1 /* @generated by `generate-fortify-tests.lua "unistd"` */ 2 3 #define _FORTIFY_SOURCE 2 4 #define TMPFILE_SIZE (1024 * 32) 5 6 #include <sys/param.h> 7 #include <sys/resource.h> 8 #include <sys/time.h> 9 #include <sys/wait.h> 10 #include <dirent.h> 11 #include <errno.h> 12 #include <fcntl.h> 13 #include <limits.h> 14 #include <poll.h> 15 #include <signal.h> 16 #include <stdio.h> 17 #include <stdlib.h> 18 #include <string.h> 19 #include <strings.h> 20 #include <sysexits.h> 21 #include <unistd.h> 22 #include <atf-c.h> 23 24 static FILE * __unused 25 new_fp(size_t __len) 26 { 27 static char fpbuf[LINE_MAX]; 28 FILE *fp; 29 30 ATF_REQUIRE(__len <= sizeof(fpbuf)); 31 32 memset(fpbuf, 'A', sizeof(fpbuf) - 1); 33 fpbuf[sizeof(fpbuf) - 1] = '\0'; 34 35 fp = fmemopen(fpbuf, sizeof(fpbuf), "rb"); 36 ATF_REQUIRE(fp != NULL); 37 38 return (fp); 39 } 40 41 /* 42 * Create a new symlink to use for readlink(2) style tests, we'll just use a 43 * random target name to have something interesting to look at. 44 */ 45 static const char * __unused 46 new_symlink(size_t __len) 47 { 48 static const char linkname[] = "link"; 49 char target[MAXNAMLEN]; 50 int error; 51 52 ATF_REQUIRE(__len <= sizeof(target)); 53 54 arc4random_buf(target, sizeof(target)); 55 56 error = unlink(linkname); 57 ATF_REQUIRE(error == 0 || errno == ENOENT); 58 59 error = symlink(target, linkname); 60 ATF_REQUIRE(error == 0); 61 62 return (linkname); 63 } 64 65 /* 66 * Constructs a tmpfile that we can use for testing read(2) and friends. 67 */ 68 static int __unused 69 new_tmpfile(void) 70 { 71 char buf[1024]; 72 ssize_t rv; 73 size_t written; 74 int fd; 75 76 fd = open("tmpfile", O_RDWR | O_CREAT | O_TRUNC, 0644); 77 ATF_REQUIRE(fd >= 0); 78 79 written = 0; 80 while (written < TMPFILE_SIZE) { 81 rv = write(fd, buf, sizeof(buf)); 82 ATF_REQUIRE(rv > 0); 83 84 written += rv; 85 } 86 87 ATF_REQUIRE_EQ(0, lseek(fd, 0, SEEK_SET)); 88 return (fd); 89 } 90 91 static void 92 disable_coredumps(void) 93 { 94 struct rlimit rl = { 0 }; 95 96 if (setrlimit(RLIMIT_CORE, &rl) == -1) 97 _exit(EX_OSERR); 98 } 99 100 /* 101 * Replaces stdin with a file that we can actually read from, for tests where 102 * we want a FILE * or fd that we can get data from. 103 */ 104 static void __unused 105 replace_stdin(void) 106 { 107 int fd; 108 109 fd = new_tmpfile(); 110 111 (void)dup2(fd, STDIN_FILENO); 112 if (fd != STDIN_FILENO) 113 close(fd); 114 } 115 116 ATF_TC_WITHOUT_HEAD(getcwd_before_end); 117 ATF_TC_BODY(getcwd_before_end, tc) 118 { 119 #define BUF &__stack.__buf 120 struct { 121 uint8_t padding_l; 122 unsigned char __buf[8]; 123 uint8_t padding_r; 124 } __stack; 125 const size_t __bufsz __unused = sizeof(__stack.__buf); 126 const size_t __len = 8 - 1; 127 const size_t __idx __unused = __len - 1; 128 129 getcwd(__stack.__buf, __len); 130 #undef BUF 131 132 } 133 134 ATF_TC_WITHOUT_HEAD(getcwd_end); 135 ATF_TC_BODY(getcwd_end, tc) 136 { 137 #define BUF &__stack.__buf 138 struct { 139 uint8_t padding_l; 140 unsigned char __buf[8]; 141 uint8_t padding_r; 142 } __stack; 143 const size_t __bufsz __unused = sizeof(__stack.__buf); 144 const size_t __len = 8; 145 const size_t __idx __unused = __len - 1; 146 147 getcwd(__stack.__buf, __len); 148 #undef BUF 149 150 } 151 152 ATF_TC_WITHOUT_HEAD(getcwd_heap_before_end); 153 ATF_TC_BODY(getcwd_heap_before_end, tc) 154 { 155 #define BUF __stack.__buf 156 struct { 157 uint8_t padding_l; 158 unsigned char * __buf; 159 uint8_t padding_r; 160 } __stack; 161 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (8); 162 const size_t __len = 8 - 1; 163 const size_t __idx __unused = __len - 1; 164 165 __stack.__buf = malloc(__bufsz); 166 167 getcwd(__stack.__buf, __len); 168 #undef BUF 169 170 } 171 172 ATF_TC_WITHOUT_HEAD(getcwd_heap_end); 173 ATF_TC_BODY(getcwd_heap_end, tc) 174 { 175 #define BUF __stack.__buf 176 struct { 177 uint8_t padding_l; 178 unsigned char * __buf; 179 uint8_t padding_r; 180 } __stack; 181 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (8); 182 const size_t __len = 8; 183 const size_t __idx __unused = __len - 1; 184 185 __stack.__buf = malloc(__bufsz); 186 187 getcwd(__stack.__buf, __len); 188 #undef BUF 189 190 } 191 192 ATF_TC_WITHOUT_HEAD(getcwd_heap_after_end); 193 ATF_TC_BODY(getcwd_heap_after_end, tc) 194 { 195 #define BUF __stack.__buf 196 struct { 197 uint8_t padding_l; 198 unsigned char * __buf; 199 uint8_t padding_r; 200 } __stack; 201 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (8); 202 const size_t __len = 8 + 1; 203 const size_t __idx __unused = __len - 1; 204 pid_t __child; 205 int __status; 206 207 __child = fork(); 208 ATF_REQUIRE(__child >= 0); 209 if (__child > 0) 210 goto monitor; 211 212 /* Child */ 213 disable_coredumps(); 214 __stack.__buf = malloc(__bufsz); 215 216 getcwd(__stack.__buf, __len); 217 _exit(EX_SOFTWARE); /* Should have aborted. */ 218 219 monitor: 220 while (waitpid(__child, &__status, 0) != __child) { 221 ATF_REQUIRE_EQ(EINTR, errno); 222 } 223 224 if (!WIFSIGNALED(__status)) { 225 switch (WEXITSTATUS(__status)) { 226 case EX_SOFTWARE: 227 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 228 break; 229 case EX_OSERR: 230 atf_tc_fail("setrlimit(2) failed"); 231 break; 232 default: 233 atf_tc_fail("child exited with status %d", 234 WEXITSTATUS(__status)); 235 } 236 } else { 237 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 238 } 239 #undef BUF 240 241 } 242 243 ATF_TC_WITHOUT_HEAD(getgrouplist_before_end); 244 ATF_TC_BODY(getgrouplist_before_end, tc) 245 { 246 #define BUF &__stack.__buf 247 struct { 248 uint8_t padding_l; 249 gid_t __buf[4]; 250 uint8_t padding_r; 251 } __stack; 252 const size_t __bufsz __unused = sizeof(__stack.__buf); 253 const size_t __len = 4 - 1; 254 const size_t __idx __unused = __len - 1; 255 int intlen = (int)__len; 256 257 getgrouplist("root", 0, __stack.__buf, &intlen); 258 #undef BUF 259 260 } 261 262 ATF_TC_WITHOUT_HEAD(getgrouplist_end); 263 ATF_TC_BODY(getgrouplist_end, tc) 264 { 265 #define BUF &__stack.__buf 266 struct { 267 uint8_t padding_l; 268 gid_t __buf[4]; 269 uint8_t padding_r; 270 } __stack; 271 const size_t __bufsz __unused = sizeof(__stack.