1// RUN: %clang_dfsan %s -o %t && DFSAN_OPTIONS="strict_data_dependencies=0" %run %t
2// RUN: %clang_dfsan -DSTRICT_DATA_DEPENDENCIES %s -o %t && %run %t
3// RUN: %clang_dfsan -DORIGIN_TRACKING -mllvm -dfsan-track-origins=1 -mllvm -dfsan-combine-pointer-labels-on-load=false -DSTRICT_DATA_DEPENDENCIES %s -o %t && %run %t
4// RUN: %clang_dfsan -DORIGIN_TRACKING -mllvm -dfsan-track-origins=1 -mllvm -dfsan-combine-pointer-labels-on-load=false -no-pie %s -o %t && DFSAN_OPTIONS="strict_data_dependencies=0" %run %t
5//
6// Tests custom implementations of various glibc functions.
7
8#pragma clang diagnostic ignored "-Wformat-extra-args"
9
10#include <sanitizer/dfsan_interface.h>
11
12#include <arpa/inet.h>
13#include <assert.h>
14#include <fcntl.h>
15#include <link.h>
16#include <poll.h>
17#include <pthread.h>
18#include <pwd.h>
19#include <sched.h>
20#include <signal.h>
21#include <stdint.h>
22#include <stdio.h>
23#include <stdlib.h>
24#include <string.h>
25#include <strings.h>
26#include <sys/epoll.h>
27#include <sys/resource.h>
28#include <sys/select.h>
29#include <sys/socket.h>
30#include <sys/stat.h>
31#include <sys/time.h>
32#include <sys/types.h>
33#include <time.h>
34#include <unistd.h>
35
36dfsan_label i_label = 0;
37dfsan_label j_label = 0;
38dfsan_label k_label = 0;
39dfsan_label m_label = 0;
40dfsan_label n_label = 0;
41dfsan_label i_j_label = 0;
42
43#define ASSERT_ZERO_LABEL(data) \
44 assert(0 == dfsan_get_label((long) (data)))
45
46#define ASSERT_READ_ZERO_LABEL(ptr, size) \
47 assert(0 == dfsan_read_label(ptr, size))
48
49#define ASSERT_LABEL(data, label) \
50 assert(label == dfsan_get_label((long) (data)))
51
52#define ASSERT_READ_LABEL(ptr, size, label) \
53 assert(label == dfsan_read_label(ptr, size))
54
55#ifdef ORIGIN_TRACKING
56#define ASSERT_ZERO_ORIGIN(data) \
57 assert(0 == dfsan_get_origin((long)(data)))
58#else
59#define ASSERT_ZERO_ORIGIN(data)
60#endif
61
62#ifdef ORIGIN_TRACKING
63#define ASSERT_ZERO_ORIGINS(ptr, size) \
64 for (int i = 0; i < size; ++i) { \
65 assert(0 == dfsan_get_origin((long)(((char *)ptr)[i]))); \
66 }
67#else
68#define ASSERT_ZERO_ORIGINS(ptr, size)
69#endif
70
71#ifdef ORIGIN_TRACKING
72#define ASSERT_ORIGIN(data, origin) \
73 assert(origin == dfsan_get_origin((long)(data)))
74#else
75#define ASSERT_ORIGIN(data, origin)
76#endif
77
78#ifdef ORIGIN_TRACKING
79#define ASSERT_ORIGINS(ptr, size, origin) \
80 for (int i = 0; i < size; ++i) { \
81 assert(origin == dfsan_get_origin((long)(((char *)ptr)[i]))); \
82 }
83#else
84#define ASSERT_ORIGINS(ptr, size, origin)
85#endif
86
87#ifdef ORIGIN_TRACKING
88#define ASSERT_INIT_ORIGIN(ptr, origin) \
89 assert(origin == dfsan_get_init_origin(ptr))
90#else
91#define ASSERT_INIT_ORIGIN(ptr, origin)
92#endif
93
94#ifdef ORIGIN_TRACKING
95#define ASSERT_INIT_ORIGIN_EQ_ORIGIN(ptr, data) \
96 assert(dfsan_get_origin((long)(data)) == dfsan_get_init_origin(ptr))
97#else
98#define ASSERT_INIT_ORIGIN_EQ_ORIGIN(ptr, data)
99#endif
100
101#ifdef ORIGIN_TRACKING
102#define ASSERT_INIT_ORIGINS(ptr, size, origin) \
103 for (int i = 0; i < size; ++i) { \
104 assert(origin == dfsan_get_init_origin(&((char *)ptr)[i])); \
105 }
106#else
107#define ASSERT_INIT_ORIGINS(ptr, size, origin)
108#endif
109
110#ifdef ORIGIN_TRACKING
111#define ASSERT_EQ_ORIGIN(data1, data2) \
112 assert(dfsan_get_origin((long)(data1)) == dfsan_get_origin((long)(data2)))
113#else
114#define ASSERT_EQ_ORIGIN(data1, data2)
115#endif
116
117#ifdef ORIGIN_TRACKING
118#define DEFINE_AND_SAVE_ORIGINS(val) \
119 dfsan_origin val##_o[sizeof(val)]; \
120 for (int i = 0; i < sizeof(val); ++i) \
121 val##_o[i] = dfsan_get_origin((long)(((char *)(&val))[i]));
122#else
123#define DEFINE_AND_SAVE_ORIGINS(val)
124#endif
125
126#ifdef ORIGIN_TRACKING
127#define SAVE_ORIGINS(val) \
128 for (int i = 0; i < sizeof(val); ++i) \
129 val##_o[i] = dfsan_get_origin((long)(((char *)(&val))[i]));
130#else
131#define SAVE_ORIGINS(val)
132#endif
133
134#ifdef ORIGIN_TRACKING
135#define ASSERT_SAVED_ORIGINS(val) \
136 for (int i = 0; i < sizeof(val); ++i) \
137 ASSERT_ORIGIN(((char *)(&val))[i], val##_o[i]);
138#else
139#define ASSERT_SAVED_ORIGINS(val)
140#endif
141
142#ifdef ORIGIN_TRACKING
143#define DEFINE_AND_SAVE_N_ORIGINS(val, n) \
144 dfsan_origin val##_o[n]; \
145 for (int i = 0; i < n; ++i) \
146 val##_o[i] = dfsan_get_origin((long)(val[i]));
147#else
148#define DEFINE_AND_SAVE_N_ORIGINS(val, n)
149#endif
150
151#ifdef ORIGIN_TRACKING
152#define ASSERT_SAVED_N_ORIGINS(val, n) \
153 for (int i = 0; i < n; ++i) \
154 ASSERT_ORIGIN(val[i], val##_o[i]);
155#else
156#define ASSERT_SAVED_N_ORIGINS(val, n)
157#endif
158
159#if !defined(__GLIBC_PREREQ)
160# define __GLIBC_PREREQ(a, b) 0
161#endif
162
163void test_stat() {
164 int i = 1;
165 dfsan_set_label(label: i_label, addr: &i, size: sizeof(i));
166
167 struct stat s;
168 s.st_dev = i;
169 DEFINE_AND_SAVE_ORIGINS(s)
170 int ret = stat(file: "/", buf: &s);
171 assert(0 == ret);
172 ASSERT_ZERO_LABEL(ret);
173 ASSERT_ZERO_LABEL(s.st_dev);
174 ASSERT_SAVED_ORIGINS(s)
175
176 s.st_dev = i;
177 SAVE_ORIGINS(s)
178 ret = stat(file: "/nonexistent_581cb021aba7", buf: &s);
179 assert(-1 == ret);
180 ASSERT_ZERO_LABEL(ret);
181 ASSERT_LABEL(s.st_dev, i_label);
182 ASSERT_SAVED_ORIGINS(s)
183}
184
185void test_fstat() {
186 int i = 1;
187 dfsan_set_label(label: i_label, addr: &i, size: sizeof(i));
188
189 struct stat s;
190 int fd = open(file: "/dev/zero", O_RDONLY);
191 s.st_dev = i;
192 DEFINE_AND_SAVE_ORIGINS(s)
193 int rv = fstat(fd: fd, buf: &s);
194 assert(0 == rv);
195 ASSERT_ZERO_LABEL(rv);
196 ASSERT_ZERO_LABEL(s.st_dev);
197 ASSERT_SAVED_ORIGINS(s)
198}
199
200void test_memcmp() {
201 char str1[] = "str1", str2[] = "str2";
202 dfsan_set_label(label: i_label, addr: &str1[3], size: 1);
203 dfsan_set_label(label: j_label, addr: &str2[3], size: 1);
204
205 int rv = memcmp(s1: str1, s2: str2, n: sizeof(str1));
206 assert(rv < 0);
207#ifdef STRICT_DATA_DEPENDENCIES
208 ASSERT_ZERO_LABEL(rv);
209#else
210 ASSERT_LABEL(rv, i_j_label);
211 ASSERT_EQ_ORIGIN(rv, str1[3]);
212#endif
213
214 rv = memcmp(s1: str1, s2: str2, n: sizeof(str1) - 2);
215 assert(rv == 0);
216 ASSERT_ZERO_LABEL(rv);
217}
218
219void test_bcmp() {
220 char str1[] = "str1", str2[] = "str2";
221 dfsan_set_label(label: i_label, addr: &str1[3], size: 1);
222 dfsan_set_label(label: j_label, addr: &str2[3], size: 1);
223
224 int rv = bcmp(s1: str1, s2: str2, n: sizeof(str1));
225 assert(rv != 0);
226#ifdef STRICT_DATA_DEPENDENCIES
227 ASSERT_ZERO_LABEL(rv);
228#else
229 ASSERT_LABEL(rv, i_j_label);
230 ASSERT_EQ_ORIGIN(rv, str1[3]);
231#endif
232
233 rv = bcmp(s1: str1, s2: str2, n: sizeof(str1) - 2);
234 assert(rv == 0);
235 ASSERT_ZERO_LABEL(rv);
236}
237
238void test_memcpy() {
239 char str1[] = "str1";
240 char str2[sizeof(str1)];
241 dfsan_set_label(label: i_label, addr: &str1[3], size: 1);
242
243 DEFINE_AND_SAVE_ORIGINS(str1)
244
245 char *ptr2 = str2;
246 dfsan_set_label(label: j_label, addr: &ptr2, size: sizeof(ptr2));
247
248 void *r = memcpy(dest: ptr2, src: str1, n: sizeof(str1));
249 ASSERT_LABEL(r, j_label);
250 ASSERT_EQ_ORIGIN(r, ptr2);
251 assert(0 == memcmp(str2, str1, sizeof(str1)));
252 ASSERT_ZERO_LABEL(str2[0]);
253 ASSERT_LABEL(str2[3], i_label);
254
255 for (int i = 0; i < sizeof(str2); ++i) {
256 if (!dfsan_get_label(data: str2[i]))
257 continue;
258 ASSERT_INIT_ORIGIN(&(str2[i]), str1_o[i]);
259 }
260}
261
262void test_memmove() {
263 char str[] = "str1xx";
264 dfsan_set_label(label: i_label, addr: &str[3], size: 1);
265
266 DEFINE_AND_SAVE_ORIGINS(str)
267
268 char *ptr = str + 2;
269 dfsan_set_label(label: j_label, addr: &ptr, size: sizeof(ptr));
270
271 void *r = memmove(dest: ptr, src: str, n: 4);
272 ASSERT_LABEL(r, j_label);
273 ASSERT_EQ_ORIGIN(r, ptr);
274 assert(0 == memcmp(str + 2, "str1", 4));
275 ASSERT_ZERO_LABEL(str[4]);
276 ASSERT_LABEL(str[5], i_label);
277
278 for (int i = 0; i < 4; ++i) {
279 if (!dfsan_get_label(data: ptr[i]))
280 continue;
281 ASSERT_INIT_ORIGIN(&(ptr[i]), str_o[i]);
282 }
283}
284
285void test_memset() {
286 char buf[8];
287 int j = 'a';
288 char *ptr = buf;
289 dfsan_set_label(label: j_label, addr: &j, size: sizeof(j));
290 dfsan_set_label(label: k_label, addr: &ptr, size: sizeof(ptr));
291 void *ret = memset(s: ptr, c: j, n: sizeof(buf));
292 ASSERT_LABEL(ret, k_label);
293 ASSERT_EQ_ORIGIN(ret, ptr);
294 for (int i = 0; i < 8; ++i) {
295 ASSERT_LABEL(buf[i], j_label);
296 ASSERT_EQ_ORIGIN(buf[i], j);
297 assert(buf[i] == 'a');
298 }
299}
300
301void test_strcmp() {
302 char str1[] = "str1", str2[] = "str2";
303 dfsan_set_label(label: i_label, addr: &str1[3], size: 1);
304 dfsan_set_label(label: j_label, addr: &str2[3], size: 1);
305
306 int rv = strcmp(s1: str1, s2: str2);
307 assert(rv < 0);
308#ifdef STRICT_DATA_DEPENDENCIES
309 ASSERT_ZERO_LABEL(rv);
310#else
311 ASSERT_LABEL(rv, i_j_label);
312 ASSERT_EQ_ORIGIN(rv, str1[3]);
313#endif
314
315 rv = strcmp(s1: str1, s2: str1);
316 assert(rv == 0);
317#ifdef STRICT_DATA_DEPENDENCIES
318 ASSERT_ZERO_LABEL(rv);
319 ASSERT_ZERO_ORIGIN(rv);
320#else
321 ASSERT_LABEL(rv, i_label);
322 ASSERT_EQ_ORIGIN(rv, str1[3]);
323#endif
324}
325
326void test_strcat() {
327 char src[] = "world";
328 int volatile x = 0; // buffer to ensure src and dst do not share origins
329 (void)x;
330 char dst[] = "hello \0 ";
331 int volatile y = 0; // buffer to ensure dst and p do not share origins
332 (void)y;
333 char *p = dst;
334 dfsan_set_label(label: k_label, addr: &p, size: sizeof(p));
335 dfsan_set_label(label: i_label, addr: src, size: sizeof(src));
336 dfsan_set_label(label: j_label, addr: dst, size: sizeof(dst));
337 dfsan_origin dst_o = dfsan_get_origin(data: (long)dst[0]);
338 (void)dst_o;
339 char *ret = strcat(dest: p, src: src);
340
341 ASSERT_LABEL(ret, k_label);
342 ASSERT_EQ_ORIGIN(ret, p);
343 assert(ret == dst);
344 assert(strcmp(src, dst + 6) == 0);
345 // Origins are assigned for every 4 contiguous 4-aligned bytes. After
346 // appending src to dst, origins of src can overwrite origins of dst if their
347 // application adddresses are within [start_aligned_down, end_aligned_up).
