT_HEAD(getentropy_before_end); 1341 ATF_TC_BODY(getentropy_before_end, tc) 1342 { 1343 #define BUF &__stack.__buf 1344 struct { 1345 uint8_t padding_l; 1346 unsigned char __buf[42]; 1347 uint8_t padding_r; 1348 } __stack; 1349 const size_t __bufsz __unused = sizeof(__stack.__buf); 1350 const size_t __len = 42 - 1; 1351 const size_t __idx __unused = __len - 1; 1352 1353 getentropy(__stack.__buf, __len); 1354 #undef BUF 1355 1356 } 1357 1358 ATF_TC_WITHOUT_HEAD(getentropy_end); 1359 ATF_TC_BODY(getentropy_end, tc) 1360 { 1361 #define BUF &__stack.__buf 1362 struct { 1363 uint8_t padding_l; 1364 unsigned char __buf[42]; 1365 uint8_t padding_r; 1366 } __stack; 1367 const size_t __bufsz __unused = sizeof(__stack.__buf); 1368 const size_t __len = 42; 1369 const size_t __idx __unused = __len - 1; 1370 1371 getentropy(__stack.__buf, __len); 1372 #undef BUF 1373 1374 } 1375 1376 ATF_TC_WITHOUT_HEAD(getentropy_heap_before_end); 1377 ATF_TC_BODY(getentropy_heap_before_end, tc) 1378 { 1379 #define BUF __stack.__buf 1380 struct { 1381 uint8_t padding_l; 1382 unsigned char * __buf; 1383 uint8_t padding_r; 1384 } __stack; 1385 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1386 const size_t __len = 42 - 1; 1387 const size_t __idx __unused = __len - 1; 1388 1389 __stack.__buf = malloc(__bufsz); 1390 1391 getentropy(__stack.__buf, __len); 1392 #undef BUF 1393 1394 } 1395 1396 ATF_TC_WITHOUT_HEAD(getentropy_heap_end); 1397 ATF_TC_BODY(getentropy_heap_end, tc) 1398 { 1399 #define BUF __stack.__buf 1400 struct { 1401 uint8_t padding_l; 1402 unsigned char * __buf; 1403 uint8_t padding_r; 1404 } __stack; 1405 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1406 const size_t __len = 42; 1407 const size_t __idx __unused = __len - 1; 1408 1409 __stack.__buf = malloc(__bufsz); 1410 1411 getentropy(__stack.__buf, __len); 1412 #undef BUF 1413 1414 } 1415 1416 ATF_TC_WITHOUT_HEAD(getentropy_heap_after_end); 1417 ATF_TC_BODY(getentropy_heap_after_end, tc) 1418 { 1419 #define BUF __stack.__buf 1420 struct { 1421 uint8_t padding_l; 1422 unsigned char * __buf; 1423 uint8_t padding_r; 1424 } __stack; 1425 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1426 const size_t __len = 42 + 1; 1427 const size_t __idx __unused = __len - 1; 1428 pid_t __child; 1429 int __status; 1430 1431 __child = fork(); 1432 ATF_REQUIRE(__child >= 0); 1433 if (__child > 0) 1434 goto monitor; 1435 1436 /* Child */ 1437 disable_coredumps(); 1438 __stack.__buf = malloc(__bufsz); 1439 1440 getentropy(__stack.