1 /* @generated by `generate-fortify-tests.lua "unistd"` */ 2 3 #define _FORTIFY_SOURCE 2 4 #define TMPFILE_SIZE (1024 * 32) 5 6 #include <sys/param.h> 7 #include <sys/random.h> 8 #include <sys/resource.h> 9 #include <sys/select.h> 10 #include <sys/socket.h> 11 #include <sys/time.h> 12 #include <sys/uio.h> 13 #include <sys/wait.h> 14 #include <dirent.h> 15 #include <errno.h> 16 #include <fcntl.h> 17 #include <limits.h> 18 #include <poll.h> 19 #include <signal.h> 20 #include <stdio.h> 21 #include <stdlib.h> 22 #include <string.h> 23 #include <strings.h> 24 #include <sysexits.h> 25 #include <unistd.h> 26 #include <wchar.h> 27 #include <atf-c.h> 28 29 static FILE * __unused 30 new_fp(size_t __len) 31 { 32 static char fpbuf[LINE_MAX]; 33 FILE *fp; 34 35 ATF_REQUIRE(__len <= sizeof(fpbuf)); 36 37 memset(fpbuf, 'A', sizeof(fpbuf) - 1); 38 fpbuf[sizeof(fpbuf) - 1] = '\0'; 39 40 fp = fmemopen(fpbuf, sizeof(fpbuf), "rb"); 41 ATF_REQUIRE(fp != NULL); 42 43 return (fp); 44 } 45 46 /* 47 * Create a new symlink to use for readlink(2) style tests, we'll just use a 48 * random target name to have something interesting to look at. 49 */ 50 static const char * __unused 51 new_symlink(size_t __len) 52 { 53 static const char linkname[] = "link"; 54 char target[MAXNAMLEN]; 55 int error; 56 57 ATF_REQUIRE(__len <= sizeof(target)); 58 59 arc4random_buf(target, sizeof(target)); 60 61 error = unlink(linkname); 62 ATF_REQUIRE(error == 0 || errno == ENOENT); 63 64 error = symlink(target, linkname); 65 ATF_REQUIRE(error == 0); 66 67 return (linkname); 68 } 69 70 /* 71 * For our purposes, first descriptor will be the reader; we'll send both 72 * raw data and a control message over it so that the result can be used for 73 * any of our recv*() tests. 74 */ 75 static void __unused 76 new_socket(int sock[2]) 77 { 78 unsigned char ctrl[CMSG_SPACE(sizeof(int))] = { 0 }; 79 static char sockbuf[256]; 80 ssize_t rv; 81 size_t total = 0; 82 struct msghdr hdr = { 0 }; 83 struct cmsghdr *cmsg; 84 int error, fd; 85 86 error = socketpair(AF_UNIX, SOCK_STREAM, 0, sock); 87 ATF_REQUIRE(error == 0); 88 89 while (total != sizeof(sockbuf)) { 90 rv = send(sock[1], &sockbuf[total], sizeof(sockbuf) - total, 0); 91 92 ATF_REQUIRE_MSG(rv > 0, 93 "expected bytes sent, got %zd with %zu left (size %zu, total %zu)", 94 rv, sizeof(sockbuf) - total, sizeof(sockbuf), total); 95 ATF_REQUIRE_MSG(total + (size_t)rv <= sizeof(sockbuf), 96 "%zd exceeds total %zu", rv, sizeof(sockbuf)); 97 total += rv; 98 } 99 100 hdr.msg_control = ctrl; 101 hdr.msg_controllen = sizeof(ctrl); 102 103 cmsg = CMSG_FIRSTHDR(&hdr); 104 cmsg->cmsg_level = SOL_SOCKET; 105 cmsg->cmsg_type = SCM_RIGHTS; 106 cmsg->cmsg_len = CMSG_LEN(sizeof(fd)); 107 fd = STDIN_FILENO; 108 memcpy(CMSG_DATA(cmsg), &fd, sizeof(fd)); 109 110 error = sendmsg(sock[1], &hdr, 0); 111 ATF_REQUIRE(error != -1); 112 } 113 114 /* 115 * Constructs a tmpfile that we can use for testing read(2) and friends. 116 */ 117 static int __unused 118 new_tmpfile(void) 119 { 120 char buf[1024]; 121 ssize_t rv; 122 size_t written; 123 int fd; 124 125 fd = open("tmpfile", O_RDWR | O_CREAT | O_TRUNC, 0644); 126 ATF_REQUIRE(fd >= 0); 127 128 written = 0; 129 while (written < TMPFILE_SIZE) { 130 rv = write(fd, buf, sizeof(buf)); 131 ATF_REQUIRE(rv > 0); 132 133 written += rv; 134 } 135 136 ATF_REQUIRE_EQ(0, lseek(fd, 0, SEEK_SET)); 137 return (fd); 138 } 139 140 static void 141 disable_coredumps(void) 142 { 143 struct rlimit rl = { 0 }; 144 145 if (setrlimit(RLIMIT_CORE, &rl) == -1) 146 _exit(EX_OSERR); 147 } 148 149 /* 150 * Replaces stdin with a file that we can actually read from, for tests where 151 * we want a FILE * or fd that we can get data from. 152 */ 153 static void __unused 154 replace_stdin(void) 155 { 156 int fd; 157 158 fd = new_tmpfile(); 159 160 (void)dup2(fd, STDIN_FILENO); 161 if (fd != STDIN_FILENO) 162 close(fd); 163 } 164 165 ATF_TC_WITHOUT_HEAD(getcwd_before_end); 166 ATF_TC_BODY(getcwd_before_end, tc) 167 { 168 #define BUF &__stack.__buf 169 struct { 170 uint8_t padding_l; 171 unsigned char __buf[8]; 172 uint8_t padding_r; 173 } __stack; 174 const size_t __bufsz __unused = sizeof(__stack.__buf); 175 const size_t __len = 8 - 1; 176 const size_t __idx __unused = __len - 1; 177 178 getcwd(__stack.__buf, __len); 179 #undef BUF 180 181 } 182 183 ATF_TC_WITHOUT_HEAD(getcwd_end); 184 ATF_TC_BODY(getcwd_end, tc) 185 { 186 #define BUF &__stack.__buf 187 struct { 188 uint8_t padding_l; 189 unsigned char __buf[8]; 190 uint8_t padding_r; 191 } __stack; 192 const size_t __bufsz __unused = sizeof(__stack.__buf); 193 const size_t __len = 8; 194 const size_t __idx __unused = __len - 1; 195 196 getcwd(__stack.__buf, __len); 197 #undef BUF 198 199 } 200 201 ATF_TC_WITHOUT_HEAD(getcwd_heap_before_end); 202 ATF_TC_BODY(getcwd_heap_before_end, tc) 203 { 204 #define BUF __stack.__buf 205 struct { 206 uint8_t padding_l; 207 unsigned char * __buf; 208 uint8_t padding_r; 209 } __stack; 210 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (8); 211 const size_t __len = 8 - 1; 212 const size_t __idx __unused = __len - 1; 213 214 __stack.__buf = malloc(__bufsz); 215 216 getcwd(__stack.__buf, __len); 217 #undef BUF 218 219 } 220 221 ATF_TC_WITHOUT_HEAD(getcwd_heap_end); 222 ATF_TC_BODY(getcwd_heap_end, tc) 223 { 224 #define BUF __stack.__buf 225 struct { 226 uint8_t padding_l; 227 unsigned char * __buf; 228 uint8_t padding_r; 229 } __stack; 230 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (8); 231 const size_t __len = 8; 232 const size_t __idx __unused = __len - 1; 233 234 __stack.__buf = malloc(__bufsz); 235 236 getcwd(__stack.__buf, __len); 237 #undef BUF 238 239 } 240 241 ATF_TC_WITHOUT_HEAD(getcwd_heap_after_end); 242 ATF_TC_BODY(getcwd_heap_after_end, tc) 243 { 244 #define BUF __stack.__buf 245 struct { 246 uint8_t padding_l; 247 unsigned char * __buf; 248 uint8_t padding_r; 249 } __stack; 250 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (8); 251 const size_t __len = 8 + 1; 252 const size_t __idx __unused = __len - 1; 253 pid_t __child; 254 int __status; 255 256 __child = fork(); 257 ATF_REQUIRE(__child >= 0); 258 if (__child > 0) 259 goto monitor; 260 261 /* Child */ 262 disable_coredumps(); 263 __stack.__buf = malloc(__bufsz); 264 265 getcwd(__stack.