348 // Other origins are not changed.
349 char *start_aligned_down = (char *)(((size_t)(dst + 6)) & ~3UL);
350 char *end_aligned_up = (char *)(((size_t)(dst + 11 + 4)) & ~3UL);
351 for (int i = 0; i < 12; ++i) {
352 if (dst + i < start_aligned_down || dst + i >= end_aligned_up) {
353 ASSERT_INIT_ORIGIN(&dst[i], dst_o);
354 } else {
355 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&dst[i], src[0]);
356 }
357 }
358 for (int i = 0; i < 6; ++i) {
359 ASSERT_LABEL(dst[i], j_label);
360 }
361 for (int i = 6; i < strlen(s: dst); ++i) {
362 ASSERT_LABEL(dst[i], i_label);
363 assert(dfsan_get_label(dst[i]) == dfsan_get_label(src[i - 6]));
364 }
365 ASSERT_LABEL(dst[11], j_label);
366}
367
368void test_strncat(int n) {
369 char src[] = "world";
370 int volatile x = 0; // buffer to ensure src and dst do not share origins
371 (void)x;
372 char dst[] = "hello \0 ";
373 int volatile y = 0; // buffer to ensure dst and p do not share origins
374 (void)y;
375 char *p = dst;
376 dfsan_set_label(label: k_label, addr: &p, size: sizeof(p));
377 dfsan_set_label(label: i_label, addr: src, size: sizeof(src));
378 dfsan_set_label(label: j_label, addr: dst, size: sizeof(dst));
379 dfsan_origin dst_o = dfsan_get_origin(data: (long)dst[0]);
380 (void)dst_o;
381 char *ret = strncat(dest: p, src: src, n: n);
382
383 ASSERT_LABEL(ret, k_label);
384 ASSERT_EQ_ORIGIN(ret, p);
385 assert(ret == dst);
386 assert(strncmp(src, dst + 6, n) == 0);
387 // Origins are assigned for every 4 contiguous 4-aligned bytes. After
388 // appending src to dst, origins of src can overwrite origins of dst if their
389 // application adddresses are within [start_aligned_down, end_aligned_up).
390 // Other origins are not changed.
391 int pad = n % 4;
392 if (pad)
393 pad = 4 - pad;
394
395 char *start_aligned_down = (char *)(((size_t)(dst + 6)) & ~3UL);
396 char *end_aligned_up = (char *)(((size_t)(dst + 6 + n + pad)) & ~3UL);
397
398 for (int i = 0; i < 12; ++i) {
399 if (dst + i < start_aligned_down || dst + i >= end_aligned_up) {
400 ASSERT_INIT_ORIGIN(&dst[i], dst_o);
401 } else {
402 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&dst[i], src[0]);
403 }
404 }
405 for (int i = 0; i < 6; ++i) {
406 ASSERT_LABEL(dst[i], j_label);
407 }
408 for (int i = 6; i < 6 + n; ++i) {
409 ASSERT_LABEL(dst[i], i_label);
410 assert(dfsan_get_label(dst[i]) == dfsan_get_label(src[i - 6]));
411 }
412 for (int i = 6 + n; i < strlen(s: dst); ++i) {
413 ASSERT_LABEL(dst[i], j_label);
414 }
415 ASSERT_LABEL(dst[11], j_label);
416}
417
418void test_strlen() {
419 char str1[] = "str1";
420 dfsan_set_label(label: i_label, addr: &str1[3], size: 1);
421
422 int rv = strlen(s: str1);
423 assert(rv == 4);
424#ifdef STRICT_DATA_DEPENDENCIES
425 ASSERT_ZERO_LABEL(rv);
426#else
427 ASSERT_LABEL(rv, i_label);
428 ASSERT_EQ_ORIGIN(rv, str1[3]);
429#endif
430}
431
432void test_strnlen() {
433 char str1[] = "str1";
434 dfsan_set_label(label: i_label, addr: &str1[3], size: 1);
435
436 int maxlen = 4;
437 dfsan_set_label(label: j_label, addr: &maxlen, size: sizeof(maxlen));
438
439 int rv = strnlen(string: str1, maxlen: maxlen);
440 assert(rv == 4);
441#ifdef STRICT_DATA_DEPENDENCIES
442 ASSERT_ZERO_LABEL(rv);
443#else
444 ASSERT_LABEL(rv, dfsan_union(i_label, j_label));
445 ASSERT_EQ_ORIGIN(rv, str1[3]);
446#endif
447
448 maxlen = 2;
449 dfsan_set_label(label: j_label, addr: &maxlen, size: sizeof(maxlen));
450 rv = strnlen(string: str1, maxlen: maxlen);
451 assert(rv == 2);
452#ifdef STRICT_DATA_DEPENDENCIES
453 ASSERT_ZERO_LABEL(rv);
454#else
455 ASSERT_LABEL(rv, j_label);
456 ASSERT_EQ_ORIGIN(rv, maxlen);
457#endif
458}
459
460void test_strdup() {
461 char str1[] = "str1";
462 dfsan_set_label(label: i_label, addr: &str1[3], size: 1);
463 DEFINE_AND_SAVE_ORIGINS(str1)
464
465 char *strd = strdup(s: str1);
466 ASSERT_ZERO_LABEL(strd);
467 ASSERT_ZERO_LABEL(strd[0]);
468 ASSERT_LABEL(strd[3], i_label);
469
470 for (int i = 0; i < strlen(s: strd); ++i) {
471 if (!dfsan_get_label(data: strd[i]))
472 continue;
473 ASSERT_INIT_ORIGIN(&(strd[i]), str1_o[i]);
474 }
475
476 free(ptr: strd);
477}
478
479void test_strncpy() {
480 char str1[] = "str1";
481 char str2[sizeof(str1)];
482 dfsan_set_label(label: i_label, addr: &str1[3], size: 1);
483
484 char *strd = strncpy(dest: str2, src: str1, n: 5);
485 assert(strd == str2);
486 assert(strcmp(str1, str2) == 0);
487 ASSERT_ZERO_LABEL(strd);
488 ASSERT_ZERO_LABEL(strd[0]);
489 ASSERT_ZERO_LABEL(strd[1]);
490 ASSERT_ZERO_LABEL(strd[2]);
491 ASSERT_LABEL(strd[3], i_label);
492 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&(strd[3]), str1[3]);
493
494 char *p2 = str2;
495 dfsan_set_label(label: j_label, addr: &p2, size: sizeof(p2));
496 strd = strncpy(dest: p2, src: str1, n: 3);
497 assert(strd == str2);
498 assert(strncmp(str1, str2, 3) == 0);
499 ASSERT_LABEL(strd, j_label);
500 ASSERT_EQ_ORIGIN(strd, p2);
501 // When -dfsan-combine-pointer-labels-on-load is on, strd's label propagates
502 // to strd[i]'s label. When ORIGIN_TRACKING is defined,
503 // -dfsan-combine-pointer-labels-on-load is always off, otherwise the flag
504 // is on by default.
505#if defined(ORIGIN_TRACKING)
506 ASSERT_ZERO_LABEL(strd[0]);
507 ASSERT_ZERO_LABEL(strd[1]);
508 ASSERT_ZERO_LABEL(strd[2]);
509#else
510 ASSERT_LABEL(strd[0], j_label);
511 ASSERT_LABEL(strd[1], j_label);
512 ASSERT_LABEL(strd[2], j_label);
513#endif
514}
515
516void test_strncmp() {
517 char str1[] = "str1", str2[] = "str2";
518 dfsan_set_label(label: i_label, addr: &str1[3], size: 1);
519 dfsan_set_label(label: j_label, addr: &str2[3], size: 1);
520
521 int rv = strncmp(s1: str1, s2: str2, n: sizeof(str1));
522 assert(rv < 0);
523#ifdef STRICT_DATA_DEPENDENCIES
524 ASSERT_ZERO_LABEL(rv);
525#else
526 ASSERT_LABEL(rv, dfsan_union(i_label, j_label));
527 ASSERT_EQ_ORIGIN(rv, str1[3]);
528#endif
529
530 rv = strncmp(s1: str1, s2: str2, n: 0);
531 assert(rv == 0);
532 ASSERT_ZERO_LABEL(rv);
533
534 rv = strncmp(s1: str1, s2: str2, n: 3);
535 assert(rv == 0);
536 ASSERT_ZERO_LABEL(rv);
537
538 rv = strncmp(s1: str1, s2: str1, n: 4);
539 assert(rv == 0);
540#ifdef STRICT_DATA_DEPENDENCIES
541 ASSERT_ZERO_LABEL(rv);
542#else
543 ASSERT_LABEL(rv, i_label);
544 ASSERT_EQ_ORIGIN(rv, str1[3]);
545#endif
546}
547
548void test_strcasecmp() {
549 char str1[] = "str1", str2[] = "str2", str3[] = "Str1";
550 dfsan_set_label(label: i_label, addr: &str1[3], size: 1);
551 dfsan_set_label(label: j_label, addr: &str2[3], size: 1);
552 dfsan_set_label(label: j_label, addr: &str3[2], size: 1);
553
554 int rv = strcasecmp(s1: str1, s2: str2);
555 assert(rv < 0);
556#ifdef STRICT_DATA_DEPENDENCIES
557 ASSERT_ZERO_LABEL(rv);
558#else
559 ASSERT_LABEL(rv, dfsan_union(i_label, j_label));
560 ASSERT_EQ_ORIGIN(rv, str1[3]);
561#endif
562
563 rv = strcasecmp(s1: str1, s2: str3);
564 assert(rv == 0);
565#ifdef STRICT_DATA_DEPENDENCIES
566 ASSERT_ZERO_LABEL(rv);
567#else
568 ASSERT_LABEL(rv, dfsan_union(i_label, j_label));
569 ASSERT_EQ_ORIGIN(rv, str1[3]);
570#endif
571
572 char s1[] = "AbZ";
573 char s2[] = "aBy";
574 dfsan_set_label(label: i_label, addr: &s1[2], size: 1);
575 dfsan_set_label(label: j_label, addr: &s2[2], size: 1);
576
577 rv = strcasecmp(s1: s1, s2: s2);
578 assert(rv > 0); // 'Z' > 'y'
579#ifdef STRICT_DATA_DEPENDENCIES
580 ASSERT_ZERO_LABEL(rv);
581#else
582 ASSERT_LABEL(rv, dfsan_union(i_label, j_label));
583 ASSERT_EQ_ORIGIN(rv, s1[2]);
584#endif
585}
586
587void test_strncasecmp() {
588 char str1[] = "Str1", str2[] = "str2";
589 dfsan_set_label(label: i_label, addr: &str1[3], size: 1);
590 dfsan_set_label(label: j_label, addr: &str2[3], size: 1);
591
592 int rv = strncasecmp(s1: str1, s2: str2, n: sizeof(str1));
593 assert(rv < 0);
594#ifdef STRICT_DATA_DEPENDENCIES
595 ASSERT_ZERO_LABEL(rv);
596#else
597 ASSERT_LABEL(rv, dfsan_union(i_label, j_label));
598 ASSERT_EQ_ORIGIN(rv, str1[3]);
599#endif
600
601 rv = strncasecmp(s1: str1, s2: str2, n: 3);
602 assert(rv == 0);
603 ASSERT_ZERO_LABEL(rv);
604
605 char s1[] = "AbZ";
606 char s2[] = "aBy";
607 dfsan_set_label(label: i_label, addr: &s1[2], size: 1);
608 dfsan_set_label(label: j_label, addr: &s2[2], size: 1);
609
610 rv = strncasecmp(s1: s1, s2: s2, n: 0);
611 assert(rv == 0); // Compare zero chars.
