1 /* @generated by `generate-fortify-tests.lua "unistd"` */ 2 3 #define _FORTIFY_SOURCE 2 4 #define TMPFILE_SIZE (1024 * 32) 5 6 #include <sys/param.h> 7 #include <sys/resource.h> 8 #include <sys/time.h> 9 #include <sys/wait.h> 10 #include <dirent.h> 11 #include <errno.h> 12 #include <fcntl.h> 13 #include <limits.h> 14 #include <poll.h> 15 #include <signal.h> 16 #include <stdio.h> 17 #include <stdlib.h> 18 #include <string.h> 19 #include <strings.h> 20 #include <sysexits.h> 21 #include <unistd.h> 22 #include <wchar.h> 23 #include <atf-c.h> 24 25 static FILE * __unused 26 new_fp(size_t __len) 27 { 28 static char fpbuf[LINE_MAX]; 29 FILE *fp; 30 31 ATF_REQUIRE(__len <= sizeof(fpbuf)); 32 33 memset(fpbuf, 'A', sizeof(fpbuf) - 1); 34 fpbuf[sizeof(fpbuf) - 1] = '\0'; 35 36 fp = fmemopen(fpbuf, sizeof(fpbuf), "rb"); 37 ATF_REQUIRE(fp != NULL); 38 39 return (fp); 40 } 41 42 /* 43 * Create a new symlink to use for readlink(2) style tests, we'll just use a 44 * random target name to have something interesting to look at. 45 */ 46 static const char * __unused 47 new_symlink(size_t __len) 48 { 49 static const char linkname[] = "link"; 50 char target[MAXNAMLEN]; 51 int error; 52 53 ATF_REQUIRE(__len <= sizeof(target)); 54 55 arc4random_buf(target, sizeof(target)); 56 57 error = unlink(linkname); 58 ATF_REQUIRE(error == 0 || errno == ENOENT); 59 60 error = symlink(target, linkname); 61 ATF_REQUIRE(error == 0); 62 63 return (linkname); 64 } 65 66 /* 67 * Constructs a tmpfile that we can use for testing read(2) and friends. 68 */ 69 static int __unused 70 new_tmpfile(void) 71 { 72 char buf[1024]; 73 ssize_t rv; 74 size_t written; 75 int fd; 76 77 fd = open("tmpfile", O_RDWR | O_CREAT | O_TRUNC, 0644); 78 ATF_REQUIRE(fd >= 0); 79 80 written = 0; 81 while (written < TMPFILE_SIZE) { 82 rv = write(fd, buf, sizeof(buf)); 83 ATF_REQUIRE(rv > 0); 84 85 written += rv; 86 } 87 88 ATF_REQUIRE_EQ(0, lseek(fd, 0, SEEK_SET)); 89 return (fd); 90 } 91 92 static void 93 disable_coredumps(void) 94 { 95 struct rlimit rl = { 0 }; 96 97 if (setrlimit(RLIMIT_CORE, &rl) == -1) 98 _exit(EX_OSERR); 99 } 100 101 /* 102 * Replaces stdin with a file that we can actually read from, for tests where 103 * we want a FILE * or fd that we can get data from. 104 */ 105 static void __unused 106 replace_stdin(void) 107 { 108 int fd; 109 110 fd = new_tmpfile(); 111 112 (void)dup2(fd, STDIN_FILENO); 113 if (fd != STDIN_FILENO) 114 close(fd); 115 } 116 117 ATF_TC_WITHOUT_HEAD(getcwd_before_end); 118 ATF_TC_BODY(getcwd_before_end, tc) 119 { 120 #define BUF &__stack.__buf 121 struct { 122 uint8_t padding_l; 123 unsigned char __buf[8]; 124 uint8_t padding_r; 125 } __stack; 126 const size_t __bufsz __unused = sizeof(__stack.__buf); 127 const size_t __len = 8 - 1; 128 const size_t __idx __unused = __len - 1; 129 130 getcwd(__stack.__buf, __len); 131 #undef BUF 132 133 } 134 135 ATF_TC_WITHOUT_HEAD(getcwd_end); 136 ATF_TC_BODY(getcwd_end, tc) 137 { 138 #define BUF &__stack.__buf 139 struct { 140 uint8_t padding_l; 141 unsigned char __buf[8]; 142 uint8_t padding_r; 143 } __stack; 144 const size_t __bufsz __unused = sizeof(__stack.__buf); 145 const size_t __len = 8; 146 const size_t __idx __unused = __len - 1; 147 148 getcwd(__stack.__buf, __len); 149 #undef BUF 150 151 } 152 153 ATF_TC_WITHOUT_HEAD(getcwd_heap_before_end); 154 ATF_TC_BODY(getcwd_heap_before_end, tc) 155 { 156 #define BUF __stack.__buf 157 struct { 158 uint8_t padding_l; 159 unsigned char * __buf; 160 uint8_t padding_r; 161 } __stack; 162 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (8); 163 const size_t __len = 8 - 1; 164 const size_t __idx __unused = __len - 1; 165 166 __stack.__buf = malloc(__bufsz); 167 168 getcwd(__stack.__buf, __len); 169 #undef BUF 170 171 } 172 173 ATF_TC_WITHOUT_HEAD(getcwd_heap_end); 174 ATF_TC_BODY(getcwd_heap_end, tc) 175 { 176 #define BUF __stack.__buf 177 struct { 178 uint8_t padding_l; 179 unsigned char * __buf; 180 uint8_t padding_r; 181 } __stack; 182 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (8); 183 const size_t __len = 8; 184 const size_t __idx __unused = __len - 1; 185 186 __stack.__buf = malloc(__bufsz); 187 188 getcwd(__stack.__buf, __len); 189 #undef BUF 190 191 } 192 193 ATF_TC_WITHOUT_HEAD(getcwd_heap_after_end); 194 ATF_TC_BODY(getcwd_heap_after_end, tc) 195 { 196 #define BUF __stack.__buf 197 struct { 198 uint8_t padding_l; 199 unsigned char * __buf; 200 uint8_t padding_r; 201 } __stack; 202 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (8); 203 const size_t __len = 8 + 1; 204 const size_t __idx __unused = __len - 1; 205 pid_t __child; 206 int __status; 207 208 __child = fork(); 209 ATF_REQUIRE(__child >= 0); 210 if (__child > 0) 211 goto monitor; 212 213 /* Child */ 214 disable_coredumps(); 215 __stack.__buf = malloc(__bufsz); 216 217 getcwd(__stack.__buf, __len); 218 _exit(EX_SOFTWARE); /* Should have aborted. */ 219 220 monitor: 221 while (waitpid(__child, &__status, 0) != __child) { 222 ATF_REQUIRE_EQ(EINTR, errno); 223 } 224 225 if (!WIFSIGNALED(__status)) { 226 switch (WEXITSTATUS(__status)) { 227 case EX_SOFTWARE: 228 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 229 break; 230 case EX_OSERR: 231 atf_tc_fail("setrlimit(2) failed"); 232 break; 233 default: 234 atf_tc_fail("child exited with status %d", 235 WEXITSTATUS(__status)); 236 } 237 } else { 238 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 239 } 240 #undef BUF 241 242 } 243 244 ATF_TC_WITHOUT_HEAD(getgrouplist_before_end); 245 ATF_TC_BODY(getgrouplist_before_end, tc) 246 { 247 #define BUF &__stack.__buf 248 struct { 249 uint8_t padding_l; 250 gid_t __buf[4]; 251 uint8_t padding_r; 252 } __stack; 253 const size_t __bufsz __unused = sizeof(__stack.__buf); 254 const size_t __len = 4 - 1; 255 const size_t __idx __unused = __len - 1; 256 int intlen = (int)__len; 257 258 getgrouplist("root", 0, __stack.__buf, &intlen); 259 #undef BUF 260 261 } 262 263 ATF_TC_WITHOUT_HEAD(getgrouplist_end); 264 ATF_TC_BODY(getgrouplist_end, tc) 265 { 266 #define BUF &__stack.__buf 267 struct { 268 uint8_t padding_l; 269 gid_t __buf[4]; 270 uint8_t padding_r; 271 } __stack; 272 const size_t __bufsz __unused = sizeof(__stack.