__buf); 272 const size_t __len = 4; 273 const size_t __idx __unused = __len - 1; 274 int intlen = (int)__len; 275 276 getgrouplist("root", 0, __stack.__buf, &intlen); 277 #undef BUF 278 279 } 280 281 ATF_TC_WITHOUT_HEAD(getgrouplist_heap_before_end); 282 ATF_TC_BODY(getgrouplist_heap_before_end, tc) 283 { 284 #define BUF __stack.__buf 285 struct { 286 uint8_t padding_l; 287 gid_t * __buf; 288 uint8_t padding_r; 289 } __stack; 290 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 291 const size_t __len = 4 - 1; 292 const size_t __idx __unused = __len - 1; 293 int intlen = (int)__len; 294 295 __stack.__buf = malloc(__bufsz); 296 297 getgrouplist("root", 0, __stack.__buf, &intlen); 298 #undef BUF 299 300 } 301 302 ATF_TC_WITHOUT_HEAD(getgrouplist_heap_end); 303 ATF_TC_BODY(getgrouplist_heap_end, tc) 304 { 305 #define BUF __stack.__buf 306 struct { 307 uint8_t padding_l; 308 gid_t * __buf; 309 uint8_t padding_r; 310 } __stack; 311 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 312 const size_t __len = 4; 313 const size_t __idx __unused = __len - 1; 314 int intlen = (int)__len; 315 316 __stack.__buf = malloc(__bufsz); 317 318 getgrouplist("root", 0, __stack.__buf, &intlen); 319 #undef BUF 320 321 } 322 323 ATF_TC_WITHOUT_HEAD(getgrouplist_heap_after_end); 324 ATF_TC_BODY(getgrouplist_heap_after_end, tc) 325 { 326 #define BUF __stack.__buf 327 struct { 328 uint8_t padding_l; 329 gid_t * __buf; 330 uint8_t padding_r; 331 } __stack; 332 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 333 const size_t __len = 4 + 1; 334 const size_t __idx __unused = __len - 1; 335 pid_t __child; 336 int __status; 337 int intlen = (int)__len; 338 339 __child = fork(); 340 ATF_REQUIRE(__child >= 0); 341 if (__child > 0) 342 goto monitor; 343 344 /* Child */ 345 disable_coredumps(); 346 __stack.__buf = malloc(__bufsz); 347 348 getgrouplist("root", 0, __stack.__buf, &intlen); 349 _exit(EX_SOFTWARE); /* Should have aborted. */ 350 351 monitor: 352 while (waitpid(__child, &__status, 0) != __child) { 353 ATF_REQUIRE_EQ(EINTR, errno); 354 } 355 356 if (!WIFSIGNALED(__status)) { 357 switch (WEXITSTATUS(__status)) { 358 case EX_SOFTWARE: 359 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 360 break; 361 case EX_OSERR: 362 atf_tc_fail("setrlimit(2) failed"); 363 break; 364 default: 365 atf_tc_fail("child exited with status %d", 366 WEXITSTATUS(__status)); 367 } 368 } else { 369 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 370 } 371 #undef BUF 372 373 } 374 375 ATF_TC_WITHOUT_HEAD(getgroups_before_end); 376 ATF_TC_BODY(getgroups_before_end, tc) 377 { 378 #define BUF &__stack.__buf 379 struct { 380 uint8_t padding_l; 381 gid_t __buf[4]; 382 uint8_t padding_r; 383 } __stack; 384 const size_t __bufsz __unused = sizeof(__stack.__buf); 385 const size_t __len = 4 - 1; 386 const size_t __idx __unused = __len - 1; 387 388 getgroups(__len, __stack.__buf); 389 #undef BUF 390 391 } 392 393 ATF_TC_WITHOUT_HEAD(getgroups_end); 394 ATF_TC_BODY(getgroups_end, tc) 395 { 396 #define BUF &__stack.__buf 397 struct { 398 uint8_t padding_l; 399 gid_t __buf[4]; 400 uint8_t padding_r; 401 } __stack; 402 const size_t __bufsz __unused = sizeof(__stack.__buf); 403 const size_t __len = 4; 404 const size_t __idx __unused = __len - 1; 405 406 getgroups(__len, __stack.__buf); 407 #undef BUF 408 409 } 410 411 ATF_TC_WITHOUT_HEAD(getgroups_heap_before_end); 412 ATF_TC_BODY(getgroups_heap_before_end, tc) 413 { 414 #define BUF __stack.__buf 415 struct { 416 uint8_t padding_l; 417 gid_t * __buf; 418 uint8_t padding_r; 419 } __stack; 420 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 421 const size_t __len = 4 - 1; 422 const size_t __idx __unused = __len - 1; 423 424 __stack.__buf = malloc(__bufsz); 425 426 getgroups(__len, __stack.__buf); 427 #undef BUF 428 429 } 430 431 ATF_TC_WITHOUT_HEAD(getgroups_heap_end); 432 ATF_TC_BODY(getgroups_heap_end, tc) 433 { 434 #define BUF __stack.__buf 435 struct { 436 uint8_t padding_l; 437 gid_t * __buf; 438 uint8_t padding_r; 439 } __stack; 440 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 441 const size_t __len = 4; 442 const size_t __idx __unused = __len - 1; 443 444 __stack.__buf = malloc(__bufsz); 445 446 getgroups(__len, __stack.__buf); 447 #undef BUF 448 449 } 450 451 ATF_TC_WITHOUT_HEAD(getgroups_heap_after_end); 452 ATF_TC_BODY(getgroups_heap_after_end, tc) 453 { 454 #define BUF __stack.__buf 455 struct { 456 uint8_t padding_l; 457 gid_t * __buf; 458 uint8_t padding_r; 459 } __stack; 460 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 461 const size_t __len = 4 + 1; 462 const size_t __idx __unused = __len - 1; 463 pid_t __child; 464 int __status; 465 466 __child = fork(); 467 ATF_REQUIRE(__child >= 0); 468 if (__child > 0) 469 goto monitor; 470 471 /* Child */ 472 disable_coredumps(); 473 __stack.__buf = malloc(__bufsz); 474 475 getgroups(__len, __stack.__buf); 476 _exit(EX_SOFTWARE); /* Should have aborted. */ 477 478 monitor: 479 while (waitpid(__child, &__status, 0) != __child) { 480 ATF_REQUIRE_EQ(EINTR, errno); 481 } 482 483 if (!WIFSIGNALED(__status)) { 484 switch (WEXITSTATUS(__status)) { 485 case EX_SOFTWARE: 486 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 487 break; 488 case EX_OSERR: 489 atf_tc_fail("setrlimit(2) failed"); 490 break; 491 default: 492 atf_tc_fail("child exited with status %d", 493 WEXITSTATUS(__status)); 494 } 495 } else { 496 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 497 } 498 #undef BUF 499 500 } 501 502 ATF_TC_WITHOUT_HEAD(getloginclass_before_end); 503 ATF_TC_BODY(getloginclass_before_end, tc) 504 { 505 #define BUF &__stack.__buf 506 struct { 507 uint8_t padding_l; 508 unsigned char __buf[42]; 509 uint8_t padding_r; 510 } __stack; 511 const size_t __bufsz __unused = sizeof(__stack.__buf); 512 const size_t __len = 42 - 1; 513 const size_t __idx __unused = __len - 1; 514 515 getloginclass(__stack.__buf, __len); 516 #undef BUF 517 518 } 519 520 ATF_TC_WITHOUT_HEAD(getloginclass_end); 521 ATF_TC_BODY(getloginclass_end, tc) 522 { 523 #define BUF &__stack.__buf 524 struct { 525 uint8_t padding_l; 526 unsigned char __buf[42]; 527 uint8_t padding_r; 528 } __stack; 529 const size_t __bufsz __unused = sizeof(__stack.__buf); 530 const size_t __len = 42; 531 const size_t __idx __unused = __len - 1; 532 533 getloginclass(__stack.