__buf, __len); 266 _exit(EX_SOFTWARE); /* Should have aborted. */ 267 268 monitor: 269 while (waitpid(__child, &__status, 0) != __child) { 270 ATF_REQUIRE_EQ(EINTR, errno); 271 } 272 273 if (!WIFSIGNALED(__status)) { 274 switch (WEXITSTATUS(__status)) { 275 case EX_SOFTWARE: 276 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 277 break; 278 case EX_OSERR: 279 atf_tc_fail("setrlimit(2) failed"); 280 break; 281 default: 282 atf_tc_fail("child exited with status %d", 283 WEXITSTATUS(__status)); 284 } 285 } else { 286 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 287 } 288 #undef BUF 289 290 } 291 292 ATF_TC_WITHOUT_HEAD(getgrouplist_before_end); 293 ATF_TC_BODY(getgrouplist_before_end, tc) 294 { 295 #define BUF &__stack.__buf 296 struct { 297 uint8_t padding_l; 298 gid_t __buf[4]; 299 uint8_t padding_r; 300 } __stack; 301 const size_t __bufsz __unused = sizeof(__stack.__buf); 302 const size_t __len = 4 - 1; 303 const size_t __idx __unused = __len - 1; 304 int intlen = (int)__len; 305 306 getgrouplist("root", 0, __stack.__buf, &intlen); 307 #undef BUF 308 309 } 310 311 ATF_TC_WITHOUT_HEAD(getgrouplist_end); 312 ATF_TC_BODY(getgrouplist_end, tc) 313 { 314 #define BUF &__stack.__buf 315 struct { 316 uint8_t padding_l; 317 gid_t __buf[4]; 318 uint8_t padding_r; 319 } __stack; 320 const size_t __bufsz __unused = sizeof(__stack.__buf); 321 const size_t __len = 4; 322 const size_t __idx __unused = __len - 1; 323 int intlen = (int)__len; 324 325 getgrouplist("root", 0, __stack.__buf, &intlen); 326 #undef BUF 327 328 } 329 330 ATF_TC_WITHOUT_HEAD(getgrouplist_heap_before_end); 331 ATF_TC_BODY(getgrouplist_heap_before_end, tc) 332 { 333 #define BUF __stack.__buf 334 struct { 335 uint8_t padding_l; 336 gid_t * __buf; 337 uint8_t padding_r; 338 } __stack; 339 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 340 const size_t __len = 4 - 1; 341 const size_t __idx __unused = __len - 1; 342 int intlen = (int)__len; 343 344 __stack.__buf = malloc(__bufsz); 345 346 getgrouplist("root", 0, __stack.__buf, &intlen); 347 #undef BUF 348 349 } 350 351 ATF_TC_WITHOUT_HEAD(getgrouplist_heap_end); 352 ATF_TC_BODY(getgrouplist_heap_end, tc) 353 { 354 #define BUF __stack.__buf 355 struct { 356 uint8_t padding_l; 357 gid_t * __buf; 358 uint8_t padding_r; 359 } __stack; 360 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 361 const size_t __len = 4; 362 const size_t __idx __unused = __len - 1; 363 int intlen = (int)__len; 364 365 __stack.__buf = malloc(__bufsz); 366 367 getgrouplist("root", 0, __stack.__buf, &intlen); 368 #undef BUF 369 370 } 371 372 ATF_TC_WITHOUT_HEAD(getgrouplist_heap_after_end); 373 ATF_TC_BODY(getgrouplist_heap_after_end, tc) 374 { 375 #define BUF __stack.__buf 376 struct { 377 uint8_t padding_l; 378 gid_t * __buf; 379 uint8_t padding_r; 380 } __stack; 381 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 382 const size_t __len = 4 + 1; 383 const size_t __idx __unused = __len - 1; 384 pid_t __child; 385 int __status; 386 int intlen = (int)__len; 387 388 __child = fork(); 389 ATF_REQUIRE(__child >= 0); 390 if (__child > 0) 391 goto monitor; 392 393 /* Child */ 394 disable_coredumps(); 395 __stack.__buf = malloc(__bufsz); 396 397 getgrouplist("root", 0, __stack.__buf, &intlen); 398 _exit(EX_SOFTWARE); /* Should have aborted. */ 399 400 monitor: 401 while (waitpid(__child, &__status, 0) != __child) { 402 ATF_REQUIRE_EQ(EINTR, errno); 403 } 404 405 if (!WIFSIGNALED(__status)) { 406 switch (WEXITSTATUS(__status)) { 407 case EX_SOFTWARE: 408 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 409 break; 410 case EX_OSERR: 411 atf_tc_fail("setrlimit(2) failed"); 412 break; 413 default: 414 atf_tc_fail("child exited with status %d", 415 WEXITSTATUS(__status)); 416 } 417 } else { 418 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 419 } 420 #undef BUF 421 422 } 423 424 ATF_TC_WITHOUT_HEAD(getgroups_before_end); 425 ATF_TC_BODY(getgroups_before_end, tc) 426 { 427 #define BUF &__stack.__buf 428 struct { 429 uint8_t padding_l; 430 gid_t __buf[4]; 431 uint8_t padding_r; 432 } __stack; 433 const size_t __bufsz __unused = sizeof(__stack.__buf); 434 const size_t __len = 4 - 1; 435 const size_t __idx __unused = __len - 1; 436 437 getgroups(__len, __stack.__buf); 438 #undef BUF 439 440 } 441 442 ATF_TC_WITHOUT_HEAD(getgroups_end); 443 ATF_TC_BODY(getgroups_end, tc) 444 { 445 #define BUF &__stack.__buf 446 struct { 447 uint8_t padding_l; 448 gid_t __buf[4]; 449 uint8_t padding_r; 450 } __stack; 451 const size_t __bufsz __unused = sizeof(__stack.__buf); 452 const size_t __len = 4; 453 const size_t __idx __unused = __len - 1; 454 455 getgroups(__len, __stack.__buf); 456 #undef BUF 457 458 } 459 460 ATF_TC_WITHOUT_HEAD(getgroups_heap_before_end); 461 ATF_TC_BODY(getgroups_heap_before_end, tc) 462 { 463 #define BUF __stack.__buf 464 struct { 465 uint8_t padding_l; 466 gid_t * __buf; 467 uint8_t padding_r; 468 } __stack; 469 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 470 const size_t __len = 4 - 1; 471 const size_t __idx __unused = __len - 1; 472 473 __stack.__buf = malloc(__bufsz); 474 475 getgroups(__len, __stack.__buf); 476 #undef BUF 477 478 } 479 480 ATF_TC_WITHOUT_HEAD(getgroups_heap_end); 481 ATF_TC_BODY(getgroups_heap_end, tc) 482 { 483 #define BUF __stack.__buf 484 struct { 485 uint8_t padding_l; 486 gid_t * __buf; 487 uint8_t padding_r; 488 } __stack; 489 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 490 const size_t __len = 4; 491 const size_t __idx __unused = __len - 1; 492 493 __stack.__buf = malloc(__bufsz); 494 495 getgroups(__len, __stack.__buf); 496 #undef BUF 497 498 } 499 500 ATF_TC_WITHOUT_HEAD(getgroups_heap_after_end); 501 ATF_TC_BODY(getgroups_heap_after_end, tc) 502 { 503 #define BUF __stack.__buf 504 struct { 505 uint8_t padding_l; 506 gid_t * __buf; 507 uint8_t padding_r; 508 } __stack; 509 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 510 const size_t __len = 4 + 1; 511 const size_t __idx __unused = __len - 1; 512 pid_t __child; 513 int __status; 514 515 __child = fork(); 516 ATF_REQUIRE(__child >= 0); 517 if (__child > 0) 518 goto monitor; 519 520 /* Child */ 521 disable_coredumps(); 522 __stack.__buf = malloc(__bufsz); 523 524 getgroups(__len, __stack.