generic-library/bionic
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

am 41059d76: Merge "Add stpcpy/stpncpy."

Browse Source 
* commit '41059d764f347baa28b8da653a88c772daa9b738':
  Add stpcpy/stpncpy.
This commit is contained in:
Christopher Ferris 2014-04-08 01:31:06 +00:00 committed by Android Git Automerger
commit 8c22d56358
10 changed files with 557 additions and 99 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libc/Android.mk
View File

@ -95,6 +95,8 @@ libc_common_src_files += \
bionic/__memmove_chk.cpp \
bionic/__read_chk.cpp \
bionic/__recvfrom_chk.cpp \
bionic/__stpcpy_chk.cpp \
bionic/__stpncpy_chk.cpp \
bionic/__strchr_chk.cpp \
bionic/__strlcat_chk.cpp \
bionic/__strlcpy_chk.cpp \
@ -382,6 +384,8 @@ libc_upstream_openbsd_src_files := \
upstream-openbsd/lib/libc/stdlib/strtoull.c \
upstream-openbsd/lib/libc/stdlib/strtoumax.c \
upstream-openbsd/lib/libc/stdlib/system.c \
upstream-openbsd/lib/libc/string/stpcpy.c \
upstream-openbsd/lib/libc/string/stpncpy.c \
upstream-openbsd/lib/libc/string/strcasecmp.c \
upstream-openbsd/lib/libc/string/strcspn.c \
upstream-openbsd/lib/libc/string/strdup.c \

55
libc/bionic/__stpcpy_chk.cpp Normal file
View File

@ -0,0 +1,55 @@
/*
* Copyright (C) 2014 The Android Open Source Project
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
* OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
* AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#undef _FORTIFY_SOURCE
#include <string.h>
#include <stdlib.h>
#include "private/libc_logging.h"
/*
* Runtime implementation of __builtin____stpcpy_chk.
*
* See
* http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
* http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
* for details.
*
* This stpcpy check is called if _FORTIFY_SOURCE is defined and
* greater than 0.
*/
extern "C" char* __stpcpy_chk(char* dest, const char* src, size_t dest_len) {
// TODO: optimize so we don't scan src twice.
size_t src_len = strlen(src) + 1;
if (__predict_false(src_len > dest_len)) {
__fortify_chk_fail("stpcpy: prevented write past end of buffer",
BIONIC_EVENT_STPCPY_BUFFER_OVERFLOW);
}
return stpcpy(dest, src);
}

92
libc/bionic/__stpncpy_chk.cpp Normal file
View File

@ -0,0 +1,92 @@
/*
* Copyright (C) 2014 The Android Open Source Project
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
* OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
* AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#undef _FORTIFY_SOURCE
#include <string.h>
#include <stdlib.h>
#include "private/libc_logging.h"
/*
* Runtime implementation of __builtin____stpncpy_chk.
*
* See
* http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
* http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
* for details.
*
* This stpncpy check is called if _FORTIFY_SOURCE is defined and
* greater than 0.
*/
extern "C" char* __stpncpy_chk(char* __restrict dest, const char* __restrict src,
size_t len, size_t dest_len) {
if (__predict_false(len > dest_len)) {
__fortify_chk_fail("stpncpy: prevented write past end of buffer",
BIONIC_EVENT_STPNCPY_BUFFER_OVERFLOW);
}
return stpncpy(dest, src, len);
}
/*
* __stpncpy_chk2
*
* This is a variant of __stpncpy_chk, but it also checks to make
* sure we don't read beyond the end of "src". The code for this is
* based on the original version of stpncpy, but modified to check
* how much we read from "src" at the end of the copy operation.
*/
extern "C" char* __stpncpy_chk2(char* __restrict dst, const char* __restrict src,
size_t n, size_t dest_len, size_t src_len)
{
if (__predict_false(n > dest_len)) {
__fortify_chk_fail("stpncpy: prevented write past end of buffer",
BIONIC_EVENT_STPNCPY_BUFFER_OVERFLOW);
}
if (n != 0) {
char* d = dst;
const char* s = src;
do {
if ((*d++ = *s++) == 0) {
/* NUL pad the remaining n-1 bytes */
while (--n != 0) {
*d++ = 0;
}
break;
}
} while (--n != 0);
size_t s_copy_len = static_cast<size_t>(s - src);
if (__predict_false(s_copy_len > src_len)) {
__fortify_chk_fail("stpncpy: prevented read past end of buffer", 0);
}
}
return dst;
}