__buf, __len); 534 #undef BUF 535 536 } 537 538 ATF_TC_WITHOUT_HEAD(getloginclass_heap_before_end); 539 ATF_TC_BODY(getloginclass_heap_before_end, tc) 540 { 541 #define BUF __stack.__buf 542 struct { 543 uint8_t padding_l; 544 unsigned char * __buf; 545 uint8_t padding_r; 546 } __stack; 547 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 548 const size_t __len = 42 - 1; 549 const size_t __idx __unused = __len - 1; 550 551 __stack.__buf = malloc(__bufsz); 552 553 getloginclass(__stack.__buf, __len); 554 #undef BUF 555 556 } 557 558 ATF_TC_WITHOUT_HEAD(getloginclass_heap_end); 559 ATF_TC_BODY(getloginclass_heap_end, tc) 560 { 561 #define BUF __stack.__buf 562 struct { 563 uint8_t padding_l; 564 unsigned char * __buf; 565 uint8_t padding_r; 566 } __stack; 567 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 568 const size_t __len = 42; 569 const size_t __idx __unused = __len - 1; 570 571 __stack.__buf = malloc(__bufsz); 572 573 getloginclass(__stack.__buf, __len); 574 #undef BUF 575 576 } 577 578 ATF_TC_WITHOUT_HEAD(getloginclass_heap_after_end); 579 ATF_TC_BODY(getloginclass_heap_after_end, tc) 580 { 581 #define BUF __stack.__buf 582 struct { 583 uint8_t padding_l; 584 unsigned char * __buf; 585 uint8_t padding_r; 586 } __stack; 587 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 588 const size_t __len = 42 + 1; 589 const size_t __idx __unused = __len - 1; 590 pid_t __child; 591 int __status; 592 593 __child = fork(); 594 ATF_REQUIRE(__child >= 0); 595 if (__child > 0) 596 goto monitor; 597 598 /* Child */ 599 disable_coredumps(); 600 __stack.__buf = malloc(__bufsz); 601 602 getloginclass(__stack.__buf, __len); 603 _exit(EX_SOFTWARE); /* Should have aborted. */ 604 605 monitor: 606 while (waitpid(__child, &__status, 0) != __child) { 607 ATF_REQUIRE_EQ(EINTR, errno); 608 } 609 610 if (!WIFSIGNALED(__status)) { 611 switch (WEXITSTATUS(__status)) { 612 case EX_SOFTWARE: 613 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 614 break; 615 case EX_OSERR: 616 atf_tc_fail("setrlimit(2) failed"); 617 break; 618 default: 619 atf_tc_fail("child exited with status %d", 620 WEXITSTATUS(__status)); 621 } 622 } else { 623 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 624 } 625 #undef BUF 626 627 } 628 629 ATF_TC_WITHOUT_HEAD(pread_before_end); 630 ATF_TC_BODY(pread_before_end, tc) 631 { 632 #define BUF &__stack.__buf 633 struct { 634 uint8_t padding_l; 635 unsigned char __buf[41]; 636 uint8_t padding_r; 637 } __stack; 638 const size_t __bufsz __unused = sizeof(__stack.__buf); 639 const size_t __len = 41 - 1; 640 const size_t __idx __unused = __len - 1; 641 int fd; 642 643 fd = new_tmpfile(); /* Cannot fail */ 644 645 pread(fd, __stack.__buf, __len, 0); 646 #undef BUF 647 648 } 649 650 ATF_TC_WITHOUT_HEAD(pread_end); 651 ATF_TC_BODY(pread_end, tc) 652 { 653 #define BUF &__stack.__buf 654 struct { 655 uint8_t padding_l; 656 unsigned char __buf[41]; 657 uint8_t padding_r; 658 } __stack; 659 const size_t __bufsz __unused = sizeof(__stack.__buf); 660 const size_t __len = 41; 661 const size_t __idx __unused = __len - 1; 662 int fd; 663 664 fd = new_tmpfile(); /* Cannot fail */ 665 666 pread(fd, __stack.__buf, __len, 0); 667 #undef BUF 668 669 } 670 671 ATF_TC_WITHOUT_HEAD(pread_heap_before_end); 672 ATF_TC_BODY(pread_heap_before_end, tc) 673 { 674 #define BUF __stack.__buf 675 struct { 676 uint8_t padding_l; 677 unsigned char * __buf; 678 uint8_t padding_r; 679 } __stack; 680 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 681 const size_t __len = 41 - 1; 682 const size_t __idx __unused = __len - 1; 683 int fd; 684 685 __stack.__buf = malloc(__bufsz); 686 fd = new_tmpfile(); /* Cannot fail */ 687 688 pread(fd, __stack.__buf, __len, 0); 689 #undef BUF 690 691 } 692 693 ATF_TC_WITHOUT_HEAD(pread_heap_end); 694 ATF_TC_BODY(pread_heap_end, tc) 695 { 696 #define BUF __stack.__buf 697 struct { 698 uint8_t padding_l; 699 unsigned char * __buf; 700 uint8_t padding_r; 701 } __stack; 702 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 703 const size_t __len = 41; 704 const size_t __idx __unused = __len - 1; 705 int fd; 706 707 __stack.__buf = malloc(__bufsz); 708 fd = new_tmpfile(); /* Cannot fail */ 709 710 pread(fd, __stack.__buf, __len, 0); 711 #undef BUF 712 713 } 714 715 ATF_TC_WITHOUT_HEAD(pread_heap_after_end); 716 ATF_TC_BODY(pread_heap_after_end, tc) 717 { 718 #define BUF __stack.__buf 719 struct { 720 uint8_t padding_l; 721 unsigned char * __buf; 722 uint8_t padding_r; 723 } __stack; 724 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 725 const size_t __len = 41 + 1; 726 const size_t __idx __unused = __len - 1; 727 pid_t __child; 728 int __status; 729 int fd; 730 731 __child = fork(); 732 ATF_REQUIRE(__child >= 0); 733 if (__child > 0) 734 goto monitor; 735 736 /* Child */ 737 disable_coredumps(); 738 __stack.__buf = malloc(__bufsz); 739 fd = new_tmpfile(); /* Cannot fail */ 740 741 pread(fd, __stack.__buf, __len, 0); 742 _exit(EX_SOFTWARE); /* Should have aborted. */ 743 744 monitor: 745 while (waitpid(__child, &__status, 0) != __child) { 746 ATF_REQUIRE_EQ(EINTR, errno); 747 } 748 749 if (!WIFSIGNALED(__status)) { 750 switch (WEXITSTATUS(__status)) { 751 case EX_SOFTWARE: 752 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 753 break; 754 case EX_OSERR: 755 atf_tc_fail("setrlimit(2) failed"); 756 break; 757 default: 758 atf_tc_fail("child exited with status %d", 759 WEXITSTATUS(__status)); 760 } 761 } else { 762 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 763 } 764 #undef BUF 765 766 } 767 768 ATF_TC_WITHOUT_HEAD(read_before_end); 769 ATF_TC_BODY(read_before_end, tc) 770 { 771 #define BUF &__stack.__buf 772 struct { 773 uint8_t padding_l; 774 unsigned char __buf[41]; 775 uint8_t padding_r; 776 } __stack; 777 const size_t __bufsz __unused = sizeof(__stack.__buf); 778 const size_t __len = 41 - 1; 779 const size_t __idx __unused = __len - 1; 780 int fd; 781 782 fd = new_tmpfile(); /* Cannot fail */ 783 784 read(fd, __stack.__buf, __len); 785 #undef BUF 786 787 } 788 789 ATF_TC_WITHOUT_HEAD(read_end); 790 ATF_TC_BODY(read_end, tc) 791 { 792 #define BUF &__stack.