CoCalc -- fortify_stdio

GitHub Repository: freebsd/freebsd-src
Path: blob/main/lib/libc/tests/secure/fortify_stdio_test.c
³⁹⁵⁵³ views
1
/* @generated by `generate-fortify-tests.lua "stdio"` */
2

3
#define	_FORTIFY_SOURCE	2
4
#define	TMPFILE_SIZE	(1024 * 32)
5

6
#include <sys/param.h>
7
#include <sys/jail.h>
8
#include <sys/random.h>
9
#include <sys/resource.h>
10
#include <sys/select.h>
11
#include <sys/socket.h>
12
#include <sys/time.h>
13
#include <sys/uio.h>
14
#include <sys/wait.h>
15
#include <dirent.h>
16
#include <errno.h>
17
#include <fcntl.h>
18
#include <limits.h>
19
#include <poll.h>
20
#include <signal.h>
21
#include <stdio.h>
22
#include <stdlib.h>
23
#include <string.h>
24
#include <strings.h>
25
#include <sysexits.h>
26
#include <unistd.h>
27
#include <wchar.h>
28
#include <atf-c.h>
29

30
static FILE * __unused
31
new_fp(size_t __len)
32
{
33
	static char fpbuf[LINE_MAX];
34
	FILE *fp;
35

36
	ATF_REQUIRE(__len <= sizeof(fpbuf));
37

38
	memset(fpbuf, 'A', sizeof(fpbuf) - 1);
39
	fpbuf[sizeof(fpbuf) - 1] = '\0';
40

41
	fp = fmemopen(fpbuf, sizeof(fpbuf), "rb");
42
	ATF_REQUIRE(fp != NULL);
43

44
	return (fp);
45
}
46

47
/*
48
 * Create a new symlink to use for readlink(2) style tests, we'll just use a
49
 * random target name to have something interesting to look at.
50
 */
51
static const char * __unused
52
new_symlink(size_t __len)
53
{
54
	static const char linkname[] = "link";
55
	char target[MAXNAMLEN];
56
	int error;
57

58
	ATF_REQUIRE(__len <= sizeof(target));
59

60
	arc4random_buf(target, sizeof(target));
61

62
	error = unlink(linkname);
63
	ATF_REQUIRE(error == 0 || errno == ENOENT);
64

65
	error = symlink(target, linkname);
66
	ATF_REQUIRE(error == 0);
67

68
	return (linkname);
69
}
70

71
/*
72
 * For our purposes, first descriptor will be the reader; we'll send both
73
 * raw data and a control message over it so that the result can be used for
74
 * any of our recv*() tests.
75
 */
76
static void __unused
77
new_socket(int sock[2])
78
{
79
	unsigned char ctrl[CMSG_SPACE(sizeof(int))] = { 0 };
80
	static char sockbuf[256];
81
	ssize_t rv;
82
	size_t total = 0;
83
	struct msghdr hdr = { 0 };
84
	struct cmsghdr *cmsg;
85
	int error, fd;
86

87
	error = socketpair(AF_UNIX, SOCK_STREAM, 0, sock);
88
	ATF_REQUIRE(error == 0);
89

90
	while (total != sizeof(sockbuf)) {
91
		rv = send(sock[1], &sockbuf[total], sizeof(sockbuf) - total, 0);
92

93
		ATF_REQUIRE_MSG(rv > 0,
94
		    "expected bytes sent, got %zd with %zu left (size %zu, total %zu)",
95
		    rv, sizeof(sockbuf) - total, sizeof(sockbuf), total);
96
		ATF_REQUIRE_MSG(total + (size_t)rv <= sizeof(sockbuf),
97
		    "%zd exceeds total %zu", rv, sizeof(sockbuf));
98
		total += rv;
99
	}
100

101
	hdr.msg_control = ctrl;
102
	hdr.msg_controllen = sizeof(ctrl);
103

104
	cmsg = CMSG_FIRSTHDR(&hdr);
105
	cmsg->cmsg_level = SOL_SOCKET;
106
	cmsg->cmsg_type = SCM_RIGHTS;
107
	cmsg->cmsg_len = CMSG_LEN(sizeof(fd));
108
	fd = STDIN_FILENO;
109
	memcpy(CMSG_DATA(cmsg), &fd, sizeof(fd));
110

111
	error = sendmsg(sock[1], &hdr, 0);
112
	ATF_REQUIRE(error != -1);
113
}
114

115
/*
116
 * Constructs a tmpfile that we can use for testing read(2) and friends.
117
 */
118
static int __unused
119
new_tmpfile(void)
120
{
121
	char buf[1024];
122
	ssize_t rv;
123
	size_t written;
124
	int fd;
125

126
	fd = open("tmpfile", O_RDWR | O_CREAT | O_TRUNC, 0644);
127
	ATF_REQUIRE(fd >= 0);
128

129
	written = 0;
130
	while (written < TMPFILE_SIZE) {
131
		rv = write(fd, buf, sizeof(buf));
132
		ATF_REQUIRE(rv > 0);
133

134
		written += rv;
135
	}
136

137
	ATF_REQUIRE_EQ(0, lseek(fd, 0, SEEK_SET));
138
	return (fd);
139
}
140

141
static void
142
disable_coredumps(void)
143
{
144
	struct rlimit rl = { 0 };
145

146
	if (setrlimit(RLIMIT_CORE, &rl) == -1)
147
		_exit(EX_OSERR);
148
}
149

150
/*
151
 * Replaces stdin with a file that we can actually read from, for tests where
152
 * we want a FILE * or fd that we can get data from.
153
 */
154
static void __unused
155
replace_stdin(void)
156
{
157
	int fd;
158

159
	fd = new_tmpfile();
160

161
	(void)dup2(fd, STDIN_FILENO);
162
	if (fd != STDIN_FILENO)
163
		close(fd);
164
}
165

166
ATF_TC(ctermid_before_end);
167
ATF_TC_HEAD(ctermid_before_end, tc)
168
{
169
}
170
ATF_TC_BODY(ctermid_before_end, tc)
171
{
172
#define BUF &__stack.__buf
173
	struct {
174
		uint8_t padding_l;
175
		unsigned char __buf[L_ctermid + 1];
176
		uint8_t padding_r;
177
	} __stack;
178
	const size_t __bufsz __unused = sizeof(__stack.__buf);
179
	const size_t __len = L_ctermid + 1;
180
	const size_t __idx __unused = __len - 1;
181