__buf, __len); 1441 _exit(EX_SOFTWARE); /* Should have aborted. */ 1442 1443 monitor: 1444 while (waitpid(__child, &__status, 0) != __child) { 1445 ATF_REQUIRE_EQ(EINTR, errno); 1446 } 1447 1448 if (!WIFSIGNALED(__status)) { 1449 switch (WEXITSTATUS(__status)) { 1450 case EX_SOFTWARE: 1451 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1452 break; 1453 case EX_OSERR: 1454 atf_tc_fail("setrlimit(2) failed"); 1455 break; 1456 default: 1457 atf_tc_fail("child exited with status %d", 1458 WEXITSTATUS(__status)); 1459 } 1460 } else { 1461 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1462 } 1463 #undef BUF 1464 1465 } 1466 1467 ATF_TC_WITHOUT_HEAD(gethostname_before_end); 1468 ATF_TC_BODY(gethostname_before_end, tc) 1469 { 1470 #define BUF &__stack.__buf 1471 struct { 1472 uint8_t padding_l; 1473 unsigned char __buf[4]; 1474 uint8_t padding_r; 1475 } __stack; 1476 const size_t __bufsz __unused = sizeof(__stack.__buf); 1477 const size_t __len = 4 - 1; 1478 const size_t __idx __unused = __len - 1; 1479 char syshost[256]; 1480 int error; 1481 1482 error = gethostname(syshost, __len); 1483 if (error != 0 || strlen(syshost) <= __len) 1484 atf_tc_skip("hostname too short for testing"); 1485 1486 gethostname(__stack.__buf, __len); 1487 #undef BUF 1488 1489 } 1490 1491 ATF_TC_WITHOUT_HEAD(gethostname_end); 1492 ATF_TC_BODY(gethostname_end, tc) 1493 { 1494 #define BUF &__stack.__buf 1495 struct { 1496 uint8_t padding_l; 1497 unsigned char __buf[4]; 1498 uint8_t padding_r; 1499 } __stack; 1500 const size_t __bufsz __unused = sizeof(__stack.__buf); 1501 const size_t __len = 4; 1502 const size_t __idx __unused = __len - 1; 1503 char syshost[256]; 1504 int error; 1505 1506 error = gethostname(syshost, __len); 1507 if (error != 0 || strlen(syshost) <= __len) 1508 atf_tc_skip("hostname too short for testing"); 1509 1510 gethostname(__stack.__buf, __len); 1511 #undef BUF 1512 1513 } 1514 1515 ATF_TC_WITHOUT_HEAD(gethostname_heap_before_end); 1516 ATF_TC_BODY(gethostname_heap_before_end, tc) 1517 { 1518 #define BUF __stack.__buf 1519 struct { 1520 uint8_t padding_l; 1521 unsigned char * __buf; 1522 uint8_t padding_r; 1523 } __stack; 1524 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1525 const size_t __len = 4 - 1; 1526 const size_t __idx __unused = __len - 1; 1527 char syshost[256]; 1528 int error; 1529 1530 error = gethostname(syshost, __len); 1531 if (error != 0 || strlen(syshost) <= __len) 1532 atf_tc_skip("hostname too short for testing"); 1533 1534 __stack.__buf = malloc(__bufsz); 1535 1536 gethostname(__stack.__buf, __len); 1537 #undef BUF 1538 1539 } 1540 1541 ATF_TC_WITHOUT_HEAD(gethostname_heap_end); 1542 ATF_TC_BODY(gethostname_heap_end, tc) 1543 { 1544 #define BUF __stack.__buf 1545 struct { 1546 uint8_t padding_l; 1547 unsigned char * __buf; 1548 uint8_t padding_r; 1549 } __stack; 1550 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1551 const size_t __len = 4; 1552 const size_t __idx __unused = __len - 1; 1553 char syshost[256]; 1554 int error; 1555 1556 error = gethostname(syshost, __len); 1557 if (error != 0 || strlen(syshost) <= __len) 1558 atf_tc_skip("hostname too short for testing"); 1559 1560 __stack.__buf = malloc(__bufsz); 1561 1562 gethostname(__stack.