4
libc/bionic/__strcpy_chk.cpp
View File

@ -26,6 +26,8 @@
* SUCH DAMAGE.
*/
#undef _FORTIFY_SOURCE
#include <string.h>
#include <stdlib.h>
#include "private/libc_logging.h"
@ -41,7 +43,7 @@
* This strcpy check is called if _FORTIFY_SOURCE is defined and
* greater than 0.
*/
extern "C" char* __strcpy_chk (char* dest, const char* src, size_t dest_len) {
extern "C" char* __strcpy_chk(char* dest, const char* src, size_t dest_len) {
// TODO: optimize so we don't scan src twice.
size_t src_len = strlen(src) + 1;
if (__predict_false(src_len > dest_len)) {

44
libc/include/string.h
View File

@ -53,6 +53,7 @@ extern char* __strrchr_chk(const char *, int, size_t);
extern size_t strlen(const char *) __purefunc;
extern size_t __strlen_chk(const char *, size_t);
extern int strcmp(const char *, const char *) __purefunc;
extern char* stpcpy(char* __restrict, const char* __restrict);
extern char* strcpy(char* __restrict, const char* __restrict);
extern char* strcat(char* __restrict, const char* __restrict);
@ -72,6 +73,7 @@ extern size_t strnlen(const char *, size_t) __purefunc;
extern char* strncat(char* __restrict, const char* __restrict, size_t);
extern char* strndup(const char *, size_t);
extern int strncmp(const char *, const char *, size_t) __purefunc;
extern char* stpncpy(char* __restrict, const char* __restrict, size_t);
extern char* strncpy(char* __restrict, const char* __restrict, size_t);
extern size_t strlcat(char* __restrict, const char* __restrict, size_t);
@ -89,8 +91,8 @@ extern size_t strxfrm(char* __restrict, const char* __restrict, size_t);
#if defined(__BIONIC_FORTIFY)
__errordecl(__memcpy_dest_size_error, "memcpy called with size bigger than destination");
__errordecl(__memcpy_src_size_error, "memcpy called with size bigger than source");
__errordecl(__memcpy_dest_size_error, "memcpy: prevented write past end of buffer");
__errordecl(__memcpy_src_size_error, "memcpy: prevented read past end of buffer");
__BIONIC_FORTIFY_INLINE
void* memcpy(void* __restrict dest, const void* __restrict src, size_t copy_amount) {
@ -115,12 +117,44 @@ void* memmove(void *dest, const void *src, size_t len) {
return __builtin___memmove_chk(dest, src, len, __bos0(dest));
}
__BIONIC_FORTIFY_INLINE
char* stpcpy(char* __restrict dest, const char* __restrict src) {
return __builtin___stpcpy_chk(dest, src, __bos(dest));
}
__BIONIC_FORTIFY_INLINE
char* strcpy(char* __restrict dest, const char* __restrict src) {
return __builtin___strcpy_chk(dest, src, __bos(dest));
}
__errordecl(__strncpy_error, "strncpy called with size bigger than buffer");
__errordecl(__stpncpy_error, "stpncpy: prevented write past end of buffer");
extern char* __stpncpy_chk2(char* __restrict, const char* __restrict, size_t, size_t, size_t);
__BIONIC_FORTIFY_INLINE
char* stpncpy(char* __restrict dest, const char* __restrict src, size_t n) {
size_t bos_dest = __bos(dest);
size_t bos_src = __bos(src);
if (__builtin_constant_p(n) && (n > bos_dest)) {
__stpncpy_error();
}
if (bos_src == __BIONIC_FORTIFY_UNKNOWN_SIZE) {
return __builtin___stpncpy_chk(dest, src, n, bos_dest);
}
if (__builtin_constant_p(n) && (n <= bos_src)) {
return __builtin___stpncpy_chk(dest, src, n, bos_dest);
}
size_t slen = __builtin_strlen(src);
if (__builtin_constant_p(slen)) {
return __builtin___stpncpy_chk(dest, src, n, bos_dest);
}
return __stpncpy_chk2(dest, src, n, bos_dest, bos_src);
}
__errordecl(__strncpy_error, "strncpy: prevented write past end of buffer");
extern char* __strncpy_chk2(char* __restrict, const char* __restrict, size_t, size_t, size_t);
__BIONIC_FORTIFY_INLINE
@ -164,7 +198,7 @@ void* memset(void *s, int c, size_t n) {
extern size_t __strlcpy_real(char* __restrict, const char* __restrict, size_t)
__asm__(__USER_LABEL_PREFIX__ "strlcpy");
__errordecl(__strlcpy_error, "strlcpy called with size bigger than buffer");
__errordecl(__strlcpy_error, "strlcpy: prevented write past end of buffer");
extern size_t __strlcpy_chk(char *, const char *, size_t, size_t);
__BIONIC_FORTIFY_INLINE
@ -195,7 +229,7 @@ size_t strlcpy(char* __restrict dest, const char* __restrict src, size_t size) {
extern size_t __strlcat_real(char* __restrict, const char* __restrict, size_t)
__asm__(__USER_LABEL_PREFIX__ "strlcat");
__errordecl(__strlcat_error, "strlcat called with size bigger than buffer");
__errordecl(__strlcat_error, "strlcat: prevented write past end of buffer");
extern size_t __strlcat_chk(char* __restrict, const char* __restrict, size_t, size_t);