182
	ctermid(__stack.__buf);
183
#undef BUF
184

185
}
186

187
ATF_TC(ctermid_end);
188
ATF_TC_HEAD(ctermid_end, tc)
189
{
190
}
191
ATF_TC_BODY(ctermid_end, tc)
192
{
193
#define BUF &__stack.__buf
194
	struct {
195
		uint8_t padding_l;
196
		unsigned char __buf[L_ctermid];
197
		uint8_t padding_r;
198
	} __stack;
199
	const size_t __bufsz __unused = sizeof(__stack.__buf);
200
	const size_t __len = L_ctermid;
201
	const size_t __idx __unused = __len - 1;
202

203
	ctermid(__stack.__buf);
204
#undef BUF
205

206
}
207

208
ATF_TC(ctermid_heap_before_end);
209
ATF_TC_HEAD(ctermid_heap_before_end, tc)
210
{
211
}
212
ATF_TC_BODY(ctermid_heap_before_end, tc)
213
{
214
#define BUF __stack.__buf
215
	struct {
216
		uint8_t padding_l;
217
		unsigned char * __buf;
218
		uint8_t padding_r;
219
	} __stack;
220
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (L_ctermid + 1);
221
	const size_t __len = L_ctermid + 1;
222
	const size_t __idx __unused = __len - 1;
223

224
	__stack.__buf = malloc(__bufsz);
225

226
	ctermid(__stack.__buf);
227
#undef BUF
228

229
}
230

231
ATF_TC(ctermid_heap_end);
232
ATF_TC_HEAD(ctermid_heap_end, tc)
233
{
234
}
235
ATF_TC_BODY(ctermid_heap_end, tc)
236
{
237
#define BUF __stack.__buf
238
	struct {
239
		uint8_t padding_l;
240
		unsigned char * __buf;
241
		uint8_t padding_r;
242
	} __stack;
243
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (L_ctermid);
244
	const size_t __len = L_ctermid;
245
	const size_t __idx __unused = __len - 1;
246

247
	__stack.__buf = malloc(__bufsz);
248

249
	ctermid(__stack.__buf);
250
#undef BUF
251

252
}
253

254
ATF_TC(ctermid_heap_after_end);
255
ATF_TC_HEAD(ctermid_heap_after_end, tc)
256
{
257
}
258
ATF_TC_BODY(ctermid_heap_after_end, tc)
259
{
260
#define BUF __stack.__buf
261
	struct {
262
		uint8_t padding_l;
263
		unsigned char * __buf;
264
		uint8_t padding_r;
265
	} __stack;
266
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (L_ctermid - 1);
267
	const size_t __len = L_ctermid - 1;
268
	const size_t __idx __unused = __len - 1;
269
	pid_t __child;
270
	int __status;
271

272
	__child = fork();
273
	ATF_REQUIRE(__child >= 0);
274
	if (__child > 0)
275
		goto monitor;
276

277
	/* Child */
278
	disable_coredumps();
279
	__stack.__buf = malloc(__bufsz);
280

281
	ctermid(__stack.__buf);
282
	_exit(EX_SOFTWARE);	/* Should have aborted. */
283

284
monitor:
285
	while (waitpid(__child, &__status, 0) != __child) {
286
		ATF_REQUIRE_EQ(EINTR, errno);
287
	}
288

289
	if (!WIFSIGNALED(__status)) {
290
		switch (WEXITSTATUS(__status)) {
291
		case EX_SOFTWARE:
292
			atf_tc_fail("FORTIFY_SOURCE failed to abort");
293
			break;
294
		case EX_OSERR:
295
			atf_tc_fail("setrlimit(2) failed");
296
			break;
297
		default:
298
			atf_tc_fail("child exited with status %d",
299
			    WEXITSTATUS(__status));
300
		}
301
	} else {
302
		ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
303
	}
304
#undef BUF
305

306
}
307

308
ATF_TC(ctermid_r_before_end);
309
ATF_TC_HEAD(ctermid_r_before_end, tc)
310
{
311
}
312
ATF_TC_BODY(ctermid_r_before_end, tc)
313
{
314
#define BUF &__stack.__buf
315
	struct {
316
		uint8_t padding_l;
317
		unsigned char __buf[L_ctermid + 1];
318
		uint8_t padding_r;
319
	} __stack;
320
	const size_t __bufsz __unused = sizeof(__stack.__buf);
321
	const size_t __len = L_ctermid + 1;
322
	const size_t __idx __unused = __len - 1;
323

324
	ctermid_r(__stack.__buf);
325
#undef BUF
326

327
}
328

329
ATF_TC(ctermid_r_end);
330
ATF_TC_HEAD(ctermid_r_end, tc)
331
{
332
}
333
ATF_TC_BODY(ctermid_r_end, tc)
334
{
335
#define BUF &__stack.__buf
336
	struct {
337
		uint8_t padding_l;
338
		unsigned char __buf[L_ctermid];
339
		uint8_t padding_r;
340
	} __stack;
341
	const size_t __bufsz __unused = sizeof(__stack.__buf);
342
	const size_t __len = L_ctermid;
343
	const size_t __idx __unused = __len - 1;
344

345
	ctermid_r(__stack.__buf);
346
#undef BUF
347

348
}
349

350
ATF_TC(ctermid_r_heap_before_end);
351
ATF_TC_HEAD(ctermid_r_heap_before_end, tc)
352
{
353
}
354
ATF_TC_BODY(ctermid_r_heap_before_end, tc)
355
{
356
#define BUF __stack.__buf
357
	struct {
358
		uint8_t padding_l;
359
		unsigned char * __buf;
360
		uint8_t padding_r;
361
	} __stack;
362
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (L_ctermid + 1);
363
	const size_t __len = L_ctermid + 1;
364
	const size_t __idx __unused = __len - 1;
365

366
	__stack.__buf = malloc(__bufsz);
367

368
	ctermid_r(__stack.__buf);
369
#undef BUF
370

371
}
372

373
ATF_TC(ctermid_r_heap_end);
374
ATF_TC_HEAD(ctermid_r_heap_end, tc)
375
{
376
}
377
ATF_TC_BODY(ctermid_r_heap_end, tc)
378
{
379
#define BUF __stack.__buf
380
	struct {
381
		uint8_t padding_l;
382
		unsigned char * __buf;
383
		uint8_t padding_r;
384
	} __stack;
385
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (L_ctermid);
386
	const size_t __len = L_ctermid;
387
	const size_t __idx __unused = __len - 1;
388

389
	__stack.__buf = malloc(__bufsz);
390

391
	ctermid_r(__stack.__buf);
392
#undef BUF
393

394
}
395

396
ATF_TC(ctermid_r_heap_after_end);
397
ATF_TC_HEAD(ctermid_r_heap_after_end, tc)
398
{
399
}
400
ATF_TC_BODY(ctermid_r_heap_after_end, tc)
401
{
402
#define BUF __stack.__buf
403
	struct {
404
		uint8_t padding_l;
405
		unsigned char * __buf;
406
		uint8_t padding_r;
407
	} __stack;
408
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (L_ctermid - 1);
409
	const size_t __len = L_ctermid - 1;
410
	const size_t __idx __unused = __len - 1;
411
	pid_t __child;
412
	int __status;
413