__buf, __len); 1563 #undef BUF 1564 1565 } 1566 1567 ATF_TC_WITHOUT_HEAD(gethostname_heap_after_end); 1568 ATF_TC_BODY(gethostname_heap_after_end, tc) 1569 { 1570 #define BUF __stack.__buf 1571 struct { 1572 uint8_t padding_l; 1573 unsigned char * __buf; 1574 uint8_t padding_r; 1575 } __stack; 1576 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1577 const size_t __len = 4 + 1; 1578 const size_t __idx __unused = __len - 1; 1579 pid_t __child; 1580 int __status; 1581 char syshost[256]; 1582 int error; 1583 1584 error = gethostname(syshost, __len); 1585 if (error != 0 || strlen(syshost) <= __len) 1586 atf_tc_skip("hostname too short for testing"); 1587 1588 __child = fork(); 1589 ATF_REQUIRE(__child >= 0); 1590 if (__child > 0) 1591 goto monitor; 1592 1593 /* Child */ 1594 disable_coredumps(); 1595 __stack.__buf = malloc(__bufsz); 1596 1597 gethostname(__stack.__buf, __len); 1598 _exit(EX_SOFTWARE); /* Should have aborted. */ 1599 1600 monitor: 1601 while (waitpid(__child, &__status, 0) != __child) { 1602 ATF_REQUIRE_EQ(EINTR, errno); 1603 } 1604 1605 if (!WIFSIGNALED(__status)) { 1606 switch (WEXITSTATUS(__status)) { 1607 case EX_SOFTWARE: 1608 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1609 break; 1610 case EX_OSERR: 1611 atf_tc_fail("setrlimit(2) failed"); 1612 break; 1613 default: 1614 atf_tc_fail("child exited with status %d", 1615 WEXITSTATUS(__status)); 1616 } 1617 } else { 1618 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1619 } 1620 #undef BUF 1621 1622 } 1623 1624 ATF_TC_WITHOUT_HEAD(getlogin_r_before_end); 1625 ATF_TC_BODY(getlogin_r_before_end, tc) 1626 { 1627 #define BUF &__stack.__buf 1628 struct { 1629 uint8_t padding_l; 1630 unsigned char __buf[MAXLOGNAME + 1]; 1631 uint8_t padding_r; 1632 } __stack; 1633 const size_t __bufsz __unused = sizeof(__stack.__buf); 1634 const size_t __len = MAXLOGNAME + 1 - 1; 1635 const size_t __idx __unused = __len - 1; 1636 1637 getlogin_r(__stack.__buf, __len); 1638 #undef BUF 1639 1640 } 1641 1642 ATF_TC_WITHOUT_HEAD(getlogin_r_end); 1643 ATF_TC_BODY(getlogin_r_end, tc) 1644 { 1645 #define BUF &__stack.__buf 1646 struct { 1647 uint8_t padding_l; 1648 unsigned char __buf[MAXLOGNAME + 1]; 1649 uint8_t padding_r; 1650 } __stack; 1651 const size_t __bufsz __unused = sizeof(__stack.__buf); 1652 const size_t __len = MAXLOGNAME + 1; 1653 const size_t __idx __unused = __len - 1; 1654 1655 getlogin_r(__stack.__buf, __len); 1656 #undef BUF 1657 1658 } 1659 1660 ATF_TC_WITHOUT_HEAD(getlogin_r_heap_before_end); 1661 ATF_TC_BODY(getlogin_r_heap_before_end, tc) 1662 { 1663 #define BUF __stack.__buf 1664 struct { 1665 uint8_t padding_l; 1666 unsigned char * __buf; 1667 uint8_t padding_r; 1668 } __stack; 1669 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (MAXLOGNAME + 1); 1670 const size_t __len = MAXLOGNAME + 1 - 1; 1671 const size_t __idx __unused = __len - 1; 1672 1673 __stack.__buf = malloc(__bufsz); 1674 1675 getlogin_r(__stack.