612 ASSERT_ZERO_LABEL(rv);
613
614 rv = strncasecmp(s1: s1, s2: s2, n: 1);
615 assert(rv == 0); // 'A' == 'a'
616 ASSERT_ZERO_LABEL(rv);
617
618 rv = strncasecmp(s1: s1, s2: s2, n: 2);
619 assert(rv == 0); // 'b' == 'B'
620 ASSERT_ZERO_LABEL(rv);
621
622 rv = strncasecmp(s1: s1, s2: s2, n: 3);
623 assert(rv > 0); // 'Z' > 'y'
624#ifdef STRICT_DATA_DEPENDENCIES
625 ASSERT_ZERO_LABEL(rv);
626#else
627 ASSERT_LABEL(rv, dfsan_union(i_label, j_label));
628 ASSERT_EQ_ORIGIN(rv, s1[2]);
629#endif
630}
631
632void test_strchr() {
633 char str1[] = "str1";
634 dfsan_set_label(label: i_label, addr: &str1[3], size: 1);
635
636 char *p1 = str1;
637 char c = 'r';
638 dfsan_set_label(label: k_label, addr: &c, size: sizeof(c));
639
640 char *crv = strchr(s: p1, c: c);
641 assert(crv == &str1[2]);
642#ifdef STRICT_DATA_DEPENDENCIES
643 ASSERT_ZERO_LABEL(crv);
644#else
645 ASSERT_LABEL(crv, k_label);
646 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&crv, c);
647#endif
648
649 dfsan_set_label(label: j_label, addr: &p1, size: sizeof(p1));
650 crv = strchr(s: p1, c: 'r');
651 assert(crv == &str1[2]);
652 ASSERT_LABEL(crv, j_label);
653 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&crv, p1);
654
655 crv = strchr(s: p1, c: '1');
656 assert(crv == &str1[3]);
657#ifdef STRICT_DATA_DEPENDENCIES
658 ASSERT_LABEL(crv, j_label);
659 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&crv, p1);
660#else
661 ASSERT_LABEL(crv, i_j_label);
662 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&crv, str1[3]);
663#endif
664
665 crv = strchr(s: p1, c: 'x');
666 assert(!crv);
667#ifdef STRICT_DATA_DEPENDENCIES
668 ASSERT_LABEL(crv, j_label);
669 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&crv, p1);
670#else
671 ASSERT_LABEL(crv, i_j_label);
672 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&crv, str1[3]);
673#endif
674
675 // `man strchr` says:
676 // The terminating null byte is considered part of the string, so that if c
677 // is specified as '\0', these functions return a pointer to the terminator.
678 crv = strchr(s: p1, c: '\0');
679 assert(crv == &str1[4]);
680#ifdef STRICT_DATA_DEPENDENCIES
681 ASSERT_LABEL(crv, j_label);
682 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&crv, p1);
683#else
684 ASSERT_LABEL(crv, i_j_label);
685 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&crv, str1[3]);
686#endif
687}
688
689void test_recvmmsg() {
690 int sockfds[2];
691 int ret = socketpair(AF_UNIX, SOCK_DGRAM, protocol: 0, fds: sockfds);
692 assert(ret != -1);
693
694 // Setup messages to send.
695 struct mmsghdr smmsg[2] = {};
696 char sbuf0[] = "abcdefghijkl";
697 struct iovec siov0[2] = {{.iov_base: &sbuf0[0], .iov_len: 4}, {.iov_base: &sbuf0[4], .iov_len: 4}};
698 smmsg[0].msg_hdr.msg_iov = siov0;
699 smmsg[0].msg_hdr.msg_iovlen = 2;
700 char sbuf1[] = "1234567890";
701 struct iovec siov1[1] = {{.iov_base: &sbuf1[0], .iov_len: 7}};
702 smmsg[1].msg_hdr.msg_iov = siov1;
703 smmsg[1].msg_hdr.msg_iovlen = 1;
704
705 // Send messages.
706 int sent_msgs = sendmmsg(fd: sockfds[0], vmessages: smmsg, vlen: 2, flags: 0);
707 assert(sent_msgs == 2);
708
709 // Setup receive buffers.
710 struct mmsghdr rmmsg[2] = {};
711 char rbuf0[128];
712 struct iovec riov0[2] = {{.iov_base: &rbuf0[0], .iov_len: 4}, {.iov_base: &rbuf0[4], .iov_len: 4}};
713 rmmsg[0].msg_hdr.msg_iov = riov0;
714 rmmsg[0].msg_hdr.msg_iovlen = 2;
715 char rbuf1[128];
716 struct iovec riov1[1] = {{.iov_base: &rbuf1[0], .iov_len: 16}};
717 rmmsg[1].msg_hdr.msg_iov = riov1;
718 rmmsg[1].msg_hdr.msg_iovlen = 1;
719 struct timespec timeout = {.tv_sec: 1, .tv_nsec: 1};
720 dfsan_set_label(label: i_label, addr: rbuf0, size: sizeof(rbuf0));
721 dfsan_set_label(label: i_label, addr: rbuf1, size: sizeof(rbuf1));
722 dfsan_set_label(label: i_label, addr: &rmmsg[0].msg_len, size: sizeof(rmmsg[0].msg_len));
723 dfsan_set_label(label: i_label, addr: &rmmsg[1].msg_len, size: sizeof(rmmsg[1].msg_len));
724 dfsan_set_label(label: i_label, addr: &timeout, size: sizeof(timeout));
725
726 dfsan_origin msg_len0_o = dfsan_get_origin(data: (long)(rmmsg[0].msg_len));
727 dfsan_origin msg_len1_o = dfsan_get_origin(data: (long)(rmmsg[1].msg_len));
728#ifndef ORIGIN_TRACKING
729 (void)msg_len0_o;
730 (void)msg_len1_o;
731#endif
732
733 // Receive messages and check labels.
734 int received_msgs = recvmmsg(fd: sockfds[1], vmessages: rmmsg, vlen: 2, flags: 0, tmo: &timeout);
735 assert(received_msgs == sent_msgs);
736 assert(rmmsg[0].msg_len == smmsg[0].msg_len);
737 assert(rmmsg[1].msg_len == smmsg[1].msg_len);
738 assert(memcmp(sbuf0, rbuf0, 8) == 0);
739 assert(memcmp(sbuf1, rbuf1, 7) == 0);
740 ASSERT_ZERO_LABEL(received_msgs);
741 ASSERT_ZERO_LABEL(rmmsg[0].msg_len);
742 ASSERT_ZERO_LABEL(rmmsg[1].msg_len);
743 ASSERT_READ_ZERO_LABEL(&rbuf0[0], 8);
744 ASSERT_READ_LABEL(&rbuf0[8], 1, i_label);
745 ASSERT_READ_ZERO_LABEL(&rbuf1[0], 7);
746 ASSERT_READ_LABEL(&rbuf1[7], 1, i_label);
747 ASSERT_LABEL(timeout.tv_sec, i_label);
748 ASSERT_LABEL(timeout.tv_nsec, i_label);
749
750 ASSERT_ORIGIN((long)(rmmsg[0].msg_len), msg_len0_o);
751 ASSERT_ORIGIN((long)(rmmsg[1].msg_len), msg_len1_o);
752
753 close(fd: sockfds[0]);
754 close(fd: sockfds[1]);
755}
756
757void test_recvmsg() {
758 int sockfds[2];
759 int ret = socketpair(AF_UNIX, SOCK_DGRAM, protocol: 0, fds: sockfds);
760 assert(ret != -1);
761
762 char sbuf[] = "abcdefghijkl";
763 struct iovec siovs[2] = {{.iov_base: &sbuf[0], .iov_len: 4}, {.iov_base: &sbuf[4], .iov_len: 4}};
764 struct msghdr smsg = {};
765 smsg.msg_iov = siovs;
766 smsg.msg_iovlen = 2;
767
768 ssize_t sent = sendmsg(fd: sockfds[0], message: &smsg, flags: 0);
769 assert(sent > 0);
770
771 char rbuf[128];
772 struct iovec riovs[2] = {{.iov_base: &rbuf[0], .iov_len: 4}, {.iov_base: &rbuf[4], .iov_len: 4}};
773 struct msghdr rmsg = {};
774 rmsg.msg_iov = riovs;
775 rmsg.msg_iovlen = 2;
776
777 dfsan_set_label(label: i_label, addr: rbuf, size: sizeof(rbuf));
778 dfsan_set_label(label: i_label, addr: &rmsg, size: sizeof(rmsg));
779
780 DEFINE_AND_SAVE_ORIGINS(rmsg)
781
782 ssize_t received = recvmsg(fd: sockfds[1], message: &rmsg, flags: 0);
783 assert(received == sent);
784 assert(memcmp(sbuf, rbuf, 8) == 0);
785 ASSERT_ZERO_LABEL(received);
786 ASSERT_READ_ZERO_LABEL(&rmsg, sizeof(rmsg));
787 ASSERT_READ_ZERO_LABEL(&rbuf[0], 8);
788 ASSERT_READ_LABEL(&rbuf[8], 1, i_label);
789
790 ASSERT_SAVED_ORIGINS(rmsg)
791
792 close(fd: sockfds[0]);
793 close(fd: sockfds[1]);
794}
795
796void test_read() {
797 char buf[16];
798 dfsan_set_label(label: i_label, addr: buf, size: 1);
799 dfsan_set_label(label: j_label, addr: buf + 15, size: 1);
800
801 DEFINE_AND_SAVE_ORIGINS(buf)
802 ASSERT_LABEL(buf[0], i_label);
803 ASSERT_LABEL(buf[15], j_label);
804
805 int fd = open(file: "/dev/zero", O_RDONLY);
806 int rv = read(fd: fd, buf: buf, nbytes: sizeof(buf));
807 assert(rv == sizeof(buf));
808 ASSERT_ZERO_LABEL(rv);
809 ASSERT_ZERO_LABEL(buf[0]);
810 ASSERT_ZERO_LABEL(buf[15]);
811 ASSERT_SAVED_ORIGINS(buf)
812 close(fd: fd);
813}
814
815void test_pread() {
816 char buf[16];
817 dfsan_set_label(label: i_label, addr: buf, size: 1);
818 dfsan_set_label(label: j_label, addr: buf + 15, size: 1);
819
820 DEFINE_AND_SAVE_ORIGINS(buf)
821 ASSERT_LABEL(buf[0], i_label);
822 ASSERT_LABEL(buf[15], j_label);
823
824 int fd = open(file: "/bin/sh", O_RDONLY);
825 int rv = pread(fd: fd, buf: buf, nbytes: sizeof(buf), offset: 0);
826 assert(rv == sizeof(buf));
827 ASSERT_ZERO_LABEL(rv);
828 ASSERT_ZERO_LABEL(buf[0]);
829 ASSERT_ZERO_LABEL(buf[15]);
830 ASSERT_SAVED_ORIGINS(buf)
831 close(fd: fd);
832}
833
834void test_dlopen() {
835 void *map = dlopen(NULL, RTLD_NOW);
836 assert(map);
837 ASSERT_ZERO_LABEL(map);
838 dlclose(handle: map);
839 map = dlopen(file: "/nonexistent", RTLD_NOW);
840 assert(!map);
841 ASSERT_ZERO_LABEL(map);
842}
843
844void test_clock_gettime() {
845 struct timespec tp;
846 dfsan_set_label(label: j_label, addr: ((char *)&tp) + 3, size: 1);
847 dfsan_origin origin = dfsan_get_origin(data: (long)(((char *)&tp)[3]));
848#ifndef ORIGIN_TRACKING
849 (void)origin;
850#endif
851 int t = clock_gettime(CLOCK_REALTIME, tp: &tp);
852 assert(t == 0);
853 ASSERT_ZERO_LABEL(t);
854 ASSERT_ZERO_LABEL(((char *)&tp)[3]);
855 ASSERT_ORIGIN(((char *)&tp)[3], origin);
856}
857
858void test_ctime_r() {
859 char *buf = (char*) malloc(size: 64);
860 time_t t = 0;
861
862 DEFINE_AND_SAVE_ORIGINS(buf)
863 dfsan_origin t_o = dfsan_get_origin(data: (long)t);
864
865 char *ret = ctime_r(timer: &t, buf: buf);
866 ASSERT_ZERO_LABEL(ret);
867 assert(buf == ret);
868 ASSERT_READ_ZERO_LABEL(buf, strlen(buf) + 1);
869 ASSERT_SAVED_ORIGINS(buf)
870
871 dfsan_set_label(label: i_label, addr: &t, size: sizeof(t));
872 t_o = dfsan_get_origin(data: (long)t);
873 ret = ctime_r(timer: &t, buf: buf);
874 ASSERT_ZERO_LABEL(ret);
875 ASSERT_READ_LABEL(buf, strlen(buf) + 1, i_label);
876 for (int i = 0; i < strlen(s: buf) + 1; ++i)
877 ASSERT_ORIGIN(buf[i], t_o);
878
879 t = 0;
880 dfsan_set_label(label: j_label, addr: &buf, size: sizeof(&buf));
881 dfsan_origin buf_ptr_o = dfsan_get_origin(data: (long)buf);
882#ifndef ORIGIN_TRACKING
883 (void)buf_ptr_o;
884#endif
885 ret = ctime_r(timer: &t, buf: buf);
886 ASSERT_LABEL(ret, j_label);
887 ASSERT_ORIGIN(ret, buf_ptr_o);
888 ASSERT_READ_ZERO_LABEL(buf, strlen(buf) + 1);
889 for (int i = 0; i < strlen(s: buf) + 1; ++i)
890 ASSERT_ORIGIN(buf[i], t_o);
891}
892
893static int write_callback_count = 0;
894static int last_fd;
895static const unsigned char *last_buf;
896static size_t last_count;
897
898void write_callback(int fd, const void *buf, size_t count) {
899 write_callback_count++;
900
901 last_fd = fd;
902 last_buf = (const unsigned char*) buf;
903 last_count = count;
904}
905
906void test_dfsan_set_write_callback() {
907 char a_buf[] = "Sample chars";
908 int a_buf_len = strlen(s: a_buf);
909
910 int fd = open(file: "/dev/null", O_WRONLY);
911
912 dfsan_set_write_callback(labeled_write_callback: write_callback);
913
914 write_callback_count = 0;
915
916 DEFINE_AND_SAVE_ORIGINS(a_buf)
917
918 // Callback should be invoked on every call to write().