414
	__child = fork();
415
	ATF_REQUIRE(__child >= 0);
416
	if (__child > 0)
417
		goto monitor;
418

419
	/* Child */
420
	disable_coredumps();
421
	__stack.__buf = malloc(__bufsz);
422

423
	ctermid_r(__stack.__buf);
424
	_exit(EX_SOFTWARE);	/* Should have aborted. */
425

426
monitor:
427
	while (waitpid(__child, &__status, 0) != __child) {
428
		ATF_REQUIRE_EQ(EINTR, errno);
429
	}
430

431
	if (!WIFSIGNALED(__status)) {
432
		switch (WEXITSTATUS(__status)) {
433
		case EX_SOFTWARE:
434
			atf_tc_fail("FORTIFY_SOURCE failed to abort");
435
			break;
436
		case EX_OSERR:
437
			atf_tc_fail("setrlimit(2) failed");
438
			break;
439
		default:
440
			atf_tc_fail("child exited with status %d",
441
			    WEXITSTATUS(__status));
442
		}
443
	} else {
444
		ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
445
	}
446
#undef BUF
447

448
}
449

450
ATF_TC(fread_before_end);
451
ATF_TC_HEAD(fread_before_end, tc)
452
{
453
}
454
ATF_TC_BODY(fread_before_end, tc)
455
{
456
#define BUF &__stack.__buf
457
	struct {
458
		uint8_t padding_l;
459
		unsigned char __buf[42];
460
		uint8_t padding_r;
461
	} __stack;
462
	const size_t __bufsz __unused = sizeof(__stack.__buf);
463
	const size_t __len = 42 - 1;
464
	const size_t __idx __unused = __len - 1;
465

466
	replace_stdin();
467

468
	fread(__stack.__buf, __len, 1, stdin);
469
#undef BUF
470

471
}
472

473
ATF_TC(fread_end);
474
ATF_TC_HEAD(fread_end, tc)
475
{
476
}
477
ATF_TC_BODY(fread_end, tc)
478
{
479
#define BUF &__stack.__buf
480
	struct {
481
		uint8_t padding_l;
482
		unsigned char __buf[42];
483
		uint8_t padding_r;
484
	} __stack;
485
	const size_t __bufsz __unused = sizeof(__stack.__buf);
486
	const size_t __len = 42;
487
	const size_t __idx __unused = __len - 1;
488

489
	replace_stdin();
490

491
	fread(__stack.__buf, __len, 1, stdin);
492
#undef BUF
493

494
}
495

496
ATF_TC(fread_heap_before_end);
497
ATF_TC_HEAD(fread_heap_before_end, tc)
498
{
499
}
500
ATF_TC_BODY(fread_heap_before_end, tc)
501
{
502
#define BUF __stack.__buf
503
	struct {
504
		uint8_t padding_l;
505
		unsigned char * __buf;
506
		uint8_t padding_r;
507
	} __stack;
508
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
509
	const size_t __len = 42 - 1;
510
	const size_t __idx __unused = __len - 1;
511

512
	__stack.__buf = malloc(__bufsz);
513
	replace_stdin();
514

515
	fread(__stack.__buf, __len, 1, stdin);
516
#undef BUF
517

518
}
519

520
ATF_TC(fread_heap_end);
521
ATF_TC_HEAD(fread_heap_end, tc)
522
{
523
}
524
ATF_TC_BODY(fread_heap_end, tc)
525
{
526
#define BUF __stack.__buf
527
	struct {
528
		uint8_t padding_l;
529
		unsigned char * __buf;
530
		uint8_t padding_r;
531
	} __stack;
532
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
533
	const size_t __len = 42;
534
	const size_t __idx __unused = __len - 1;
535

536
	__stack.__buf = malloc(__bufsz);
537
	replace_stdin();
538

539
	fread(__stack.__buf, __len, 1, stdin);
540
#undef BUF
541

542
}
543

544
ATF_TC(fread_heap_after_end);
545
ATF_TC_HEAD(fread_heap_after_end, tc)
546
{
547
}
548
ATF_TC_BODY(fread_heap_after_end, tc)
549
{
550
#define BUF __stack.__buf
551
	struct {
552
		uint8_t padding_l;
553
		unsigned char * __buf;
554
		uint8_t padding_r;
555
	} __stack;
556
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
557
	const size_t __len = 42 + 1;
558
	const size_t __idx __unused = __len - 1;
559
	pid_t __child;
560
	int __status;
561

562
	__child = fork();
563
	ATF_REQUIRE(__child >= 0);
564
	if (__child > 0)
565
		goto monitor;
566

567
	/* Child */
568
	disable_coredumps();
569
	__stack.__buf = malloc(__bufsz);
570
	replace_stdin();
571

572
	fread(__stack.__buf, __len, 1, stdin);
573
	_exit(EX_SOFTWARE);	/* Should have aborted. */
574

575
monitor:
576
	while (waitpid(__child, &__status, 0) != __child) {
577
		ATF_REQUIRE_EQ(EINTR, errno);
578
	}
579

580
	if (!WIFSIGNALED(__status)) {
581
		switch (WEXITSTATUS(__status)) {
582
		case EX_SOFTWARE:
583
			atf_tc_fail("FORTIFY_SOURCE failed to abort");
584
			break;
585
		case EX_OSERR:
586
			atf_tc_fail("setrlimit(2) failed");
587
			break;
588
		default:
589
			atf_tc_fail("child exited with status %d",
590
			    WEXITSTATUS(__status));
591
		}
592
	} else {
593
		ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
594
	}
595
#undef BUF
596

597
}
598

599
ATF_TC(fread_unlocked_before_end);
600
ATF_TC_HEAD(fread_unlocked_before_end, tc)
601
{
602
}
603
ATF_TC_BODY(fread_unlocked_before_end, tc)
604
{
605
#define BUF &__stack.__buf
606
	struct {
607
		uint8_t padding_l;
608
		unsigned char __buf[42];
609
		uint8_t padding_r;
610
	} __stack;
611
	const size_t __bufsz __unused = sizeof(__stack.__buf);
612
	const size_t __len = 42 - 1;
613
	const size_t __idx __unused = __len - 1;
614