2
libc/private/libc_events.h
View File

@ -40,6 +40,8 @@
#define BIONIC_EVENT_STRNCPY_BUFFER_OVERFLOW 80120
#define BIONIC_EVENT_MEMSET_BUFFER_OVERFLOW 80125
#define BIONIC_EVENT_STRCPY_BUFFER_OVERFLOW 80130
#define BIONIC_EVENT_STPCPY_BUFFER_OVERFLOW 80135
#define BIONIC_EVENT_STPNCPY_BUFFER_OVERFLOW 80140
#define BIONIC_EVENT_RESOLVER_OLD_RESPONSE 80300
#define BIONIC_EVENT_RESOLVER_WRONG_SERVER 80305

44
libc/upstream-openbsd/lib/libc/string/stpcpy.c Normal file
View File

@ -0,0 +1,44 @@
/* $OpenBSD: stpcpy.c,v 1.1 2012/01/17 02:48:01 guenther Exp $ */
/*
* Copyright (c) 1988 Regents of the University of California.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <string.h>
#if defined(APIWARN)
__warn_references(stpcpy,
"warning: stpcpy() is dangerous GNU crap; don't use it");
#endif
char *
stpcpy(char *to, const char *from)
{
for (; (*to = *from) != '\0'; ++from, ++to);
return(to);
}

56
libc/upstream-openbsd/lib/libc/string/stpncpy.c Normal file
View File

@ -0,0 +1,56 @@
/* $OpenBSD: stpncpy.c,v 1.2 2012/07/11 10:44:59 naddy Exp $ */
/*-
* Copyright (c) 1990 The Regents of the University of California.
* All rights reserved.
*
* This code is derived from software contributed to Berkeley by
* Chris Torek.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <string.h>
char *
stpncpy(char *dst, const char *src, size_t n)
{
if (n != 0) {
char *d = dst;
const char *s = src;
dst = &dst[n];
do {
if ((*d++ = *s++) == 0) {
dst = d - 1;
/* NUL pad the remaining n-1 bytes */
while (--n != 0)
*d++ = 0;
break;
}
} while (--n != 0);
}
return (dst);
}