__buf); 525 _exit(EX_SOFTWARE); /* Should have aborted. */ 526 527 monitor: 528 while (waitpid(__child, &__status, 0) != __child) { 529 ATF_REQUIRE_EQ(EINTR, errno); 530 } 531 532 if (!WIFSIGNALED(__status)) { 533 switch (WEXITSTATUS(__status)) { 534 case EX_SOFTWARE: 535 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 536 break; 537 case EX_OSERR: 538 atf_tc_fail("setrlimit(2) failed"); 539 break; 540 default: 541 atf_tc_fail("child exited with status %d", 542 WEXITSTATUS(__status)); 543 } 544 } else { 545 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 546 } 547 #undef BUF 548 549 } 550 551 ATF_TC_WITHOUT_HEAD(getloginclass_before_end); 552 ATF_TC_BODY(getloginclass_before_end, tc) 553 { 554 #define BUF &__stack.__buf 555 struct { 556 uint8_t padding_l; 557 unsigned char __buf[42]; 558 uint8_t padding_r; 559 } __stack; 560 const size_t __bufsz __unused = sizeof(__stack.__buf); 561 const size_t __len = 42 - 1; 562 const size_t __idx __unused = __len - 1; 563 564 getloginclass(__stack.__buf, __len); 565 #undef BUF 566 567 } 568 569 ATF_TC_WITHOUT_HEAD(getloginclass_end); 570 ATF_TC_BODY(getloginclass_end, tc) 571 { 572 #define BUF &__stack.__buf 573 struct { 574 uint8_t padding_l; 575 unsigned char __buf[42]; 576 uint8_t padding_r; 577 } __stack; 578 const size_t __bufsz __unused = sizeof(__stack.__buf); 579 const size_t __len = 42; 580 const size_t __idx __unused = __len - 1; 581 582 getloginclass(__stack.__buf, __len); 583 #undef BUF 584 585 } 586 587 ATF_TC_WITHOUT_HEAD(getloginclass_heap_before_end); 588 ATF_TC_BODY(getloginclass_heap_before_end, tc) 589 { 590 #define BUF __stack.__buf 591 struct { 592 uint8_t padding_l; 593 unsigned char * __buf; 594 uint8_t padding_r; 595 } __stack; 596 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 597 const size_t __len = 42 - 1; 598 const size_t __idx __unused = __len - 1; 599 600 __stack.__buf = malloc(__bufsz); 601 602 getloginclass(__stack.__buf, __len); 603 #undef BUF 604 605 } 606 607 ATF_TC_WITHOUT_HEAD(getloginclass_heap_end); 608 ATF_TC_BODY(getloginclass_heap_end, tc) 609 { 610 #define BUF __stack.__buf 611 struct { 612 uint8_t padding_l; 613 unsigned char * __buf; 614 uint8_t padding_r; 615 } __stack; 616 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 617 const size_t __len = 42; 618 const size_t __idx __unused = __len - 1; 619 620 __stack.__buf = malloc(__bufsz); 621 622 getloginclass(__stack.__buf, __len); 623 #undef BUF 624 625 } 626 627 ATF_TC_WITHOUT_HEAD(getloginclass_heap_after_end); 628 ATF_TC_BODY(getloginclass_heap_after_end, tc) 629 { 630 #define BUF __stack.__buf 631 struct { 632 uint8_t padding_l; 633 unsigned char * __buf; 634 uint8_t padding_r; 635 } __stack; 636 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 637 const size_t __len = 42 + 1; 638 const size_t __idx __unused = __len - 1; 639 pid_t __child; 640 int __status; 641 642 __child = fork(); 643 ATF_REQUIRE(__child >= 0); 644 if (__child > 0) 645 goto monitor; 646 647 /* Child */ 648 disable_coredumps(); 649 __stack.__buf = malloc(__bufsz); 650 651 getloginclass(__stack.__buf, __len); 652 _exit(EX_SOFTWARE); /* Should have aborted. */ 653 654 monitor: 655 while (waitpid(__child, &__status, 0) != __child) { 656 ATF_REQUIRE_EQ(EINTR, errno); 657 } 658 659 if (!WIFSIGNALED(__status)) { 660 switch (WEXITSTATUS(__status)) { 661 case EX_SOFTWARE: 662 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 663 break; 664 case EX_OSERR: 665 atf_tc_fail("setrlimit(2) failed"); 666 break; 667 default: 668 atf_tc_fail("child exited with status %d", 669 WEXITSTATUS(__status)); 670 } 671 } else { 672 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 673 } 674 #undef BUF 675 676 } 677 678 ATF_TC_WITHOUT_HEAD(pread_before_end); 679 ATF_TC_BODY(pread_before_end, tc) 680 { 681 #define BUF &__stack.__buf 682 struct { 683 uint8_t padding_l; 684 unsigned char __buf[41]; 685 uint8_t padding_r; 686 } __stack; 687 const size_t __bufsz __unused = sizeof(__stack.__buf); 688 const size_t __len = 41 - 1; 689 const size_t __idx __unused = __len - 1; 690 int fd; 691 692 fd = new_tmpfile(); /* Cannot fail */ 693 694 pread(fd, __stack.__buf, __len, 0); 695 #undef BUF 696 697 } 698 699 ATF_TC_WITHOUT_HEAD(pread_end); 700 ATF_TC_BODY(pread_end, tc) 701 { 702 #define BUF &__stack.__buf 703 struct { 704 uint8_t padding_l; 705 unsigned char __buf[41]; 706 uint8_t padding_r; 707 } __stack; 708 const size_t __bufsz __unused = sizeof(__stack.__buf); 709 const size_t __len = 41; 710 const size_t __idx __unused = __len - 1; 711 int fd; 712 713 fd = new_tmpfile(); /* Cannot fail */ 714 715 pread(fd, __stack.__buf, __len, 0); 716 #undef BUF 717 718 } 719 720 ATF_TC_WITHOUT_HEAD(pread_heap_before_end); 721 ATF_TC_BODY(pread_heap_before_end, tc) 722 { 723 #define BUF __stack.__buf 724 struct { 725 uint8_t padding_l; 726 unsigned char * __buf; 727 uint8_t padding_r; 728 } __stack; 729 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 730 const size_t __len = 41 - 1; 731 const size_t __idx __unused = __len - 1; 732 int fd; 733 734 __stack.__buf = malloc(__bufsz); 735 fd = new_tmpfile(); /* Cannot fail */ 736 737 pread(fd, __stack.__buf, __len, 0); 738 #undef BUF 739 740 } 741 742 ATF_TC_WITHOUT_HEAD(pread_heap_end); 743 ATF_TC_BODY(pread_heap_end, tc) 744 { 745 #define BUF __stack.__buf 746 struct { 747 uint8_t padding_l; 748 unsigned char * __buf; 749 uint8_t padding_r; 750 } __stack; 751 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 752 const size_t __len = 41; 753 const size_t __idx __unused = __len - 1; 754 int fd; 755 756 __stack.__buf = malloc(__bufsz); 757 fd = new_tmpfile(); /* Cannot fail */ 758 759 pread(fd, __stack.__buf, __len, 0); 760 #undef BUF 761 762 } 763 764 ATF_TC_WITHOUT_HEAD(pread_heap_after_end); 765 ATF_TC_BODY(pread_heap_after_end, tc) 766 { 767 #define BUF __stack.__buf 768 struct { 769 uint8_t padding_l; 770 unsigned char * __buf; 771 uint8_t padding_r; 772 } __stack; 773 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 774 const size_t __len = 41 + 1; 775 const size_t __idx __unused = __len - 1; 776 pid_t __child; 777 int __status; 778 int fd; 779 780 __child = fork(); 781 ATF_REQUIRE(__child >= 0); 782 if (__child > 0) 783 goto monitor; 784 785 /* Child */ 786 disable_coredumps(); 787 __stack.__buf = malloc(__bufsz); 788 fd = new_tmpfile(); /* Cannot fail */ 789 790 pread(fd, __stack.__buf, __len, 0); 791 _exit(EX_SOFTWARE); /* Should have aborted. */ 792 793 monitor: 794 while (waitpid(__child, &__status, 0) != __child) { 795 ATF_REQUIRE_EQ(EINTR, errno); 796 } 797 798 if (!WIFSIGNALED(__status)) { 799 switch (WEXITSTATUS(__status)) { 800 case EX_SOFTWARE: 801 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 802 break; 803 case EX_OSERR: 804 atf_tc_fail("setrlimit(2) failed"); 805 break; 806 default: 807 atf_tc_fail("child exited with status %d", 808 WEXITSTATUS(__status)); 809 } 810 } else { 811 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 812 } 813 #undef BUF 814 815 } 816 817 ATF_TC_WITHOUT_HEAD(read_before_end); 818 ATF_TC_BODY(read_before_end, tc) 819 { 820 #define BUF &__stack.