__buf 793 struct { 794 uint8_t padding_l; 795 unsigned char __buf[41]; 796 uint8_t padding_r; 797 } __stack; 798 const size_t __bufsz __unused = sizeof(__stack.__buf); 799 const size_t __len = 41; 800 const size_t __idx __unused = __len - 1; 801 int fd; 802 803 fd = new_tmpfile(); /* Cannot fail */ 804 805 read(fd, __stack.__buf, __len); 806 #undef BUF 807 808 } 809 810 ATF_TC_WITHOUT_HEAD(read_heap_before_end); 811 ATF_TC_BODY(read_heap_before_end, tc) 812 { 813 #define BUF __stack.__buf 814 struct { 815 uint8_t padding_l; 816 unsigned char * __buf; 817 uint8_t padding_r; 818 } __stack; 819 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 820 const size_t __len = 41 - 1; 821 const size_t __idx __unused = __len - 1; 822 int fd; 823 824 __stack.__buf = malloc(__bufsz); 825 fd = new_tmpfile(); /* Cannot fail */ 826 827 read(fd, __stack.__buf, __len); 828 #undef BUF 829 830 } 831 832 ATF_TC_WITHOUT_HEAD(read_heap_end); 833 ATF_TC_BODY(read_heap_end, tc) 834 { 835 #define BUF __stack.__buf 836 struct { 837 uint8_t padding_l; 838 unsigned char * __buf; 839 uint8_t padding_r; 840 } __stack; 841 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 842 const size_t __len = 41; 843 const size_t __idx __unused = __len - 1; 844 int fd; 845 846 __stack.__buf = malloc(__bufsz); 847 fd = new_tmpfile(); /* Cannot fail */ 848 849 read(fd, __stack.__buf, __len); 850 #undef BUF 851 852 } 853 854 ATF_TC_WITHOUT_HEAD(read_heap_after_end); 855 ATF_TC_BODY(read_heap_after_end, tc) 856 { 857 #define BUF __stack.__buf 858 struct { 859 uint8_t padding_l; 860 unsigned char * __buf; 861 uint8_t padding_r; 862 } __stack; 863 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 864 const size_t __len = 41 + 1; 865 const size_t __idx __unused = __len - 1; 866 pid_t __child; 867 int __status; 868 int fd; 869 870 __child = fork(); 871 ATF_REQUIRE(__child >= 0); 872 if (__child > 0) 873 goto monitor; 874 875 /* Child */ 876 disable_coredumps(); 877 __stack.__buf = malloc(__bufsz); 878 fd = new_tmpfile(); /* Cannot fail */ 879 880 read(fd, __stack.__buf, __len); 881 _exit(EX_SOFTWARE); /* Should have aborted. */ 882 883 monitor: 884 while (waitpid(__child, &__status, 0) != __child) { 885 ATF_REQUIRE_EQ(EINTR, errno); 886 } 887 888 if (!WIFSIGNALED(__status)) { 889 switch (WEXITSTATUS(__status)) { 890 case EX_SOFTWARE: 891 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 892 break; 893 case EX_OSERR: 894 atf_tc_fail("setrlimit(2) failed"); 895 break; 896 default: 897 atf_tc_fail("child exited with status %d", 898 WEXITSTATUS(__status)); 899 } 900 } else { 901 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 902 } 903 #undef BUF 904 905 } 906 907 ATF_TC_WITHOUT_HEAD(readlink_before_end); 908 ATF_TC_BODY(readlink_before_end, tc) 909 { 910 #define BUF &__stack.__buf 911 struct { 912 uint8_t padding_l; 913 unsigned char __buf[42]; 914 uint8_t padding_r; 915 } __stack; 916 const size_t __bufsz __unused = sizeof(__stack.__buf); 917 const size_t __len = 42 - 1; 918 const size_t __idx __unused = __len - 1; 919 const char *path; 920 921 path = new_symlink(__len); /* Cannot fail */ 922 923 readlink(path, __stack.__buf, __len); 924 #undef BUF 925 926 } 927 928 ATF_TC_WITHOUT_HEAD(readlink_end); 929 ATF_TC_BODY(readlink_end, tc) 930 { 931 #define BUF &__stack.__buf 932 struct { 933 uint8_t padding_l; 934 unsigned char __buf[42]; 935 uint8_t padding_r; 936 } __stack; 937 const size_t __bufsz __unused = sizeof(__stack.__buf); 938 const size_t __len = 42; 939 const size_t __idx __unused = __len - 1; 940 const char *path; 941 942 path = new_symlink(__len); /* Cannot fail */ 943 944 readlink(path, __stack.__buf, __len); 945 #undef BUF 946 947 } 948 949 ATF_TC_WITHOUT_HEAD(readlink_heap_before_end); 950 ATF_TC_BODY(readlink_heap_before_end, tc) 951 { 952 #define BUF __stack.__buf 953 struct { 954 uint8_t padding_l; 955 unsigned char * __buf; 956 uint8_t padding_r; 957 } __stack; 958 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 959 const size_t __len = 42 - 1; 960 const size_t __idx __unused = __len - 1; 961 const char *path; 962 963 __stack.__buf = malloc(__bufsz); 964 path = new_symlink(__len); /* Cannot fail */ 965 966 readlink(path, __stack.__buf, __len); 967 #undef BUF 968 969 } 970 971 ATF_TC_WITHOUT_HEAD(readlink_heap_end); 972 ATF_TC_BODY(readlink_heap_end, tc) 973 { 974 #define BUF __stack.__buf 975 struct { 976 uint8_t padding_l; 977 unsigned char * __buf; 978 uint8_t padding_r; 979 } __stack; 980 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 981 const size_t __len = 42; 982 const size_t __idx __unused = __len - 1; 983 const char *path; 984 985 __stack.__buf = malloc(__bufsz); 986 path = new_symlink(__len); /* Cannot fail */ 987 988 readlink(path, __stack.__buf, __len); 989 #undef BUF 990 991 } 992 993 ATF_TC_WITHOUT_HEAD(readlink_heap_after_end); 994 ATF_TC_BODY(readlink_heap_after_end, tc) 995 { 996 #define BUF __stack.__buf 997 struct { 998 uint8_t padding_l; 999 unsigned char * __buf; 1000 uint8_t padding_r; 1001 } __stack; 1002 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1003 const size_t __len = 42 + 1; 1004 const size_t __idx __unused = __len - 1; 1005 pid_t __child; 1006 int __status; 1007 const char *path; 1008 1009 __child = fork(); 1010 ATF_REQUIRE(__child >= 0); 1011 if (__child > 0) 1012 goto monitor; 1013 1014 /* Child */ 1015 disable_coredumps(); 1016 __stack.__buf = malloc(__bufsz); 1017 path = new_symlink(__len); /* Cannot fail */ 1018 1019 readlink(path, __stack.__buf, __len); 1020 _exit(EX_SOFTWARE); /* Should have aborted. */ 1021 1022 monitor: 1023 while (waitpid(__child, &__status, 0) != __child) { 1024 ATF_REQUIRE_EQ(EINTR, errno); 1025 } 1026 1027 if (!WIFSIGNALED(__status)) { 1028 switch (WEXITSTATUS(__status)) { 1029 case EX_SOFTWARE: 1030 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1031 break; 1032 case EX_OSERR: 1033 atf_tc_fail("setrlimit(2) failed"); 1034 break; 1035 default: 1036 atf_tc_fail("child exited with status %d", 1037 WEXITSTATUS(__status)); 1038 } 1039 } else { 1040 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1041 } 1042 #undef BUF 1043 1044 } 1045 1046 ATF_TC_WITHOUT_HEAD(readlinkat_before_end); 1047 ATF_TC_BODY(readlinkat_before_end, tc) 1048 { 1049 #define BUF &__stack.