__buf, __len); 1676 #undef BUF 1677 1678 } 1679 1680 ATF_TC_WITHOUT_HEAD(getlogin_r_heap_end); 1681 ATF_TC_BODY(getlogin_r_heap_end, tc) 1682 { 1683 #define BUF __stack.__buf 1684 struct { 1685 uint8_t padding_l; 1686 unsigned char * __buf; 1687 uint8_t padding_r; 1688 } __stack; 1689 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (MAXLOGNAME + 1); 1690 const size_t __len = MAXLOGNAME + 1; 1691 const size_t __idx __unused = __len - 1; 1692 1693 __stack.__buf = malloc(__bufsz); 1694 1695 getlogin_r(__stack.__buf, __len); 1696 #undef BUF 1697 1698 } 1699 1700 ATF_TC_WITHOUT_HEAD(getlogin_r_heap_after_end); 1701 ATF_TC_BODY(getlogin_r_heap_after_end, tc) 1702 { 1703 #define BUF __stack.__buf 1704 struct { 1705 uint8_t padding_l; 1706 unsigned char * __buf; 1707 uint8_t padding_r; 1708 } __stack; 1709 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (MAXLOGNAME + 1); 1710 const size_t __len = MAXLOGNAME + 1 + 1; 1711 const size_t __idx __unused = __len - 1; 1712 pid_t __child; 1713 int __status; 1714 1715 __child = fork(); 1716 ATF_REQUIRE(__child >= 0); 1717 if (__child > 0) 1718 goto monitor; 1719 1720 /* Child */ 1721 disable_coredumps(); 1722 __stack.__buf = malloc(__bufsz); 1723 1724 getlogin_r(__stack.__buf, __len); 1725 _exit(EX_SOFTWARE); /* Should have aborted. */ 1726 1727 monitor: 1728 while (waitpid(__child, &__status, 0) != __child) { 1729 ATF_REQUIRE_EQ(EINTR, errno); 1730 } 1731 1732 if (!WIFSIGNALED(__status)) { 1733 switch (WEXITSTATUS(__status)) { 1734 case EX_SOFTWARE: 1735 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1736 break; 1737 case EX_OSERR: 1738 atf_tc_fail("setrlimit(2) failed"); 1739 break; 1740 default: 1741 atf_tc_fail("child exited with status %d", 1742 WEXITSTATUS(__status)); 1743 } 1744 } else { 1745 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1746 } 1747 #undef BUF 1748 1749 } 1750 1751 ATF_TC_WITHOUT_HEAD(ttyname_r_before_end); 1752 ATF_TC_BODY(ttyname_r_before_end, tc) 1753 { 1754 #define BUF &__stack.__buf 1755 struct { 1756 uint8_t padding_l; 1757 unsigned char __buf[42]; 1758 uint8_t padding_r; 1759 } __stack; 1760 const size_t __bufsz __unused = sizeof(__stack.__buf); 1761 const size_t __len = 42 - 1; 1762 const size_t __idx __unused = __len - 1; 1763 int fd; 1764 1765 fd = STDIN_FILENO; 1766 if (!isatty(fd)) 1767 atf_tc_skip("stdin is not an fd"); 1768 1769 ttyname_r(fd, __stack.__buf, __len); 1770 #undef BUF 1771 1772 } 1773 1774 ATF_TC_WITHOUT_HEAD(ttyname_r_end); 1775 ATF_TC_BODY(ttyname_r_end, tc) 1776 { 1777 #define BUF &__stack.__buf 1778 struct { 1779 uint8_t padding_l; 1780 unsigned char __buf[42]; 1781 uint8_t padding_r; 1782 } __stack; 1783 const size_t __bufsz __unused = sizeof(__stack.__buf); 1784 const size_t __len = 42; 1785 const size_t __idx __unused = __len - 1; 1786 int fd; 1787 1788 fd = STDIN_FILENO; 1789 if (!isatty(fd)) 1790 atf_tc_skip("stdin is not an fd"); 1791 1792 ttyname_r(fd, __stack.