__buf); 273 const size_t __len = 4; 274 const size_t __idx __unused = __len - 1; 275 int intlen = (int)__len; 276 277 getgrouplist("root", 0, __stack.__buf, &intlen); 278 #undef BUF 279 280 } 281 282 ATF_TC_WITHOUT_HEAD(getgrouplist_heap_before_end); 283 ATF_TC_BODY(getgrouplist_heap_before_end, tc) 284 { 285 #define BUF __stack.__buf 286 struct { 287 uint8_t padding_l; 288 gid_t * __buf; 289 uint8_t padding_r; 290 } __stack; 291 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 292 const size_t __len = 4 - 1; 293 const size_t __idx __unused = __len - 1; 294 int intlen = (int)__len; 295 296 __stack.__buf = malloc(__bufsz); 297 298 getgrouplist("root", 0, __stack.__buf, &intlen); 299 #undef BUF 300 301 } 302 303 ATF_TC_WITHOUT_HEAD(getgrouplist_heap_end); 304 ATF_TC_BODY(getgrouplist_heap_end, tc) 305 { 306 #define BUF __stack.__buf 307 struct { 308 uint8_t padding_l; 309 gid_t * __buf; 310 uint8_t padding_r; 311 } __stack; 312 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 313 const size_t __len = 4; 314 const size_t __idx __unused = __len - 1; 315 int intlen = (int)__len; 316 317 __stack.__buf = malloc(__bufsz); 318 319 getgrouplist("root", 0, __stack.__buf, &intlen); 320 #undef BUF 321 322 } 323 324 ATF_TC_WITHOUT_HEAD(getgrouplist_heap_after_end); 325 ATF_TC_BODY(getgrouplist_heap_after_end, tc) 326 { 327 #define BUF __stack.__buf 328 struct { 329 uint8_t padding_l; 330 gid_t * __buf; 331 uint8_t padding_r; 332 } __stack; 333 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 334 const size_t __len = 4 + 1; 335 const size_t __idx __unused = __len - 1; 336 pid_t __child; 337 int __status; 338 int intlen = (int)__len; 339 340 __child = fork(); 341 ATF_REQUIRE(__child >= 0); 342 if (__child > 0) 343 goto monitor; 344 345 /* Child */ 346 disable_coredumps(); 347 __stack.__buf = malloc(__bufsz); 348 349 getgrouplist("root", 0, __stack.__buf, &intlen); 350 _exit(EX_SOFTWARE); /* Should have aborted. */ 351 352 monitor: 353 while (waitpid(__child, &__status, 0) != __child) { 354 ATF_REQUIRE_EQ(EINTR, errno); 355 } 356 357 if (!WIFSIGNALED(__status)) { 358 switch (WEXITSTATUS(__status)) { 359 case EX_SOFTWARE: 360 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 361 break; 362 case EX_OSERR: 363 atf_tc_fail("setrlimit(2) failed"); 364 break; 365 default: 366 atf_tc_fail("child exited with status %d", 367 WEXITSTATUS(__status)); 368 } 369 } else { 370 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 371 } 372 #undef BUF 373 374 } 375 376 ATF_TC_WITHOUT_HEAD(getgroups_before_end); 377 ATF_TC_BODY(getgroups_before_end, tc) 378 { 379 #define BUF &__stack.__buf 380 struct { 381 uint8_t padding_l; 382 gid_t __buf[4]; 383 uint8_t padding_r; 384 } __stack; 385 const size_t __bufsz __unused = sizeof(__stack.__buf); 386 const size_t __len = 4 - 1; 387 const size_t __idx __unused = __len - 1; 388 389 getgroups(__len, __stack.__buf); 390 #undef BUF 391 392 } 393 394 ATF_TC_WITHOUT_HEAD(getgroups_end); 395 ATF_TC_BODY(getgroups_end, tc) 396 { 397 #define BUF &__stack.__buf 398 struct { 399 uint8_t padding_l; 400 gid_t __buf[4]; 401 uint8_t padding_r; 402 } __stack; 403 const size_t __bufsz __unused = sizeof(__stack.__buf); 404 const size_t __len = 4; 405 const size_t __idx __unused = __len - 1; 406 407 getgroups(__len, __stack.__buf); 408 #undef BUF 409 410 } 411 412 ATF_TC_WITHOUT_HEAD(getgroups_heap_before_end); 413 ATF_TC_BODY(getgroups_heap_before_end, tc) 414 { 415 #define BUF __stack.__buf 416 struct { 417 uint8_t padding_l; 418 gid_t * __buf; 419 uint8_t padding_r; 420 } __stack; 421 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 422 const size_t __len = 4 - 1; 423 const size_t __idx __unused = __len - 1; 424 425 __stack.__buf = malloc(__bufsz); 426 427 getgroups(__len, __stack.__buf); 428 #undef BUF 429 430 } 431 432 ATF_TC_WITHOUT_HEAD(getgroups_heap_end); 433 ATF_TC_BODY(getgroups_heap_end, tc) 434 { 435 #define BUF __stack.__buf 436 struct { 437 uint8_t padding_l; 438 gid_t * __buf; 439 uint8_t padding_r; 440 } __stack; 441 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 442 const size_t __len = 4; 443 const size_t __idx __unused = __len - 1; 444 445 __stack.__buf = malloc(__bufsz); 446 447 getgroups(__len, __stack.__buf); 448 #undef BUF 449 450 } 451 452 ATF_TC_WITHOUT_HEAD(getgroups_heap_after_end); 453 ATF_TC_BODY(getgroups_heap_after_end, tc) 454 { 455 #define BUF __stack.__buf 456 struct { 457 uint8_t padding_l; 458 gid_t * __buf; 459 uint8_t padding_r; 460 } __stack; 461 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 462 const size_t __len = 4 + 1; 463 const size_t __idx __unused = __len - 1; 464 pid_t __child; 465 int __status; 466 467 __child = fork(); 468 ATF_REQUIRE(__child >= 0); 469 if (__child > 0) 470 goto monitor; 471 472 /* Child */ 473 disable_coredumps(); 474 __stack.__buf = malloc(__bufsz); 475 476 getgroups(__len, __stack.__buf); 477 _exit(EX_SOFTWARE); /* Should have aborted. */ 478 479 monitor: 480 while (waitpid(__child, &__status, 0) != __child) { 481 ATF_REQUIRE_EQ(EINTR, errno); 482 } 483 484 if (!WIFSIGNALED(__status)) { 485 switch (WEXITSTATUS(__status)) { 486 case EX_SOFTWARE: 487 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 488 break; 489 case EX_OSERR: 490 atf_tc_fail("setrlimit(2) failed"); 491 break; 492 default: 493 atf_tc_fail("child exited with status %d", 494 WEXITSTATUS(__status)); 495 } 496 } else { 497 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 498 } 499 #undef BUF 500 501 } 502 503 ATF_TC_WITHOUT_HEAD(getloginclass_before_end); 504 ATF_TC_BODY(getloginclass_before_end, tc) 505 { 506 #define BUF &__stack.__buf 507 struct { 508 uint8_t padding_l; 509 unsigned char __buf[42]; 510 uint8_t padding_r; 511 } __stack; 512 const size_t __bufsz __unused = sizeof(__stack.__buf); 513 const size_t __len = 42 - 1; 514 const size_t __idx __unused = __len - 1; 515 516 getloginclass(__stack.__buf, __len); 517 #undef BUF 518 519 } 520 521 ATF_TC_WITHOUT_HEAD(getloginclass_end); 522 ATF_TC_BODY(getloginclass_end, tc) 523 { 524 #define BUF &__stack.__buf 525 struct { 526 uint8_t padding_l; 527 unsigned char __buf[42]; 528 uint8_t padding_r; 529 } __stack; 530 const size_t __bufsz __unused = sizeof(__stack.__buf); 531 const size_t __len = 42; 532 const size_t __idx __unused = __len - 1; 533 534 getloginclass(__stack.