__buf 1050 struct { 1051 uint8_t padding_l; 1052 unsigned char __buf[42]; 1053 uint8_t padding_r; 1054 } __stack; 1055 const size_t __bufsz __unused = sizeof(__stack.__buf); 1056 const size_t __len = 42 - 1; 1057 const size_t __idx __unused = __len - 1; 1058 const char *path; 1059 1060 path = new_symlink(__len); /* Cannot fail */ 1061 1062 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1063 #undef BUF 1064 1065 } 1066 1067 ATF_TC_WITHOUT_HEAD(readlinkat_end); 1068 ATF_TC_BODY(readlinkat_end, tc) 1069 { 1070 #define BUF &__stack.__buf 1071 struct { 1072 uint8_t padding_l; 1073 unsigned char __buf[42]; 1074 uint8_t padding_r; 1075 } __stack; 1076 const size_t __bufsz __unused = sizeof(__stack.__buf); 1077 const size_t __len = 42; 1078 const size_t __idx __unused = __len - 1; 1079 const char *path; 1080 1081 path = new_symlink(__len); /* Cannot fail */ 1082 1083 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1084 #undef BUF 1085 1086 } 1087 1088 ATF_TC_WITHOUT_HEAD(readlinkat_heap_before_end); 1089 ATF_TC_BODY(readlinkat_heap_before_end, tc) 1090 { 1091 #define BUF __stack.__buf 1092 struct { 1093 uint8_t padding_l; 1094 unsigned char * __buf; 1095 uint8_t padding_r; 1096 } __stack; 1097 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1098 const size_t __len = 42 - 1; 1099 const size_t __idx __unused = __len - 1; 1100 const char *path; 1101 1102 __stack.__buf = malloc(__bufsz); 1103 path = new_symlink(__len); /* Cannot fail */ 1104 1105 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1106 #undef BUF 1107 1108 } 1109 1110 ATF_TC_WITHOUT_HEAD(readlinkat_heap_end); 1111 ATF_TC_BODY(readlinkat_heap_end, tc) 1112 { 1113 #define BUF __stack.__buf 1114 struct { 1115 uint8_t padding_l; 1116 unsigned char * __buf; 1117 uint8_t padding_r; 1118 } __stack; 1119 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1120 const size_t __len = 42; 1121 const size_t __idx __unused = __len - 1; 1122 const char *path; 1123 1124 __stack.__buf = malloc(__bufsz); 1125 path = new_symlink(__len); /* Cannot fail */ 1126 1127 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1128 #undef BUF 1129 1130 } 1131 1132 ATF_TC_WITHOUT_HEAD(readlinkat_heap_after_end); 1133 ATF_TC_BODY(readlinkat_heap_after_end, tc) 1134 { 1135 #define BUF __stack.__buf 1136 struct { 1137 uint8_t padding_l; 1138 unsigned char * __buf; 1139 uint8_t padding_r; 1140 } __stack; 1141 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1142 const size_t __len = 42 + 1; 1143 const size_t __idx __unused = __len - 1; 1144 pid_t __child; 1145 int __status; 1146 const char *path; 1147 1148 __child = fork(); 1149 ATF_REQUIRE(__child >= 0); 1150 if (__child > 0) 1151 goto monitor; 1152 1153 /* Child */ 1154 disable_coredumps(); 1155 __stack.__buf = malloc(__bufsz); 1156 path = new_symlink(__len); /* Cannot fail */ 1157 1158 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1159 _exit(EX_SOFTWARE); /* Should have aborted. */ 1160 1161 monitor: 1162 while (waitpid(__child, &__status, 0) != __child) { 1163 ATF_REQUIRE_EQ(EINTR, errno); 1164 } 1165 1166 if (!WIFSIGNALED(__status)) { 1167 switch (WEXITSTATUS(__status)) { 1168 case EX_SOFTWARE: 1169 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1170 break; 1171 case EX_OSERR: 1172 atf_tc_fail("setrlimit(2) failed"); 1173 break; 1174 default: 1175 atf_tc_fail("child exited with status %d", 1176 WEXITSTATUS(__status)); 1177 } 1178 } else { 1179 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1180 } 1181 #undef BUF 1182 1183 } 1184 1185 ATF_TC_WITHOUT_HEAD(getdomainname_before_end); 1186 ATF_TC_BODY(getdomainname_before_end, tc) 1187 { 1188 #define BUF &__stack.__buf 1189 struct { 1190 uint8_t padding_l; 1191 unsigned char __buf[4]; 1192 uint8_t padding_r; 1193 } __stack; 1194 const size_t __bufsz __unused = sizeof(__stack.__buf); 1195 const size_t __len = 4 - 1; 1196 const size_t __idx __unused = __len - 1; 1197 char sysdomain[256]; 1198 1199 (void)getdomainname(sysdomain, __len); 1200 if (strlen(sysdomain) <= __len) 1201 atf_tc_skip("domain name too short for testing"); 1202 1203 getdomainname(__stack.__buf, __len); 1204 #undef BUF 1205 1206 } 1207 1208 ATF_TC_WITHOUT_HEAD(getdomainname_end); 1209 ATF_TC_BODY(getdomainname_end, tc) 1210 { 1211 #define BUF &__stack.__buf 1212 struct { 1213 uint8_t padding_l; 1214 unsigned char __buf[4]; 1215 uint8_t padding_r; 1216 } __stack; 1217 const size_t __bufsz __unused = sizeof(__stack.__buf); 1218 const size_t __len = 4; 1219 const size_t __idx __unused = __len - 1; 1220 char sysdomain[256]; 1221 1222 (void)getdomainname(sysdomain, __len); 1223 if (strlen(sysdomain) <= __len) 1224 atf_tc_skip("domain name too short for testing"); 1225 1226 getdomainname(__stack.__buf, __len); 1227 #undef BUF 1228 1229 } 1230 1231 ATF_TC_WITHOUT_HEAD(getdomainname_heap_before_end); 1232 ATF_TC_BODY(getdomainname_heap_before_end, tc) 1233 { 1234 #define BUF __stack.__buf 1235 struct { 1236 uint8_t padding_l; 1237 unsigned char * __buf; 1238 uint8_t padding_r; 1239 } __stack; 1240 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1241 const size_t __len = 4 - 1; 1242 const size_t __idx __unused = __len - 1; 1243 char sysdomain[256]; 1244 1245 (void)getdomainname(sysdomain, __len); 1246 if (strlen(sysdomain) <= __len) 1247 atf_tc_skip("domain name too short for testing"); 1248 1249 __stack.__buf = malloc(__bufsz); 1250 1251 getdomainname(__stack.__buf, __len); 1252 #undef BUF 1253 1254 } 1255 1256 ATF_TC_WITHOUT_HEAD(getdomainname_heap_end); 1257 ATF_TC_BODY(getdomainname_heap_end, tc) 1258 { 1259 #define BUF __stack.__buf 1260 struct { 1261 uint8_t padding_l; 1262 unsigned char * __buf; 1263 uint8_t padding_r; 1264 } __stack; 1265 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1266 const size_t __len = 4; 1267 const size_t __idx __unused = __len - 1; 1268 char sysdomain[256]; 1269 1270 (void)getdomainname(sysdomain, __len); 1271 if (strlen(sysdomain) <= __len) 1272 atf_tc_skip("domain name too short for testing"); 1273 1274 __stack.__buf = malloc(__bufsz); 1275 1276 getdomainname(__stack.__buf, __len); 1277 #undef BUF 1278 1279 } 1280 1281 ATF_TC_WITHOUT_HEAD(getdomainname_heap_after_end); 1282 ATF_TC_BODY(getdomainname_heap_after_end, tc) 1283 { 1284 #define BUF __stack.