__buf, __len); 1793 #undef BUF 1794 1795 } 1796 1797 ATF_TC_WITHOUT_HEAD(ttyname_r_heap_before_end); 1798 ATF_TC_BODY(ttyname_r_heap_before_end, tc) 1799 { 1800 #define BUF __stack.__buf 1801 struct { 1802 uint8_t padding_l; 1803 unsigned char * __buf; 1804 uint8_t padding_r; 1805 } __stack; 1806 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1807 const size_t __len = 42 - 1; 1808 const size_t __idx __unused = __len - 1; 1809 int fd; 1810 1811 fd = STDIN_FILENO; 1812 if (!isatty(fd)) 1813 atf_tc_skip("stdin is not an fd"); 1814 1815 __stack.__buf = malloc(__bufsz); 1816 1817 ttyname_r(fd, __stack.__buf, __len); 1818 #undef BUF 1819 1820 } 1821 1822 ATF_TC_WITHOUT_HEAD(ttyname_r_heap_end); 1823 ATF_TC_BODY(ttyname_r_heap_end, tc) 1824 { 1825 #define BUF __stack.__buf 1826 struct { 1827 uint8_t padding_l; 1828 unsigned char * __buf; 1829 uint8_t padding_r; 1830 } __stack; 1831 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1832 const size_t __len = 42; 1833 const size_t __idx __unused = __len - 1; 1834 int fd; 1835 1836 fd = STDIN_FILENO; 1837 if (!isatty(fd)) 1838 atf_tc_skip("stdin is not an fd"); 1839 1840 __stack.__buf = malloc(__bufsz); 1841 1842 ttyname_r(fd, __stack.__buf, __len); 1843 #undef BUF 1844 1845 } 1846 1847 ATF_TC_WITHOUT_HEAD(ttyname_r_heap_after_end); 1848 ATF_TC_BODY(ttyname_r_heap_after_end, tc) 1849 { 1850 #define BUF __stack.__buf 1851 struct { 1852 uint8_t padding_l; 1853 unsigned char * __buf; 1854 uint8_t padding_r; 1855 } __stack; 1856 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1857 const size_t __len = 42 + 1; 1858 const size_t __idx __unused = __len - 1; 1859 pid_t __child; 1860 int __status; 1861 int fd; 1862 1863 fd = STDIN_FILENO; 1864 if (!isatty(fd)) 1865 atf_tc_skip("stdin is not an fd"); 1866 1867 __child = fork(); 1868 ATF_REQUIRE(__child >= 0); 1869 if (__child > 0) 1870 goto monitor; 1871 1872 /* Child */ 1873 disable_coredumps(); 1874 __stack.__buf = malloc(__bufsz); 1875 1876 ttyname_r(fd, __stack.__buf, __len); 1877 _exit(EX_SOFTWARE); /* Should have aborted. */ 1878 1879 monitor: 1880 while (waitpid(__child, &__status, 0) != __child) { 1881 ATF_REQUIRE_EQ(EINTR, errno); 1882 } 1883 1884 if (!WIFSIGNALED(__status)) { 1885 switch (WEXITSTATUS(__status)) { 1886 case EX_SOFTWARE: 1887 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1888 break; 1889 case EX_OSERR: 1890 atf_tc_fail("setrlimit(2) failed"); 1891 break; 1892 default: 1893 atf_tc_fail("child exited with status %d", 1894 WEXITSTATUS(__status)); 1895 } 1896 } else { 1897 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1898 } 1899 #undef BUF 1900 1901 } 1902 1903 ATF_TP_ADD_TCS(tp) 1904 { 1905 ATF_TP_ADD_TC(tp, getcwd_before_end); 1906 ATF_TP_ADD_TC(tp, getcwd_end); 1907 ATF_TP_ADD_TC(tp, getcwd_heap_before_end); 1908 ATF_TP_ADD_TC(tp, getcwd_heap_end); 