__buf, __len); 535 #undef BUF 536 537 } 538 539 ATF_TC_WITHOUT_HEAD(getloginclass_heap_before_end); 540 ATF_TC_BODY(getloginclass_heap_before_end, tc) 541 { 542 #define BUF __stack.__buf 543 struct { 544 uint8_t padding_l; 545 unsigned char * __buf; 546 uint8_t padding_r; 547 } __stack; 548 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 549 const size_t __len = 42 - 1; 550 const size_t __idx __unused = __len - 1; 551 552 __stack.__buf = malloc(__bufsz); 553 554 getloginclass(__stack.__buf, __len); 555 #undef BUF 556 557 } 558 559 ATF_TC_WITHOUT_HEAD(getloginclass_heap_end); 560 ATF_TC_BODY(getloginclass_heap_end, tc) 561 { 562 #define BUF __stack.__buf 563 struct { 564 uint8_t padding_l; 565 unsigned char * __buf; 566 uint8_t padding_r; 567 } __stack; 568 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 569 const size_t __len = 42; 570 const size_t __idx __unused = __len - 1; 571 572 __stack.__buf = malloc(__bufsz); 573 574 getloginclass(__stack.__buf, __len); 575 #undef BUF 576 577 } 578 579 ATF_TC_WITHOUT_HEAD(getloginclass_heap_after_end); 580 ATF_TC_BODY(getloginclass_heap_after_end, tc) 581 { 582 #define BUF __stack.__buf 583 struct { 584 uint8_t padding_l; 585 unsigned char * __buf; 586 uint8_t padding_r; 587 } __stack; 588 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 589 const size_t __len = 42 + 1; 590 const size_t __idx __unused = __len - 1; 591 pid_t __child; 592 int __status; 593 594 __child = fork(); 595 ATF_REQUIRE(__child >= 0); 596 if (__child > 0) 597 goto monitor; 598 599 /* Child */ 600 disable_coredumps(); 601 __stack.__buf = malloc(__bufsz); 602 603 getloginclass(__stack.__buf, __len); 604 _exit(EX_SOFTWARE); /* Should have aborted. */ 605 606 monitor: 607 while (waitpid(__child, &__status, 0) != __child) { 608 ATF_REQUIRE_EQ(EINTR, errno); 609 } 610 611 if (!WIFSIGNALED(__status)) { 612 switch (WEXITSTATUS(__status)) { 613 case EX_SOFTWARE: 614 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 615 break; 616 case EX_OSERR: 617 atf_tc_fail("setrlimit(2) failed"); 618 break; 619 default: 620 atf_tc_fail("child exited with status %d", 621 WEXITSTATUS(__status)); 622 } 623 } else { 624 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 625 } 626 #undef BUF 627 628 } 629 630 ATF_TC_WITHOUT_HEAD(pread_before_end); 631 ATF_TC_BODY(pread_before_end, tc) 632 { 633 #define BUF &__stack.__buf 634 struct { 635 uint8_t padding_l; 636 unsigned char __buf[41]; 637 uint8_t padding_r; 638 } __stack; 639 const size_t __bufsz __unused = sizeof(__stack.__buf); 640 const size_t __len = 41 - 1; 641 const size_t __idx __unused = __len - 1; 642 int fd; 643 644 fd = new_tmpfile(); /* Cannot fail */ 645 646 pread(fd, __stack.__buf, __len, 0); 647 #undef BUF 648 649 } 650 651 ATF_TC_WITHOUT_HEAD(pread_end); 652 ATF_TC_BODY(pread_end, tc) 653 { 654 #define BUF &__stack.__buf 655 struct { 656 uint8_t padding_l; 657 unsigned char __buf[41]; 658 uint8_t padding_r; 659 } __stack; 660 const size_t __bufsz __unused = sizeof(__stack.__buf); 661 const size_t __len = 41; 662 const size_t __idx __unused = __len - 1; 663 int fd; 664 665 fd = new_tmpfile(); /* Cannot fail */ 666 667 pread(fd, __stack.__buf, __len, 0); 668 #undef BUF 669 670 } 671 672 ATF_TC_WITHOUT_HEAD(pread_heap_before_end); 673 ATF_TC_BODY(pread_heap_before_end, tc) 674 { 675 #define BUF __stack.__buf 676 struct { 677 uint8_t padding_l; 678 unsigned char * __buf; 679 uint8_t padding_r; 680 } __stack; 681 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 682 const size_t __len = 41 - 1; 683 const size_t __idx __unused = __len - 1; 684 int fd; 685 686 __stack.__buf = malloc(__bufsz); 687 fd = new_tmpfile(); /* Cannot fail */ 688 689 pread(fd, __stack.__buf, __len, 0); 690 #undef BUF 691 692 } 693 694 ATF_TC_WITHOUT_HEAD(pread_heap_end); 695 ATF_TC_BODY(pread_heap_end, tc) 696 { 697 #define BUF __stack.__buf 698 struct { 699 uint8_t padding_l; 700 unsigned char * __buf; 701 uint8_t padding_r; 702 } __stack; 703 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 704 const size_t __len = 41; 705 const size_t __idx __unused = __len - 1; 706 int fd; 707 708 __stack.__buf = malloc(__bufsz); 709 fd = new_tmpfile(); /* Cannot fail */ 710 711 pread(fd, __stack.__buf, __len, 0); 712 #undef BUF 713 714 } 715 716 ATF_TC_WITHOUT_HEAD(pread_heap_after_end); 717 ATF_TC_BODY(pread_heap_after_end, tc) 718 { 719 #define BUF __stack.__buf 720 struct { 721 uint8_t padding_l; 722 unsigned char * __buf; 723 uint8_t padding_r; 724 } __stack; 725 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 726 const size_t __len = 41 + 1; 727 const size_t __idx __unused = __len - 1; 728 pid_t __child; 729 int __status; 730 int fd; 731 732 __child = fork(); 733 ATF_REQUIRE(__child >= 0); 734 if (__child > 0) 735 goto monitor; 736 737 /* Child */ 738 disable_coredumps(); 739 __stack.__buf = malloc(__bufsz); 740 fd = new_tmpfile(); /* Cannot fail */ 741 742 pread(fd, __stack.__buf, __len, 0); 743 _exit(EX_SOFTWARE); /* Should have aborted. */ 744 745 monitor: 746 while (waitpid(__child, &__status, 0) != __child) { 747 ATF_REQUIRE_EQ(EINTR, errno); 748 } 749 750 if (!WIFSIGNALED(__status)) { 751 switch (WEXITSTATUS(__status)) { 752 case EX_SOFTWARE: 753 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 754 break; 755 case EX_OSERR: 756 atf_tc_fail("setrlimit(2) failed"); 757 break; 758 default: 759 atf_tc_fail("child exited with status %d", 760 WEXITSTATUS(__status)); 761 } 762 } else { 763 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 764 } 765 #undef BUF 766 767 } 768 769 ATF_TC_WITHOUT_HEAD(read_before_end); 770 ATF_TC_BODY(read_before_end, tc) 771 { 772 #define BUF &__stack.__buf 773 struct { 774 uint8_t padding_l; 775 unsigned char __buf[41]; 776 uint8_t padding_r; 777 } __stack; 778 const size_t __bufsz __unused = sizeof(__stack.__buf); 779 const size_t __len = 41 - 1; 780 const size_t __idx __unused = __len - 1; 781 int fd; 782 783 fd = new_tmpfile(); /* Cannot fail */ 784 785 read(fd, __stack.__buf, __len); 786 #undef BUF 787 788 } 789 790 ATF_TC_WITHOUT_HEAD(read_end); 791 ATF_TC_BODY(read_end, tc) 792 { 793 #define BUF &__stack.