__buf 1285 struct { 1286 uint8_t padding_l; 1287 unsigned char * __buf; 1288 uint8_t padding_r; 1289 } __stack; 1290 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1291 const size_t __len = 4 + 1; 1292 const size_t __idx __unused = __len - 1; 1293 pid_t __child; 1294 int __status; 1295 char sysdomain[256]; 1296 1297 (void)getdomainname(sysdomain, __len); 1298 if (strlen(sysdomain) <= __len) 1299 atf_tc_skip("domain name too short for testing"); 1300 1301 __child = fork(); 1302 ATF_REQUIRE(__child >= 0); 1303 if (__child > 0) 1304 goto monitor; 1305 1306 /* Child */ 1307 disable_coredumps(); 1308 __stack.__buf = malloc(__bufsz); 1309 1310 getdomainname(__stack.__buf, __len); 1311 _exit(EX_SOFTWARE); /* Should have aborted. */ 1312 1313 monitor: 1314 while (waitpid(__child, &__status, 0) != __child) { 1315 ATF_REQUIRE_EQ(EINTR, errno); 1316 } 1317 1318 if (!WIFSIGNALED(__status)) { 1319 switch (WEXITSTATUS(__status)) { 1320 case EX_SOFTWARE: 1321 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1322 break; 1323 case EX_OSERR: 1324 atf_tc_fail("setrlimit(2) failed"); 1325 break; 1326 default: 1327 atf_tc_fail("child exited with status %d", 1328 WEXITSTATUS(__status)); 1329 } 1330 } else { 1331 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1332 } 1333 #undef BUF 1334 1335 } 1336 1337 ATF_TC_WITHOUT_HEAD(getentropy_before_end); 1338 ATF_TC_BODY(getentropy_before_end, tc) 1339 { 1340 #define BUF &__stack.__buf 1341 struct { 1342 uint8_t padding_l; 1343 unsigned char __buf[42]; 1344 uint8_t padding_r; 1345 } __stack; 1346 const size_t __bufsz __unused = sizeof(__stack.__buf); 1347 const size_t __len = 42 - 1; 1348 const size_t __idx __unused = __len - 1; 1349 1350 getentropy(__stack.__buf, __len); 1351 #undef BUF 1352 1353 } 1354 1355 ATF_TC_WITHOUT_HEAD(getentropy_end); 1356 ATF_TC_BODY(getentropy_end, tc) 1357 { 1358 #define BUF &__stack.__buf 1359 struct { 1360 uint8_t padding_l; 1361 unsigned char __buf[42]; 1362 uint8_t padding_r; 1363 } __stack; 1364 const size_t __bufsz __unused = sizeof(__stack.__buf); 1365 const size_t __len = 42; 1366 const size_t __idx __unused = __len - 1; 1367 1368 getentropy(__stack.__buf, __len); 1369 #undef BUF 1370 1371 } 1372 1373 ATF_TC_WITHOUT_HEAD(getentropy_heap_before_end); 1374 ATF_TC_BODY(getentropy_heap_before_end, tc) 1375 { 1376 #define BUF __stack.__buf 1377 struct { 1378 uint8_t padding_l; 1379 unsigned char * __buf; 1380 uint8_t padding_r; 1381 } __stack; 1382 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1383 const size_t __len = 42 - 1; 1384 const size_t __idx __unused = __len - 1; 1385 1386 __stack.__buf = malloc(__bufsz); 1387 1388 getentropy(__stack.__buf, __len); 1389 #undef BUF 1390 1391 } 1392 1393 ATF_TC_WITHOUT_HEAD(getentropy_heap_end); 1394 ATF_TC_BODY(getentropy_heap_end, tc) 1395 { 1396 #define BUF __stack.__buf 1397 struct { 1398 uint8_t padding_l; 1399 unsigned char * __buf; 1400 uint8_t padding_r; 1401 } __stack; 1402 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1403 const size_t __len = 42; 1404 const size_t __idx __unused = __len - 1; 1405 1406 __stack.__buf = malloc(__bufsz); 1407 1408 getentropy(__stack.__buf, __len); 1409 #undef BUF 1410 1411 } 1412 1413 ATF_TC_WITHOUT_HEAD(getentropy_heap_after_end); 1414 ATF_TC_BODY(getentropy_heap_after_end, tc) 1415 { 1416 #define BUF __stack.__buf 1417 struct { 1418 uint8_t padding_l; 1419 unsigned char * __buf; 1420 uint8_t padding_r; 1421 } __stack; 1422 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1423 const size_t __len = 42 + 1; 1424 const size_t __idx __unused = __len - 1; 1425 pid_t __child; 1426 int __status; 1427 1428 __child = fork(); 1429 ATF_REQUIRE(__child >= 0); 1430 if (__child > 0) 1431 goto monitor; 1432 1433 /* Child */ 1434 disable_coredumps(); 1435 __stack.__buf = malloc(__bufsz); 1436 1437 getentropy(__stack.__buf, __len); 1438 _exit(EX_SOFTWARE); /* Should have aborted. */ 1439 1440 monitor: 1441 while (waitpid(__child, &__status, 0) != __child) { 1442 ATF_REQUIRE_EQ(EINTR, errno); 1443 } 1444 1445 if (!WIFSIGNALED(__status)) { 1446 switch (WEXITSTATUS(__status)) { 1447 case EX_SOFTWARE: 1448 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1449 break; 1450 case EX_OSERR: 1451 atf_tc_fail("setrlimit(2) failed"); 1452 break; 1453 default: 1454 atf_tc_fail("child exited with status %d", 1455 WEXITSTATUS(__status)); 1456 } 1457 } else { 1458 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1459 } 1460 #undef BUF 1461 1462 } 1463 1464 ATF_TC_WITHOUT_HEAD(gethostname_before_end); 1465 ATF_TC_BODY(gethostname_before_end, tc) 1466 { 1467 #define BUF &__stack.__buf 1468 struct { 1469 uint8_t padding_l; 1470 unsigned char __buf[4]; 1471 uint8_t padding_r; 1472 } __stack; 1473 const size_t __bufsz __unused = sizeof(__stack.__buf); 1474 const size_t __len = 4 - 1; 1475 const size_t __idx __unused = __len - 1; 1476 char syshost[256]; 1477 int error; 1478 1479 error = gethostname(syshost, __len); 1480 if (error != 0 || strlen(syshost) <= __len) 1481 atf_tc_skip("hostname too short for testing"); 1482 1483 gethostname(__stack.__buf, __len); 1484 #undef BUF 1485 1486 } 1487 1488 ATF_TC_WITHOUT_HEAD(gethostname_end); 1489 ATF_TC_BODY(gethostname_end, tc) 1490 { 1491 #define BUF &__stack.__buf 1492 struct { 1493 uint8_t padding_l; 1494 unsigned char __buf[4]; 1495 uint8_t padding_r; 1496 } __stack; 1497 const size_t __bufsz __unused = sizeof(__stack.__buf); 1498 const size_t __len = 4; 1499 const size_t __idx __unused = __len - 1; 1500 char syshost[256]; 1501 int error; 1502 1503 error = gethostname(syshost, __len); 1504 if (error != 0 || strlen(syshost) <= __len) 1505 atf_tc_skip("hostname too short for testing"); 1506 1507 gethostname(__stack.__buf, __len); 1508 #undef BUF 1509 1510 } 1511 1512 ATF_TC_WITHOUT_HEAD(gethostname_heap_before_end); 1513 ATF_TC_BODY(gethostname_heap_before_end, tc) 1514 { 1515 #define BUF __stack.__buf 1516 struct { 1517 uint8_t padding_l; 1518 unsigned char * __buf; 1519 uint8_t padding_r; 1520 } __stack; 1521 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1522 const size_t __len = 4 - 1; 1523 const size_t __idx __unused = __len - 1; 1524 char syshost[256]; 1525 int error; 1526 1527 error = gethostname(syshost, __len); 1528 if (error != 0 || strlen(syshost) <= __len) 1529 atf_tc_skip("hostname too short for testing"); 1530 1531 __stack.