__buf 821 struct { 822 uint8_t padding_l; 823 unsigned char __buf[41]; 824 uint8_t padding_r; 825 } __stack; 826 const size_t __bufsz __unused = sizeof(__stack.__buf); 827 const size_t __len = 41 - 1; 828 const size_t __idx __unused = __len - 1; 829 int fd; 830 831 fd = new_tmpfile(); /* Cannot fail */ 832 833 read(fd, __stack.__buf, __len); 834 #undef BUF 835 836 } 837 838 ATF_TC_WITHOUT_HEAD(read_end); 839 ATF_TC_BODY(read_end, tc) 840 { 841 #define BUF &__stack.__buf 842 struct { 843 uint8_t padding_l; 844 unsigned char __buf[41]; 845 uint8_t padding_r; 846 } __stack; 847 const size_t __bufsz __unused = sizeof(__stack.__buf); 848 const size_t __len = 41; 849 const size_t __idx __unused = __len - 1; 850 int fd; 851 852 fd = new_tmpfile(); /* Cannot fail */ 853 854 read(fd, __stack.__buf, __len); 855 #undef BUF 856 857 } 858 859 ATF_TC_WITHOUT_HEAD(read_heap_before_end); 860 ATF_TC_BODY(read_heap_before_end, tc) 861 { 862 #define BUF __stack.__buf 863 struct { 864 uint8_t padding_l; 865 unsigned char * __buf; 866 uint8_t padding_r; 867 } __stack; 868 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 869 const size_t __len = 41 - 1; 870 const size_t __idx __unused = __len - 1; 871 int fd; 872 873 __stack.__buf = malloc(__bufsz); 874 fd = new_tmpfile(); /* Cannot fail */ 875 876 read(fd, __stack.__buf, __len); 877 #undef BUF 878 879 } 880 881 ATF_TC_WITHOUT_HEAD(read_heap_end); 882 ATF_TC_BODY(read_heap_end, tc) 883 { 884 #define BUF __stack.__buf 885 struct { 886 uint8_t padding_l; 887 unsigned char * __buf; 888 uint8_t padding_r; 889 } __stack; 890 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 891 const size_t __len = 41; 892 const size_t __idx __unused = __len - 1; 893 int fd; 894 895 __stack.__buf = malloc(__bufsz); 896 fd = new_tmpfile(); /* Cannot fail */ 897 898 read(fd, __stack.__buf, __len); 899 #undef BUF 900 901 } 902 903 ATF_TC_WITHOUT_HEAD(read_heap_after_end); 904 ATF_TC_BODY(read_heap_after_end, tc) 905 { 906 #define BUF __stack.__buf 907 struct { 908 uint8_t padding_l; 909 unsigned char * __buf; 910 uint8_t padding_r; 911 } __stack; 912 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 913 const size_t __len = 41 + 1; 914 const size_t __idx __unused = __len - 1; 915 pid_t __child; 916 int __status; 917 int fd; 918 919 __child = fork(); 920 ATF_REQUIRE(__child >= 0); 921 if (__child > 0) 922 goto monitor; 923 924 /* Child */ 925 disable_coredumps(); 926 __stack.__buf = malloc(__bufsz); 927 fd = new_tmpfile(); /* Cannot fail */ 928 929 read(fd, __stack.__buf, __len); 930 _exit(EX_SOFTWARE); /* Should have aborted. */ 931 932 monitor: 933 while (waitpid(__child, &__status, 0) != __child) { 934 ATF_REQUIRE_EQ(EINTR, errno); 935 } 936 937 if (!WIFSIGNALED(__status)) { 938 switch (WEXITSTATUS(__status)) { 939 case EX_SOFTWARE: 940 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 941 break; 942 case EX_OSERR: 943 atf_tc_fail("setrlimit(2) failed"); 944 break; 945 default: 946 atf_tc_fail("child exited with status %d", 947 WEXITSTATUS(__status)); 948 } 949 } else { 950 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 951 } 952 #undef BUF 953 954 } 955 956 ATF_TC_WITHOUT_HEAD(readlink_before_end); 957 ATF_TC_BODY(readlink_before_end, tc) 958 { 959 #define BUF &__stack.__buf 960 struct { 961 uint8_t padding_l; 962 unsigned char __buf[42]; 963 uint8_t padding_r; 964 } __stack; 965 const size_t __bufsz __unused = sizeof(__stack.__buf); 966 const size_t __len = 42 - 1; 967 const size_t __idx __unused = __len - 1; 968 const char *path; 969 970 path = new_symlink(__len); /* Cannot fail */ 971 972 readlink(path, __stack.__buf, __len); 973 #undef BUF 974 975 } 976 977 ATF_TC_WITHOUT_HEAD(readlink_end); 978 ATF_TC_BODY(readlink_end, tc) 979 { 980 #define BUF &__stack.__buf 981 struct { 982 uint8_t padding_l; 983 unsigned char __buf[42]; 984 uint8_t padding_r; 985 } __stack; 986 const size_t __bufsz __unused = sizeof(__stack.__buf); 987 const size_t __len = 42; 988 const size_t __idx __unused = __len - 1; 989 const char *path; 990 991 path = new_symlink(__len); /* Cannot fail */ 992 993 readlink(path, __stack.__buf, __len); 994 #undef BUF 995 996 } 997 998 ATF_TC_WITHOUT_HEAD(readlink_heap_before_end); 999 ATF_TC_BODY(readlink_heap_before_end, tc) 1000 { 1001 #define BUF __stack.__buf 1002 struct { 1003 uint8_t padding_l; 1004 unsigned char * __buf; 1005 uint8_t padding_r; 1006 } __stack; 1007 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1008 const size_t __len = 42 - 1; 1009 const size_t __idx __unused = __len - 1; 1010 const char *path; 1011 1012 __stack.__buf = malloc(__bufsz); 1013 path = new_symlink(__len); /* Cannot fail */ 1014 1015 readlink(path, __stack.__buf, __len); 1016 #undef BUF 1017 1018 } 1019 1020 ATF_TC_WITHOUT_HEAD(readlink_heap_end); 1021 ATF_TC_BODY(readlink_heap_end, tc) 1022 { 1023 #define BUF __stack.__buf 1024 struct { 1025 uint8_t padding_l; 1026 unsigned char * __buf; 1027 uint8_t padding_r; 1028 } __stack; 1029 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1030 const size_t __len = 42; 1031 const size_t __idx __unused = __len - 1; 1032 const char *path; 1033 1034 __stack.__buf = malloc(__bufsz); 1035 path = new_symlink(__len); /* Cannot fail */ 1036 1037 readlink(path, __stack.__buf, __len); 1038 #undef BUF 1039 1040 } 1041 1042 ATF_TC_WITHOUT_HEAD(readlink_heap_after_end); 1043 ATF_TC_BODY(readlink_heap_after_end, tc) 1044 { 1045 #define BUF __stack.__buf 1046 struct { 1047 uint8_t padding_l; 1048 unsigned char * __buf; 1049 uint8_t padding_r; 1050 } __stack; 1051 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1052 const size_t __len = 42 + 1; 1053 const size_t __idx __unused = __len - 1; 1054 pid_t __child; 1055 int __status; 1056 const char *path; 1057 1058 __child = fork(); 1059 ATF_REQUIRE(__child >= 0); 1060 if (__child > 0) 1061 goto monitor; 1062 1063 /* Child */ 1064 disable_coredumps(); 1065 __stack.__buf = malloc(__bufsz); 1066 path = new_symlink(__len); /* Cannot fail */ 1067 1068 readlink(path, __stack.