__buf 794 struct { 795 uint8_t padding_l; 796 unsigned char __buf[41]; 797 uint8_t padding_r; 798 } __stack; 799 const size_t __bufsz __unused = sizeof(__stack.__buf); 800 const size_t __len = 41; 801 const size_t __idx __unused = __len - 1; 802 int fd; 803 804 fd = new_tmpfile(); /* Cannot fail */ 805 806 read(fd, __stack.__buf, __len); 807 #undef BUF 808 809 } 810 811 ATF_TC_WITHOUT_HEAD(read_heap_before_end); 812 ATF_TC_BODY(read_heap_before_end, tc) 813 { 814 #define BUF __stack.__buf 815 struct { 816 uint8_t padding_l; 817 unsigned char * __buf; 818 uint8_t padding_r; 819 } __stack; 820 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 821 const size_t __len = 41 - 1; 822 const size_t __idx __unused = __len - 1; 823 int fd; 824 825 __stack.__buf = malloc(__bufsz); 826 fd = new_tmpfile(); /* Cannot fail */ 827 828 read(fd, __stack.__buf, __len); 829 #undef BUF 830 831 } 832 833 ATF_TC_WITHOUT_HEAD(read_heap_end); 834 ATF_TC_BODY(read_heap_end, tc) 835 { 836 #define BUF __stack.__buf 837 struct { 838 uint8_t padding_l; 839 unsigned char * __buf; 840 uint8_t padding_r; 841 } __stack; 842 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 843 const size_t __len = 41; 844 const size_t __idx __unused = __len - 1; 845 int fd; 846 847 __stack.__buf = malloc(__bufsz); 848 fd = new_tmpfile(); /* Cannot fail */ 849 850 read(fd, __stack.__buf, __len); 851 #undef BUF 852 853 } 854 855 ATF_TC_WITHOUT_HEAD(read_heap_after_end); 856 ATF_TC_BODY(read_heap_after_end, tc) 857 { 858 #define BUF __stack.__buf 859 struct { 860 uint8_t padding_l; 861 unsigned char * __buf; 862 uint8_t padding_r; 863 } __stack; 864 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (41); 865 const size_t __len = 41 + 1; 866 const size_t __idx __unused = __len - 1; 867 pid_t __child; 868 int __status; 869 int fd; 870 871 __child = fork(); 872 ATF_REQUIRE(__child >= 0); 873 if (__child > 0) 874 goto monitor; 875 876 /* Child */ 877 disable_coredumps(); 878 __stack.__buf = malloc(__bufsz); 879 fd = new_tmpfile(); /* Cannot fail */ 880 881 read(fd, __stack.__buf, __len); 882 _exit(EX_SOFTWARE); /* Should have aborted. */ 883 884 monitor: 885 while (waitpid(__child, &__status, 0) != __child) { 886 ATF_REQUIRE_EQ(EINTR, errno); 887 } 888 889 if (!WIFSIGNALED(__status)) { 890 switch (WEXITSTATUS(__status)) { 891 case EX_SOFTWARE: 892 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 893 break; 894 case EX_OSERR: 895 atf_tc_fail("setrlimit(2) failed"); 896 break; 897 default: 898 atf_tc_fail("child exited with status %d", 899 WEXITSTATUS(__status)); 900 } 901 } else { 902 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 903 } 904 #undef BUF 905 906 } 907 908 ATF_TC_WITHOUT_HEAD(readlink_before_end); 909 ATF_TC_BODY(readlink_before_end, tc) 910 { 911 #define BUF &__stack.__buf 912 struct { 913 uint8_t padding_l; 914 unsigned char __buf[42]; 915 uint8_t padding_r; 916 } __stack; 917 const size_t __bufsz __unused = sizeof(__stack.__buf); 918 const size_t __len = 42 - 1; 919 const size_t __idx __unused = __len - 1; 920 const char *path; 921 922 path = new_symlink(__len); /* Cannot fail */ 923 924 readlink(path, __stack.__buf, __len); 925 #undef BUF 926 927 } 928 929 ATF_TC_WITHOUT_HEAD(readlink_end); 930 ATF_TC_BODY(readlink_end, tc) 931 { 932 #define BUF &__stack.__buf 933 struct { 934 uint8_t padding_l; 935 unsigned char __buf[42]; 936 uint8_t padding_r; 937 } __stack; 938 const size_t __bufsz __unused = sizeof(__stack.__buf); 939 const size_t __len = 42; 940 const size_t __idx __unused = __len - 1; 941 const char *path; 942 943 path = new_symlink(__len); /* Cannot fail */ 944 945 readlink(path, __stack.__buf, __len); 946 #undef BUF 947 948 } 949 950 ATF_TC_WITHOUT_HEAD(readlink_heap_before_end); 951 ATF_TC_BODY(readlink_heap_before_end, tc) 952 { 953 #define BUF __stack.__buf 954 struct { 955 uint8_t padding_l; 956 unsigned char * __buf; 957 uint8_t padding_r; 958 } __stack; 959 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 960 const size_t __len = 42 - 1; 961 const size_t __idx __unused = __len - 1; 962 const char *path; 963 964 __stack.__buf = malloc(__bufsz); 965 path = new_symlink(__len); /* Cannot fail */ 966 967 readlink(path, __stack.__buf, __len); 968 #undef BUF 969 970 } 971 972 ATF_TC_WITHOUT_HEAD(readlink_heap_end); 973 ATF_TC_BODY(readlink_heap_end, tc) 974 { 975 #define BUF __stack.__buf 976 struct { 977 uint8_t padding_l; 978 unsigned char * __buf; 979 uint8_t padding_r; 980 } __stack; 981 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 982 const size_t __len = 42; 983 const size_t __idx __unused = __len - 1; 984 const char *path; 985 986 __stack.__buf = malloc(__bufsz); 987 path = new_symlink(__len); /* Cannot fail */ 988 989 readlink(path, __stack.__buf, __len); 990 #undef BUF 991 992 } 993 994 ATF_TC_WITHOUT_HEAD(readlink_heap_after_end); 995 ATF_TC_BODY(readlink_heap_after_end, tc) 996 { 997 #define BUF __stack.__buf 998 struct { 999 uint8_t padding_l; 1000 unsigned char * __buf; 1001 uint8_t padding_r; 1002 } __stack; 1003 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1004 const size_t __len = 42 + 1; 1005 const size_t __idx __unused = __len - 1; 1006 pid_t __child; 1007 int __status; 1008 const char *path; 1009 1010 __child = fork(); 1011 ATF_REQUIRE(__child >= 0); 1012 if (__child > 0) 1013 goto monitor; 1014 1015 /* Child */ 1016 disable_coredumps(); 1017 __stack.__buf = malloc(__bufsz); 1018 path = new_symlink(__len); /* Cannot fail */ 1019 1020 readlink(path, __stack.__buf, __len); 1021 _exit(EX_SOFTWARE); /* Should have aborted. */ 1022 1023 monitor: 1024 while (waitpid(__child, &__status, 0) != __child) { 1025 ATF_REQUIRE_EQ(EINTR, errno); 1026 } 1027 1028 if (!WIFSIGNALED(__status)) { 1029 switch (WEXITSTATUS(__status)) { 1030 case EX_SOFTWARE: 1031 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1032 break; 1033 case EX_OSERR: 1034 atf_tc_fail("setrlimit(2) failed"); 1035 break; 1036 default: 1037 atf_tc_fail("child exited with status %d", 1038 WEXITSTATUS(__status)); 1039 } 1040 } else { 1041 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1042 } 1043 #undef BUF 1044 1045 } 1046 1047 ATF_TC_WITHOUT_HEAD(readlinkat_before_end); 1048 ATF_TC_BODY(readlinkat_before_end, tc) 1049 { 1050 #define BUF &__stack.