120
tests/fortify_test.cpp
View File

@ -40,6 +40,31 @@ struct foo {
char b[10];
};
#ifndef __clang__
// This test is disabled in clang because clang doesn't properly detect
// this buffer overflow. TODO: Fix clang.
TEST(DEATHTEST, stpncpy_fortified2) {
::testing::FLAGS_gtest_death_test_style = "threadsafe";
foo myfoo;
int copy_amt = atoi("11");
ASSERT_EXIT(stpncpy(myfoo.a, "01234567890", copy_amt),
testing::KilledBySignal(SIGABRT), "");
}
#endif
#ifndef __clang__
// This test is disabled in clang because clang doesn't properly detect
// this buffer overflow. TODO: Fix clang.
TEST(DEATHTEST, stpncpy2_fortified2) {
::testing::FLAGS_gtest_death_test_style = "threadsafe";
foo myfoo;
memset(&myfoo, 0, sizeof(myfoo));
myfoo.one[0] = 'A'; // not null terminated string
ASSERT_EXIT(stpncpy(myfoo.b, myfoo.one, sizeof(myfoo.b)),
testing::KilledBySignal(SIGABRT), "");
}
#endif
#ifndef __clang__
// This test is disabled in clang because clang doesn't properly detect
// this buffer overflow. TODO: Fix clang.
@ -140,6 +165,24 @@ TEST(DEATHTEST, vsnprintf2_fortified2) {
}
#endif
#ifndef __clang__
// zero sized target with "\0" source (should fail)
// This test is disabled in clang because clang doesn't properly detect
// this buffer overflow. TODO: Fix clang.
TEST(DEATHTEST, stpcpy_fortified2) {
#if defined(__BIONIC__)
::testing::FLAGS_gtest_death_test_style = "threadsafe";
foo myfoo;
char* src = strdup("");
ASSERT_EXIT(stpcpy(myfoo.empty, src),
testing::KilledBySignal(SIGABRT), "");
free(src);
#else // __BIONIC__
GTEST_LOG_(INFO) << "This test does nothing.\n";
#endif // __BIONIC__
}
#endif
#ifndef __clang__
// zero sized target with "\0" source (should fail)
// This test is disabled in clang because clang doesn't properly detect
@ -559,6 +602,23 @@ TEST(DEATHTEST, memcpy_fortified) {
ASSERT_EXIT(memcpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), "");
}
TEST(DEATHTEST, stpncpy_fortified) {
::testing::FLAGS_gtest_death_test_style = "threadsafe";
char bufa[15];
char bufb[10];
strcpy(bufa, "01234567890123");
size_t n = strlen(bufa);
ASSERT_EXIT(stpncpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), "");
}
TEST(DEATHTEST, stpncpy2_fortified) {
::testing::FLAGS_gtest_death_test_style = "threadsafe";
char dest[11];
char src[10];
memcpy(src, "0123456789", sizeof(src)); // src is not null terminated