__buf, __len); 1069 _exit(EX_SOFTWARE); /* Should have aborted. */ 1070 1071 monitor: 1072 while (waitpid(__child, &__status, 0) != __child) { 1073 ATF_REQUIRE_EQ(EINTR, errno); 1074 } 1075 1076 if (!WIFSIGNALED(__status)) { 1077 switch (WEXITSTATUS(__status)) { 1078 case EX_SOFTWARE: 1079 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1080 break; 1081 case EX_OSERR: 1082 atf_tc_fail("setrlimit(2) failed"); 1083 break; 1084 default: 1085 atf_tc_fail("child exited with status %d", 1086 WEXITSTATUS(__status)); 1087 } 1088 } else { 1089 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1090 } 1091 #undef BUF 1092 1093 } 1094 1095 ATF_TC_WITHOUT_HEAD(readlinkat_before_end); 1096 ATF_TC_BODY(readlinkat_before_end, tc) 1097 { 1098 #define BUF &__stack.__buf 1099 struct { 1100 uint8_t padding_l; 1101 unsigned char __buf[42]; 1102 uint8_t padding_r; 1103 } __stack; 1104 const size_t __bufsz __unused = sizeof(__stack.__buf); 1105 const size_t __len = 42 - 1; 1106 const size_t __idx __unused = __len - 1; 1107 const char *path; 1108 1109 path = new_symlink(__len); /* Cannot fail */ 1110 1111 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1112 #undef BUF 1113 1114 } 1115 1116 ATF_TC_WITHOUT_HEAD(readlinkat_end); 1117 ATF_TC_BODY(readlinkat_end, tc) 1118 { 1119 #define BUF &__stack.__buf 1120 struct { 1121 uint8_t padding_l; 1122 unsigned char __buf[42]; 1123 uint8_t padding_r; 1124 } __stack; 1125 const size_t __bufsz __unused = sizeof(__stack.__buf); 1126 const size_t __len = 42; 1127 const size_t __idx __unused = __len - 1; 1128 const char *path; 1129 1130 path = new_symlink(__len); /* Cannot fail */ 1131 1132 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1133 #undef BUF 1134 1135 } 1136 1137 ATF_TC_WITHOUT_HEAD(readlinkat_heap_before_end); 1138 ATF_TC_BODY(readlinkat_heap_before_end, tc) 1139 { 1140 #define BUF __stack.__buf 1141 struct { 1142 uint8_t padding_l; 1143 unsigned char * __buf; 1144 uint8_t padding_r; 1145 } __stack; 1146 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1147 const size_t __len = 42 - 1; 1148 const size_t __idx __unused = __len - 1; 1149 const char *path; 1150 1151 __stack.__buf = malloc(__bufsz); 1152 path = new_symlink(__len); /* Cannot fail */ 1153 1154 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1155 #undef BUF 1156 1157 } 1158 1159 ATF_TC_WITHOUT_HEAD(readlinkat_heap_end); 1160 ATF_TC_BODY(readlinkat_heap_end, tc) 1161 { 1162 #define BUF __stack.__buf 1163 struct { 1164 uint8_t padding_l; 1165 unsigned char * __buf; 1166 uint8_t padding_r; 1167 } __stack; 1168 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1169 const size_t __len = 42; 1170 const size_t __idx __unused = __len - 1; 1171 const char *path; 1172 1173 __stack.__buf = malloc(__bufsz); 1174 path = new_symlink(__len); /* Cannot fail */ 1175 1176 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1177 #undef BUF 1178 1179 } 1180 1181 ATF_TC_WITHOUT_HEAD(readlinkat_heap_after_end); 1182 ATF_TC_BODY(readlinkat_heap_after_end, tc) 1183 { 1184 #define BUF __stack.__buf 1185 struct { 1186 uint8_t padding_l; 1187 unsigned char * __buf; 1188 uint8_t padding_r; 1189 } __stack; 1190 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1191 const size_t __len = 42 + 1; 1192 const size_t __idx __unused = __len - 1; 1193 pid_t __child; 1194 int __status; 1195 const char *path; 1196 1197 __child = fork(); 1198 ATF_REQUIRE(__child >= 0); 1199 if (__child > 0) 1200 goto monitor; 1201 1202 /* Child */ 1203 disable_coredumps(); 1204 __stack.__buf = malloc(__bufsz); 1205 path = new_symlink(__len); /* Cannot fail */ 1206 1207 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1208 _exit(EX_SOFTWARE); /* Should have aborted. */ 1209 1210 monitor: 1211 while (waitpid(__child, &__status, 0) != __child) { 1212 ATF_REQUIRE_EQ(EINTR, errno); 1213 } 1214 1215 if (!WIFSIGNALED(__status)) { 1216 switch (WEXITSTATUS(__status)) { 1217 case EX_SOFTWARE: 1218 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1219 break; 1220 case EX_OSERR: 1221 atf_tc_fail("setrlimit(2) failed"); 1222 break; 1223 default: 1224 atf_tc_fail("child exited with status %d", 1225 WEXITSTATUS(__status)); 1226 } 1227 } else { 1228 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1229 } 1230 #undef BUF 1231 1232 } 1233 1234 ATF_TC_WITHOUT_HEAD(getdomainname_before_end); 1235 ATF_TC_BODY(getdomainname_before_end, tc) 1236 { 1237 #define BUF &__stack.__buf 1238 struct { 1239 uint8_t padding_l; 1240 unsigned char __buf[4]; 1241 uint8_t padding_r; 1242 } __stack; 1243 const size_t __bufsz __unused = sizeof(__stack.__buf); 1244 const size_t __len = 4 - 1; 1245 const size_t __idx __unused = __len - 1; 1246 char sysdomain[256]; 1247 1248 (void)getdomainname(sysdomain, __len); 1249 if (strlen(sysdomain) <= __len) 1250 atf_tc_skip("domain name too short for testing"); 1251 1252 getdomainname(__stack.__buf, __len); 1253 #undef BUF 1254 1255 } 1256 1257 ATF_TC_WITHOUT_HEAD(getdomainname_end); 1258 ATF_TC_BODY(getdomainname_end, tc) 1259 { 1260 #define BUF &__stack.__buf 1261 struct { 1262 uint8_t padding_l; 1263 unsigned char __buf[4]; 1264 uint8_t padding_r; 1265 } __stack; 1266 const size_t __bufsz __unused = sizeof(__stack.__buf); 1267 const size_t __len = 4; 1268 const size_t __idx __unused = __len - 1; 1269 char sysdomain[256]; 1270 1271 (void)getdomainname(sysdomain, __len); 1272 if (strlen(sysdomain) <= __len) 1273 atf_tc_skip("domain name too short for testing"); 1274 1275 getdomainname(__stack.__buf, __len); 1276 #undef BUF 1277 1278 } 1279 1280 ATF_TC_WITHOUT_HEAD(getdomainname_heap_before_end); 1281 ATF_TC_BODY(getdomainname_heap_before_end, tc) 1282 { 1283 #define BUF __stack.__buf 1284 struct { 1285 uint8_t padding_l; 1286 unsigned char * __buf; 1287 uint8_t padding_r; 1288 } __stack; 1289 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1290 const size_t __len = 4 - 1; 1291 const size_t __idx __unused = __len - 1; 1292 char sysdomain[256]; 1293 1294 (void)getdomainname(sysdomain, __len); 1295 if (strlen(sysdomain) <= __len) 1296 atf_tc_skip("domain name too short for testing"); 1297 1298 __stack.__buf = malloc(__bufsz); 1299 1300 getdomainname(__stack.__buf, __len); 1301 #undef BUF 1302 1303 } 1304 1305 ATF_TC_WITHOUT_HEAD(getdomainname_heap_end); 1306 ATF_TC_BODY(getdomainname_heap_end, tc) 1307 { 1308 #define BUF __stack.