From 2fbb1b653ee46b6dee715ae7c085f094f505390d Mon Sep 17 00:00:00 2001 From: Dan Albert Date: Wed, 8 Oct 2014 11:21:32 -0700 Subject: [PATCH] Add basic compile time tests for sn?printf. Bug: 17782583 Change-Id: I6443537c643d1cc6b4a8f2dab5c364f2fbc1faa3 --- tests/Android.mk | 4 ++- tests/fortify_sprintf_warnings.cpp | 57 ++++++++++++++++++++++++++++++ 2 files changed, 60 insertions(+), 1 deletion(-) create mode 100644 tests/fortify_sprintf_warnings.cpp diff --git a/tests/Android.mk b/tests/Android.mk index 9759c71fe..13d90381c 100644 --- a/tests/Android.mk +++ b/tests/Android.mk @@ -342,7 +342,7 @@ LOCAL_CXX = $(LOCAL_PATH)/file-check-cxx \ LOCAL_CLANG := false LOCAL_MODULE := bionic-compile-time-tests-g++ LOCAL_CXXFLAGS := -Wall -LOCAL_SRC_FILES := +LOCAL_SRC_FILES := fortify_sprintf_warnings.cpp include $(BUILD_STATIC_LIBRARY) include $(CLEAR_VARS) @@ -359,6 +359,8 @@ LOCAL_CXX := $(LOCAL_PATH)/file-check-cxx \ LOCAL_CLANG := true LOCAL_MODULE := bionic-compile-time-tests-clang++ LOCAL_CXXFLAGS := -Wall +# FileCheck will error if there aren't any CLANG: lines in the file, but there +# don't appear to be any cases where clang _does_ emit warnings for sn?printf :( LOCAL_SRC_FILES := include $(BUILD_STATIC_LIBRARY) diff --git a/tests/fortify_sprintf_warnings.cpp b/tests/fortify_sprintf_warnings.cpp new file mode 100644 index 000000000..2333c3e23 --- /dev/null +++ b/tests/fortify_sprintf_warnings.cpp @@ -0,0 +1,57 @@ +/* + * Copyright (C) 2014 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#undef _FORTIFY_SOURCE +#define _FORTIFY_SOURCE 2 +#include + +void test_sprintf() { + char buf[4]; + + // NOLINTNEXTLINE(whitespace/line_length) + // GCC: warning: call to int __builtin___sprintf_chk(char*, int, unsigned int, const char*, ...) will always overflow destination buffer + // clang should emit a warning, but doesn't + sprintf(buf, "foobar"); // NOLINT(runtime/printf) + + // NOLINTNEXTLINE(whitespace/line_length) + // GCC: warning: call to int __builtin___sprintf_chk(char*, int, unsigned int, const char*, ...) will always overflow destination buffer + // clang should emit a warning, but doesn't + sprintf(buf, "%s", "foobar"); // NOLINT(runtime/printf) +} + +void test_snprintf() { + char buf[4]; + + // NOLINTNEXTLINE(whitespace/line_length) + // GCC: warning: call to int __builtin___snprintf_chk(char*, unsigned int, int, unsigned int, const char*, ...) will always overflow destination buffer + // clang should emit a warning, but doesn't + snprintf(buf, 5, "foobar"); // NOLINT(runtime/printf) + + // NOLINTNEXTLINE(whitespace/line_length) + // GCC: warning: call to int __builtin___snprintf_chk(char*, unsigned int, int, unsigned int, const char*, ...) will always overflow destination buffer + // clang should emit a warning, but doesn't + snprintf(buf, 5, "%s", "foobar"); // NOLINT(runtime/printf) + + // NOLINTNEXTLINE(whitespace/line_length) + // GCC: warning: call to int __builtin___snprintf_chk(char*, unsigned int, int, unsigned int, const char*, ...) will always overflow destination buffer + // clang should emit a warning, but doesn't + snprintf(buf, 5, " %s ", "foobar"); // NOLINT(runtime/printf) + + // NOLINTNEXTLINE(whitespace/line_length) + // GCC: warning: call to int __builtin___snprintf_chk(char*, unsigned int, int, unsigned int, const char*, ...) will always overflow destination buffer + // clang should emit a warning, but doesn't + snprintf(buf, 5, "%d", 100000); // NOLINT(runtime/printf) +}