__buf = malloc(__bufsz); 1532 1533 gethostname(__stack.__buf, __len); 1534 #undef BUF 1535 1536 } 1537 1538 ATF_TC_WITHOUT_HEAD(gethostname_heap_end); 1539 ATF_TC_BODY(gethostname_heap_end, tc) 1540 { 1541 #define BUF __stack.__buf 1542 struct { 1543 uint8_t padding_l; 1544 unsigned char * __buf; 1545 uint8_t padding_r; 1546 } __stack; 1547 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1548 const size_t __len = 4; 1549 const size_t __idx __unused = __len - 1; 1550 char syshost[256]; 1551 int error; 1552 1553 error = gethostname(syshost, __len); 1554 if (error != 0 || strlen(syshost) <= __len) 1555 atf_tc_skip("hostname too short for testing"); 1556 1557 __stack.__buf = malloc(__bufsz); 1558 1559 gethostname(__stack.__buf, __len); 1560 #undef BUF 1561 1562 } 1563 1564 ATF_TC_WITHOUT_HEAD(gethostname_heap_after_end); 1565 ATF_TC_BODY(gethostname_heap_after_end, tc) 1566 { 1567 #define BUF __stack.__buf 1568 struct { 1569 uint8_t padding_l; 1570 unsigned char * __buf; 1571 uint8_t padding_r; 1572 } __stack; 1573 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1574 const size_t __len = 4 + 1; 1575 const size_t __idx __unused = __len - 1; 1576 pid_t __child; 1577 int __status; 1578 char syshost[256]; 1579 int error; 1580 1581 error = gethostname(syshost, __len); 1582 if (error != 0 || strlen(syshost) <= __len) 1583 atf_tc_skip("hostname too short for testing"); 1584 1585 __child = fork(); 1586 ATF_REQUIRE(__child >= 0); 1587 if (__child > 0) 1588 goto monitor; 1589 1590 /* Child */ 1591 disable_coredumps(); 1592 __stack.__buf = malloc(__bufsz); 1593 1594 gethostname(__stack.__buf, __len); 1595 _exit(EX_SOFTWARE); /* Should have aborted. */ 1596 1597 monitor: 1598 while (waitpid(__child, &__status, 0) != __child) { 1599 ATF_REQUIRE_EQ(EINTR, errno); 1600 } 1601 1602 if (!WIFSIGNALED(__status)) { 1603 switch (WEXITSTATUS(__status)) { 1604 case EX_SOFTWARE: 1605 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1606 break; 1607 case EX_OSERR: 1608 atf_tc_fail("setrlimit(2) failed"); 1609 break; 1610 default: 1611 atf_tc_fail("child exited with status %d", 1612 WEXITSTATUS(__status)); 1613 } 1614 } else { 1615 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1616 } 1617 #undef BUF 1618 1619 } 1620 1621 ATF_TC_WITHOUT_HEAD(getlogin_r_before_end); 1622 ATF_TC_BODY(getlogin_r_before_end, tc) 1623 { 1624 #define BUF &__stack.__buf 1625 struct { 1626 uint8_t padding_l; 1627 unsigned char __buf[MAXLOGNAME + 1]; 1628 uint8_t padding_r; 1629 } __stack; 1630 const size_t __bufsz __unused = sizeof(__stack.__buf); 1631 const size_t __len = MAXLOGNAME + 1 - 1; 1632 const size_t __idx __unused = __len - 1; 1633 1634 getlogin_r(__stack.__buf, __len); 1635 #undef BUF 1636 1637 } 1638 1639 ATF_TC_WITHOUT_HEAD(getlogin_r_end); 1640 ATF_TC_BODY(getlogin_r_end, tc) 1641 { 1642 #define BUF &__stack.__buf 1643 struct { 1644 uint8_t padding_l; 1645 unsigned char __buf[MAXLOGNAME + 1]; 1646 uint8_t padding_r; 1647 } __stack; 1648 const size_t __bufsz __unused = sizeof(__stack.__buf); 1649 const size_t __len = MAXLOGNAME + 1; 1650 const size_t __idx __unused = __len - 1; 1651 1652 getlogin_r(__stack.__buf, __len); 1653 #undef BUF 1654 1655 } 1656 1657 ATF_TC_WITHOUT_HEAD(getlogin_r_heap_before_end); 1658 ATF_TC_BODY(getlogin_r_heap_before_end, tc) 1659 { 1660 #define BUF __stack.__buf 1661 struct { 1662 uint8_t padding_l; 1663 unsigned char * __buf; 1664 uint8_t padding_r; 1665 } __stack; 1666 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (MAXLOGNAME + 1); 1667 const size_t __len = MAXLOGNAME + 1 - 1; 1668 const size_t __idx __unused = __len - 1; 1669 1670 __stack.__buf = malloc(__bufsz); 1671 1672 getlogin_r(__stack.__buf, __len); 1673 #undef BUF 1674 1675 } 1676 1677 ATF_TC_WITHOUT_HEAD(getlogin_r_heap_end); 1678 ATF_TC_BODY(getlogin_r_heap_end, tc) 1679 { 1680 #define BUF __stack.__buf 1681 struct { 1682 uint8_t padding_l; 1683 unsigned char * __buf; 1684 uint8_t padding_r; 1685 } __stack; 1686 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (MAXLOGNAME + 1); 1687 const size_t __len = MAXLOGNAME + 1; 1688 const size_t __idx __unused = __len - 1; 1689 1690 __stack.__buf = malloc(__bufsz); 1691 1692 getlogin_r(__stack.__buf, __len); 1693 #undef BUF 1694 1695 } 1696 1697 ATF_TC_WITHOUT_HEAD(getlogin_r_heap_after_end); 1698 ATF_TC_BODY(getlogin_r_heap_after_end, tc) 1699 { 1700 #define BUF __stack.__buf 1701 struct { 1702 uint8_t padding_l; 1703 unsigned char * __buf; 1704 uint8_t padding_r; 1705 } __stack; 1706 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (MAXLOGNAME + 1); 1707 const size_t __len = MAXLOGNAME + 1 + 1; 1708 const size_t __idx __unused = __len - 1; 1709 pid_t __child; 1710 int __status; 1711 1712 __child = fork(); 1713 ATF_REQUIRE(__child >= 0); 1714 if (__child > 0) 1715 goto monitor; 1716 1717 /* Child */ 1718 disable_coredumps(); 1719 __stack.__buf = malloc(__bufsz); 1720 1721 getlogin_r(__stack.__buf, __len); 1722 _exit(EX_SOFTWARE); /* Should have aborted. */ 1723 1724 monitor: 1725 while (waitpid(__child, &__status, 0) != __child) { 1726 ATF_REQUIRE_EQ(EINTR, errno); 1727 } 1728 1729 if (!WIFSIGNALED(__status)) { 1730 switch (WEXITSTATUS(__status)) { 1731 case EX_SOFTWARE: 1732 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1733 break; 1734 case EX_OSERR: 1735 atf_tc_fail("setrlimit(2) failed"); 1736 break; 1737 default: 1738 atf_tc_fail("child exited with status %d", 1739 WEXITSTATUS(__status)); 1740 } 1741 } else { 1742 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1743 } 1744 #undef BUF 1745 1746 } 1747 1748 ATF_TC_WITHOUT_HEAD(ttyname_r_before_end); 1749 ATF_TC_BODY(ttyname_r_before_end, tc) 1750 { 1751 #define BUF &__stack.__buf 1752 struct { 1753 uint8_t padding_l; 1754 unsigned char __buf[42]; 1755 uint8_t padding_r; 1756 } __stack; 1757 const size_t __bufsz __unused = sizeof(__stack.__buf); 1758 const size_t __len = 42 - 1; 1759 const size_t __idx __unused = __len - 1; 1760 int fd; 1761 1762 fd = STDIN_FILENO; 1763 if (!isatty(fd)) 1764 atf_tc_skip("stdin is not an fd"); 1765 1766 ttyname_r(fd, __stack.