libc: upgrade sprintf to _FORTIFY_SOURCE=2

Upgrade sprintf to fortify_source level 2, to catch additional security bugs. Change-Id: Ibc957d65e4cb96152de84b3745a04e00fa22659e
2013-04-29 16:29:37 -07:00
parent 382a775378
commit 78d6d9888c
4 changed files with 33 additions and 4 deletions
--- a/tests/fortify2_test.cpp
+++ b/tests/fortify2_test.cpp
@@ -27,7 +27,7 @@ struct foo {

 // We have to say "DeathTest" here so gtest knows to run this test (which exits)
 // in its own process.
-TEST(Fortify2_DeathTest, strncpy_fortified) {
+TEST(Fortify2_DeathTest, strncpy_fortified2) {
  ::testing::FLAGS_gtest_death_test_style = "threadsafe";
  foo myfoo;
  int copy_amt = atoi("11");
@@ -35,6 +35,19 @@ TEST(Fortify2_DeathTest, strncpy_fortified) {
              testing::KilledBySignal(SIGSEGV), "");
 }

+TEST(Fortify2_DeathTest, sprintf_fortified2) {
+  ::testing::FLAGS_gtest_death_test_style = "threadsafe";
+  foo myfoo;
+  char source_buf[15];
+  memcpy(source_buf, "12345678901234", 15);
+  ASSERT_EXIT(sprintf(myfoo.a, "%s", source_buf),
+              testing::KilledBySignal(SIGSEGV), "");
+}
+
+/***********************************************************/
+/* TESTS BELOW HERE DUPLICATE TESTS FROM fortify1_test.cpp */
+/***********************************************************/
+
 #if __BIONIC__
 TEST(Fortify2_DeathTest, strcpy_fortified) {
  ::testing::FLAGS_gtest_death_test_style = "threadsafe";
@@ -65,3 +78,11 @@ TEST(Fortify2_DeathTest, strrchr_fortified) {
  ASSERT_EXIT(printf("%s", strrchr(buf, 'a')), testing::KilledBySignal(SIGSEGV), "");
 }
 #endif
+
+TEST(Fortify2_DeathTest, sprintf_fortified) {
+  ::testing::FLAGS_gtest_death_test_style = "threadsafe";
+  char buf[10];
+  char source_buf[15];
+  memcpy(source_buf, "12345678901234", 15);
+  ASSERT_EXIT(sprintf(buf, "%s", source_buf), testing::KilledBySignal(SIGSEGV), "");
+}