919 int res = write(fd: fd, buf: a_buf, n: a_buf_len);
920 assert(write_callback_count == 1);
921 ASSERT_READ_ZERO_LABEL(&res, sizeof(res));
922 ASSERT_READ_ZERO_LABEL(&last_fd, sizeof(last_fd));
923 ASSERT_READ_ZERO_LABEL(last_buf, sizeof(last_buf));
924
925 for (int i = 0; i < a_buf_len; ++i)
926 ASSERT_ORIGIN(last_buf[i], a_buf_o[i]);
927
928 ASSERT_ZERO_ORIGINS(&last_count, sizeof(last_count));
929 last_fd = 0;
930 last_buf = 0;
931 last_count = 0;
932
933 char b_buf[] = "Other chars";
934 int b_buf_len = strlen(s: b_buf);
935 // Create a separate variable so we can taint the pointer.
936 // We would always get a shadow of 0 for b_buf because it is a constant.
937 const unsigned char *buf = (const unsigned char *)b_buf;
938
939 // Add a label to write() arguments. Check that the labels are readable from
940 // the values passed to the callback.
941 dfsan_set_label(label: i_label, addr: &fd, size: sizeof(fd));
942 dfsan_set_label(label: j_label, addr: &buf, size: sizeof(buf)); // ptr
943 dfsan_set_label(label: k_label, addr: &(b_buf[3]), size: 1); // content
944 dfsan_set_label(label: m_label, addr: &b_buf_len, size: sizeof(b_buf_len));
945
946 dfsan_origin fd_o = dfsan_get_origin(data: (long)fd);
947 dfsan_origin b_buf3_o = dfsan_get_origin(data: (long)(b_buf[3]));
948 dfsan_origin b_buf_len_o = dfsan_get_origin(data: (long)b_buf_len);
949#ifndef ORIGIN_TRACKING
950 (void)fd_o;
951 (void)b_buf3_o;
952 (void)b_buf_len_o;
953#endif
954 DEFINE_AND_SAVE_ORIGINS(b_buf)
955
956 res = write(fd: fd, buf: buf, n: b_buf_len);
957 assert(write_callback_count == 2);
958 assert(last_fd == fd);
959 assert(last_buf == (const unsigned char *)b_buf);
960 assert(last_count == b_buf_len);
961
962 ASSERT_READ_ZERO_LABEL(&res, sizeof(res));
963 ASSERT_READ_LABEL(&last_fd, sizeof(last_fd), i_label);
964 ASSERT_READ_LABEL(&last_buf, sizeof(&last_buf), j_label); // ptr
965 ASSERT_READ_LABEL(last_buf, last_count, k_label); // content
966 ASSERT_READ_LABEL(&last_buf[3], sizeof(last_buf[3]), k_label); // content
967 ASSERT_READ_LABEL(&last_count, sizeof(last_count), m_label);
968 ASSERT_ZERO_ORIGINS(&res, sizeof(res));
969 ASSERT_INIT_ORIGINS(&last_fd, sizeof(last_fd), fd_o);
970 ASSERT_INIT_ORIGINS(&last_buf[3], sizeof(last_buf[3]), b_buf3_o);
971
972 // Origins are assigned for every 4 contiguous 4-aligned bytes. After
973 // appending src to dst, origins of src can overwrite origins of dst if their
974 // application adddresses are within an aligned range. Other origins are not
975 // changed.
976 for (int i = 0; i < b_buf_len; ++i) {
977 size_t i_addr = size_t(&last_buf[i]);
978 if (((size_t(&last_buf[3]) & ~3UL) > i_addr) ||
979 (((size_t(&last_buf[3]) + 4) & ~3UL) <= i_addr))
980 ASSERT_ORIGIN(last_buf[i], b_buf_o[i]);
981 }
982
983 ASSERT_INIT_ORIGINS(&last_count, sizeof(last_count), b_buf_len_o);
984
985 dfsan_set_write_callback(NULL);
986}
987
988void test_fgets() {
989 char *buf = (char*) malloc(size: 128);
990 FILE *f = fopen(filename: "/etc/passwd", modes: "r");
991 dfsan_set_label(label: j_label, addr: buf, size: 1);
992 DEFINE_AND_SAVE_N_ORIGINS(buf, 128)
993
994 char *ret = fgets(s: buf, n: sizeof(buf), stream: f);
995 assert(ret == buf);
996 ASSERT_ZERO_LABEL(ret);
997 ASSERT_EQ_ORIGIN(ret, buf);
998 ASSERT_READ_ZERO_LABEL(buf, 128);
999 ASSERT_SAVED_N_ORIGINS(buf, 128)
1000
1001 dfsan_set_label(label: j_label, addr: &buf, size: sizeof(&buf));
1002 ret = fgets(s: buf, n: sizeof(buf), stream: f);
1003 ASSERT_LABEL(ret, j_label);
1004 ASSERT_EQ_ORIGIN(ret, buf);
1005 ASSERT_SAVED_N_ORIGINS(buf, 128)
1006
1007 fclose(stream: f);
1008 free(ptr: buf);
1009}
1010
1011void test_getcwd() {
1012 char buf[1024];
1013 char *ptr = buf;
1014 dfsan_set_label(label: i_label, addr: buf + 2, size: 2);
1015 DEFINE_AND_SAVE_ORIGINS(buf)
1016
1017 char* ret = getcwd(buf: buf, size: sizeof(buf));
1018 assert(ret == buf);
1019 assert(ret[0] == '/');
1020 ASSERT_ZERO_LABEL(ret);
1021 ASSERT_EQ_ORIGIN(ret, buf);
1022 ASSERT_READ_ZERO_LABEL(buf + 2, 2);
1023 ASSERT_SAVED_ORIGINS(buf)
1024
1025 dfsan_set_label(label: i_label, addr: &ptr, size: sizeof(ptr));
1026 ret = getcwd(buf: ptr, size: sizeof(buf));
1027 ASSERT_LABEL(ret, i_label);
1028 ASSERT_EQ_ORIGIN(ret, ptr);
1029 ASSERT_SAVED_ORIGINS(buf)
1030}
1031
1032void test_get_current_dir_name() {
1033 char* ret = get_current_dir_name();
1034 assert(ret);
1035 assert(ret[0] == '/');
1036 ASSERT_READ_ZERO_LABEL(ret, strlen(ret) + 1);
1037 ASSERT_ZERO_LABEL(ret);
1038}
1039
1040void test_getentropy() {
1041 char buf[64];
1042 dfsan_set_label(label: i_label, addr: buf + 2, size: 2);
1043 DEFINE_AND_SAVE_ORIGINS(buf)
1044#if __GLIBC_PREREQ(2, 25)
1045 // glibc >= 2.25 has getentropy()
1046 int ret = getentropy(buffer: buf, length: sizeof(buf));
1047 ASSERT_ZERO_LABEL(ret);
1048 if (ret == 0) {
1049 ASSERT_READ_ZERO_LABEL(buf + 2, 2);
1050 ASSERT_SAVED_ORIGINS(buf)
1051 }
1052#endif
1053}
1054
1055void test_gethostname() {
1056 char buf[1024];
1057 dfsan_set_label(label: i_label, addr: buf + 2, size: 2);
1058 DEFINE_AND_SAVE_ORIGINS(buf)
1059 int ret = gethostname(name: buf, len: sizeof(buf));
1060 assert(ret == 0);
1061 ASSERT_ZERO_LABEL(ret);
1062 ASSERT_READ_ZERO_LABEL(buf + 2, 2);
1063 ASSERT_SAVED_ORIGINS(buf)
1064}
1065
1066void test_getrlimit() {
1067 struct rlimit rlim;
1068 dfsan_set_label(label: i_label, addr: &rlim, size: sizeof(rlim));
1069 DEFINE_AND_SAVE_ORIGINS(rlim);
1070 int ret = getrlimit(RLIMIT_CPU, rlimits: &rlim);
1071 assert(ret == 0);
1072 ASSERT_ZERO_LABEL(ret);
1073 ASSERT_READ_ZERO_LABEL(&rlim, sizeof(rlim));
1074 ASSERT_SAVED_ORIGINS(rlim)
1075}
1076
1077void test_getrusage() {
1078 struct rusage usage;
1079 dfsan_set_label(label: i_label, addr: &usage, size: sizeof(usage));
1080 DEFINE_AND_SAVE_ORIGINS(usage);
1081 int ret = getrusage(RUSAGE_SELF, usage: &usage);
1082 assert(ret == 0);
1083 ASSERT_ZERO_LABEL(ret);
1084 ASSERT_READ_ZERO_LABEL(&usage, sizeof(usage));
1085 ASSERT_SAVED_ORIGINS(usage)
1086}
1087
1088void test_strcpy() {
1089 char src[] = "hello world";
1090 char dst[sizeof(src) + 2];
1091 char *p_dst = dst;
1092 dfsan_set_label(label: 0, addr: src, size: sizeof(src));
1093 dfsan_set_label(label: 0, addr: dst, size: sizeof(dst));
1094 dfsan_set_label(label: k_label, addr: &p_dst, size: sizeof(p_dst));
1095 dfsan_set_label(label: i_label, addr: src + 2, size: 1);
1096 dfsan_set_label(label: j_label, addr: src + 3, size: 1);
1097 dfsan_set_label(label: j_label, addr: dst + 4, size: 1);
1098 dfsan_set_label(label: i_label, addr: dst + 12, size: 1);
1099 char *ret = strcpy(dest: p_dst, src: src);
1100 assert(ret == dst);
1101 assert(strcmp(src, dst) == 0);
1102 ASSERT_LABEL(ret, k_label);
1103 ASSERT_EQ_ORIGIN(ret, p_dst);
1104 for (int i = 0; i < strlen(s: src) + 1; ++i) {
1105 assert(dfsan_get_label(dst[i]) == dfsan_get_label(src[i]));
1106 if (dfsan_get_label(data: dst[i]))
1107 assert(dfsan_get_init_origin(&dst[i]) == dfsan_get_origin(src[i]));
1108 }
1109 // Note: if strlen(src) + 1 were used instead to compute the first untouched
1110 // byte of dest, the label would be I|J. This is because strlen() might
1111 // return a non-zero label, and because by default pointer labels are not
1112 // ignored on loads.