__buf 1051 struct { 1052 uint8_t padding_l; 1053 unsigned char __buf[42]; 1054 uint8_t padding_r; 1055 } __stack; 1056 const size_t __bufsz __unused = sizeof(__stack.__buf); 1057 const size_t __len = 42 - 1; 1058 const size_t __idx __unused = __len - 1; 1059 const char *path; 1060 1061 path = new_symlink(__len); /* Cannot fail */ 1062 1063 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1064 #undef BUF 1065 1066 } 1067 1068 ATF_TC_WITHOUT_HEAD(readlinkat_end); 1069 ATF_TC_BODY(readlinkat_end, tc) 1070 { 1071 #define BUF &__stack.__buf 1072 struct { 1073 uint8_t padding_l; 1074 unsigned char __buf[42]; 1075 uint8_t padding_r; 1076 } __stack; 1077 const size_t __bufsz __unused = sizeof(__stack.__buf); 1078 const size_t __len = 42; 1079 const size_t __idx __unused = __len - 1; 1080 const char *path; 1081 1082 path = new_symlink(__len); /* Cannot fail */ 1083 1084 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1085 #undef BUF 1086 1087 } 1088 1089 ATF_TC_WITHOUT_HEAD(readlinkat_heap_before_end); 1090 ATF_TC_BODY(readlinkat_heap_before_end, tc) 1091 { 1092 #define BUF __stack.__buf 1093 struct { 1094 uint8_t padding_l; 1095 unsigned char * __buf; 1096 uint8_t padding_r; 1097 } __stack; 1098 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1099 const size_t __len = 42 - 1; 1100 const size_t __idx __unused = __len - 1; 1101 const char *path; 1102 1103 __stack.__buf = malloc(__bufsz); 1104 path = new_symlink(__len); /* Cannot fail */ 1105 1106 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1107 #undef BUF 1108 1109 } 1110 1111 ATF_TC_WITHOUT_HEAD(readlinkat_heap_end); 1112 ATF_TC_BODY(readlinkat_heap_end, tc) 1113 { 1114 #define BUF __stack.__buf 1115 struct { 1116 uint8_t padding_l; 1117 unsigned char * __buf; 1118 uint8_t padding_r; 1119 } __stack; 1120 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1121 const size_t __len = 42; 1122 const size_t __idx __unused = __len - 1; 1123 const char *path; 1124 1125 __stack.__buf = malloc(__bufsz); 1126 path = new_symlink(__len); /* Cannot fail */ 1127 1128 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1129 #undef BUF 1130 1131 } 1132 1133 ATF_TC_WITHOUT_HEAD(readlinkat_heap_after_end); 1134 ATF_TC_BODY(readlinkat_heap_after_end, tc) 1135 { 1136 #define BUF __stack.__buf 1137 struct { 1138 uint8_t padding_l; 1139 unsigned char * __buf; 1140 uint8_t padding_r; 1141 } __stack; 1142 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1143 const size_t __len = 42 + 1; 1144 const size_t __idx __unused = __len - 1; 1145 pid_t __child; 1146 int __status; 1147 const char *path; 1148 1149 __child = fork(); 1150 ATF_REQUIRE(__child >= 0); 1151 if (__child > 0) 1152 goto monitor; 1153 1154 /* Child */ 1155 disable_coredumps(); 1156 __stack.__buf = malloc(__bufsz); 1157 path = new_symlink(__len); /* Cannot fail */ 1158 1159 readlinkat(AT_FDCWD, path, __stack.__buf, __len); 1160 _exit(EX_SOFTWARE); /* Should have aborted. */ 1161 1162 monitor: 1163 while (waitpid(__child, &__status, 0) != __child) { 1164 ATF_REQUIRE_EQ(EINTR, errno); 1165 } 1166 1167 if (!WIFSIGNALED(__status)) { 1168 switch (WEXITSTATUS(__status)) { 1169 case EX_SOFTWARE: 1170 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1171 break; 1172 case EX_OSERR: 1173 atf_tc_fail("setrlimit(2) failed"); 1174 break; 1175 default: 1176 atf_tc_fail("child exited with status %d", 1177 WEXITSTATUS(__status)); 1178 } 1179 } else { 1180 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1181 } 1182 #undef BUF 1183 1184 } 1185 1186 ATF_TC_WITHOUT_HEAD(getdomainname_before_end); 1187 ATF_TC_BODY(getdomainname_before_end, tc) 1188 { 1189 #define BUF &__stack.__buf 1190 struct { 1191 uint8_t padding_l; 1192 unsigned char __buf[4]; 1193 uint8_t padding_r; 1194 } __stack; 1195 const size_t __bufsz __unused = sizeof(__stack.__buf); 1196 const size_t __len = 4 - 1; 1197 const size_t __idx __unused = __len - 1; 1198 char sysdomain[256]; 1199 1200 (void)getdomainname(sysdomain, __len); 1201 if (strlen(sysdomain) <= __len) 1202 atf_tc_skip("domain name too short for testing"); 1203 1204 getdomainname(__stack.__buf, __len); 1205 #undef BUF 1206 1207 } 1208 1209 ATF_TC_WITHOUT_HEAD(getdomainname_end); 1210 ATF_TC_BODY(getdomainname_end, tc) 1211 { 1212 #define BUF &__stack.__buf 1213 struct { 1214 uint8_t padding_l; 1215 unsigned char __buf[4]; 1216 uint8_t padding_r; 1217 } __stack; 1218 const size_t __bufsz __unused = sizeof(__stack.__buf); 1219 const size_t __len = 4; 1220 const size_t __idx __unused = __len - 1; 1221 char sysdomain[256]; 1222 1223 (void)getdomainname(sysdomain, __len); 1224 if (strlen(sysdomain) <= __len) 1225 atf_tc_skip("domain name too short for testing"); 1226 1227 getdomainname(__stack.__buf, __len); 1228 #undef BUF 1229 1230 } 1231 1232 ATF_TC_WITHOUT_HEAD(getdomainname_heap_before_end); 1233 ATF_TC_BODY(getdomainname_heap_before_end, tc) 1234 { 1235 #define BUF __stack.__buf 1236 struct { 1237 uint8_t padding_l; 1238 unsigned char * __buf; 1239 uint8_t padding_r; 1240 } __stack; 1241 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1242 const size_t __len = 4 - 1; 1243 const size_t __idx __unused = __len - 1; 1244 char sysdomain[256]; 1245 1246 (void)getdomainname(sysdomain, __len); 1247 if (strlen(sysdomain) <= __len) 1248 atf_tc_skip("domain name too short for testing"); 1249 1250 __stack.__buf = malloc(__bufsz); 1251 1252 getdomainname(__stack.__buf, __len); 1253 #undef BUF 1254 1255 } 1256 1257 ATF_TC_WITHOUT_HEAD(getdomainname_heap_end); 1258 ATF_TC_BODY(getdomainname_heap_end, tc) 1259 { 1260 #define BUF __stack.__buf 1261 struct { 1262 uint8_t padding_l; 1263 unsigned char * __buf; 1264 uint8_t padding_r; 1265 } __stack; 1266 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1267 const size_t __len = 4; 1268 const size_t __idx __unused = __len - 1; 1269 char sysdomain[256]; 1270 1271 (void)getdomainname(sysdomain, __len); 1272 if (strlen(sysdomain) <= __len) 1273 atf_tc_skip("domain name too short for testing"); 1274 1275 __stack.__buf = malloc(__bufsz); 1276 1277 getdomainname(__stack.__buf, __len); 1278 #undef BUF 1279 1280 } 1281 1282 ATF_TC_WITHOUT_HEAD(getdomainname_heap_after_end); 1283 ATF_TC_BODY(getdomainname_heap_after_end, tc) 1284 { 1285 #define BUF __stack.