ASSERT_EXIT(stpncpy(dest, src, sizeof(dest)), testing::KilledBySignal(SIGABRT), "");
}
TEST(DEATHTEST, strncpy_fortified) {
::testing::FLAGS_gtest_death_test_style = "threadsafe";
char bufa[15];
@ -568,6 +628,7 @@ TEST(DEATHTEST, strncpy_fortified) {
ASSERT_EXIT(strncpy(bufb, bufa, n), testing::KilledBySignal(SIGABRT), "");
}
TEST(DEATHTEST, strncpy2_fortified) {
::testing::FLAGS_gtest_death_test_style = "threadsafe";
char dest[11];
@ -790,6 +851,45 @@ TEST(TEST_NAME, strcat2) {
ASSERT_EQ('\0', buf[9]);
}
TEST(TEST_NAME, stpncpy) {
char src[10];
char dst[10];
memcpy(src, "0123456789", sizeof(src)); // non null terminated string
stpncpy(dst, src, sizeof(dst));
ASSERT_EQ('0', dst[0]);
ASSERT_EQ('1', dst[1]);
ASSERT_EQ('2', dst[2]);
ASSERT_EQ('3', dst[3]);
ASSERT_EQ('4', dst[4]);
ASSERT_EQ('5', dst[5]);
ASSERT_EQ('6', dst[6]);
ASSERT_EQ('7', dst[7]);
ASSERT_EQ('8', dst[8]);
ASSERT_EQ('9', dst[9]);
}
TEST(TEST_NAME, stpncpy2) {
char src[10];
char dst[15];
memcpy(src, "012345678\0", sizeof(src));
stpncpy(dst, src, sizeof(dst));
ASSERT_EQ('0', dst[0]);
ASSERT_EQ('1', dst[1]);
ASSERT_EQ('2', dst[2]);
ASSERT_EQ('3', dst[3]);
ASSERT_EQ('4', dst[4]);
ASSERT_EQ('5', dst[5]);
ASSERT_EQ('6', dst[6]);
ASSERT_EQ('7', dst[7]);
ASSERT_EQ('8', dst[8]);
ASSERT_EQ('\0', dst[9]);
ASSERT_EQ('\0', dst[10]);
ASSERT_EQ('\0', dst[11]);
ASSERT_EQ('\0', dst[12]);
ASSERT_EQ('\0', dst[13]);
ASSERT_EQ('\0', dst[14]);
}
TEST(TEST_NAME, strncpy) {
char src[10];
char dst[10];
@ -848,22 +948,22 @@ TEST(TEST_NAME, strcat_chk_max_int_size) {
ASSERT_EQ('\0', buf[9]);
}
extern "C" char* __stpcpy_chk(char*, const char*, size_t);
TEST(TEST_NAME, stpcpy_chk_max_int_size) {
char buf[10];
char* res = __stpcpy_chk(buf, "012345678", (size_t)-1);
ASSERT_EQ(buf + strlen("012345678"), res);
ASSERT_STREQ("012345678", buf);
}
extern "C" char* __strcpy_chk(char*, const char*, size_t);
TEST(TEST_NAME, strcpy_chk_max_int_size) {
char buf[10];
char* res = __strcpy_chk(buf, "012345678", (size_t)-1);
ASSERT_EQ(buf, res);
ASSERT_EQ('0', buf[0]);
ASSERT_EQ('1', buf[1]);
ASSERT_EQ('2', buf[2]);
ASSERT_EQ('3', buf[3]);
ASSERT_EQ('4', buf[4]);
ASSERT_EQ('5', buf[5]);
ASSERT_EQ('6', buf[6]);
ASSERT_EQ('7', buf[7]);
ASSERT_EQ('8', buf[8]);
ASSERT_EQ('\0', buf[9]);
ASSERT_STREQ("012345678", buf);
}
extern "C" void* __memcpy_chk(void*, const void*, size_t, size_t);