1113 ASSERT_LABEL(dst[12], i_label);
1114}
1115
1116void test_strtol() {
1117 char non_number_buf[] = "ab ";
1118 char *endptr = NULL;
1119 long int ret = strtol(nptr: non_number_buf, endptr: &endptr, base: 10);
1120 assert(ret == 0);
1121 assert(endptr == non_number_buf);
1122 ASSERT_ZERO_LABEL(ret);
1123
1124 char buf[] = "1234578910";
1125 int base = 10;
1126 dfsan_set_label(label: k_label, addr: &base, size: sizeof(base));
1127 ret = strtol(nptr: buf, endptr: &endptr, base: base);
1128 assert(ret == 1234578910);
1129 assert(endptr == buf + 10);
1130 ASSERT_LABEL(ret, k_label);
1131 ASSERT_EQ_ORIGIN(ret, base);
1132
1133 dfsan_set_label(label: i_label, addr: buf + 1, size: 1);
1134 dfsan_set_label(label: j_label, addr: buf + 10, size: 1);
1135 ret = strtol(nptr: buf, endptr: &endptr, base: 10);
1136 assert(ret == 1234578910);
1137 assert(endptr == buf + 10);
1138 ASSERT_LABEL(ret, i_j_label);
1139 ASSERT_EQ_ORIGIN(ret, buf[1]);
1140}
1141
1142void test_strtoll() {
1143 char non_number_buf[] = "ab ";
1144 char *endptr = NULL;
1145 long long int ret = strtoll(nptr: non_number_buf, endptr: &endptr, base: 10);
1146 assert(ret == 0);
1147 assert(endptr == non_number_buf);
1148 ASSERT_ZERO_LABEL(ret);
1149
1150 char buf[] = "1234578910 ";
1151 int base = 10;
1152 dfsan_set_label(label: k_label, addr: &base, size: sizeof(base));
1153 ret = strtoll(nptr: buf, endptr: &endptr, base: base);
1154 assert(ret == 1234578910);
1155 assert(endptr == buf + 10);
1156 ASSERT_LABEL(ret, k_label);
1157 ASSERT_EQ_ORIGIN(ret, base);
1158
1159 dfsan_set_label(label: i_label, addr: buf + 1, size: 1);
1160 dfsan_set_label(label: j_label, addr: buf + 2, size: 1);
1161 ret = strtoll(nptr: buf, endptr: &endptr, base: 10);
1162 assert(ret == 1234578910);
1163 assert(endptr == buf + 10);
1164 ASSERT_LABEL(ret, i_j_label);
1165 ASSERT_EQ_ORIGIN(ret, buf[1]);
1166}
1167
1168void test_strtoul() {
1169 char non_number_buf[] = "xy ";
1170 char *endptr = NULL;
1171 long unsigned int ret = strtoul(nptr: non_number_buf, endptr: &endptr, base: 16);
1172 assert(ret == 0);
1173 assert(endptr == non_number_buf);
1174 ASSERT_ZERO_LABEL(ret);
1175
1176 char buf[] = "ffffffffffffaa";
1177 int base = 16;
1178 dfsan_set_label(label: k_label, addr: &base, size: sizeof(base));
1179 ret = strtoul(nptr: buf, endptr: &endptr, base: base);
1180 assert(ret == 72057594037927850);
1181 assert(endptr == buf + 14);
1182 ASSERT_LABEL(ret, k_label);
1183 ASSERT_EQ_ORIGIN(ret, base);
1184
1185 dfsan_set_label(label: i_label, addr: buf + 1, size: 1);
1186 dfsan_set_label(label: j_label, addr: buf + 2, size: 1);
1187 ret = strtoul(nptr: buf, endptr: &endptr, base: 16);
1188 assert(ret == 72057594037927850);
1189 assert(endptr == buf + 14);
1190 ASSERT_LABEL(ret, i_j_label);
1191 ASSERT_EQ_ORIGIN(ret, buf[1]);
1192}
1193
1194void test_strtoull() {
1195 char non_number_buf[] = "xy ";
1196 char *endptr = NULL;
1197 long long unsigned int ret = strtoull(nptr: non_number_buf, endptr: &endptr, base: 16);
1198 assert(ret == 0);
1199 assert(endptr == non_number_buf);
1200 ASSERT_ZERO_LABEL(ret);
1201
1202 char buf[] = "ffffffffffffffaa";
1203 int base = 16;
1204 dfsan_set_label(label: k_label, addr: &base, size: sizeof(base));
1205 ret = strtoull(nptr: buf, endptr: &endptr, base: base);
1206 assert(ret == 0xffffffffffffffaa);
1207 assert(endptr == buf + 16);
1208 ASSERT_LABEL(ret, k_label);
1209 ASSERT_EQ_ORIGIN(ret, base);
1210
1211 dfsan_set_label(label: i_label, addr: buf + 1, size: 1);
1212 dfsan_set_label(label: j_label, addr: buf + 2, size: 1);
1213 ret = strtoull(nptr: buf, endptr: &endptr, base: 16);
1214 assert(ret == 0xffffffffffffffaa);
1215 assert(endptr == buf + 16);
1216 ASSERT_LABEL(ret, i_j_label);
1217 ASSERT_EQ_ORIGIN(ret, buf[1]);
1218}
1219
1220void test_strtod() {
1221 char non_number_buf[] = "ab ";
1222 char *endptr = NULL;
1223 double ret = strtod(nptr: non_number_buf, endptr: &endptr);
1224 assert(ret == 0);
1225 assert(endptr == non_number_buf);
1226 ASSERT_ZERO_LABEL(ret);
1227
1228 char buf[] = "12345.76 foo";
1229 dfsan_set_label(label: i_label, addr: buf + 1, size: 1);
1230 dfsan_set_label(label: j_label, addr: buf + 6, size: 1);
1231 ret = strtod(nptr: buf, endptr: &endptr);
1232 assert(ret == 12345.76);
1233 assert(endptr == buf + 8);
1234 ASSERT_LABEL(ret, i_j_label);
1235 ASSERT_EQ_ORIGIN(ret, buf[1]);
1236}
1237
1238void test_time() {
1239 time_t t = 0;
1240 dfsan_set_label(label: i_label, addr: &t, size: 1);
1241 DEFINE_AND_SAVE_ORIGINS(t)
1242 time_t ret = time(timer: &t);
1243 assert(ret == t);
1244 assert(ret > 0);
1245 ASSERT_ZERO_LABEL(ret);
1246 ASSERT_ZERO_LABEL(t);
1247 ASSERT_SAVED_ORIGINS(t)
1248}
1249
1250void test_inet_pton() {
1251 char addr4[] = "127.0.0.1";
1252 dfsan_set_label(label: i_label, addr: addr4 + 3, size: 1);
1253 struct in_addr in4;
1254 int ret4 = inet_pton(AF_INET, cp: addr4, buf: &in4);
1255 assert(ret4 == 1);
1256 ASSERT_ZERO_LABEL(ret4);
1257 ASSERT_READ_LABEL(&in4, sizeof(in4), i_label);
1258 ASSERT_ORIGINS(&in4, sizeof(in4), dfsan_get_origin((long)(addr4[3])))
1259 assert(in4.s_addr == htonl(0x7f000001));
1260
1261 char addr6[] = "::1";
1262 dfsan_set_label(label: j_label, addr: addr6 + 3, size: 1);
1263 struct in6_addr in6;
1264 int ret6 = inet_pton(AF_INET6, cp: addr6, buf: &in6);
1265 assert(ret6 == 1);
1266 ASSERT_ZERO_LABEL(ret6);
1267 ASSERT_READ_LABEL(((char *) &in6) + sizeof(in6) - 1, 1, j_label);
1268 ASSERT_ORIGINS(&in6, sizeof(in6), dfsan_get_origin((long)(addr6[3])))
1269}
1270
1271void test_localtime_r() {
1272 time_t t0 = 1384800998;
1273 struct tm t1;
1274 dfsan_set_label(label: i_label, addr: &t0, size: sizeof(t0));
1275 dfsan_origin t0_o = dfsan_get_origin(data: (long)t0);
1276 struct tm *pt1 = &t1;
1277 dfsan_set_label(label: j_label, addr: &pt1, size: sizeof(pt1));
1278 dfsan_origin pt1_o = dfsan_get_origin(data: (long)pt1);
1279
1280#ifndef ORIGIN_TRACKING
1281 (void)t0_o;
1282 (void)pt1_o;
1283#endif
1284
1285 struct tm *ret = localtime_r(timer: &t0, tp: pt1);
1286 assert(ret == &t1);
1287 assert(t1.tm_min == 56);
1288 ASSERT_LABEL(ret, j_label);
1289 ASSERT_INIT_ORIGIN(&ret, pt1_o);
1290 ASSERT_READ_LABEL(&ret, sizeof(ret), j_label);
1291 ASSERT_LABEL(t1.tm_mon, i_label);
1292 ASSERT_ORIGIN(t1.tm_mon, t0_o);
1293}
1294
1295void test_getpwuid_r() {
1296 struct passwd pwd;
1297 char buf[1024];
1298 struct passwd *result;
1299
1300 dfsan_set_label(label: i_label, addr: &pwd, size: 4);
1301 DEFINE_AND_SAVE_ORIGINS(pwd)
1302 DEFINE_AND_SAVE_ORIGINS(buf)
1303 int ret = getpwuid_r(uid: 0, resultbuf: &pwd, buffer: buf, buflen: sizeof(buf), result: &result);
1304 assert(ret == 0);
1305 assert(strcmp(pwd.pw_name, "root") == 0);
1306 assert(result == &pwd);
1307 ASSERT_ZERO_LABEL(ret);
1308 ASSERT_READ_ZERO_LABEL(&pwd, 4);
1309 ASSERT_SAVED_ORIGINS(pwd)
1310 ASSERT_SAVED_ORIGINS(buf)
1311}
1312
1313void test_epoll_wait() {
1314 // Set up a pipe to monitor with epoll.
1315 int pipe_fds[2];
1316 int ret = pipe(pipedes: pipe_fds);
1317 assert(ret != -1);
1318
1319 // Configure epoll to monitor the pipe.
1320 int epfd = epoll_create1(flags: 0);
1321 assert(epfd != -1);
1322 struct epoll_event event;
1323 event.events = EPOLLIN;
1324 event.data.fd = pipe_fds[0];
1325 ret = epoll_ctl(epfd: epfd, EPOLL_CTL_ADD, fd: pipe_fds[0], event: &event);
1326 assert(ret != -1);
1327
1328 // Test epoll_wait when no events have occurred.
1329 event = {};
1330 dfsan_set_label(label: i_label, addr: &event, size: sizeof(event));
1331 DEFINE_AND_SAVE_ORIGINS(event)
1332 ret = epoll_wait(epfd: epfd, events: &event, /*maxevents=*/1, /*timeout=*/0);
1333 assert(ret == 0);
1334 assert(event.events == 0);
1335 assert(event.data.fd == 0);
1336 ASSERT_ZERO_LABEL(ret);
1337 ASSERT_READ_LABEL(&event, sizeof(event), i_label);
1338 ASSERT_SAVED_ORIGINS(event)
1339
1340 // Test epoll_wait when an event occurs.
1341 write(fd: pipe_fds[1], buf: "x", n: 1);
1342 ret = epoll_wait(epfd: epfd, events: &event, /*maxevents=*/1, /*timeout=*/0);
1343 assert(ret == 1);
1344 assert(event.events == EPOLLIN);
1345 assert(event.data.fd == pipe_fds[0]);
1346 ASSERT_ZERO_LABEL(ret);
1347 ASSERT_READ_ZERO_LABEL(&event, sizeof(event));
1348 ASSERT_SAVED_ORIGINS(event)
1349
1350 // Clean up.
1351 close(fd: epfd);
1352 close(fd: pipe_fds[0]);
1353 close(fd: pipe_fds[1]);
1354}
1355
1356void test_poll() {
1357 struct pollfd fd;
1358 fd.fd = 0;
1359 fd.events = POLLIN;
1360 dfsan_set_label(label: i_label, addr: &fd.revents, size: sizeof(fd.revents));
1361 DEFINE_AND_SAVE_ORIGINS(fd)
1362 int ret = poll(fds: &fd, nfds: 1, timeout: 1);
1363 ASSERT_ZERO_LABEL(ret);
1364 ASSERT_ZERO_LABEL(fd.revents);
1365 ASSERT_SAVED_ORIGINS(fd)
1366 assert(ret >= 0);
1367}
1368
1369void test_select() {
1370 struct timeval t;
1371 fd_set fds;
1372 t.tv_sec = 2;
1373 FD_SET(0, &fds);
1374 dfsan_set_label(label: i_label, addr: &fds, size: sizeof(fds));
1375 dfsan_set_label(label: j_label, addr: &t, size: sizeof(t));
1376 DEFINE_AND_SAVE_ORIGINS(fds)
1377 DEFINE_AND_SAVE_ORIGINS(t)
1378 int ret = select(nfds: 1, readfds: &fds, NULL, NULL, timeout: &t);
1379 assert(ret >= 0);
1380 ASSERT_ZERO_LABEL(ret);
1381 ASSERT_ZERO_LABEL(t.tv_sec);
1382 ASSERT_READ_ZERO_LABEL(&fds, sizeof(fds));
1383 ASSERT_SAVED_ORIGINS(fds)
1384 ASSERT_SAVED_ORIGINS(t)
1385}
1386
1387void test_sched_getaffinity() {
1388 cpu_set_t mask;
1389 dfsan_set_label(label: j_label, addr: &mask, size: 1);
1390 DEFINE_AND_SAVE_ORIGINS(mask)
1391 int ret = sched_getaffinity(pid: 0, cpusetsize: sizeof(mask), cpuset: &mask);
1392 assert(ret == 0);
1393 ASSERT_ZERO_LABEL(ret);
1394 ASSERT_READ_ZERO_LABEL(&mask, sizeof(mask));
1395 ASSERT_SAVED_ORIGINS(mask)
1396}
1397
1398void test_sigemptyset() {
1399 sigset_t set;
1400 dfsan_set_label(label: j_label, addr: &set, size: 1);
1401 DEFINE_AND_SAVE_ORIGINS(set)
1402 int ret = sigemptyset(set: &set);
1403 assert(ret == 0);
1404 ASSERT_ZERO_LABEL(ret);
1405 ASSERT_READ_ZERO_LABEL(&set, sizeof(set));
1406 ASSERT_SAVED_ORIGINS(set)
1407}
1408
1409static void SignalHandler(int signo) {}
1410
1411static void SignalAction(int signo, siginfo_t *si, void *uc) {}
1412
1413void test_sigaction() {
1414 struct sigaction newact_with_sigaction = {};
1415 newact_with_sigaction.sa_flags = SA_SIGINFO;
1416 newact_with_sigaction.sa_sigaction = SignalAction;
1417
1418 // Set sigaction to be SignalAction, save the last one into origin_act
1419 struct sigaction origin_act;
1420 dfsan_set_label(label: j_label, addr: &origin_act, size: 1);
1421 DEFINE_AND_SAVE_ORIGINS(origin_act)
1422 int ret = sigaction(SIGUSR1, act: &newact_with_sigaction, oact: &origin_act);
1423 assert(ret == 0);
1424 ASSERT_ZERO_LABEL(ret);
1425 ASSERT_READ_ZERO_LABEL(&origin_act, sizeof(origin_act));
1426 ASSERT_SAVED_ORIGINS(origin_act)
1427
1428 struct sigaction newact_with_sighandler = {};
1429 newact_with_sighandler.sa_handler = SignalHandler;
1430
1431 // Set sigaction to be SignalHandler, check the last one is SignalAction
1432 struct sigaction oldact;
1433 assert(0 == sigaction(SIGUSR1, &newact_with_sighandler, &oldact));
1434 assert(oldact.sa_sigaction == SignalAction);
1435 assert(oldact.sa_flags & SA_SIGINFO);
1436
1437 // Set SIG_IGN or SIG_DFL, and check the previous one is expected.