__buf 1286 struct { 1287 uint8_t padding_l; 1288 unsigned char * __buf; 1289 uint8_t padding_r; 1290 } __stack; 1291 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1292 const size_t __len = 4 + 1; 1293 const size_t __idx __unused = __len - 1; 1294 pid_t __child; 1295 int __status; 1296 char sysdomain[256]; 1297 1298 (void)getdomainname(sysdomain, __len); 1299 if (strlen(sysdomain) <= __len) 1300 atf_tc_skip("domain name too short for testing"); 1301 1302 __child = fork(); 1303 ATF_REQUIRE(__child >= 0); 1304 if (__child > 0) 1305 goto monitor; 1306 1307 /* Child */ 1308 disable_coredumps(); 1309 __stack.__buf = malloc(__bufsz); 1310 1311 getdomainname(__stack.__buf, __len); 1312 _exit(EX_SOFTWARE); /* Should have aborted. */ 1313 1314 monitor: 1315 while (waitpid(__child, &__status, 0) != __child) { 1316 ATF_REQUIRE_EQ(EINTR, errno); 1317 } 1318 1319 if (!WIFSIGNALED(__status)) { 1320 switch (WEXITSTATUS(__status)) { 1321 case EX_SOFTWARE: 1322 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1323 break; 1324 case EX_OSERR: 1325 atf_tc_fail("setrlimit(2) failed"); 1326 break; 1327 default: 1328 atf_tc_fail("child exited with status %d", 1329 WEXITSTATUS(__status)); 1330 } 1331 } else { 1332 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1333 } 1334 #undef BUF 1335 1336 } 1337 1338 ATF_TC_WITHOUT_HEAD(getentropy_before_end); 1339 ATF_TC_BODY(getentropy_before_end, tc) 1340 { 1341 #define BUF &__stack.__buf 1342 struct { 1343 uint8_t padding_l; 1344 unsigned char __buf[42]; 1345 uint8_t padding_r; 1346 } __stack; 1347 const size_t __bufsz __unused = sizeof(__stack.__buf); 1348 const size_t __len = 42 - 1; 1349 const size_t __idx __unused = __len - 1; 1350 1351 getentropy(__stack.__buf, __len); 1352 #undef BUF 1353 1354 } 1355 1356 ATF_TC_WITHOUT_HEAD(getentropy_end); 1357 ATF_TC_BODY(getentropy_end, tc) 1358 { 1359 #define BUF &__stack.__buf 1360 struct { 1361 uint8_t padding_l; 1362 unsigned char __buf[42]; 1363 uint8_t padding_r; 1364 } __stack; 1365 const size_t __bufsz __unused = sizeof(__stack.__buf); 1366 const size_t __len = 42; 1367 const size_t __idx __unused = __len - 1; 1368 1369 getentropy(__stack.__buf, __len); 1370 #undef BUF 1371 1372 } 1373 1374 ATF_TC_WITHOUT_HEAD(getentropy_heap_before_end); 1375 ATF_TC_BODY(getentropy_heap_before_end, tc) 1376 { 1377 #define BUF __stack.__buf 1378 struct { 1379 uint8_t padding_l; 1380 unsigned char * __buf; 1381 uint8_t padding_r; 1382 } __stack; 1383 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1384 const size_t __len = 42 - 1; 1385 const size_t __idx __unused = __len - 1; 1386 1387 __stack.__buf = malloc(__bufsz); 1388 1389 getentropy(__stack.__buf, __len); 1390 #undef BUF 1391 1392 } 1393 1394 ATF_TC_WITHOUT_HEAD(getentropy_heap_end); 1395 ATF_TC_BODY(getentropy_heap_end, tc) 1396 { 1397 #define BUF __stack.__buf 1398 struct { 1399 uint8_t padding_l; 1400 unsigned char * __buf; 1401 uint8_t padding_r; 1402 } __stack; 1403 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1404 const size_t __len = 42; 1405 const size_t __idx __unused = __len - 1; 1406 1407 __stack.__buf = malloc(__bufsz); 1408 1409 getentropy(__stack.__buf, __len); 1410 #undef BUF 1411 1412 } 1413 1414 ATF_TC_WITHOUT_HEAD(getentropy_heap_after_end); 1415 ATF_TC_BODY(getentropy_heap_after_end, tc) 1416 { 1417 #define BUF __stack.__buf 1418 struct { 1419 uint8_t padding_l; 1420 unsigned char * __buf; 1421 uint8_t padding_r; 1422 } __stack; 1423 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1424 const size_t __len = 42 + 1; 1425 const size_t __idx __unused = __len - 1; 1426 pid_t __child; 1427 int __status; 1428 1429 __child = fork(); 1430 ATF_REQUIRE(__child >= 0); 1431 if (__child > 0) 1432 goto monitor; 1433 1434 /* Child */ 1435 disable_coredumps(); 1436 __stack.__buf = malloc(__bufsz); 1437 1438 getentropy(__stack.__buf, __len); 1439 _exit(EX_SOFTWARE); /* Should have aborted. */ 1440 1441 monitor: 1442 while (waitpid(__child, &__status, 0) != __child) { 1443 ATF_REQUIRE_EQ(EINTR, errno); 1444 } 1445 1446 if (!WIFSIGNALED(__status)) { 1447 switch (WEXITSTATUS(__status)) { 1448 case EX_SOFTWARE: 1449 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1450 break; 1451 case EX_OSERR: 1452 atf_tc_fail("setrlimit(2) failed"); 1453 break; 1454 default: 1455 atf_tc_fail("child exited with status %d", 1456 WEXITSTATUS(__status)); 1457 } 1458 } else { 1459 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1460 } 1461 #undef BUF 1462 1463 } 1464 1465 ATF_TC_WITHOUT_HEAD(gethostname_before_end); 1466 ATF_TC_BODY(gethostname_before_end, tc) 1467 { 1468 #define BUF &__stack.__buf 1469 struct { 1470 uint8_t padding_l; 1471 unsigned char __buf[4]; 1472 uint8_t padding_r; 1473 } __stack; 1474 const size_t __bufsz __unused = sizeof(__stack.__buf); 1475 const size_t __len = 4 - 1; 1476 const size_t __idx __unused = __len - 1; 1477 char syshost[256]; 1478 int error; 1479 1480 error = gethostname(syshost, __len); 1481 if (error != 0 || strlen(syshost) <= __len) 1482 atf_tc_skip("hostname too short for testing"); 1483 1484 gethostname(__stack.__buf, __len); 1485 #undef BUF 1486 1487 } 1488 1489 ATF_TC_WITHOUT_HEAD(gethostname_end); 1490 ATF_TC_BODY(gethostname_end, tc) 1491 { 1492 #define BUF &__stack.__buf 1493 struct { 1494 uint8_t padding_l; 1495 unsigned char __buf[4]; 1496 uint8_t padding_r; 1497 } __stack; 1498 const size_t __bufsz __unused = sizeof(__stack.__buf); 1499 const size_t __len = 4; 1500 const size_t __idx __unused = __len - 1; 1501 char syshost[256]; 1502 int error; 1503 1504 error = gethostname(syshost, __len); 1505 if (error != 0 || strlen(syshost) <= __len) 1506 atf_tc_skip("hostname too short for testing"); 1507 1508 gethostname(__stack.__buf, __len); 1509 #undef BUF 1510 1511 } 1512 1513 ATF_TC_WITHOUT_HEAD(gethostname_heap_before_end); 1514 ATF_TC_BODY(gethostname_heap_before_end, tc) 1515 { 1516 #define BUF __stack.__buf 1517 struct { 1518 uint8_t padding_l; 1519 unsigned char * __buf; 1520 uint8_t padding_r; 1521 } __stack; 1522 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1523 const size_t __len = 4 - 1; 1524 const size_t __idx __unused = __len - 1; 1525 char syshost[256]; 1526 int error; 1527 1528 error = gethostname(syshost, __len); 1529 if (error != 0 || strlen(syshost) <= __len) 1530 atf_tc_skip("hostname too short for testing"); 1531 1532 __stack.