615
	replace_stdin();
616

617
	fread_unlocked(__stack.__buf, __len, 1, stdin);
618
#undef BUF
619

620
}
621

622
ATF_TC(fread_unlocked_end);
623
ATF_TC_HEAD(fread_unlocked_end, tc)
624
{
625
}
626
ATF_TC_BODY(fread_unlocked_end, tc)
627
{
628
#define BUF &__stack.__buf
629
	struct {
630
		uint8_t padding_l;
631
		unsigned char __buf[42];
632
		uint8_t padding_r;
633
	} __stack;
634
	const size_t __bufsz __unused = sizeof(__stack.__buf);
635
	const size_t __len = 42;
636
	const size_t __idx __unused = __len - 1;
637

638
	replace_stdin();
639

640
	fread_unlocked(__stack.__buf, __len, 1, stdin);
641
#undef BUF
642

643
}
644

645
ATF_TC(fread_unlocked_heap_before_end);
646
ATF_TC_HEAD(fread_unlocked_heap_before_end, tc)
647
{
648
}
649
ATF_TC_BODY(fread_unlocked_heap_before_end, tc)
650
{
651
#define BUF __stack.__buf
652
	struct {
653
		uint8_t padding_l;
654
		unsigned char * __buf;
655
		uint8_t padding_r;
656
	} __stack;
657
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
658
	const size_t __len = 42 - 1;
659
	const size_t __idx __unused = __len - 1;
660

661
	__stack.__buf = malloc(__bufsz);
662
	replace_stdin();
663

664
	fread_unlocked(__stack.__buf, __len, 1, stdin);
665
#undef BUF
666

667
}
668

669
ATF_TC(fread_unlocked_heap_end);
670
ATF_TC_HEAD(fread_unlocked_heap_end, tc)
671
{
672
}
673
ATF_TC_BODY(fread_unlocked_heap_end, tc)
674
{
675
#define BUF __stack.__buf
676
	struct {
677
		uint8_t padding_l;
678
		unsigned char * __buf;
679
		uint8_t padding_r;
680
	} __stack;
681
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
682
	const size_t __len = 42;
683
	const size_t __idx __unused = __len - 1;
684

685
	__stack.__buf = malloc(__bufsz);
686
	replace_stdin();
687

688
	fread_unlocked(__stack.__buf, __len, 1, stdin);
689
#undef BUF
690

691
}
692

693
ATF_TC(fread_unlocked_heap_after_end);
694
ATF_TC_HEAD(fread_unlocked_heap_after_end, tc)
695
{
696
}
697
ATF_TC_BODY(fread_unlocked_heap_after_end, tc)
698
{
699
#define BUF __stack.__buf
700
	struct {
701
		uint8_t padding_l;
702
		unsigned char * __buf;
703
		uint8_t padding_r;
704
	} __stack;
705
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
706
	const size_t __len = 42 + 1;
707
	const size_t __idx __unused = __len - 1;
708
	pid_t __child;
709
	int __status;
710

711
	__child = fork();
712
	ATF_REQUIRE(__child >= 0);
713
	if (__child > 0)
714
		goto monitor;
715

716
	/* Child */
717
	disable_coredumps();
718
	__stack.__buf = malloc(__bufsz);
719
	replace_stdin();
720

721
	fread_unlocked(__stack.__buf, __len, 1, stdin);
722
	_exit(EX_SOFTWARE);	/* Should have aborted. */
723

724
monitor:
725
	while (waitpid(__child, &__status, 0) != __child) {
726
		ATF_REQUIRE_EQ(EINTR, errno);
727
	}
728

729
	if (!WIFSIGNALED(__status)) {
730
		switch (WEXITSTATUS(__status)) {
731
		case EX_SOFTWARE:
732
			atf_tc_fail("FORTIFY_SOURCE failed to abort");
733
			break;
734
		case EX_OSERR:
735
			atf_tc_fail("setrlimit(2) failed");
736
			break;
737
		default:
738
			atf_tc_fail("child exited with status %d",
739
			    WEXITSTATUS(__status));
740
		}
741
	} else {
742
		ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
743
	}
744
#undef BUF
745

746
}
747

748
ATF_TC(gets_s_before_end);
749
ATF_TC_HEAD(gets_s_before_end, tc)
750
{
751
}
752
ATF_TC_BODY(gets_s_before_end, tc)
753
{
754
#define BUF &__stack.__buf
755
	struct {
756
		uint8_t padding_l;
757
		unsigned char __buf[42];
758
		uint8_t padding_r;
759
	} __stack;
760
	const size_t __bufsz __unused = sizeof(__stack.__buf);
761
	const size_t __len = 42 - 1;
762
	const size_t __idx __unused = __len - 1;
763

764
	replace_stdin();
765

766
	gets_s(__stack.__buf, __len);
767
#undef BUF
768

769
}
770

771
ATF_TC(gets_s_end);
772
ATF_TC_HEAD(gets_s_end, tc)
773
{
774
}
775
ATF_TC_BODY(gets_s_end, tc)
776
{
777
#define BUF &__stack.__buf
778
	struct {
779
		uint8_t padding_l;
780
		unsigned char __buf[42];
781
		uint8_t padding_r;
782
	} __stack;
783
	const size_t __bufsz __unused = sizeof(__stack.__buf);
784
	const size_t __len = 42;
785
	const size_t __idx __unused = __len - 1;
786

787
	replace_stdin();
788

789
	gets_s(__stack.__buf, __len);
790
#undef BUF
791

792
}
793

794
ATF_TC(gets_s_heap_before_end);
795
ATF_TC_HEAD(gets_s_heap_before_end, tc)
796
{
797
}
798
ATF_TC_BODY(gets_s_heap_before_end, tc)
799
{
800
#define BUF __stack.__buf
801
	struct {
802
		uint8_t padding_l;
803
		unsigned char * __buf;
804
		uint8_t padding_r;
805
	} __stack;
806
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
807
	const size_t __len = 42 - 1;
808
	const size_t __idx __unused = __len - 1;
809

810
	__stack.__buf = malloc(__bufsz);
811
	replace_stdin();
812

813
	gets_s(__stack.__buf, __len);
814
#undef BUF
815

816
}
817

818
ATF_TC(gets_s_heap_end);
819
ATF_TC_HEAD(gets_s_heap_end, tc)
820
{
821
}
822
ATF_TC_BODY(gets_s_heap_end, tc)
823
{
824
#define BUF __stack.__buf
825
	struct {
826
		uint8_t padding_l;
827
		unsigned char * __buf;
828
		uint8_t padding_r;
829
	} __stack;
830
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
831
	const size_t __len = 42;
832
	const size_t __idx __unused = __len - 1;
833