1438 newact_with_sighandler.sa_handler = SIG_IGN;
1439 assert(0 == sigaction(SIGUSR1, &newact_with_sighandler, &oldact));
1440 assert(oldact.sa_handler == SignalHandler);
1441 assert((oldact.sa_flags & SA_SIGINFO) == 0);
1442
1443 newact_with_sighandler.sa_handler = SIG_DFL;
1444 assert(0 == sigaction(SIGUSR1, &newact_with_sighandler, &oldact));
1445 assert(oldact.sa_handler == SIG_IGN);
1446 assert((oldact.sa_flags & SA_SIGINFO) == 0);
1447
1448 // Restore sigaction to the orginal setting, check the last one is SignalHandler
1449 assert(0 == sigaction(SIGUSR1, &origin_act, &oldact));
1450 assert(oldact.sa_handler == SIG_DFL);
1451 assert((oldact.sa_flags & SA_SIGINFO) == 0);
1452}
1453
1454void test_signal() {
1455 // Set signal to be SignalHandler, save the previous one into
1456 // old_signal_handler.
1457 sighandler_t old_signal_handler = signal(SIGHUP, handler: SignalHandler);
1458 ASSERT_ZERO_LABEL(old_signal_handler);
1459
1460 // Set SIG_IGN or SIG_DFL, and check the previous one is expected.
1461 assert(SignalHandler == signal(SIGHUP, SIG_DFL));
1462 assert(SIG_DFL == signal(SIGHUP, SIG_IGN));
1463
1464 // Restore signal to old_signal_handler.
1465 assert(SIG_IGN == signal(SIGHUP, old_signal_handler));
1466}
1467
1468void test_sigaltstack() {
1469 stack_t old_altstack = {};
1470 dfsan_set_label(label: j_label, addr: &old_altstack, size: sizeof(old_altstack));
1471 DEFINE_AND_SAVE_ORIGINS(old_altstack)
1472 int ret = sigaltstack(NULL, oss: &old_altstack);
1473 assert(ret == 0);
1474 ASSERT_ZERO_LABEL(ret);
1475 ASSERT_READ_ZERO_LABEL(&old_altstack, sizeof(old_altstack));
1476 ASSERT_SAVED_ORIGINS(old_altstack)
1477}
1478
1479void test_gettimeofday() {
1480 struct timeval tv;
1481 struct timezone tz;
1482 dfsan_set_label(label: i_label, addr: &tv, size: sizeof(tv));
1483 dfsan_set_label(label: j_label, addr: &tz, size: sizeof(tz));
1484 DEFINE_AND_SAVE_ORIGINS(tv)
1485 DEFINE_AND_SAVE_ORIGINS(tz)
1486 int ret = gettimeofday(tv: &tv, tz: &tz);
1487 assert(ret == 0);
1488 ASSERT_READ_ZERO_LABEL(&tv, sizeof(tv));
1489 ASSERT_READ_ZERO_LABEL(&tz, sizeof(tz));
1490 ASSERT_SAVED_ORIGINS(tv)
1491 ASSERT_SAVED_ORIGINS(tz)
1492}
1493
1494void *pthread_create_test_cb(void *p) {
1495 assert(p == (void *)1);
1496 ASSERT_ZERO_LABEL(p);
1497 return (void *)2;
1498}
1499
1500void test_pthread_create() {
1501 pthread_t pt;
1502 int create_ret = pthread_create(newthread: &pt, attr: 0, start_routine: pthread_create_test_cb, arg: (void *)1);
1503 assert(create_ret == 0);
1504 ASSERT_ZERO_LABEL(create_ret);
1505 void *cbrv;
1506 dfsan_set_label(label: i_label, addr: &cbrv, size: sizeof(cbrv));
1507 DEFINE_AND_SAVE_ORIGINS(cbrv)
1508 int joint_ret = pthread_join(th: pt, thread_return: &cbrv);
1509 assert(joint_ret == 0);
1510 assert(cbrv == (void *)2);
1511 ASSERT_ZERO_LABEL(joint_ret);
1512 ASSERT_ZERO_LABEL(cbrv);
1513 ASSERT_SAVED_ORIGINS(cbrv);
1514}
1515
1516// Tested by test_pthread_create(). This empty function is here to appease the
1517// check-wrappers script.
1518void test_pthread_join() {}
1519
1520int dl_iterate_phdr_test_cb(struct dl_phdr_info *info, size_t size,
1521 void *data) {
1522 assert(data == (void *)3);
1523 ASSERT_ZERO_LABEL(info);
1524 ASSERT_ZERO_LABEL(size);
1525 ASSERT_ZERO_LABEL(data);
1526 return 0;
1527}
1528
1529void test_dl_iterate_phdr() {
1530 dl_iterate_phdr(callback: dl_iterate_phdr_test_cb, data: (void *)3);
1531}
1532
1533// On glibc < 2.27, this symbol is not available. Mark it weak so we can skip
1534// testing in this case.
1535__attribute__((weak)) extern "C" void _dl_get_tls_static_info(size_t *sizep,
1536 size_t *alignp);
1537
1538void test__dl_get_tls_static_info() {
1539 if (!_dl_get_tls_static_info)
1540 return;
1541 size_t sizep = 0, alignp = 0;
1542 dfsan_set_label(label: i_label, addr: &sizep, size: sizeof(sizep));
1543 dfsan_set_label(label: i_label, addr: &alignp, size: sizeof(alignp));
1544 dfsan_origin sizep_o = dfsan_get_origin(data: sizep);
1545 dfsan_origin alignp_o = dfsan_get_origin(data: alignp);
1546#ifndef ORIGIN_TRACKING
1547 (void)sizep_o;
1548 (void)alignp_o;
1549#endif
1550 _dl_get_tls_static_info(sizep: &sizep, alignp: &alignp);
1551 ASSERT_ZERO_LABEL(sizep);
1552 ASSERT_ZERO_LABEL(alignp);
1553 ASSERT_ORIGIN(sizep, sizep_o);
1554 ASSERT_ORIGIN(alignp, alignp_o);
1555}
1556
1557void test_strrchr() {
1558 char str1[] = "str1str1";
1559
1560 char *p = str1;
1561 dfsan_set_label(label: j_label, addr: &p, size: sizeof(p));
1562
1563 char *rv = strrchr(s: p, c: 'r');
1564 assert(rv == &str1[6]);
1565 ASSERT_LABEL(rv, j_label);
1566 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, p);
1567
1568 char c = 'r';
1569 dfsan_set_label(label: k_label, addr: &c, size: sizeof(c));
1570 rv = strrchr(s: str1, c: c);
1571 assert(rv == &str1[6]);
1572#ifdef STRICT_DATA_DEPENDENCIES
1573 ASSERT_ZERO_LABEL(rv);
1574#else
1575 ASSERT_LABEL(rv, k_label);
1576 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, c);
1577#endif
1578
1579 dfsan_set_label(label: i_label, addr: &str1[7], size: 1);
1580
1581 rv = strrchr(s: str1, c: 'r');
1582 assert(rv == &str1[6]);
1583#ifdef STRICT_DATA_DEPENDENCIES
1584 ASSERT_ZERO_LABEL(rv);
1585#else
1586 ASSERT_LABEL(rv, i_label);
1587 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, str1[7]);
1588#endif
1589}
1590
1591void test_strstr() {
1592 char str1[] = "str1str1";
1593
1594 char *p1 = str1;
1595 dfsan_set_label(label: k_label, addr: &p1, size: sizeof(p1));
1596 char *rv = strstr(haystack: p1, needle: "1s");
1597 assert(rv == &str1[3]);
1598 ASSERT_LABEL(rv, k_label);
1599 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, p1);
1600
1601 char str2[] = "1s";
1602 char *p2 = str2;
1603 dfsan_set_label(label: m_label, addr: &p2, size: sizeof(p2));
1604 rv = strstr(haystack: str1, needle: p2);
1605 assert(rv == &str1[3]);
1606#ifdef STRICT_DATA_DEPENDENCIES
1607 ASSERT_ZERO_LABEL(rv);
1608#else
1609 ASSERT_LABEL(rv, m_label);
1610 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, p2);
1611#endif
1612
1613 dfsan_set_label(label: n_label, addr: &str2[0], size: 1);
1614 rv = strstr(haystack: str1, needle: str2);
1615 assert(rv == &str1[3]);
1616#ifdef STRICT_DATA_DEPENDENCIES
1617 ASSERT_ZERO_LABEL(rv);
1618#else
1619 ASSERT_LABEL(rv, n_label);
1620 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, str2[0]);
1621#endif
1622
1623 dfsan_set_label(label: i_label, addr: &str1[3], size: 1);
1624 dfsan_set_label(label: j_label, addr: &str1[5], size: 1);
1625
1626 rv = strstr(haystack: str1, needle: "1s");
1627 assert(rv == &str1[3]);
1628#ifdef STRICT_DATA_DEPENDENCIES
1629 ASSERT_ZERO_LABEL(rv);
1630#else
1631 ASSERT_LABEL(rv, i_label);
1632 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, str1[3]);
1633#endif
1634
1635 rv = strstr(haystack: str1, needle: "2s");
1636 assert(rv == NULL);
1637#ifdef STRICT_DATA_DEPENDENCIES
1638 ASSERT_ZERO_LABEL(rv);
1639#else
1640 ASSERT_LABEL(rv, i_j_label);
1641 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, str1[3]);
1642#endif
1643}
1644
1645void test_strpbrk() {
1646 char s[] = "abcdefg";
1647 char accept[] = "123fd";
1648
1649 char *p_s = s;
1650 char *p_accept = accept;
1651
1652 dfsan_set_label(label: n_label, addr: &p_accept, size: sizeof(p_accept));
1653
1654 char *rv = strpbrk(s: p_s, accept: p_accept);
1655 assert(rv == &s[3]);
1656#ifdef STRICT_DATA_DEPENDENCIES
1657 ASSERT_ZERO_LABEL(rv);
1658#else
1659 ASSERT_LABEL(rv, n_label);
1660 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, p_accept);
1661#endif
1662
1663 dfsan_set_label(label: m_label, addr: &p_s, size: sizeof(p_s));
1664
1665 rv = strpbrk(s: p_s, accept: p_accept);
1666 assert(rv == &s[3]);
1667#ifdef STRICT_DATA_DEPENDENCIES
1668 ASSERT_LABEL(rv, m_label);
1669 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, p_s);
1670#else
1671 ASSERT_LABEL(rv, dfsan_union(m_label, n_label));
1672 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, p_s);
1673#endif
1674
1675 dfsan_set_label(label: i_label, addr: &s[5], size: 1);
1676 dfsan_set_label(label: j_label, addr: &accept[1], size: 1);
1677
1678 rv = strpbrk(s: s, accept: accept);
1679 assert(rv == &s[3]);
1680#ifdef STRICT_DATA_DEPENDENCIES
1681 ASSERT_ZERO_LABEL(rv);
1682#else
1683 ASSERT_LABEL(rv, j_label);
1684 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, accept[1]);
1685#endif
1686
1687 char *ps = s;
1688 dfsan_set_label(label: j_label, addr: &ps, size: sizeof(ps));
1689
1690 rv = strpbrk(s: ps, accept: "123gf");
1691 assert(rv == &s[5]);
1692#ifdef STRICT_DATA_DEPENDENCIES
1693 ASSERT_LABEL(rv, j_label);
1694#else
1695 ASSERT_LABEL(rv, i_j_label);
1696 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, s[5]);
1697#endif
1698
1699 rv = strpbrk(s: ps, accept: "123");
1700 assert(rv == NULL);
1701#ifdef STRICT_DATA_DEPENDENCIES
1702 ASSERT_ZERO_LABEL(rv);
1703#else
1704 ASSERT_LABEL(rv, i_j_label);
1705 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, s[5]);
1706#endif
1707}
1708
1709void test_strsep() {
1710 char *s = strdup(s: "Hello world/");