__buf = malloc(__bufsz); 1533 1534 gethostname(__stack.__buf, __len); 1535 #undef BUF 1536 1537 } 1538 1539 ATF_TC_WITHOUT_HEAD(gethostname_heap_end); 1540 ATF_TC_BODY(gethostname_heap_end, tc) 1541 { 1542 #define BUF __stack.__buf 1543 struct { 1544 uint8_t padding_l; 1545 unsigned char * __buf; 1546 uint8_t padding_r; 1547 } __stack; 1548 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1549 const size_t __len = 4; 1550 const size_t __idx __unused = __len - 1; 1551 char syshost[256]; 1552 int error; 1553 1554 error = gethostname(syshost, __len); 1555 if (error != 0 || strlen(syshost) <= __len) 1556 atf_tc_skip("hostname too short for testing"); 1557 1558 __stack.__buf = malloc(__bufsz); 1559 1560 gethostname(__stack.__buf, __len); 1561 #undef BUF 1562 1563 } 1564 1565 ATF_TC_WITHOUT_HEAD(gethostname_heap_after_end); 1566 ATF_TC_BODY(gethostname_heap_after_end, tc) 1567 { 1568 #define BUF __stack.__buf 1569 struct { 1570 uint8_t padding_l; 1571 unsigned char * __buf; 1572 uint8_t padding_r; 1573 } __stack; 1574 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (4); 1575 const size_t __len = 4 + 1; 1576 const size_t __idx __unused = __len - 1; 1577 pid_t __child; 1578 int __status; 1579 char syshost[256]; 1580 int error; 1581 1582 error = gethostname(syshost, __len); 1583 if (error != 0 || strlen(syshost) <= __len) 1584 atf_tc_skip("hostname too short for testing"); 1585 1586 __child = fork(); 1587 ATF_REQUIRE(__child >= 0); 1588 if (__child > 0) 1589 goto monitor; 1590 1591 /* Child */ 1592 disable_coredumps(); 1593 __stack.__buf = malloc(__bufsz); 1594 1595 gethostname(__stack.__buf, __len); 1596 _exit(EX_SOFTWARE); /* Should have aborted. */ 1597 1598 monitor: 1599 while (waitpid(__child, &__status, 0) != __child) { 1600 ATF_REQUIRE_EQ(EINTR, errno); 1601 } 1602 1603 if (!WIFSIGNALED(__status)) { 1604 switch (WEXITSTATUS(__status)) { 1605 case EX_SOFTWARE: 1606 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1607 break; 1608 case EX_OSERR: 1609 atf_tc_fail("setrlimit(2) failed"); 1610 break; 1611 default: 1612 atf_tc_fail("child exited with status %d", 1613 WEXITSTATUS(__status)); 1614 } 1615 } else { 1616 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1617 } 1618 #undef BUF 1619 1620 } 1621 1622 ATF_TC_WITHOUT_HEAD(getlogin_r_before_end); 1623 ATF_TC_BODY(getlogin_r_before_end, tc) 1624 { 1625 #define BUF &__stack.__buf 1626 struct { 1627 uint8_t padding_l; 1628 unsigned char __buf[MAXLOGNAME + 1]; 1629 uint8_t padding_r; 1630 } __stack; 1631 const size_t __bufsz __unused = sizeof(__stack.__buf); 1632 const size_t __len = MAXLOGNAME + 1 - 1; 1633 const size_t __idx __unused = __len - 1; 1634 1635 getlogin_r(__stack.__buf, __len); 1636 #undef BUF 1637 1638 } 1639 1640 ATF_TC_WITHOUT_HEAD(getlogin_r_end); 1641 ATF_TC_BODY(getlogin_r_end, tc) 1642 { 1643 #define BUF &__stack.__buf 1644 struct { 1645 uint8_t padding_l; 1646 unsigned char __buf[MAXLOGNAME + 1]; 1647 uint8_t padding_r; 1648 } __stack; 1649 const size_t __bufsz __unused = sizeof(__stack.__buf); 1650 const size_t __len = MAXLOGNAME + 1; 1651 const size_t __idx __unused = __len - 1; 1652 1653 getlogin_r(__stack.__buf, __len); 1654 #undef BUF 1655 1656 } 1657 1658 ATF_TC_WITHOUT_HEAD(getlogin_r_heap_before_end); 1659 ATF_TC_BODY(getlogin_r_heap_before_end, tc) 1660 { 1661 #define BUF __stack.__buf 1662 struct { 1663 uint8_t padding_l; 1664 unsigned char * __buf; 1665 uint8_t padding_r; 1666 } __stack; 1667 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (MAXLOGNAME + 1); 1668 const size_t __len = MAXLOGNAME + 1 - 1; 1669 const size_t __idx __unused = __len - 1; 1670 1671 __stack.__buf = malloc(__bufsz); 1672 1673 getlogin_r(__stack.__buf, __len); 1674 #undef BUF 1675 1676 } 1677 1678 ATF_TC_WITHOUT_HEAD(getlogin_r_heap_end); 1679 ATF_TC_BODY(getlogin_r_heap_end, tc) 1680 { 1681 #define BUF __stack.__buf 1682 struct { 1683 uint8_t padding_l; 1684 unsigned char * __buf; 1685 uint8_t padding_r; 1686 } __stack; 1687 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (MAXLOGNAME + 1); 1688 const size_t __len = MAXLOGNAME + 1; 1689 const size_t __idx __unused = __len - 1; 1690 1691 __stack.__buf = malloc(__bufsz); 1692 1693 getlogin_r(__stack.__buf, __len); 1694 #undef BUF 1695 1696 } 1697 1698 ATF_TC_WITHOUT_HEAD(getlogin_r_heap_after_end); 1699 ATF_TC_BODY(getlogin_r_heap_after_end, tc) 1700 { 1701 #define BUF __stack.__buf 1702 struct { 1703 uint8_t padding_l; 1704 unsigned char * __buf; 1705 uint8_t padding_r; 1706 } __stack; 1707 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (MAXLOGNAME + 1); 1708 const size_t __len = MAXLOGNAME + 1 + 1; 1709 const size_t __idx __unused = __len - 1; 1710 pid_t __child; 1711 int __status; 1712 1713 __child = fork(); 1714 ATF_REQUIRE(__child >= 0); 1715 if (__child > 0) 1716 goto monitor; 1717 1718 /* Child */ 1719 disable_coredumps(); 1720 __stack.__buf = malloc(__bufsz); 1721 1722 getlogin_r(__stack.__buf, __len); 1723 _exit(EX_SOFTWARE); /* Should have aborted. */ 1724 1725 monitor: 1726 while (waitpid(__child, &__status, 0) != __child) { 1727 ATF_REQUIRE_EQ(EINTR, errno); 1728 } 1729 1730 if (!WIFSIGNALED(__status)) { 1731 switch (WEXITSTATUS(__status)) { 1732 case EX_SOFTWARE: 1733 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1734 break; 1735 case EX_OSERR: 1736 atf_tc_fail("setrlimit(2) failed"); 1737 break; 1738 default: 1739 atf_tc_fail("child exited with status %d", 1740 WEXITSTATUS(__status)); 1741 } 1742 } else { 1743 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1744 } 1745 #undef BUF 1746 1747 } 1748 1749 ATF_TC_WITHOUT_HEAD(ttyname_r_before_end); 1750 ATF_TC_BODY(ttyname_r_before_end, tc) 1751 { 1752 #define BUF &__stack.__buf 1753 struct { 1754 uint8_t padding_l; 1755 unsigned char __buf[42]; 1756 uint8_t padding_r; 1757 } __stack; 1758 const size_t __bufsz __unused = sizeof(__stack.__buf); 1759 const size_t __len = 42 - 1; 1760 const size_t __idx __unused = __len - 1; 1761 int fd; 1762 1763 fd = STDIN_FILENO; 1764 if (!isatty(fd)) 1765 atf_tc_skip("stdin is not an fd"); 1766 1767 ttyname_r(fd, __stack.