__buf 1309 struct { 1310 uint8_t padding_l; 1311 unsigned char * __buf; 1312 uint8_t padding_r; 1313 } __stack; 1314 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1315 const size_t __len = 4; 1316 const size_t __idx __unused = __len - 1; 1317 char sysdomain[256]; 1318 1319 (void)getdomainname(sysdomain, __len); 1320 if (strlen(sysdomain) <= __len) 1321 atf_tc_skip("domain name too short for testing"); 1322 1323 __stack.__buf = malloc(__bufsz); 1324 1325 getdomainname(__stack.__buf, __len); 1326 #undef BUF 1327 1328 } 1329 1330 ATF_TC_WITHOUT_HEAD(getdomainname_heap_after_end); 1331 ATF_TC_BODY(getdomainname_heap_after_end, tc) 1332 { 1333 #define BUF __stack.__buf 1334 struct { 1335 uint8_t padding_l; 1336 unsigned char * __buf; 1337 uint8_t padding_r; 1338 } __stack; 1339 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1340 const size_t __len = 4 + 1; 1341 const size_t __idx __unused = __len - 1; 1342 pid_t __child; 1343 int __status; 1344 char sysdomain[256]; 1345 1346 (void)getdomainname(sysdomain, __len); 1347 if (strlen(sysdomain) <= __len) 1348 atf_tc_skip("domain name too short for testing"); 1349 1350 __child = fork(); 1351 ATF_REQUIRE(__child >= 0); 1352 if (__child > 0) 1353 goto monitor; 1354 1355 /* Child */ 1356 disable_coredumps(); 1357 __stack.__buf = malloc(__bufsz); 1358 1359 getdomainname(__stack.__buf, __len); 1360 _exit(EX_SOFTWARE); /* Should have aborted. */ 1361 1362 monitor: 1363 while (waitpid(__child, &__status, 0) != __child) { 1364 ATF_REQUIRE_EQ(EINTR, errno); 1365 } 1366 1367 if (!WIFSIGNALED(__status)) { 1368 switch (WEXITSTATUS(__status)) { 1369 case EX_SOFTWARE: 1370 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1371 break; 1372 case EX_OSERR: 1373 atf_tc_fail("setrlimit(2) failed"); 1374 break; 1375 default: 1376 atf_tc_fail("child exited with status %d", 1377 WEXITSTATUS(__status)); 1378 } 1379 } else { 1380 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1381 } 1382 #undef BUF 1383 1384 } 1385 1386 ATF_TC_WITHOUT_HEAD(getentropy_before_end); 1387 ATF_TC_BODY(getentropy_before_end, tc) 1388 { 1389 #define BUF &__stack.__buf 1390 struct { 1391 uint8_t padding_l; 1392 unsigned char __buf[42]; 1393 uint8_t padding_r; 1394 } __stack; 1395 const size_t __bufsz __unused = sizeof(__stack.__buf); 1396 const size_t __len = 42 - 1; 1397 const size_t __idx __unused = __len - 1; 1398 1399 getentropy(__stack.__buf, __len); 1400 #undef BUF 1401 1402 } 1403 1404 ATF_TC_WITHOUT_HEAD(getentropy_end); 1405 ATF_TC_BODY(getentropy_end, tc) 1406 { 1407 #define BUF &__stack.__buf 1408 struct { 1409 uint8_t padding_l; 1410 unsigned char __buf[42]; 1411 uint8_t padding_r; 1412 } __stack; 1413 const size_t __bufsz __unused = sizeof(__stack.__buf); 1414 const size_t __len = 42; 1415 const size_t __idx __unused = __len - 1; 1416 1417 getentropy(__stack.__buf, __len); 1418 #undef BUF 1419 1420 } 1421 1422 ATF_TC_WITHOUT_HEAD(getentropy_heap_before_end); 1423 ATF_TC_BODY(getentropy_heap_before_end, tc) 1424 { 1425 #define BUF __stack.__buf 1426 struct { 1427 uint8_t padding_l; 1428 unsigned char * __buf; 1429 uint8_t padding_r; 1430 } __stack; 1431 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1432 const size_t __len = 42 - 1; 1433 const size_t __idx __unused = __len - 1; 1434 1435 __stack.__buf = malloc(__bufsz); 1436 1437 getentropy(__stack.__buf, __len); 1438 #undef BUF 1439 1440 } 1441 1442 ATF_TC_WITHOUT_HEAD(getentropy_heap_end); 1443 ATF_TC_BODY(getentropy_heap_end, tc) 1444 { 1445 #define BUF __stack.__buf 1446 struct { 1447 uint8_t padding_l; 1448 unsigned char * __buf; 1449 uint8_t padding_r; 1450 } __stack; 1451 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1452 const size_t __len = 42; 1453 const size_t __idx __unused = __len - 1; 1454 1455 __stack.__buf = malloc(__bufsz); 1456 1457 getentropy(__stack.__buf, __len); 1458 #undef BUF 1459 1460 } 1461 1462 ATF_TC_WITHOUT_HEAD(getentropy_heap_after_end); 1463 ATF_TC_BODY(getentropy_heap_after_end, tc) 1464 { 1465 #define BUF __stack.__buf 1466 struct { 1467 uint8_t padding_l; 1468 unsigned char * __buf; 1469 uint8_t padding_r; 1470 } __stack; 1471 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1472 const size_t __len = 42 + 1; 1473 const size_t __idx __unused = __len - 1; 1474 pid_t __child; 1475 int __status; 1476 1477 __child = fork(); 1478 ATF_REQUIRE(__child >= 0); 1479 if (__child > 0) 1480 goto monitor; 1481 1482 /* Child */ 1483 disable_coredumps(); 1484 __stack.__buf = malloc(__bufsz); 1485 1486 getentropy(__stack.__buf, __len); 1487 _exit(EX_SOFTWARE); /* Should have aborted. */ 1488 1489 monitor: 1490 while (waitpid(__child, &__status, 0) != __child) { 1491 ATF_REQUIRE_EQ(EINTR, errno); 1492 } 1493 1494 if (!WIFSIGNALED(__status)) { 1495 switch (WEXITSTATUS(__status)) { 1496 case EX_SOFTWARE: 1497 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1498 break; 1499 case EX_OSERR: 1500 atf_tc_fail("setrlimit(2) failed"); 1501 break; 1502 default: 1503 atf_tc_fail("child exited with status %d", 1504 WEXITSTATUS(__status)); 1505 } 1506 } else { 1507 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1508 } 1509 #undef BUF 1510 1511 } 1512 1513 ATF_TC_WITHOUT_HEAD(gethostname_before_end); 1514 ATF_TC_BODY(gethostname_before_end, tc) 1515 { 1516 #define BUF &__stack.__buf 1517 struct { 1518 uint8_t padding_l; 1519 unsigned char __buf[4]; 1520 uint8_t padding_r; 1521 } __stack; 1522 const size_t __bufsz __unused = sizeof(__stack.__buf); 1523 const size_t __len = 4 - 1; 1524 const size_t __idx __unused = __len - 1; 1525 char syshost[256]; 1526 int error; 1527 1528 error = gethostname(syshost, __len); 1529 if (error != 0 || strlen(syshost) <= __len) 1530 atf_tc_skip("hostname too short for testing"); 1531 1532 gethostname(__stack.__buf, __len); 1533 #undef BUF 1534 1535 } 1536 1537 ATF_TC_WITHOUT_HEAD(gethostname_end); 1538 ATF_TC_BODY(gethostname_end, tc) 1539 { 1540 #define BUF &__stack.__buf 1541 struct { 1542 uint8_t padding_l; 1543 unsigned char __buf[4]; 1544 uint8_t padding_r; 1545 } __stack; 1546 const size_t __bufsz __unused = sizeof(__stack.__buf); 1547 const size_t __len = 4; 1548 const size_t __idx __unused = __len - 1; 1549 char syshost[256]; 1550 int error; 1551 1552 error = gethostname(syshost, __len); 1553 if (error != 0 || strlen(syshost) <= __len) 1554 atf_tc_skip("hostname too short for testing"); 1555 1556 gethostname(__stack.__buf, __len); 1557 #undef BUF 1558 1559 } 1560 1561 ATF_TC_WITHOUT_HEAD(gethostname_heap_before_end); 1562 ATF_TC_BODY(gethostname_heap_before_end, tc) 1563 { 1564 #define BUF __stack.