235
tests/string_test.cpp
View File

@ -222,7 +222,7 @@ TEST(string, strcat) {
TEST(string, strcpy2) {
char buf[1];
char* orig = strdup("");
strcpy(buf, orig);
ASSERT_EQ(buf, strcpy(buf, orig));
ASSERT_EQ('\0', buf[0]);
free(orig);
}
@ -232,13 +232,8 @@ TEST(string, strcpy3) {
char buf[10];
char* orig = strdup("12345");
memset(buf, 'A', sizeof(buf));
strcpy(buf, orig);
ASSERT_EQ('1', buf[0]);
ASSERT_EQ('2', buf[1]);
ASSERT_EQ('3', buf[2]);
ASSERT_EQ('4', buf[3]);
ASSERT_EQ('5', buf[4]);
ASSERT_EQ('\0', buf[5]);
ASSERT_EQ(buf, strcpy(buf, orig));
ASSERT_STREQ("12345", buf);
ASSERT_EQ('A', buf[6]);
ASSERT_EQ('A', buf[7]);
ASSERT_EQ('A', buf[8]);
@ -251,17 +246,41 @@ TEST(string, strcpy4) {
char buf[10];
char* orig = strdup("123456789");
memset(buf, 'A', sizeof(buf));
strcpy(buf, orig);
ASSERT_EQ('1', buf[0]);
ASSERT_EQ('2', buf[1]);
ASSERT_EQ('3', buf[2]);
ASSERT_EQ('4', buf[3]);
ASSERT_EQ('5', buf[4]);
ASSERT_EQ('6', buf[5]);
ASSERT_EQ('7', buf[6]);
ASSERT_EQ('8', buf[7]);
ASSERT_EQ('9', buf[8]);
ASSERT_EQ('\0', buf[9]);
ASSERT_EQ(buf, strcpy(buf, orig));
ASSERT_STREQ("123456789", buf);
free(orig);
}
// one byte target with "\0" source
TEST(string, stpcpy2) {
char buf[1];
char* orig = strdup("");
ASSERT_EQ(buf, stpcpy(buf, orig));
ASSERT_EQ('\0', buf[0]);
free(orig);
}
// multibyte target where we under fill target
TEST(string, stpcpy3) {
char buf[10];
char* orig = strdup("12345");
memset(buf, 'A', sizeof(buf));
ASSERT_EQ(buf+strlen(orig), stpcpy(buf, orig));
ASSERT_STREQ("12345", buf);
ASSERT_EQ('A', buf[6]);
ASSERT_EQ('A', buf[7]);
ASSERT_EQ('A', buf[8]);
ASSERT_EQ('A', buf[9]);
free(orig);
}
// multibyte target where we fill target exactly
TEST(string, stpcpy4) {
char buf[10];
char* orig = strdup("123456789");
memset(buf, 'A', sizeof(buf));
ASSERT_EQ(buf+strlen(orig), stpcpy(buf, orig));
ASSERT_STREQ("123456789", buf);
free(orig);
}
@ -272,13 +291,7 @@ TEST(string, strcat2) {
buf[1] = '\0';
char* res = strcat(buf, "01234");
ASSERT_EQ(buf, res);
ASSERT_EQ('a', buf[0]);
ASSERT_EQ('0', buf[1]);
ASSERT_EQ('1', buf[2]);
ASSERT_EQ('2', buf[3]);
ASSERT_EQ('3', buf[4]);
ASSERT_EQ('4', buf[5]);
ASSERT_EQ('\0', buf[6]);
ASSERT_STREQ("a01234", buf);
ASSERT_EQ('A', buf[7]);
ASSERT_EQ('A', buf[8]);
ASSERT_EQ('A', buf[9]);
@ -291,16 +304,7 @@ TEST(string, strcat3) {
buf[1] = '\0';
char* res = strcat(buf, "01234567");
ASSERT_EQ(buf, res);
ASSERT_EQ('a', buf[0]);
ASSERT_EQ('0', buf[1]);
ASSERT_EQ('1', buf[2]);
ASSERT_EQ('2', buf[3]);
ASSERT_EQ('3', buf[4]);
ASSERT_EQ('4', buf[5]);
ASSERT_EQ('5', buf[6]);
ASSERT_EQ('6', buf[7]);
ASSERT_EQ('7', buf[8]);
ASSERT_EQ('\0', buf[9]);
ASSERT_STREQ("a01234567", buf);
}
TEST(string, strncat2) {
@ -310,13 +314,7 @@ TEST(string, strncat2) {
buf[1] = '\0';
char* res = strncat(buf, "01234", sizeof(buf) - strlen(buf) - 1);
ASSERT_EQ(buf, res);
ASSERT_EQ('a', buf[0]);
ASSERT_EQ('0', buf[1]);
ASSERT_EQ('1', buf[2]);
ASSERT_EQ('2', buf[3]);
ASSERT_EQ('3', buf[4]);
ASSERT_EQ('4', buf[5]);
ASSERT_EQ('\0', buf[6]);
ASSERT_STREQ("a01234", buf);
ASSERT_EQ('A', buf[7]);
ASSERT_EQ('A', buf[8]);
ASSERT_EQ('A', buf[9]);
@ -329,13 +327,7 @@ TEST(string, strncat3) {