__buf, __len); 1768 #undef BUF 1769 1770 } 1771 1772 ATF_TC_WITHOUT_HEAD(ttyname_r_end); 1773 ATF_TC_BODY(ttyname_r_end, tc) 1774 { 1775 #define BUF &__stack.__buf 1776 struct { 1777 uint8_t padding_l; 1778 unsigned char __buf[42]; 1779 uint8_t padding_r; 1780 } __stack; 1781 const size_t __bufsz __unused = sizeof(__stack.__buf); 1782 const size_t __len = 42; 1783 const size_t __idx __unused = __len - 1; 1784 int fd; 1785 1786 fd = STDIN_FILENO; 1787 if (!isatty(fd)) 1788 atf_tc_skip("stdin is not an fd"); 1789 1790 ttyname_r(fd, __stack.__buf, __len); 1791 #undef BUF 1792 1793 } 1794 1795 ATF_TC_WITHOUT_HEAD(ttyname_r_heap_before_end); 1796 ATF_TC_BODY(ttyname_r_heap_before_end, tc) 1797 { 1798 #define BUF __stack.__buf 1799 struct { 1800 uint8_t padding_l; 1801 unsigned char * __buf; 1802 uint8_t padding_r; 1803 } __stack; 1804 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1805 const size_t __len = 42 - 1; 1806 const size_t __idx __unused = __len - 1; 1807 int fd; 1808 1809 fd = STDIN_FILENO; 1810 if (!isatty(fd)) 1811 atf_tc_skip("stdin is not an fd"); 1812 1813 __stack.__buf = malloc(__bufsz); 1814 1815 ttyname_r(fd, __stack.__buf, __len); 1816 #undef BUF 1817 1818 } 1819 1820 ATF_TC_WITHOUT_HEAD(ttyname_r_heap_end); 1821 ATF_TC_BODY(ttyname_r_heap_end, tc) 1822 { 1823 #define BUF __stack.__buf 1824 struct { 1825 uint8_t padding_l; 1826 unsigned char * __buf; 1827 uint8_t padding_r; 1828 } __stack; 1829 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1830 const size_t __len = 42; 1831 const size_t __idx __unused = __len - 1; 1832 int fd; 1833 1834 fd = STDIN_FILENO; 1835 if (!isatty(fd)) 1836 atf_tc_skip("stdin is not an fd"); 1837 1838 __stack.__buf = malloc(__bufsz); 1839 1840 ttyname_r(fd, __stack.__buf, __len); 1841 #undef BUF 1842 1843 } 1844 1845 ATF_TC_WITHOUT_HEAD(ttyname_r_heap_after_end); 1846 ATF_TC_BODY(ttyname_r_heap_after_end, tc) 1847 { 1848 #define BUF __stack.__buf 1849 struct { 1850 uint8_t padding_l; 1851 unsigned char * __buf; 1852 uint8_t padding_r; 1853 } __stack; 1854 const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42); 1855 const size_t __len = 42 + 1; 1856 const size_t __idx __unused = __len - 1; 1857 pid_t __child; 1858 int __status; 1859 int fd; 1860 1861 fd = STDIN_FILENO; 1862 if (!isatty(fd)) 1863 atf_tc_skip("stdin is not an fd"); 1864 1865 __child = fork(); 1866 ATF_REQUIRE(__child >= 0); 1867 if (__child > 0) 1868 goto monitor; 1869 1870 /* Child */ 1871 disable_coredumps(); 1872 __stack.__buf = malloc(__bufsz); 1873 1874 ttyname_r(fd, __stack.__buf, __len); 1875 _exit(EX_SOFTWARE); /* Should have aborted. */ 1876 1877 monitor: 1878 while (waitpid(__child, &__status, 0) != __child) { 1879 ATF_REQUIRE_EQ(EINTR, errno); 1880 } 1881 1882 if (!WIFSIGNALED(__status)) { 1883 switch (WEXITSTATUS(__status)) { 1884 case EX_SOFTWARE: 1885 atf_tc_fail("FORTIFY_SOURCE failed to abort"); 1886 break; 1887 case EX_OSERR: 1888 atf_tc_fail("setrlimit(2) failed"); 1889 break; 1890 default: 1891 atf_tc_fail("child exited with status %d", 1892 WEXITSTATUS(__status)); 1893 } 1894 } else { 1895 ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status)); 1896 } 1897 #undef BUF 1898 1899 } 1900 1901 ATF_TP_ADD_TCS(tp) 1902 { 1903 ATF_TP_ADD_TC(tp, getcwd_before_end); 1904 ATF_TP_ADD_TC(tp, getcwd_end); 1905 ATF_TP_ADD_TC(tp, getcwd_heap_before_end); 1906 ATF_TP_ADD_TC(tp, getcwd_heap_end); 1907 ATF_TP_ADD_TC(tp, getcwd_heap_after_end); 1908 ATF_TP_ADD_TC(tp, getgrouplist_before_end); 1909 ATF_TP_ADD_TC(tp, getgrouplist_end); 1910 ATF_TP_ADD_TC(tp, getgrouplist_heap_before_end); 1911 ATF_TP_ADD_TC(tp, getgrouplist_heap_end); 1912 ATF_TP_ADD_TC(tp, getgrouplist_heap_after_end); 1913 ATF_TP_ADD_TC(tp, getgroups_before_end); 1914 ATF_TP_ADD_TC(tp, getgroups_end); 1915 ATF_TP_ADD_TC(tp, getgroups_heap_before_end); 1916 ATF_TP_ADD_TC(tp, getgroups_heap_end); 1917 ATF_TP_ADD_TC(tp, getgroups_heap_after_end); 1918 ATF_TP_ADD_TC(tp, getloginclass_before_end); 1919 ATF_TP_ADD_TC(tp, getloginclass_end); 1920 ATF_TP_ADD_TC(tp, getloginclass_heap_before_end); 1921 ATF_TP_ADD_TC(tp, getloginclass_heap_end); 1922 ATF_TP_ADD_TC(tp, getloginclass_heap_after_end); 1923 ATF_TP_ADD_TC(tp, pread_before_end); 1924 ATF_TP_ADD_TC(tp, pread_end); 1925 ATF_TP_ADD_TC(tp, pread_heap_before_end); 1926 ATF_TP_ADD_TC(tp, pread_heap_end); 1927 ATF_TP_ADD_TC(tp, pread_heap_after_end); 1928 ATF_TP_ADD_TC(tp, read_before_end); 1929 ATF_TP_ADD_TC(tp, read_end); 1930 ATF_TP_ADD_TC(tp, read_heap_before_end); 1931 ATF_TP_ADD_TC(tp, read_heap_end); 1932 ATF_TP_ADD_TC(tp, read_heap_after_end); 1933 ATF_TP_ADD_TC(tp, readlink_before_end); 1934 ATF_TP_ADD_TC(tp, readlink_end); 1935 ATF_TP_ADD_TC(tp, readlink_heap_before_end); 1936 ATF_TP_ADD_TC(tp, readlink_heap_end); 1937 ATF_TP_ADD_TC(tp, readlink_heap_after_end); 1938 ATF_TP_ADD_TC(tp, readlinkat_before_end); 1939 ATF_TP_ADD_TC(tp, readlinkat_end); 1940 ATF_TP_ADD_TC(tp, readlinkat_heap_before_end); 1941 ATF_TP_ADD_TC(tp, readlinkat_heap_end); 1942 ATF_TP_ADD_TC(tp, readlinkat_heap_after_end); 1943 ATF_TP_ADD_TC(tp, getdomainname_before_end); 1944 ATF_TP_ADD_TC(tp, getdomainname_end); 1945 ATF_TP_ADD_TC(tp, getdomainname_heap_before_end); 1946 ATF_TP_ADD_TC(tp, getdomainname_heap_end); 1947 ATF_TP_ADD_TC(tp, getdomainname_heap_after_end); 1948 ATF_TP_ADD_TC(tp, getentropy_before_end); 1949 ATF_TP_ADD_TC(tp, getentropy_end); 1950 ATF_TP_ADD_TC(tp, getentropy_heap_before_end); 1951 ATF_TP_ADD_TC(tp, getentropy_heap_end); 1952 ATF_TP_ADD_TC(tp, getentropy_heap_after_end); 1953 ATF_TP_ADD_TC(tp, gethostname_before_end); 1954 ATF_TP_ADD_TC(tp, gethostname_end); 1955 ATF_TP_ADD_TC(tp, gethostname_heap_before_end); 1956 ATF_TP_ADD_TC(tp, gethostname_heap_end); 1957 ATF_TP_ADD_TC(tp, gethostname_heap_after_end); 1958 ATF_TP_ADD_TC(tp, getlogin_r_before_end); 1959 ATF_TP_ADD_TC(tp, getlogin_r_end); 1960 ATF_TP_ADD_TC(tp, getlogin_r_heap_before_end); 1961 ATF_TP_ADD_TC(tp, getlogin_r_heap_end); 1962 ATF_TP_ADD_TC(tp, getlogin_r_heap_after_end); 1963 ATF_TP_ADD_TC(tp, ttyname_r_before_end); 1964 ATF_TP_ADD_TC(tp, ttyname_r_end); 1965 ATF_TP_ADD_TC(tp, ttyname_r_heap_before_end); 1966 ATF_TP_ADD_TC(tp, ttyname_r_heap_end); 1967 ATF_TP_ADD_TC(tp, ttyname_r_heap_after_end); 1968 return (atf_no_error()); 1969 } 1970