diff options
author | H.J. Lu <hjl.tools@gmail.com> | 2021-03-27 09:06:39 -0700 |
---|---|---|
committer | H.J. Lu <hjl.tools@gmail.com> | 2022-01-27 16:25:31 -0800 |
commit | 8fa2afcec396d7d86784a4cd625e8eb1c6795028 (patch) | |
tree | f9626793d3b8fbec71bc8b10dc55718be6e979a0 | |
parent | 0717959eb30b9a19e2a64d433383c79ba1bd9872 (diff) | |
download | glibc-8fa2afcec396d7d86784a4cd625e8eb1c6795028.tar.gz glibc-8fa2afcec396d7d86784a4cd625e8eb1c6795028.tar.xz glibc-8fa2afcec396d7d86784a4cd625e8eb1c6795028.zip |
test-strnlen.c: Check that strnlen won't go beyond the maximum length
Place strings ending at page boundary without the null byte. If an implementation goes beyond EXP_LEN, it will trigger the segfault. (cherry picked from commit cb882b21b63606aabd6e55afe23b42434d95f2ef)
-rw-r--r-- | string/test-strnlen.c | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/string/test-strnlen.c b/string/test-strnlen.c index a4cb3afdcf..f7d0896f47 100644 --- a/string/test-strnlen.c +++ b/string/test-strnlen.c @@ -198,6 +198,35 @@ do_page_tests (void) } } +/* Tests meant to unveil fail on implementations that access bytes + beyond the maxium length. */ + +static void +do_page_2_tests (void) +{ + size_t i, exp_len, offset; + size_t last_offset = page_size / sizeof (CHAR); + + CHAR *s = (CHAR *) buf2; + MEMSET (s, 65, last_offset); + + /* Place short strings ending at page boundary without the null + byte. */ + offset = last_offset; + for (i = 0; i < 128; i++) + { + /* Decrease offset to stress several sizes and alignments. */ + offset--; + exp_len = last_offset - offset; + FOR_EACH_IMPL (impl, 0) + { + /* If an implementation goes beyond EXP_LEN, it will trigger + the segfault. */ + do_one_test (impl, (CHAR *) (s + offset), exp_len, exp_len); + } + } +} + int test_main (void) { @@ -244,6 +273,7 @@ test_main (void) do_random_tests (); do_page_tests (); + do_page_2_tests (); return ret; } |