834
	__stack.__buf = malloc(__bufsz);
835
	replace_stdin();
836

837
	gets_s(__stack.__buf, __len);
838
#undef BUF
839

840
}
841

842
ATF_TC(gets_s_heap_after_end);
843
ATF_TC_HEAD(gets_s_heap_after_end, tc)
844
{
845
}
846
ATF_TC_BODY(gets_s_heap_after_end, tc)
847
{
848
#define BUF __stack.__buf
849
	struct {
850
		uint8_t padding_l;
851
		unsigned char * __buf;
852
		uint8_t padding_r;
853
	} __stack;
854
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
855
	const size_t __len = 42 + 1;
856
	const size_t __idx __unused = __len - 1;
857
	pid_t __child;
858
	int __status;
859

860
	__child = fork();
861
	ATF_REQUIRE(__child >= 0);
862
	if (__child > 0)
863
		goto monitor;
864

865
	/* Child */
866
	disable_coredumps();
867
	__stack.__buf = malloc(__bufsz);
868
	replace_stdin();
869

870
	gets_s(__stack.__buf, __len);
871
	_exit(EX_SOFTWARE);	/* Should have aborted. */
872

873
monitor:
874
	while (waitpid(__child, &__status, 0) != __child) {
875
		ATF_REQUIRE_EQ(EINTR, errno);
876
	}
877

878
	if (!WIFSIGNALED(__status)) {
879
		switch (WEXITSTATUS(__status)) {
880
		case EX_SOFTWARE:
881
			atf_tc_fail("FORTIFY_SOURCE failed to abort");
882
			break;
883
		case EX_OSERR:
884
			atf_tc_fail("setrlimit(2) failed");
885
			break;
886
		default:
887
			atf_tc_fail("child exited with status %d",
888
			    WEXITSTATUS(__status));
889
		}
890
	} else {
891
		ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
892
	}
893
#undef BUF
894

895
}
896

897
ATF_TC(sprintf_before_end);
898
ATF_TC_HEAD(sprintf_before_end, tc)
899
{
900
}
901
ATF_TC_BODY(sprintf_before_end, tc)
902
{
903
#define BUF &__stack.__buf
904
	struct {
905
		uint8_t padding_l;
906
		unsigned char __buf[42];
907
		uint8_t padding_r;
908
	} __stack;
909
	const size_t __bufsz __unused = sizeof(__stack.__buf);
910
	const size_t __len = 42 - 1;
911
	const size_t __idx __unused = __len - 1;
912
	char srcvar[__len + 10];
913

914
	memset(srcvar, 'A', sizeof(srcvar) - 1);
915
	srcvar[sizeof(srcvar) - 1] = '\0';
916

917
	sprintf(__stack.__buf, "%.*s", (int)__len - 1, srcvar);
918
#undef BUF
919

920
}
921

922
ATF_TC(sprintf_end);
923
ATF_TC_HEAD(sprintf_end, tc)
924
{
925
}
926
ATF_TC_BODY(sprintf_end, tc)
927
{
928
#define BUF &__stack.__buf
929
	struct {
930
		uint8_t padding_l;
931
		unsigned char __buf[42];
932
		uint8_t padding_r;
933
	} __stack;
934
	const size_t __bufsz __unused = sizeof(__stack.__buf);
935
	const size_t __len = 42;
936
	const size_t __idx __unused = __len - 1;
937
	char srcvar[__len + 10];
938

939
	memset(srcvar, 'A', sizeof(srcvar) - 1);
940
	srcvar[sizeof(srcvar) - 1] = '\0';
941

942
	sprintf(__stack.__buf, "%.*s", (int)__len - 1, srcvar);
943
#undef BUF
944

945
}
946

947
ATF_TC(sprintf_heap_before_end);
948
ATF_TC_HEAD(sprintf_heap_before_end, tc)
949
{
950
}
951
ATF_TC_BODY(sprintf_heap_before_end, tc)
952
{
953
#define BUF __stack.__buf
954
	struct {
955
		uint8_t padding_l;
956
		unsigned char * __buf;
957
		uint8_t padding_r;
958
	} __stack;
959
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
960
	const size_t __len = 42 - 1;
961
	const size_t __idx __unused = __len - 1;
962
	char srcvar[__len + 10];
963

964
	__stack.__buf = malloc(__bufsz);
965
	memset(srcvar, 'A', sizeof(srcvar) - 1);
966
	srcvar[sizeof(srcvar) - 1] = '\0';
967

968
	sprintf(__stack.__buf, "%.*s", (int)__len - 1, srcvar);
969
#undef BUF
970

971
}
972

973
ATF_TC(sprintf_heap_end);
974
ATF_TC_HEAD(sprintf_heap_end, tc)
975
{
976
}
977
ATF_TC_BODY(sprintf_heap_end, tc)
978
{
979
#define BUF __stack.__buf
980
	struct {
981
		uint8_t padding_l;
982
		unsigned char * __buf;
983
		uint8_t padding_r;
984
	} __stack;
985
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
986
	const size_t __len = 42;
987
	const size_t __idx __unused = __len - 1;
988
	char srcvar[__len + 10];
989

990
	__stack.__buf = malloc(__bufsz);
991
	memset(srcvar, 'A', sizeof(srcvar) - 1);
992
	srcvar[sizeof(srcvar) - 1] = '\0';
993

994
	sprintf(__stack.__buf, "%.*s", (int)__len - 1, srcvar);
995
#undef BUF
996

997
}
998

999
ATF_TC(sprintf_heap_after_end);
1000
ATF_TC_HEAD(sprintf_heap_after_end, tc)
1001
{
1002
}
1003
ATF_TC_BODY(sprintf_heap_after_end, tc)
1004
{
1005
#define BUF __stack.__buf
1006
	struct {
1007
		uint8_t padding_l;
1008
		unsigned char * __buf;
1009
		uint8_t padding_r;
1010
	} __stack;
1011
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
1012
	const size_t __len = 42 + 1;
1013
	const size_t __idx __unused = __len - 1;
1014
	pid_t __child;
1015
	int __status;
1016
	char srcvar[__len + 10];
1017

1018
	__child = fork();
1019
	ATF_REQUIRE(__child >= 0);
1020
	if (__child > 0)
1021
		goto monitor;
1022

1023
	/* Child */
1024
	disable_coredumps();
1025
	__stack.__buf = malloc(__bufsz);
1026
	memset(srcvar, 'A', sizeof(srcvar) - 1);
1027
	srcvar[sizeof(srcvar) - 1] = '\0';
1028

1029
	sprintf(__stack.__buf, "%.*s", (int)__len - 1, srcvar);
1030
	_exit(EX_SOFTWARE);	/* Should have aborted. */
1031

1032
monitor:
1033
	while (waitpid(__child, &__status, 0) != __child) {
1034
		ATF_REQUIRE_EQ(EINTR, errno);
1035
	}
1036