buf[1] = '\0';
char* res = strncat(buf, "0123456789", 5);
ASSERT_EQ(buf, res);
ASSERT_EQ('a', buf[0]);
ASSERT_EQ('0', buf[1]);
ASSERT_EQ('1', buf[2]);
ASSERT_EQ('2', buf[3]);
ASSERT_EQ('3', buf[4]);
ASSERT_EQ('4', buf[5]);
ASSERT_EQ('\0', buf[6]);
ASSERT_STREQ("a01234", buf);
ASSERT_EQ('A', buf[7]);
ASSERT_EQ('A', buf[8]);
ASSERT_EQ('A', buf[9]);
@ -348,16 +340,7 @@ TEST(string, strncat4) {
buf[1] = '\0';
char* res = strncat(buf, "01234567", 8);
ASSERT_EQ(buf, res);
ASSERT_EQ('a', buf[0]);
ASSERT_EQ('0', buf[1]);
ASSERT_EQ('1', buf[2]);
ASSERT_EQ('2', buf[3]);
ASSERT_EQ('3', buf[4]);
ASSERT_EQ('4', buf[5]);
ASSERT_EQ('5', buf[6]);
ASSERT_EQ('6', buf[7]);
ASSERT_EQ('7', buf[8]);
ASSERT_EQ('\0', buf[9]);
ASSERT_STREQ("a01234567", buf);
}
TEST(string, strncat5) {
@ -367,16 +350,7 @@ TEST(string, strncat5) {
buf[1] = '\0';
char* res = strncat(buf, "01234567", 9);
ASSERT_EQ(buf, res);
ASSERT_EQ('a', buf[0]);
ASSERT_EQ('0', buf[1]);
ASSERT_EQ('1', buf[2]);
ASSERT_EQ('2', buf[3]);
ASSERT_EQ('3', buf[4]);
ASSERT_EQ('4', buf[5]);
ASSERT_EQ('5', buf[6]);
ASSERT_EQ('6', buf[7]);
ASSERT_EQ('7', buf[8]);
ASSERT_EQ('\0', buf[9]);
ASSERT_STREQ("a01234567", buf);
}
TEST(string, strchr_with_0) {
@ -456,6 +430,32 @@ TEST(string, strcmp) {
}
}
TEST(string, stpcpy) {
StringTestState<char> state(SMALL);
for (size_t j = 0; j < POS_ITER; j++) {
state.NewIteration();
size_t pos = random() % state.MAX_LEN;
memset(state.ptr1, '\2', pos);
state.ptr1[pos] = '\0';
state.ptr1[state.MAX_LEN - 1] = '\0';
memcpy(state.ptr, state.ptr1, state.MAX_LEN);
memset(state.ptr2, '\1', state.MAX_LEN);
state.ptr2[state.MAX_LEN - 1] = '\0';
memset(state.ptr + state.MAX_LEN, '\1', state.MAX_LEN);
memcpy(state.ptr + state.MAX_LEN, state.ptr1, pos + 1);
state.ptr[2 * state.MAX_LEN - 1] = '\0';
ASSERT_TRUE(stpcpy(state.ptr2, state.ptr1) == state.ptr2 + strlen(state.ptr1));
ASSERT_FALSE((memcmp(state.ptr1, state.ptr, state.MAX_LEN)) != 0 ||
(memcmp(state.ptr2, state.ptr + state.MAX_LEN, state.MAX_LEN) != 0));
}
}
TEST(string, strcpy) {
StringTestState<char> state(SMALL);
for (size_t j = 0; j < POS_ITER; j++) {
@ -482,7 +482,6 @@ TEST(string, strcpy) {
}
}
TEST(string, strlcat) {
#if defined(__BIONIC__)
StringTestState<char> state(SMALL);
@ -614,30 +613,81 @@ TEST(string, strncmp) {
}
}
TEST(string, stpncpy) {
StringTestState<char> state(SMALL);
for (size_t j = 0; j < ITER; j++) {
state.NewIteration();
// Choose a random value to fill the string, except \0 (string terminator),
// or \1 (guarantees it's different from anything in ptr2).
memset(state.ptr1, (random() % 254) + 2, state.MAX_LEN);
// Choose a random size for our src buffer.
size_t ptr1_len = random() % state.MAX_LEN;
state.ptr1[ptr1_len] = '\0';
// Copy ptr1 into ptr, used to verify that ptr1 does not get modified.
memcpy(state.ptr, state.ptr1, state.MAX_LEN);
// Init ptr2 to a set value.
memset(state.ptr2, '\1', state.MAX_LEN);
// Choose a random amount of data to copy.
size_t copy_len = random() % state.MAX_LEN;
// Set the second half of ptr to the expected pattern in ptr2.
memset(state.ptr + state.MAX_LEN, '\1', state.MAX_LEN);