__buf 1565 struct { 1566 uint8_t padding_l; 1567 unsigned char * __buf; 1568 uint8_t padding_r; 1569 } __stack; 1570 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1571 const size_t __len = 4 - 1; 1572 const size_t __idx __unused = __len - 1; 1573 char syshost[256]; 1574 int error; 1575 1576 error = gethostname(syshost, __len); 1577 if (error != 0 || strlen(syshost) <= __len) 1578 atf_tc_skip("hostname too short for testing"); 1579 1580 __stack.__buf = malloc(__bufsz); 1581 1582 gethostname(__stack.__buf, __len); 1583 #undef BUF 1584 1585 } 1586 1587 ATF_TC_WITHOUT_HEAD(gethostname_heap_end); 1588 ATF_TC_BODY(gethostname_heap_end, tc) 1589 { 1590 #define BUF __stack.__buf 1591 struct { 1592 uint8_t padding_l; 1593 unsigned char * __buf; 1594 uint8_t padding_r; 1595 } __stack; 1596 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1597 const size_t __len = 4; 1598 const size_t __idx __unused = __len - 1; 1599 char syshost[256]; 1600 int error; 1601 1602 error = gethostname(syshost, __len); 1603 if (error != 0 || strlen(syshost) <= __len) 1604 atf_tc_skip("hostname too short for testing"); 1605 1606 __stack.__buf = malloc(__bufsz); 1607 1608 gethostname(__stack.__buf, __len); 1609 #undef BUF 1610 1611 } 1612 1613 ATF_TC_WITHOUT_HEAD(gethostname_heap_after_end); 1614 ATF_TC_BODY(gethostname_heap_after_end, tc) 1615 { 1616 #define BUF __stack.__buf 1617 struct { 1618 uint8_t padding_l; 1619 unsigned char * __buf; 1620 uint8_t padding_r; 1621 } __stack; 1622 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1623 const size_t __len = 4 + 1; 1624 const size_t __idx __unused = __len - 1; 1625 pid_t __child; 1626 int __status; 1627 char syshost[256]; 1628 int error; 1629 1630 error = gethostname(syshost, __len); 1631 if (error != 0 || strlen(syshost) <= __len) 1632 atf_tc_skip("hostname too short for testing"); 1633 1634 __child = fork(); 1635 ATF_REQUIRE(__child >= 0); 1636 if (__child > 0) 1637 goto monitor; 1638 1639 /* Child */ 1640 disable_coredumps(); 1641 __stack.__buf = malloc(__bufsz); 1642 1643 gethostname(__stack.__buf, __len); 1644 _exit(EX_SOFTWARE); /* Should have aborted. */ 1645 1646 monitor: 1647 while (waitpid(__child, &__status, 0) != __child) { 1648 ATF_REQUIRE_EQ(EINTR, errno); 1649 } 1650 1651 if (!WIFSIGNALED(__status)) { 1652 switch (WEXITSTATUS(__status)) { 1653 case EX_SOFTWARE: 1654 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1655 break; 1656 case EX_OSERR: 1657 atf_tc_fail("setrlimit(2) failed"); 1658 break; 1659 default: 1660 atf_tc_fail("child exited with status %d", 1661 WEXITSTATUS(__status)); 1662 } 1663 } else { 1664 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1665 } 1666 #undef BUF 1667 1668 } 1669 1670 ATF_TC_WITHOUT_HEAD(getlogin_r_before_end); 1671 ATF_TC_BODY(getlogin_r_before_end, tc) 1672 { 1673 #define BUF &__stack.__buf 1674 struct { 1675 uint8_t padding_l; 1676 unsigned char __buf[MAXLOGNAME + 1]; 1677 uint8_t padding_r; 1678 } __stack; 1679 const size_t __bufsz __unused = sizeof(__stack.__buf); 1680 const size_t __len = MAXLOGNAME + 1 - 1; 1681 const size_t __idx __unused = __len - 1; 1682 1683 getlogin_r(__stack.__buf, __len); 1684 #undef BUF 1685 1686 } 1687 1688 ATF_TC_WITHOUT_HEAD(getlogin_r_end); 1689 ATF_TC_BODY(getlogin_r_end, tc) 1690 { 1691 #define BUF &__stack.__buf 1692 struct { 1693 uint8_t padding_l; 1694 unsigned char __buf[MAXLOGNAME + 1]; 1695 uint8_t padding_r; 1696 } __stack; 1697 const size_t __bufsz __unused = sizeof(__stack.__buf); 1698 const size_t __len = MAXLOGNAME + 1; 1699 const size_t __idx __unused = __len - 1; 1700 1701 getlogin_r(__stack.__buf, __len); 1702 #undef BUF 1703 1704 } 1705 1706 ATF_TC_WITHOUT_HEAD(getlogin_r_heap_before_end); 1707 ATF_TC_BODY(getlogin_r_heap_before_end, tc) 1708 { 1709 #define BUF __stack.__buf 1710 struct { 1711 uint8_t padding_l; 1712 unsigned char * __buf; 1713 uint8_t padding_r; 1714 } __stack; 1715 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (MAXLOGNAME + 1); 1716 const size_t __len = MAXLOGNAME + 1 - 1; 1717 const size_t __idx __unused = __len - 1; 1718 1719 __stack.__buf = malloc(__bufsz); 1720 1721 getlogin_r(__stack.__buf, __len); 1722 #undef BUF 1723 1724 } 1725 1726 ATF_TC_WITHOUT_HEAD(getlogin_r_heap_end); 1727 ATF_TC_BODY(getlogin_r_heap_end, tc) 1728 { 1729 #define BUF __stack.__buf 1730 struct { 1731 uint8_t padding_l; 1732 unsigned char * __buf; 1733 uint8_t padding_r; 1734 } __stack; 1735 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (MAXLOGNAME + 1); 1736 const size_t __len = MAXLOGNAME + 1; 1737 const size_t __idx __unused = __len - 1; 1738 1739 __stack.__buf = malloc(__bufsz); 1740 1741 getlogin_r(__stack.__buf, __len); 1742 #undef BUF 1743 1744 } 1745 1746 ATF_TC_WITHOUT_HEAD(getlogin_r_heap_after_end); 1747 ATF_TC_BODY(getlogin_r_heap_after_end, tc) 1748 { 1749 #define BUF __stack.__buf 1750 struct { 1751 uint8_t padding_l; 1752 unsigned char * __buf; 1753 uint8_t padding_r; 1754 } __stack; 1755 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (MAXLOGNAME + 1); 1756 const size_t __len = MAXLOGNAME + 1 + 1; 1757 const size_t __idx __unused = __len - 1; 1758 pid_t __child; 1759 int __status; 1760 1761 __child = fork(); 1762 ATF_REQUIRE(__child >= 0); 1763 if (__child > 0) 1764 goto monitor; 1765 1766 /* Child */ 1767 disable_coredumps(); 1768 __stack.__buf = malloc(__bufsz); 1769 1770 getlogin_r(__stack.__buf, __len); 1771 _exit(EX_SOFTWARE); /* Should have aborted. */ 1772 1773 monitor: 1774 while (waitpid(__child, &__status, 0) != __child) { 1775 ATF_REQUIRE_EQ(EINTR, errno); 1776 } 1777 1778 if (!WIFSIGNALED(__status)) { 1779 switch (WEXITSTATUS(__status)) { 1780 case EX_SOFTWARE: 1781 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1782 break; 1783 case EX_OSERR: 1784 atf_tc_fail("setrlimit(2) failed"); 1785 break; 1786 default: 1787 atf_tc_fail("child exited with status %d", 1788 WEXITSTATUS(__status)); 1789 } 1790 } else { 1791 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1792 } 1793 #undef BUF 1794 1795 } 1796 1797 ATF_TC_WITHOUT_HEAD(ttyname_r_before_end); 1798 ATF_TC_BODY(ttyname_r_before_end, tc) 1799 { 1800 #define BUF &__stack.__buf 1801 struct { 1802 uint8_t padding_l; 1803 unsigned char __buf[42]; 1804 uint8_t padding_r; 1805 } __stack; 1806 const size_t __bufsz __unused = sizeof(__stack.