1711 char *delim = strdup(s: " /");
1712
1713 char *p_s = s;
1714 char *base = s;
1715 char *p_delim = delim;
1716
1717 // taint delim bytes
1718 dfsan_set_label(label: i_label, addr: p_delim, size: strlen(s: p_delim));
1719 // taint delim pointer
1720 dfsan_set_label(label: j_label, addr: &p_delim, size: sizeof(p_delim));
1721 // taint the string data bytes
1722 dfsan_set_label(label: k_label, addr: s, size: 5);
1723 // taint the string pointer
1724 dfsan_set_label(label: m_label, addr: &p_s, size: sizeof(p_s));
1725
1726 char *rv = strsep(stringp: &p_s, delim: p_delim);
1727 assert(rv == &base[0]);
1728#ifdef STRICT_DATA_DEPENDENCIES
1729 ASSERT_LABEL(rv, m_label);
1730 ASSERT_READ_LABEL(rv, strlen(rv), k_label);
1731#else
1732 ASSERT_LABEL(rv, dfsan_union(dfsan_union(i_label, j_label),
1733 dfsan_union(k_label, m_label)));
1734 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, p_s);
1735#endif
1736
1737 // taint the remaining string's pointer
1738 char **pp_s = &p_s;
1739 char **pp_s_base = pp_s;
1740 dfsan_set_label(label: n_label, addr: pp_s, size: sizeof(pp_s));
1741
1742 rv = strsep(stringp: pp_s, delim: p_delim);
1743
1744 assert(rv == &base[6]);
1745#ifdef STRICT_DATA_DEPENDENCIES
1746 ASSERT_LABEL(rv, n_label);
1747 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, *pp_s);
1748#else
1749 ASSERT_LABEL(rv, dfsan_union(dfsan_union(i_label, j_label), n_label));
1750 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, *pp_s);
1751#endif
1752}
1753
1754void test_memchr() {
1755 char str1[] = "str1";
1756 dfsan_set_label(label: i_label, addr: &str1[3], size: 1);
1757 dfsan_set_label(label: j_label, addr: &str1[4], size: 1);
1758
1759 char *crv = (char *) memchr(s: str1, c: 'r', n: sizeof(str1));
1760 assert(crv == &str1[2]);
1761 ASSERT_ZERO_LABEL(crv);
1762
1763 char c = 'r';
1764 dfsan_set_label(label: k_label, addr: &c, size: sizeof(c));
1765 crv = (char *)memchr(s: str1, c: c, n: sizeof(str1));
1766 assert(crv == &str1[2]);
1767#ifdef STRICT_DATA_DEPENDENCIES
1768 ASSERT_ZERO_LABEL(crv);
1769#else
1770 ASSERT_LABEL(crv, k_label);
1771 ASSERT_EQ_ORIGIN(crv, c);
1772#endif
1773
1774 char *ptr = str1;
1775 dfsan_set_label(label: k_label, addr: &ptr, size: sizeof(ptr));
1776 crv = (char *)memchr(s: ptr, c: 'r', n: sizeof(str1));
1777 assert(crv == &str1[2]);
1778 ASSERT_LABEL(crv, k_label);
1779 ASSERT_EQ_ORIGIN(crv, ptr);
1780
1781 crv = (char *) memchr(s: str1, c: '1', n: sizeof(str1));
1782 assert(crv == &str1[3]);
1783#ifdef STRICT_DATA_DEPENDENCIES
1784 ASSERT_ZERO_LABEL(crv);
1785#else
1786 ASSERT_LABEL(crv, i_label);
1787 ASSERT_EQ_ORIGIN(crv, str1[3]);
1788#endif
1789
1790 crv = (char *) memchr(s: str1, c: 'x', n: sizeof(str1));
1791 assert(!crv);
1792#ifdef STRICT_DATA_DEPENDENCIES
1793 ASSERT_ZERO_LABEL(crv);
1794#else
1795 ASSERT_LABEL(crv, i_j_label);
1796 ASSERT_EQ_ORIGIN(crv, str1[3]);
1797#endif
1798}
1799
1800void alarm_handler(int unused) {
1801 ;
1802}
1803
1804void test_nanosleep() {
1805 struct timespec req, rem;
1806 req.tv_sec = 1;
1807 req.tv_nsec = 0;
1808 dfsan_set_label(label: i_label, addr: &rem, size: sizeof(rem));
1809 DEFINE_AND_SAVE_ORIGINS(rem)
1810
1811 // non interrupted
1812 int rv = nanosleep(requested_time: &req, remaining: &rem);
1813 assert(rv == 0);
1814 ASSERT_ZERO_LABEL(rv);
1815 ASSERT_READ_LABEL(&rem, 1, i_label);
1816 ASSERT_SAVED_ORIGINS(rem)
1817
1818 // interrupted by an alarm
1819 signal(SIGALRM, handler: alarm_handler);
1820 req.tv_sec = 3;
1821 alarm(seconds: 1);
1822 rv = nanosleep(requested_time: &req, remaining: &rem);
1823 assert(rv == -1);
1824 ASSERT_ZERO_LABEL(rv);
1825 ASSERT_READ_ZERO_LABEL(&rem, sizeof(rem));
1826 ASSERT_SAVED_ORIGINS(rem)
1827}
1828
1829void test_socketpair() {
1830 int fd[2];
1831 dfsan_origin fd_o[2];
1832
1833 dfsan_set_label(label: i_label, addr: fd, size: sizeof(fd));
1834 fd_o[0] = dfsan_get_origin(data: (long)(fd[0]));
1835 fd_o[1] = dfsan_get_origin(data: (long)(fd[1]));
1836 int rv = socketpair(PF_LOCAL, SOCK_STREAM, protocol: 0, fds: fd);
1837 assert(rv == 0);
1838 ASSERT_ZERO_LABEL(rv);
1839 ASSERT_READ_ZERO_LABEL(fd, sizeof(fd));
1840 ASSERT_ORIGIN(fd[0], fd_o[0]);
1841 ASSERT_ORIGIN(fd[1], fd_o[1]);
1842}
1843
1844void test_getpeername() {
1845 int sockfds[2];
1846 int ret = socketpair(AF_UNIX, SOCK_DGRAM, protocol: 0, fds: sockfds);
1847 assert(ret != -1);
1848
1849 struct sockaddr addr = {};
1850 socklen_t addrlen = sizeof(addr);
1851 dfsan_set_label(label: i_label, addr: &addr, size: addrlen);
1852 dfsan_set_label(label: i_label, addr: &addrlen, size: sizeof(addrlen));
1853 DEFINE_AND_SAVE_ORIGINS(addr)
1854 DEFINE_AND_SAVE_ORIGINS(addrlen)
1855
1856 ret = getpeername(fd: sockfds[0], addr: &addr, len: &addrlen);
1857 assert(ret != -1);
1858 ASSERT_ZERO_LABEL(ret);
1859 ASSERT_ZERO_LABEL(addrlen);
1860 assert(addrlen < sizeof(addr));
1861 ASSERT_READ_ZERO_LABEL(&addr, addrlen);
1862 ASSERT_READ_LABEL(((char *)&addr) + addrlen, 1, i_label);
1863 ASSERT_SAVED_ORIGINS(addr)
1864 ASSERT_SAVED_ORIGINS(addrlen)
1865
1866 close(fd: sockfds[0]);
1867 close(fd: sockfds[1]);
1868}
1869
1870void test_getsockname() {
1871 int sockfd = socket(AF_UNIX, SOCK_DGRAM, protocol: 0);
1872 assert(sockfd != -1);
1873
1874 struct sockaddr addr = {};
1875 socklen_t addrlen = sizeof(addr);
1876 dfsan_set_label(label: i_label, addr: &addr, size: addrlen);
1877 dfsan_set_label(label: i_label, addr: &addrlen, size: sizeof(addrlen));
1878 DEFINE_AND_SAVE_ORIGINS(addr)
1879 DEFINE_AND_SAVE_ORIGINS(addrlen)
1880 int ret = getsockname(fd: sockfd, addr: &addr, len: &addrlen);
1881 assert(ret != -1);
1882 ASSERT_ZERO_LABEL(ret);
1883 ASSERT_ZERO_LABEL(addrlen);
1884 assert(addrlen < sizeof(addr));
1885 ASSERT_READ_ZERO_LABEL(&addr, addrlen);
1886 ASSERT_READ_LABEL(((char *)&addr) + addrlen, 1, i_label);
1887 ASSERT_SAVED_ORIGINS(addr)
1888 ASSERT_SAVED_ORIGINS(addrlen)
1889
1890 close(fd: sockfd);
1891}
1892
1893void test_getsockopt() {
1894 int sockfd = socket(AF_UNIX, SOCK_DGRAM, protocol: 0);
1895 assert(sockfd != -1);
1896
1897 int optval[2] = {-1, -1};
1898 socklen_t optlen = sizeof(optval);
1899 dfsan_set_label(label: i_label, addr: &optval, size: sizeof(optval));
1900 dfsan_set_label(label: i_label, addr: &optlen, size: sizeof(optlen));
1901 DEFINE_AND_SAVE_ORIGINS(optval)
1902 DEFINE_AND_SAVE_ORIGINS(optlen)
1903 int ret = getsockopt(fd: sockfd, SOL_SOCKET, SO_KEEPALIVE, optval: &optval, optlen: &optlen);
1904 assert(ret != -1);
1905 assert(optlen == sizeof(int));
1906 assert(optval[0] == 0);
1907 assert(optval[1] == -1);
1908 ASSERT_ZERO_LABEL(ret);
1909 ASSERT_ZERO_LABEL(optlen);
1910 ASSERT_ZERO_LABEL(optval[0]);
1911 ASSERT_LABEL(optval[1], i_label);
1912 ASSERT_SAVED_ORIGINS(optval)
1913 ASSERT_SAVED_ORIGINS(optlen)
1914
1915 close(fd: sockfd);
1916}
1917
1918void test_write() {
1919 int fd = open(file: "/dev/null", O_WRONLY);
1920
1921 char buf[] = "a string";
1922 int len = strlen(s: buf);
1923
1924 // The result of a write always unlabeled.
1925 int res = write(fd: fd, buf: buf, n: len);
1926 assert(res > 0);
1927 ASSERT_ZERO_LABEL(res);
1928
1929 // Label all arguments to write().
1930 dfsan_set_label(label: i_label, addr: &(buf[3]), size: 1);
1931 dfsan_set_label(label: j_label, addr: &fd, size: sizeof(fd));
1932 dfsan_set_label(label: k_label, addr: &len, size: sizeof(len));
1933
1934 // The value returned by write() should have no label.
1935 res = write(fd: fd, buf: buf, n: len);
1936 ASSERT_ZERO_LABEL(res);
1937
1938 close(fd: fd);
1939}
1940
1941template <class T>
1942void test_sprintf_chunk(const char* expected, const char* format, T arg) {
1943 char buf[512];
1944 memset(s: buf, c: 'a', n: sizeof(buf));
1945
1946 char padded_expected[512];
1947 strcpy(dest: padded_expected, src: "foo ");
1948 strcat(dest: padded_expected, src: expected);
1949 strcat(dest: padded_expected, src: " bar");
1950
1951 char padded_format[512];
1952 strcpy(dest: padded_format, src: "foo ");
1953 strcat(dest: padded_format, src: format);
1954 strcat(dest: padded_format, src: " bar");
1955
1956 // Non labelled arg.
1957 assert(sprintf(buf, padded_format, arg) == strlen(padded_expected));
1958 assert(strcmp(buf, padded_expected) == 0);
1959 ASSERT_READ_LABEL(buf, strlen(padded_expected), 0);
1960 memset(s: buf, c: 'a', n: sizeof(buf));
1961
1962 // Labelled arg.
1963 dfsan_set_label(i_label, &arg, sizeof(arg));
1964 dfsan_origin a_o = dfsan_get_origin(data: (long)(arg));
1965#ifndef ORIGIN_TRACKING
1966 (void)a_o;
1967#endif
1968 assert(sprintf(buf, padded_format, arg) == strlen(padded_expected));
1969 assert(strcmp(buf, padded_expected) == 0);
1970 ASSERT_READ_LABEL(buf, 4, 0);
1971 ASSERT_READ_LABEL(buf + 4, strlen(padded_expected) - 8, i_label);
1972 ASSERT_INIT_ORIGINS(buf + 4, strlen(padded_expected) - 8, a_o);
1973 ASSERT_READ_LABEL(buf + (strlen(padded_expected) - 4), 4, 0);
1974}
1975
1976void test_sprintf() {
1977 char buf[2048];
1978 memset(s: buf, c: 'a', n: sizeof(buf));
1979
1980 // Test formatting (no conversion specifier).