1909 ATF_TP_ADD_TC(tp, getcwd_heap_after_end); 1910 ATF_TP_ADD_TC(tp, getgrouplist_before_end); 1911 ATF_TP_ADD_TC(tp, getgrouplist_end); 1912 ATF_TP_ADD_TC(tp, getgrouplist_heap_before_end); 1913 ATF_TP_ADD_TC(tp, getgrouplist_heap_end); 1914 ATF_TP_ADD_TC(tp, getgrouplist_heap_after_end); 1915 ATF_TP_ADD_TC(tp, getgroups_before_end); 1916 ATF_TP_ADD_TC(tp, getgroups_end); 1917 ATF_TP_ADD_TC(tp, getgroups_heap_before_end); 1918 ATF_TP_ADD_TC(tp, getgroups_heap_end); 1919 ATF_TP_ADD_TC(tp, getgroups_heap_after_end); 1920 ATF_TP_ADD_TC(tp, getloginclass_before_end); 1921 ATF_TP_ADD_TC(tp, getloginclass_end); 1922 ATF_TP_ADD_TC(tp, getloginclass_heap_before_end); 1923 ATF_TP_ADD_TC(tp, getloginclass_heap_end); 1924 ATF_TP_ADD_TC(tp, getloginclass_heap_after_end); 1925 ATF_TP_ADD_TC(tp, pread_before_end); 1926 ATF_TP_ADD_TC(tp, pread_end); 1927 ATF_TP_ADD_TC(tp, pread_heap_before_end); 1928 ATF_TP_ADD_TC(tp, pread_heap_end); 1929 ATF_TP_ADD_TC(tp, pread_heap_after_end); 1930 ATF_TP_ADD_TC(tp, read_before_end); 1931 ATF_TP_ADD_TC(tp, read_end); 1932 ATF_TP_ADD_TC(tp, read_heap_before_end); 1933 ATF_TP_ADD_TC(tp, read_heap_end); 1934 ATF_TP_ADD_TC(tp, read_heap_after_end); 1935 ATF_TP_ADD_TC(tp, readlink_before_end); 1936 ATF_TP_ADD_TC(tp, readlink_end); 1937 ATF_TP_ADD_TC(tp, readlink_heap_before_end); 1938 ATF_TP_ADD_TC(tp, readlink_heap_end); 1939 ATF_TP_ADD_TC(tp, readlink_heap_after_end); 1940 ATF_TP_ADD_TC(tp, readlinkat_before_end); 1941 ATF_TP_ADD_TC(tp, readlinkat_end); 1942 ATF_TP_ADD_TC(tp, readlinkat_heap_before_end); 1943 ATF_TP_ADD_TC(tp, readlinkat_heap_end); 1944 ATF_TP_ADD_TC(tp, readlinkat_heap_after_end); 1945 ATF_TP_ADD_TC(tp, getdomainname_before_end); 1946 ATF_TP_ADD_TC(tp, getdomainname_end); 1947 ATF_TP_ADD_TC(tp, getdomainname_heap_before_end); 1948 ATF_TP_ADD_TC(tp, getdomainname_heap_end); 1949 ATF_TP_ADD_TC(tp, getdomainname_heap_after_end); 1950 ATF_TP_ADD_TC(tp, getentropy_before_end); 1951 ATF_TP_ADD_TC(tp, getentropy_end); 1952 ATF_TP_ADD_TC(tp, getentropy_heap_before_end); 1953 ATF_TP_ADD_TC(tp, getentropy_heap_end); 1954 ATF_TP_ADD_TC(tp, getentropy_heap_after_end); 1955 ATF_TP_ADD_TC(tp, gethostname_before_end); 1956 ATF_TP_ADD_TC(tp, gethostname_end); 1957 ATF_TP_ADD_TC(tp, gethostname_heap_before_end); 1958 ATF_TP_ADD_TC(tp, gethostname_heap_end); 1959 ATF_TP_ADD_TC(tp, gethostname_heap_after_end); 1960 ATF_TP_ADD_TC(tp, getlogin_r_before_end); 1961 ATF_TP_ADD_TC(tp, getlogin_r_end); 1962 ATF_TP_ADD_TC(tp, getlogin_r_heap_before_end); 1963 ATF_TP_ADD_TC(tp, getlogin_r_heap_end); 1964 ATF_TP_ADD_TC(tp, getlogin_r_heap_after_end); 1965 ATF_TP_ADD_TC(tp, ttyname_r_before_end); 1966 ATF_TP_ADD_TC(tp, ttyname_r_end); 1967 ATF_TP_ADD_TC(tp, ttyname_r_heap_before_end); 1968 ATF_TP_ADD_TC(tp, ttyname_r_heap_end); 1969 ATF_TP_ADD_TC(tp, ttyname_r_heap_after_end); 1970 return (atf_no_error()); 1971 } 1972