__buf, __len); 1767 #undef BUF 1768 1769 } 1770 1771 ATF_TC_WITHOUT_HEAD(ttyname_r_end); 1772 ATF_TC_BODY(ttyname_r_end, tc) 1773 { 1774 #define BUF &__stack.__buf 1775 struct { 1776 uint8_t padding_l; 1777 unsigned char __buf[42]; 1778 uint8_t padding_r; 1779 } __stack; 1780 const size_t __bufsz __unused = sizeof(__stack.__buf); 1781 const size_t __len = 42; 1782 const size_t __idx __unused = __len - 1; 1783 int fd; 1784 1785 fd = STDIN_FILENO; 1786 if (!isatty(fd)) 1787 atf_tc_skip("stdin is not an fd"); 1788 1789 ttyname_r(fd, __stack.__buf, __len); 1790 #undef BUF 1791 1792 } 1793 1794 ATF_TC_WITHOUT_HEAD(ttyname_r_heap_before_end); 1795 ATF_TC_BODY(ttyname_r_heap_before_end, tc) 1796 { 1797 #define BUF __stack.__buf 1798 struct { 1799 uint8_t padding_l; 1800 unsigned char * __buf; 1801 uint8_t padding_r; 1802 } __stack; 1803 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1804 const size_t __len = 42 - 1; 1805 const size_t __idx __unused = __len - 1; 1806 int fd; 1807 1808 fd = STDIN_FILENO; 1809 if (!isatty(fd)) 1810 atf_tc_skip("stdin is not an fd"); 1811 1812 __stack.__buf = malloc(__bufsz); 1813 1814 ttyname_r(fd, __stack.__buf, __len); 1815 #undef BUF 1816 1817 } 1818 1819 ATF_TC_WITHOUT_HEAD(ttyname_r_heap_end); 1820 ATF_TC_BODY(ttyname_r_heap_end, tc) 1821 { 1822 #define BUF __stack.__buf 1823 struct { 1824 uint8_t padding_l; 1825 unsigned char * __buf; 1826 uint8_t padding_r; 1827 } __stack; 1828 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1829 const size_t __len = 42; 1830 const size_t __idx __unused = __len - 1; 1831 int fd; 1832 1833 fd = STDIN_FILENO; 1834 if (!isatty(fd)) 1835 atf_tc_skip("stdin is not an fd"); 1836 1837 __stack.__buf = malloc(__bufsz); 1838 1839 ttyname_r(fd, __stack.__buf, __len); 1840 #undef BUF 1841 1842 } 1843 1844 ATF_TC_WITHOUT_HEAD(ttyname_r_heap_after_end); 1845 ATF_TC_BODY(ttyname_r_heap_after_end, tc) 1846 { 1847 #define BUF __stack.__buf 1848 struct { 1849 uint8_t padding_l; 1850 unsigned char * __buf; 1851 uint8_t padding_r; 1852 } __stack; 1853 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1854 const size_t __len = 42 + 1; 1855 const size_t __idx __unused = __len - 1; 1856 pid_t __child; 1857 int __status; 1858 int fd; 1859 1860 fd = STDIN_FILENO; 1861 if (!isatty(fd)) 1862 atf_tc_skip("stdin is not an fd"); 1863 1864 __child = fork(); 1865 ATF_REQUIRE(__child >= 0); 1866 if (__child > 0) 1867 goto monitor; 1868 1869 /* Child */ 1870 disable_coredumps(); 1871 __stack.__buf = malloc(__bufsz); 1872 1873 ttyname_r(fd, __stack.__buf, __len); 1874 _exit(EX_SOFTWARE); /* Should have aborted. */ 1875 1876 monitor: 1877 while (waitpid(__child, &__status, 0) != __child) { 1878 ATF_REQUIRE_EQ(EINTR, errno); 1879 } 1880 1881 if (!WIFSIGNALED(__status)) { 1882 switch (WEXITSTATUS(__status)) { 1883 case EX_SOFTWARE: 1884 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1885 break; 1886 case EX_OSERR: 1887 atf_tc_fail("setrlimit(2) failed"); 1888 break; 1889 default: 1890 atf_tc_fail("child exited with status %d", 1891 WEXITSTATUS(__status)); 1892 } 1893 } else { 1894 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1895 } 1896 #undef BUF 1897 1898 } 1899 1900 ATF_TP_ADD_TCS(tp) 1901 { 1902 ATF_TP_ADD_TC(tp, getcwd_before_end); 1903 ATF_TP_ADD_TC(tp, getcwd_end); 1904 ATF_TP_ADD_TC(tp, getcwd_heap_before_end); 1905 ATF_TP_ADD_TC(tp, getcwd_heap_end); 1906 ATF_TP_ADD_TC(tp, getcwd_heap_after_end); 1907 ATF_TP_ADD_TC(tp, getgrouplist_before_end); 1908 ATF_TP_ADD_TC(tp, getgrouplist_end); 1909 ATF_TP_ADD_TC(tp, getgrouplist_heap_before_end); 1910 ATF_TP_ADD_TC(tp, getgrouplist_heap_end); 1911 ATF_TP_ADD_TC(tp, getgrouplist_heap_after_end); 1912 ATF_TP_ADD_TC(tp, getgroups_before_end); 1913 ATF_TP_ADD_TC(tp, getgroups_end); 1914 ATF_TP_ADD_TC(tp, getgroups_heap_before_end); 1915 ATF_TP_ADD_TC(tp, getgroups_heap_end); 1916 ATF_TP_ADD_TC(tp, getgroups_heap_after_end); 1917 ATF_TP_ADD_TC(tp, getloginclass_before_end); 1918 ATF_TP_ADD_TC(tp, getloginclass_end); 1919 ATF_TP_ADD_TC(tp, getloginclass_heap_before_end); 1920 ATF_TP_ADD_TC(tp, getloginclass_heap_end); 1921 ATF_TP_ADD_TC(tp, getloginclass_heap_after_end); 1922 ATF_TP_ADD_TC(tp, pread_before_end); 1923 ATF_TP_ADD_TC(tp, pread_end); 1924 ATF_TP_ADD_TC(tp, pread_heap_before_end); 1925 ATF_TP_ADD_TC(tp, pread_heap_end); 1926 ATF_TP_ADD_TC(tp, pread_heap_after_end); 1927 ATF_TP_ADD_TC(tp, read_before_end); 1928 ATF_TP_ADD_TC(tp, read_end); 1929 ATF_TP_ADD_TC(tp, read_heap_before_end); 1930 ATF_TP_ADD_TC(tp, read_heap_end); 1931 ATF_TP_ADD_TC(tp, read_heap_after_end); 1932 ATF_TP_ADD_TC(tp, readlink_before_end); 1933 ATF_TP_ADD_TC(tp, readlink_end); 1934 ATF_TP_ADD_TC(tp, readlink_heap_before_end); 1935 ATF_TP_ADD_TC(tp, readlink_heap_end); 1936 ATF_TP_ADD_TC(tp, readlink_heap_after_end); 1937 ATF_TP_ADD_TC(tp, readlinkat_before_end); 1938 ATF_TP_ADD_TC(tp, readlinkat_end); 1939 ATF_TP_ADD_TC(tp, readlinkat_heap_before_end); 1940 ATF_TP_ADD_TC(tp, readlinkat_heap_end); 1941 ATF_TP_ADD_TC(tp, readlinkat_heap_after_end); 1942 ATF_TP_ADD_TC(tp, getdomainname_before_end); 1943 ATF_TP_ADD_TC(tp, getdomainname_end); 1944 ATF_TP_ADD_TC(tp, getdomainname_heap_before_end); 1945 ATF_TP_ADD_TC(tp, getdomainname_heap_end); 1946 ATF_TP_ADD_TC(tp, getdomainname_heap_after_end); 1947 ATF_TP_ADD_TC(tp, getentropy_before_end); 1948 ATF_TP_ADD_TC(tp, getentropy_end); 1949 ATF_TP_ADD_TC(tp, getentropy_heap_before_end); 1950 ATF_TP_ADD_TC(tp, getentropy_heap_end); 1951 ATF_TP_ADD_TC(tp, getentropy_heap_after_end); 1952 ATF_TP_ADD_TC(tp, gethostname_before_end); 1953 ATF_TP_ADD_TC(tp, gethostname_end); 1954 ATF_TP_ADD_TC(tp, gethostname_heap_before_end); 1955 ATF_TP_ADD_TC(tp, gethostname_heap_end); 1956 ATF_TP_ADD_TC(tp, gethostname_heap_after_end); 1957 ATF_TP_ADD_TC(tp, getlogin_r_before_end); 1958 ATF_TP_ADD_TC(tp, getlogin_r_end); 1959 ATF_TP_ADD_TC(tp, getlogin_r_heap_before_end); 1960 ATF_TP_ADD_TC(tp, getlogin_r_heap_end); 1961 ATF_TP_ADD_TC(tp, getlogin_r_heap_after_end); 1962 ATF_TP_ADD_TC(tp, ttyname_r_before_end); 1963 ATF_TP_ADD_TC(tp, ttyname_r_end); 1964 ATF_TP_ADD_TC(tp, ttyname_r_heap_before_end); 1965 ATF_TP_ADD_TC(tp, ttyname_r_heap_end); 1966 ATF_TP_ADD_TC(tp, ttyname_r_heap_after_end); 1967 return (atf_no_error()); 1968 } 1969