__buf); 1807 const size_t __len = 42 - 1; 1808 const size_t __idx __unused = __len - 1; 1809 int fd; 1810 1811 fd = STDIN_FILENO; 1812 if (!isatty(fd)) 1813 atf_tc_skip("stdin is not an fd"); 1814 1815 ttyname_r(fd, __stack.__buf, __len); 1816 #undef BUF 1817 1818 } 1819 1820 ATF_TC_WITHOUT_HEAD(ttyname_r_end); 1821 ATF_TC_BODY(ttyname_r_end, tc) 1822 { 1823 #define BUF &__stack.__buf 1824 struct { 1825 uint8_t padding_l; 1826 unsigned char __buf[42]; 1827 uint8_t padding_r; 1828 } __stack; 1829 const size_t __bufsz __unused = sizeof(__stack.__buf); 1830 const size_t __len = 42; 1831 const size_t __idx __unused = __len - 1; 1832 int fd; 1833 1834 fd = STDIN_FILENO; 1835 if (!isatty(fd)) 1836 atf_tc_skip("stdin is not an fd"); 1837 1838 ttyname_r(fd, __stack.__buf, __len); 1839 #undef BUF 1840 1841 } 1842 1843 ATF_TC_WITHOUT_HEAD(ttyname_r_heap_before_end); 1844 ATF_TC_BODY(ttyname_r_heap_before_end, tc) 1845 { 1846 #define BUF __stack.__buf 1847 struct { 1848 uint8_t padding_l; 1849 unsigned char * __buf; 1850 uint8_t padding_r; 1851 } __stack; 1852 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1853 const size_t __len = 42 - 1; 1854 const size_t __idx __unused = __len - 1; 1855 int fd; 1856 1857 fd = STDIN_FILENO; 1858 if (!isatty(fd)) 1859 atf_tc_skip("stdin is not an fd"); 1860 1861 __stack.__buf = malloc(__bufsz); 1862 1863 ttyname_r(fd, __stack.__buf, __len); 1864 #undef BUF 1865 1866 } 1867 1868 ATF_TC_WITHOUT_HEAD(ttyname_r_heap_end); 1869 ATF_TC_BODY(ttyname_r_heap_end, tc) 1870 { 1871 #define BUF __stack.__buf 1872 struct { 1873 uint8_t padding_l; 1874 unsigned char * __buf; 1875 uint8_t padding_r; 1876 } __stack; 1877 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1878 const size_t __len = 42; 1879 const size_t __idx __unused = __len - 1; 1880 int fd; 1881 1882 fd = STDIN_FILENO; 1883 if (!isatty(fd)) 1884 atf_tc_skip("stdin is not an fd"); 1885 1886 __stack.__buf = malloc(__bufsz); 1887 1888 ttyname_r(fd, __stack.__buf, __len); 1889 #undef BUF 1890 1891 } 1892 1893 ATF_TC_WITHOUT_HEAD(ttyname_r_heap_after_end); 1894 ATF_TC_BODY(ttyname_r_heap_after_end, tc) 1895 { 1896 #define BUF __stack.__buf 1897 struct { 1898 uint8_t padding_l; 1899 unsigned char * __buf; 1900 uint8_t padding_r; 1901 } __stack; 1902 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1903 const size_t __len = 42 + 1; 1904 const size_t __idx __unused = __len - 1; 1905 pid_t __child; 1906 int __status; 1907 int fd; 1908 1909 fd = STDIN_FILENO; 1910 if (!isatty(fd)) 1911 atf_tc_skip("stdin is not an fd"); 1912 1913 __child = fork(); 1914 ATF_REQUIRE(__child >= 0); 1915 if (__child > 0) 1916 goto monitor; 1917 1918 /* Child */ 1919 disable_coredumps(); 1920 __stack.__buf = malloc(__bufsz); 1921 1922 ttyname_r(fd, __stack.__buf, __len); 1923 _exit(EX_SOFTWARE); /* Should have aborted. */ 1924 1925 monitor: 1926 while (waitpid(__child, &__status, 0) != __child) { 1927 ATF_REQUIRE_EQ(EINTR, errno); 1928 } 1929 1930 if (!WIFSIGNALED(__status)) { 1931 switch (WEXITSTATUS(__status)) { 1932 case EX_SOFTWARE: 1933 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1934 break; 1935 case EX_OSERR: 1936 atf_tc_fail("setrlimit(2) failed"); 1937 break; 1938 default: 1939 atf_tc_fail("child exited with status %d", 1940 WEXITSTATUS(__status)); 1941 } 1942 } else { 1943 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1944 } 1945 #undef BUF 1946 1947 } 1948 1949 ATF_TP_ADD_TCS(tp) 1950 { 1951 ATF_TP_ADD_TC(tp, getcwd_before_end); 1952 ATF_TP_ADD_TC(tp, getcwd_end); 1953 ATF_TP_ADD_TC(tp, getcwd_heap_before_end); 1954 ATF_TP_ADD_TC(tp, getcwd_heap_end); 1955 ATF_TP_ADD_TC(tp, getcwd_heap_after_end); 1956 ATF_TP_ADD_TC(tp, getgrouplist_before_end); 1957 ATF_TP_ADD_TC(tp, getgrouplist_end); 1958 ATF_TP_ADD_TC(tp, getgrouplist_heap_before_end); 1959 ATF_TP_ADD_TC(tp, getgrouplist_heap_end); 1960 ATF_TP_ADD_TC(tp, getgrouplist_heap_after_end); 1961 ATF_TP_ADD_TC(tp, getgroups_before_end); 1962 ATF_TP_ADD_TC(tp, getgroups_end); 1963 ATF_TP_ADD_TC(tp, getgroups_heap_before_end); 1964 ATF_TP_ADD_TC(tp, getgroups_heap_end); 1965 ATF_TP_ADD_TC(tp, getgroups_heap_after_end); 1966 ATF_TP_ADD_TC(tp, getloginclass_before_end); 1967 ATF_TP_ADD_TC(tp, getloginclass_end); 1968 ATF_TP_ADD_TC(tp, getloginclass_heap_before_end); 1969 ATF_TP_ADD_TC(tp, getloginclass_heap_end); 1970 ATF_TP_ADD_TC(tp, getloginclass_heap_after_end); 1971 ATF_TP_ADD_TC(tp, pread_before_end); 1972 ATF_TP_ADD_TC(tp, pread_end); 1973 ATF_TP_ADD_TC(tp, pread_heap_before_end); 1974 ATF_TP_ADD_TC(tp, pread_heap_end); 1975 ATF_TP_ADD_TC(tp, pread_heap_after_end); 1976 ATF_TP_ADD_TC(tp, read_before_end); 1977 ATF_TP_ADD_TC(tp, read_end); 1978 ATF_TP_ADD_TC(tp, read_heap_before_end); 1979 ATF_TP_ADD_TC(tp, read_heap_end); 1980 ATF_TP_ADD_TC(tp, read_heap_after_end); 1981 ATF_TP_ADD_TC(tp, readlink_before_end); 1982 ATF_TP_ADD_TC(tp, readlink_end); 1983 ATF_TP_ADD_TC(tp, readlink_heap_before_end); 1984 ATF_TP_ADD_TC(tp, readlink_heap_end); 1985 ATF_TP_ADD_TC(tp, readlink_heap_after_end); 1986 ATF_TP_ADD_TC(tp, readlinkat_before_end); 1987 ATF_TP_ADD_TC(tp, readlinkat_end); 1988 ATF_TP_ADD_TC(tp, readlinkat_heap_before_end); 1989 ATF_TP_ADD_TC(tp, readlinkat_heap_end); 1990 ATF_TP_ADD_TC(tp, readlinkat_heap_after_end); 1991 ATF_TP_ADD_TC(tp, getdomainname_before_end); 1992 ATF_TP_ADD_TC(tp, getdomainname_end); 1993 ATF_TP_ADD_TC(tp, getdomainname_heap_before_end); 1994 ATF_TP_ADD_TC(tp, getdomainname_heap_end); 1995 ATF_TP_ADD_TC(tp, getdomainname_heap_after_end); 1996 ATF_TP_ADD_TC(tp, getentropy_before_end); 1997 ATF_TP_ADD_TC(tp, getentropy_end); 1998 ATF_TP_ADD_TC(tp, getentropy_heap_before_end); 1999 ATF_TP_ADD_TC(tp, getentropy_heap_end); 2000 ATF_TP_ADD_TC(tp, getentropy_heap_after_end); 2001 ATF_TP_ADD_TC(tp, gethostname_before_end); 2002 ATF_TP_ADD_TC(tp, gethostname_end); 2003 ATF_TP_ADD_TC(tp, gethostname_heap_before_end); 2004 ATF_TP_ADD_TC(tp, gethostname_heap_end); 2005 ATF_TP_ADD_TC(tp, gethostname_heap_after_end); 2006 ATF_TP_ADD_TC(tp, getlogin_r_before_end); 2007 ATF_TP_ADD_TC(tp, getlogin_r_end); 2008 ATF_TP_ADD_TC(tp, getlogin_r_heap_before_end); 2009 ATF_TP_ADD_TC(tp, getlogin_r_heap_end); 2010 ATF_TP_ADD_TC(tp, getlogin_r_heap_after_end); 2011 ATF_TP_ADD_TC(tp, ttyname_r_before_end); 2012 ATF_TP_ADD_TC(tp, ttyname_r_end); 2013 ATF_TP_ADD_TC(tp, ttyname_r_heap_before_end); 2014 ATF_TP_ADD_TC(tp, ttyname_r_heap_end); 2015 ATF_TP_ADD_TC(tp, ttyname_r_heap_after_end); 2016 return (atf_no_error()); 2017 } 2018