1037
	if (!WIFSIGNALED(__status)) {
1038
		switch (WEXITSTATUS(__status)) {
1039
		case EX_SOFTWARE:
1040
			atf_tc_fail("FORTIFY_SOURCE failed to abort");
1041
			break;
1042
		case EX_OSERR:
1043
			atf_tc_fail("setrlimit(2) failed");
1044
			break;
1045
		default:
1046
			atf_tc_fail("child exited with status %d",
1047
			    WEXITSTATUS(__status));
1048
		}
1049
	} else {
1050
		ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
1051
	}
1052
#undef BUF
1053

1054
}
1055

1056
ATF_TC(snprintf_before_end);
1057
ATF_TC_HEAD(snprintf_before_end, tc)
1058
{
1059
}
1060
ATF_TC_BODY(snprintf_before_end, tc)
1061
{
1062
#define BUF &__stack.__buf
1063
	struct {
1064
		uint8_t padding_l;
1065
		unsigned char __buf[42];
1066
		uint8_t padding_r;
1067
	} __stack;
1068
	const size_t __bufsz __unused = sizeof(__stack.__buf);
1069
	const size_t __len = 42 - 1;
1070
	const size_t __idx __unused = __len - 1;
1071
	char srcvar[__len + 10];
1072

1073
	memset(srcvar, 'A', sizeof(srcvar) - 1);
1074
	srcvar[sizeof(srcvar) - 1] = '\0';
1075

1076
	snprintf(__stack.__buf, __len, "%.*s", (int)__len - 1, srcvar);
1077
#undef BUF
1078

1079
}
1080

1081
ATF_TC(snprintf_end);
1082
ATF_TC_HEAD(snprintf_end, tc)
1083
{
1084
}
1085
ATF_TC_BODY(snprintf_end, tc)
1086
{
1087
#define BUF &__stack.__buf
1088
	struct {
1089
		uint8_t padding_l;
1090
		unsigned char __buf[42];
1091
		uint8_t padding_r;
1092
	} __stack;
1093
	const size_t __bufsz __unused = sizeof(__stack.__buf);
1094
	const size_t __len = 42;
1095
	const size_t __idx __unused = __len - 1;
1096
	char srcvar[__len + 10];
1097

1098
	memset(srcvar, 'A', sizeof(srcvar) - 1);
1099
	srcvar[sizeof(srcvar) - 1] = '\0';
1100

1101
	snprintf(__stack.__buf, __len, "%.*s", (int)__len - 1, srcvar);
1102
#undef BUF
1103

1104
}
1105

1106
ATF_TC(snprintf_heap_before_end);
1107
ATF_TC_HEAD(snprintf_heap_before_end, tc)
1108
{
1109
}
1110
ATF_TC_BODY(snprintf_heap_before_end, tc)
1111
{
1112
#define BUF __stack.__buf
1113
	struct {
1114
		uint8_t padding_l;
1115
		unsigned char * __buf;
1116
		uint8_t padding_r;
1117
	} __stack;
1118
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
1119
	const size_t __len = 42 - 1;
1120
	const size_t __idx __unused = __len - 1;
1121
	char srcvar[__len + 10];
1122

1123
	__stack.__buf = malloc(__bufsz);
1124
	memset(srcvar, 'A', sizeof(srcvar) - 1);
1125
	srcvar[sizeof(srcvar) - 1] = '\0';
1126

1127
	snprintf(__stack.__buf, __len, "%.*s", (int)__len - 1, srcvar);
1128
#undef BUF
1129

1130
}
1131

1132
ATF_TC(snprintf_heap_end);
1133
ATF_TC_HEAD(snprintf_heap_end, tc)
1134
{
1135
}
1136
ATF_TC_BODY(snprintf_heap_end, tc)
1137
{
1138
#define BUF __stack.__buf
1139
	struct {
1140
		uint8_t padding_l;
1141
		unsigned char * __buf;
1142
		uint8_t padding_r;
1143
	} __stack;
1144
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
1145
	const size_t __len = 42;
1146
	const size_t __idx __unused = __len - 1;
1147
	char srcvar[__len + 10];
1148

1149
	__stack.__buf = malloc(__bufsz);
1150
	memset(srcvar, 'A', sizeof(srcvar) - 1);
1151
	srcvar[sizeof(srcvar) - 1] = '\0';
1152

1153
	snprintf(__stack.__buf, __len, "%.*s", (int)__len - 1, srcvar);
1154
#undef BUF
1155

1156
}
1157

1158
ATF_TC(snprintf_heap_after_end);
1159
ATF_TC_HEAD(snprintf_heap_after_end, tc)
1160
{
1161
}
1162
ATF_TC_BODY(snprintf_heap_after_end, tc)
1163
{
1164
#define BUF __stack.__buf
1165
	struct {
1166
		uint8_t padding_l;
1167
		unsigned char * __buf;
1168
		uint8_t padding_r;
1169
	} __stack;
1170
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
1171
	const size_t __len = 42 + 1;
1172
	const size_t __idx __unused = __len - 1;
1173
	pid_t __child;
1174
	int __status;
1175
	char srcvar[__len + 10];
1176

1177
	__child = fork();
1178
	ATF_REQUIRE(__child >= 0);
1179
	if (__child > 0)
1180
		goto monitor;
1181

1182
	/* Child */
1183
	disable_coredumps();
1184
	__stack.__buf = malloc(__bufsz);
1185
	memset(srcvar, 'A', sizeof(srcvar) - 1);
1186
	srcvar[sizeof(srcvar) - 1] = '\0';
1187

1188
	snprintf(__stack.__buf, __len, "%.*s", (int)__len - 1, srcvar);
1189
	_exit(EX_SOFTWARE);	/* Should have aborted. */
1190

1191
monitor:
1192
	while (waitpid(__child, &__status, 0) != __child) {
1193
		ATF_REQUIRE_EQ(EINTR, errno);
1194
	}
1195

1196
	if (!WIFSIGNALED(__status)) {
1197
		switch (WEXITSTATUS(__status)) {
1198
		case EX_SOFTWARE:
1199
			atf_tc_fail("FORTIFY_SOURCE failed to abort");
1200
			break;
1201
		case EX_OSERR:
1202
			atf_tc_fail("setrlimit(2) failed");
1203
			break;
1204
		default:
1205
			atf_tc_fail("child exited with status %d",
1206
			    WEXITSTATUS(__status));
1207
		}
1208
	} else {
1209
		ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
1210
	}
1211
#undef BUF
1212

1213
}
1214

1215
ATF_TC(tmpnam_before_end);
1216
ATF_TC_HEAD(tmpnam_before_end, tc)
1217
{
1218
}
1219
ATF_TC_BODY(tmpnam_before_end, tc)
1220
{
1221
#define BUF &__stack.__buf
1222
	struct {
1223
		uint8_t padding_l;
1224
		unsigned char __buf[L_tmpnam + 1];
1225
		uint8_t padding_r;
1226
	} __stack;
1227
	const size_t __bufsz __unused = sizeof(__stack.__buf);
1228
	const size_t __len = L_tmpnam + 1;
1229
	const size_t __idx __unused = __len - 1;
1230