memcpy(state.ptr + state.MAX_LEN, state.ptr1, copy_len);
size_t expected_end;
if (copy_len > ptr1_len) {
memset(state.ptr + state.MAX_LEN + ptr1_len, '\0', copy_len - ptr1_len);
expected_end = ptr1_len;
} else {
expected_end = copy_len;
}
ASSERT_EQ(state.ptr2 + expected_end, stpncpy(state.ptr2, state.ptr1, copy_len));
// Verify ptr1 was not modified.
ASSERT_EQ(0, memcmp(state.ptr1, state.ptr, state.MAX_LEN));
// Verify ptr2 contains the expected data.
ASSERT_EQ(0, memcmp(state.ptr2, state.ptr + state.MAX_LEN, state.MAX_LEN));
}
}
TEST(string, strncpy) {
StringTestState<char> state(SMALL);
for (size_t j = 0; j < ITER; j++) {
state.NewIteration();
memset(state.ptr1, random() & 255, state.MAX_LEN);
state.ptr1[random () % state.MAX_LEN] = '\0';
// Choose a random value to fill the string, except \0 (string terminator),
// or \1 (guarantees it's different from anything in ptr2).
memset(state.ptr1, (random() % 254) + 2, state.MAX_LEN);
// Choose a random size for our src buffer.
size_t ptr1_len = random() % state.MAX_LEN;
state.ptr1[ptr1_len] = '\0';
// Copy ptr1 into ptr, used to verify that ptr1 does not get modified.
memcpy(state.ptr, state.ptr1, state.MAX_LEN);
// Init ptr2 to a set value.
memset(state.ptr2, '\1', state.MAX_LEN);
size_t pos;
if (memchr(state.ptr1, 0, state.MAX_LEN)) {
pos = strlen(state.ptr1);
// Choose a random amount of data to copy.
size_t copy_len = random() % state.MAX_LEN;
// Set the second half of ptr to the expected pattern in ptr2.
memset(state.ptr + state.MAX_LEN, '\1', state.MAX_LEN);
memcpy(state.ptr + state.MAX_LEN, state.ptr1, copy_len);
size_t expected_end;
if (copy_len > ptr1_len) {
memset(state.ptr + state.MAX_LEN + ptr1_len, '\0', copy_len - ptr1_len);
expected_end = ptr1_len;
} else {
pos = state.MAX_LEN - 1;
expected_end = copy_len;
}
memset(state.ptr + state.MAX_LEN, '\0', state.MAX_LEN);
memcpy(state.ptr + state.MAX_LEN, state.ptr1, pos + 1);
ASSERT_EQ(state.ptr2 + expected_end, stpncpy(state.ptr2, state.ptr1, copy_len));
ASSERT_TRUE(strncpy(state.ptr2, state.ptr1, state.MAX_LEN) == state.ptr2);
ASSERT_FALSE(memcmp(state.ptr1, state.ptr, state.MAX_LEN) != 0 ||
memcmp(state.ptr2, state.ptr + state.MAX_LEN, state.MAX_LEN) != 0);
// Verify ptr1 was not modified.
ASSERT_EQ(0, memcmp(state.ptr1, state.ptr, state.MAX_LEN));
// Verify ptr2 contains the expected data.
ASSERT_EQ(0, memcmp(state.ptr2, state.ptr + state.MAX_LEN, state.MAX_LEN));
}
}
@ -966,6 +1016,25 @@ TEST(string, strcpy_overread) {
RunSrcDstBufferOverreadTest(DoStrcpyTest);
}
static void DoStpcpyTest(uint8_t* src, uint8_t* dst, size_t len) {
if (len >= 1) {
memset(src, (32 + (len % 96)), len - 1);
src[len-1] = '\0';
memset(dst, 0, len);
ASSERT_EQ(dst+len-1, reinterpret_cast<uint8_t*>(stpcpy(reinterpret_cast<char*>(dst),
reinterpret_cast<char*>(src))));
ASSERT_TRUE(memcmp(src, dst, len) == 0);
}
}
TEST(string, stpcpy_align) {
RunSrcDstBufferAlignTest(LARGE, DoStpcpyTest);
}
TEST(string, stpcpy_overread) {
RunSrcDstBufferOverreadTest(DoStpcpyTest);
}
// Use our own incrementer to cut down on the total number of calls.
static size_t LargeSetIncrement(size_t len) {
if (len >= 4096) {