1231
	tmpnam(__stack.__buf);
1232
#undef BUF
1233

1234
}
1235

1236
ATF_TC(tmpnam_end);
1237
ATF_TC_HEAD(tmpnam_end, tc)
1238
{
1239
}
1240
ATF_TC_BODY(tmpnam_end, tc)
1241
{
1242
#define BUF &__stack.__buf
1243
	struct {
1244
		uint8_t padding_l;
1245
		unsigned char __buf[L_tmpnam];
1246
		uint8_t padding_r;
1247
	} __stack;
1248
	const size_t __bufsz __unused = sizeof(__stack.__buf);
1249
	const size_t __len = L_tmpnam;
1250
	const size_t __idx __unused = __len - 1;
1251

1252
	tmpnam(__stack.__buf);
1253
#undef BUF
1254

1255
}
1256

1257
ATF_TC(tmpnam_heap_before_end);
1258
ATF_TC_HEAD(tmpnam_heap_before_end, tc)
1259
{
1260
}
1261
ATF_TC_BODY(tmpnam_heap_before_end, tc)
1262
{
1263
#define BUF __stack.__buf
1264
	struct {
1265
		uint8_t padding_l;
1266
		unsigned char * __buf;
1267
		uint8_t padding_r;
1268
	} __stack;
1269
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (L_tmpnam + 1);
1270
	const size_t __len = L_tmpnam + 1;
1271
	const size_t __idx __unused = __len - 1;
1272

1273
	__stack.__buf = malloc(__bufsz);
1274

1275
	tmpnam(__stack.__buf);
1276
#undef BUF
1277

1278
}
1279

1280
ATF_TC(tmpnam_heap_end);
1281
ATF_TC_HEAD(tmpnam_heap_end, tc)
1282
{
1283
}
1284
ATF_TC_BODY(tmpnam_heap_end, tc)
1285
{
1286
#define BUF __stack.__buf
1287
	struct {
1288
		uint8_t padding_l;
1289
		unsigned char * __buf;
1290
		uint8_t padding_r;
1291
	} __stack;
1292
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (L_tmpnam);
1293
	const size_t __len = L_tmpnam;
1294
	const size_t __idx __unused = __len - 1;
1295

1296
	__stack.__buf = malloc(__bufsz);
1297

1298
	tmpnam(__stack.__buf);
1299
#undef BUF
1300

1301
}
1302

1303
ATF_TC(tmpnam_heap_after_end);
1304
ATF_TC_HEAD(tmpnam_heap_after_end, tc)
1305
{
1306
}
1307
ATF_TC_BODY(tmpnam_heap_after_end, tc)
1308
{
1309
#define BUF __stack.__buf
1310
	struct {
1311
		uint8_t padding_l;
1312
		unsigned char * __buf;
1313
		uint8_t padding_r;
1314
	} __stack;
1315
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (L_tmpnam - 1);
1316
	const size_t __len = L_tmpnam - 1;
1317
	const size_t __idx __unused = __len - 1;
1318
	pid_t __child;
1319
	int __status;
1320

1321
	__child = fork();
1322
	ATF_REQUIRE(__child >= 0);
1323
	if (__child > 0)
1324
		goto monitor;
1325

1326
	/* Child */
1327
	disable_coredumps();
1328
	__stack.__buf = malloc(__bufsz);
1329

1330
	tmpnam(__stack.__buf);
1331
	_exit(EX_SOFTWARE);	/* Should have aborted. */
1332

1333
monitor:
1334
	while (waitpid(__child, &__status, 0) != __child) {
1335
		ATF_REQUIRE_EQ(EINTR, errno);
1336
	}
1337

1338
	if (!WIFSIGNALED(__status)) {
1339
		switch (WEXITSTATUS(__status)) {
1340
		case EX_SOFTWARE:
1341
			atf_tc_fail("FORTIFY_SOURCE failed to abort");
1342
			break;
1343
		case EX_OSERR:
1344
			atf_tc_fail("setrlimit(2) failed");
1345
			break;
1346
		default:
1347
			atf_tc_fail("child exited with status %d",
1348
			    WEXITSTATUS(__status));
1349
		}
1350
	} else {
1351
		ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
1352
	}
1353
#undef BUF
1354

1355
}
1356

1357
ATF_TC(fgets_before_end);
1358
ATF_TC_HEAD(fgets_before_end, tc)
1359
{
1360
}
1361
ATF_TC_BODY(fgets_before_end, tc)
1362
{
1363
#define BUF &__stack.__buf
1364
	struct {
1365
		uint8_t padding_l;
1366
		unsigned char __buf[42];
1367
		uint8_t padding_r;
1368
	} __stack;
1369
	const size_t __bufsz __unused = sizeof(__stack.__buf);
1370
	const size_t __len = 42 - 1;
1371
	const size_t __idx __unused = __len - 1;
1372
	FILE *fp;
1373

1374
	fp = new_fp(__len);
1375

1376
	fgets(__stack.__buf, __len, fp);
1377
#undef BUF
1378

1379
}
1380

1381
ATF_TC(fgets_end);
1382
ATF_TC_HEAD(fgets_end, tc)
1383
{
1384
}
1385
ATF_TC_BODY(fgets_end, tc)
1386
{
1387
#define BUF &__stack.__buf
1388
	struct {
1389
		uint8_t padding_l;
1390
		unsigned char __buf[42];
1391
		uint8_t padding_r;
1392
	} __stack;
1393
	const size_t __bufsz __unused = sizeof(__stack.__buf);
1394
	const size_t __len = 42;
1395
	const size_t __idx __unused = __len - 1;
1396
	FILE *fp;
1397

1398
	fp = new_fp(__len);
1399

1400
	fgets(__stack.__buf, __len, fp);
1401
#undef BUF
1402

1403
}
1404

1405
ATF_TC(fgets_heap_before_end);
1406
ATF_TC_HEAD(fgets_heap_before_end, tc)
1407
{
1408
}
1409
ATF_TC_BODY(fgets_heap_before_end, tc)
1410
{
1411
#define BUF __stack.__buf
1412
	struct {
1413
		uint8_t padding_l;
1414
		unsigned char * __buf;
1415
		uint8_t padding_r;
1416
	} __stack;
1417
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
1418
	const size_t __len = 42 - 1;
1419
	const size_t __idx __unused = __len - 1;
1420
	FILE *fp;
1421

1422
	__stack.__buf = malloc(__bufsz);
1423
	fp = new_fp(__len);
1424

1425
	fgets(__stack.__buf, __len, fp);
1426
#undef BUF
1427

1428
}
1429

1430
ATF_TC(fgets_heap_end);
1431
ATF_TC_HEAD(fgets_heap_end, tc)
1432
{
1433
}
1434
ATF_TC_BODY(fgets_heap_end, tc)
1435
{
1436
#define BUF __stack.__buf
1437
	struct {
1438
		uint8_t padding_l;
1439
		unsigned char * __buf;
1440
		uint8_t padding_r;
1441
	} __stack;
1442
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
1443
	const size_t __len = 42;
1444
	const size_t __idx __unused = __len - 1;
1445
	FILE *fp;
1446

1447
	__stack.__buf = malloc(__bufsz);
1448
	fp = new_fp(__len);
1449

1450
	fgets(__stack.__buf, __len, fp);
1451
#undef BUF
1452

1453
}
1454

1455
ATF_TC(fgets_heap_after_end);
1456
ATF_TC_HEAD(fgets_heap_after_end, tc)
1457
{
1458
}
1459
ATF_TC_BODY(fgets_heap_after_end, tc)
1460
{
1461
#define BUF __stack.__buf
1462
	struct {
1463
		uint8_t padding_l;
1464
		unsigned char * __buf;
1465
		uint8_t padding_r;
1466
	} __stack;
1467
	const size_t __bufsz __unused = sizeof(*__stack.__buf) * (42);
1468
	const size_t __len = 42 + 1;
1469
	const size_t __idx __unused = __len - 1;
1470
	pid_t __child;
1471
	int __status;
1472
	FILE *fp;
1473

1474
	__child = fork();
1475
	ATF_REQUIRE(__child >= 0);
1476
	if (__child > 0)
1477
		goto monitor;
1478

1479
	/* Child */
1480
	disable_coredumps();
1481
	__stack.__buf = malloc(__bufsz);
1482
	fp = new_fp(__len);
1483

1484
	fgets(__stack.__buf, __len, fp);
1485
	_exit(EX_SOFTWARE);	/* Should have aborted. */
1486

1487
monitor:
1488
	while (waitpid(__child, &__status, 0) != __child) {
1489
		ATF_REQUIRE_EQ(EINTR, errno);
1490
	}
1491

1492
	if (!WIFSIGNALED(__status)) {
1493
		switch (WEXITSTATUS(__status)) {
1494
		case EX_SOFTWARE:
1495
			atf_tc_fail("FORTIFY_SOURCE failed to abort");
1496
			break;
1497
		case EX_OSERR:
1498
			atf_tc_fail("setrlimit(2) failed");
1499
			break;
1500
		default:
1501
			atf_tc_fail("child exited with status %d",
1502
			    WEXITSTATUS(__status));
1503
		}
1504
	} else {
1505
		ATF_REQUIRE_EQ(SIGABRT, WTERMSIG(__status));
1506
	}
1507
#undef BUF
1508

1509
}
1510

1511
ATF_TP_ADD_TCS(tp)
1512
{
1513
	ATF_TP_ADD_TC(tp, ctermid_before_end);
1514
	ATF_TP_ADD_TC(tp, ctermid_end);
1515
	ATF_TP_ADD_TC(tp, ctermid_heap_before_end);
1516
	ATF_TP_ADD_TC(tp, ctermid_heap_end);
1517
	ATF_TP_ADD_TC(tp, ctermid_heap_after_end);
1518
	ATF_TP_ADD_TC(tp, ctermid_r_before_end);
1519
	ATF_TP_ADD_TC(tp, ctermid_r_end);
1520
	ATF_TP_ADD_TC(tp, ctermid_r_heap_before_end);
1521
	ATF_TP_ADD_TC(tp, ctermid_r_heap_end);
1522
	ATF_TP_ADD_TC(tp, ctermid_r_heap_after_end);
1523
	ATF_TP_ADD_TC(tp, fread_before_end);
1524
	ATF_TP_ADD_TC(tp, fread_end);
1525
	ATF_TP_ADD_TC(tp, fread_heap_before_end);
1526
	ATF_TP_ADD_TC(tp, fread_heap_end);
1527
	ATF_TP_ADD_TC(tp, fread_heap_after_end);
1528
	ATF_TP_ADD_TC(tp, fread_unlocked_before_end);
1529
	ATF_TP_ADD_TC(tp, fread_unlocked_end);
1530
	ATF_TP_ADD_TC(tp, fread_unlocked_heap_before_end);
1531
	ATF_TP_ADD_TC(tp, fread_unlocked_heap_end);
1532
	ATF_TP_ADD_TC(tp, fread_unlocked_heap_after_end);
1533
	ATF_TP_ADD_TC(tp, gets_s_before_end);
1534
	ATF_TP_ADD_TC(tp, gets_s_end);
1535
	ATF_TP_ADD_TC(tp, gets_s_heap_before_end);
1536
	ATF_TP_ADD_TC(tp, gets_s_heap_end);
1537
	ATF_TP_ADD_TC(tp, gets_s_heap_after_end);
1538
	ATF_TP_ADD_TC(tp, sprintf_before_end);
1539
	ATF_TP_ADD_TC(tp, sprintf_end);
1540
	ATF_TP_ADD_TC(tp, sprintf_heap_before_end);
1541
	ATF_TP_ADD_TC(tp, sprintf_heap_end);
1542
	ATF_TP_ADD_TC(tp, sprintf_heap_after_end);
1543
	ATF_TP_ADD_TC(tp, snprintf_before_end);
1544
	ATF_TP_ADD_TC(tp, snprintf_end);
1545
	ATF_TP_ADD_TC(tp, snprintf_heap_before_end);
1546
	ATF_TP_ADD_TC(tp, snprintf_heap_end);
1547
	ATF_TP_ADD_TC(tp, snprintf_heap_after_end);
1548
	ATF_TP_ADD_TC(tp, tmpnam_before_end);
1549
	ATF_TP_ADD_TC(tp, tmpnam_end);
1550
	ATF_TP_ADD_TC(tp, tmpnam_heap_before_end);
1551
	ATF_TP_ADD_TC(tp, tmpnam_heap_end);
1552
	ATF_TP_ADD_TC(tp, tmpnam_heap_after_end);
1553
	ATF_TP_ADD_TC(tp, fgets_before_end);
1554
	ATF_TP_ADD_TC(tp, fgets_end);
1555
	ATF_TP_ADD_TC(tp, fgets_heap_before_end);
1556
	ATF_TP_ADD_TC(tp, fgets_heap_end);
1557
	ATF_TP_ADD_TC(tp, fgets_heap_after_end);
1558
	return (atf_no_error());
1559
}
1560

1561
Product

Resources

Company