1981 assert(sprintf(buf, "Hello world!") == 12);
1982 assert(strcmp(buf, "Hello world!") == 0);
1983 ASSERT_READ_LABEL(buf, sizeof(buf), 0);
1984
1985 // Test for extra arguments.
1986 assert(sprintf(buf, "Hello world!", 42, "hello") == 12);
1987 assert(strcmp(buf, "Hello world!") == 0);
1988 ASSERT_READ_LABEL(buf, sizeof(buf), 0);
1989
1990 // Test formatting & label propagation (multiple conversion specifiers): %s,
1991 // %d, %n, %f, and %%.
1992 const char* s = "world";
1993 int m = 8;
1994 int d = 27;
1995 dfsan_set_label(label: k_label, addr: (void *) (s + 1), size: 2);
1996 dfsan_origin s_o = dfsan_get_origin(data: (long)(s[1]));
1997 dfsan_set_label(label: i_label, addr: &m, size: sizeof(m));
1998 dfsan_origin m_o = dfsan_get_origin(data: (long)m);
1999 dfsan_set_label(label: j_label, addr: &d, size: sizeof(d));
2000 dfsan_origin d_o = dfsan_get_origin(data: (long)d);
2001#ifndef ORIGIN_TRACKING
2002 (void)s_o;
2003 (void)m_o;
2004 (void)d_o;
2005#endif
2006 int n;
2007 int r = sprintf(s: buf, format: "hello %s, %-d/%d/%d %f %% %n%d", s, 2014, m, d,
2008 12345.6781234, &n, 1000);
2009 assert(r == 42);
2010 assert(strcmp(buf, "hello world, 2014/8/27 12345.678123 % 1000") == 0);
2011 ASSERT_READ_LABEL(buf, 7, 0);
2012 ASSERT_READ_LABEL(buf + 7, 2, k_label);
2013 ASSERT_INIT_ORIGINS(buf + 7, 2, s_o);
2014 ASSERT_READ_LABEL(buf + 9, 9, 0);
2015 ASSERT_READ_LABEL(buf + 18, 1, i_label);
2016 ASSERT_INIT_ORIGINS(buf + 18, 1, m_o);
2017 ASSERT_READ_LABEL(buf + 19, 1, 0);
2018 ASSERT_READ_LABEL(buf + 20, 2, j_label);
2019 ASSERT_INIT_ORIGINS(buf + 20, 2, d_o);
2020 ASSERT_READ_LABEL(buf + 22, 15, 0);
2021 ASSERT_LABEL(r, 0);
2022 assert(n == 38);
2023
2024 // Test formatting & label propagation (single conversion specifier, with
2025 // additional length and precision modifiers).
2026 test_sprintf_chunk(expected: "-559038737", format: "%d", arg: 0xdeadbeef);
2027 test_sprintf_chunk(expected: "3735928559", format: "%u", arg: 0xdeadbeef);
2028 test_sprintf_chunk(expected: "12345", format: "%i", arg: 12345);
2029 test_sprintf_chunk(expected: "751", format: "%o", arg: 0751);
2030 test_sprintf_chunk(expected: "babe", format: "%x", arg: 0xbabe);
2031 test_sprintf_chunk(expected: "0000BABE", format: "%.8X", arg: 0xbabe);
2032 test_sprintf_chunk(expected: "-17", format: "%hhd", arg: 0xdeadbeef);
2033 test_sprintf_chunk(expected: "-16657", format: "%hd", arg: 0xdeadbeef);
2034 test_sprintf_chunk(expected: "deadbeefdeadbeef", format: "%lx", arg: 0xdeadbeefdeadbeef);
2035 test_sprintf_chunk(expected: "0xdeadbeefdeadbeef", format: "%p",
2036 arg: (void *) 0xdeadbeefdeadbeef);
2037 test_sprintf_chunk(expected: "18446744073709551615", format: "%ju", arg: (intmax_t) -1);
2038 test_sprintf_chunk(expected: "18446744073709551615", format: "%zu", arg: (size_t) -1);
2039 test_sprintf_chunk(expected: "18446744073709551615", format: "%tu", arg: (size_t) -1);
2040
2041 test_sprintf_chunk(expected: "0x1.f9acffa7eb6bfp-4", format: "%a", arg: 0.123456);
2042 test_sprintf_chunk(expected: "0X1.F9ACFFA7EB6BFP-4", format: "%A", arg: 0.123456);
2043 test_sprintf_chunk(expected: "0.12346", format: "%.5f", arg: 0.123456);
2044 test_sprintf_chunk(expected: "0.123456", format: "%g", arg: 0.123456);
2045 test_sprintf_chunk(expected: "1.234560e-01", format: "%e", arg: 0.123456);
2046 test_sprintf_chunk(expected: "1.234560E-01", format: "%E", arg: 0.123456);
2047 test_sprintf_chunk(expected: "0.1234567891234560", format: "%.16Lf",
2048 arg: (long double) 0.123456789123456);
2049
2050 test_sprintf_chunk(expected: "z", format: "%c", arg: 'z');
2051
2052 // %n, %s, %d, %f, and %% already tested
2053
2054 // Test formatting with width passed as an argument.
2055 r = sprintf(s: buf, format: "hi %*d my %*s friend %.*f", 3, 1, 6, "dear", 4, 3.14159265359);
2056 assert(r == 30);
2057 assert(strcmp(buf, "hi 1 my dear friend 3.1416") == 0);
2058}
2059
2060void test_snprintf() {
2061 char buf[2048];
2062 memset(s: buf, c: 'a', n: sizeof(buf));
2063 dfsan_set_label(label: 0, addr: buf, size: sizeof(buf));
2064 const char* s = "world";
2065 int y = 2014;
2066 int m = 8;
2067 int d = 27;
2068 dfsan_set_label(label: k_label, addr: (void *) (s + 1), size: 2);
2069 dfsan_origin s_o = dfsan_get_origin(data: (long)(s[1]));
2070 dfsan_set_label(label: i_label, addr: &y, size: sizeof(y));
2071 dfsan_origin y_o = dfsan_get_origin(data: (long)y);
2072 dfsan_set_label(label: j_label, addr: &m, size: sizeof(m));
2073 dfsan_origin m_o = dfsan_get_origin(data: (long)m);
2074#ifndef ORIGIN_TRACKING
2075 (void)s_o;
2076 (void)y_o;
2077 (void)m_o;
2078#endif
2079 int r = snprintf(s: buf, maxlen: 19, format: "hello %s, %-d/ %d/%d %f", s, y, m, d,
2080 12345.6781234);
2081 // The return value is the number of bytes that would have been written to
2082 // the final string if enough space had been available.
2083 assert(r == 38);
2084 assert(memcmp(buf, "hello world, 2014/", 19) == 0);
2085 ASSERT_READ_LABEL(buf, 7, 0);
2086 ASSERT_READ_LABEL(buf + 7, 2, k_label);
2087 ASSERT_INIT_ORIGINS(buf + 7, 2, s_o);
2088 ASSERT_READ_LABEL(buf + 9, 4, 0);
2089 ASSERT_READ_LABEL(buf + 13, 4, i_label);
2090 ASSERT_INIT_ORIGINS(buf + 13, 4, y_o);
2091 ASSERT_READ_LABEL(buf + 17, 2, 0);
2092 ASSERT_LABEL(r, 0);
2093}
2094
2095template <class T>
2096void test_sscanf_chunk(T expected, const char *format, char *input,
2097 int items_num) {
2098 char padded_input[512];
2099 strcpy(dest: padded_input, src: "foo ");
2100 strcat(dest: padded_input, src: input);
2101 strcpy(dest: padded_input, src: "@");
2102 strcat(dest: padded_input, src: input);
2103 strcat(dest: padded_input, src: " bar");
2104
2105 char padded_format[512];
2106 strcpy(dest: padded_format, src: "foo ");
2107 // Swap the first '%' for '%*' so this input is skipped.
2108 strcpy(dest: padded_format, src: "%*");
2109 strcat(dest: padded_format, src: format + 1);
2110 strcpy(dest: padded_format, src: "@");
2111 strcat(dest: padded_format, src: format);
2112 strcat(dest: padded_format, src: " bar");
2113
2114 char *s = padded_input + 4;
2115 T arg;
2116 memset(&arg, 0, sizeof(arg));
2117 dfsan_set_label(label: i_label, addr: (void *)(padded_input), size: strlen(s: padded_input));
2118 dfsan_set_label(label: j_label, addr: (void *)(padded_format), size: strlen(s: padded_format));
2119 dfsan_origin a_o = dfsan_get_origin(data: (long)(*s));
2120#ifndef ORIGIN_TRACKING
2121 (void)a_o;
2122#else
2123 assert(a_o != 0);
2124#endif
2125 int rv = sscanf(padded_input, padded_format, &arg);
2126 assert(rv == items_num);
2127 assert(arg == expected);
2128 ASSERT_READ_LABEL(&arg, sizeof(arg), i_label);
2129 ASSERT_INIT_ORIGINS(&arg, 1, a_o);
2130}
2131
2132void test_sscanf() {
2133 char buf[2048];
2134 char buf_out[2048];
2135 memset(s: buf, c: 'a', n: sizeof(buf));
2136 memset(s: buf_out, c: 'a', n: sizeof(buf_out));
2137
2138 // Test formatting
2139 strcpy(dest: buf, src: "Hello world!");
2140 assert(sscanf(buf, "%s", buf_out) == 1);
2141 assert(strcmp(buf, "Hello world!") == 0);
2142 assert(strcmp(buf_out, "Hello") == 0);
2143 ASSERT_READ_LABEL(buf, sizeof(buf), 0);
2144 ASSERT_READ_LABEL(buf_out, sizeof(buf_out), 0);
2145
2146 // Test for extra arguments.
2147 assert(sscanf(buf, "%s", buf_out, 42, "hello") == 1);
2148 assert(strcmp(buf, "Hello world!") == 0);
2149 assert(strcmp(buf_out, "Hello") == 0);
2150 ASSERT_READ_LABEL(buf, sizeof(buf), 0);
2151 ASSERT_READ_LABEL(buf_out, sizeof(buf_out), 0);
2152
2153 // Test formatting & label propagation (multiple conversion specifiers): %s,
2154 // %d, %n, %f, and %%.
2155 int n;
2156 strcpy(dest: buf, src: "hello world, 42 2014/8/31 12345.678123 % 1000");
2157 char *s = buf + 6; //starts with world
2158 int y = 0;
2159 int m = 0;
2160 int d = 0;
2161 float fval;
2162 int val = 0;
2163 dfsan_set_label(label: k_label, addr: (void *)(s + 1), size: 2); // buf[7]-b[9]
2164 dfsan_origin s_o = dfsan_get_origin(data: (long)(s[1]));
2165 assert(s[10] == '2');
2166 dfsan_set_label(label: i_label, addr: (void *)(s + 10), size: 4); // 2014
2167 dfsan_origin y_o = dfsan_get_origin(data: (long)s[10]); // buf[16]
2168 assert(s[17] == '3');
2169 dfsan_set_label(label: j_label, addr: (void *)(s + 17), size: 2); // 31
2170 dfsan_origin d_o = dfsan_get_origin(data: (long)s[17]); // buf[23]
2171 assert(s[20] == '1');
2172 dfsan_set_label(label: m_label, addr: (void *)(s + 20), size: 5); // 12345
2173 dfsan_origin f_o = dfsan_get_origin(data: (long)s[20]); //buf[26]
2174
2175#ifndef ORIGIN_TRACKING
2176 (void)s_o;
2177 (void)y_o;
2178 (void)d_o;
2179 (void)f_o;
2180#else
2181 assert(s_o != 0);
2182 assert(y_o != 0);
2183 assert(d_o != 0);
2184 assert(f_o != 0);
2185#endif
2186 int r = sscanf(s: buf, format: "hello %s %*d %d/%d/%d %f %% %n%d", buf_out, &y, &m, &d,
2187 &fval, &n, &val);
2188 assert(r == 6);
2189 assert(strcmp(buf_out, "world,") == 0);
2190 assert(y == 2014);
2191 assert(m == 8);
2192 assert(d == 31);
2193 assert(fval > 12300.0f);
2194 assert(fval < 12400.0f);
2195 ASSERT_READ_LABEL(buf_out, 1, 0);
2196 ASSERT_READ_LABEL(buf_out + 1, 2, k_label);
2197 ASSERT_INIT_ORIGINS(buf_out + 1, 2, s_o);
2198 ASSERT_READ_LABEL(&y, sizeof(y), i_label);
2199 ASSERT_INIT_ORIGINS(&y, sizeof(y), y_o);
2200 ASSERT_READ_LABEL(&d, sizeof(d), j_label);
2201 ASSERT_INIT_ORIGINS(&d, sizeof(d), d_o);
2202 ASSERT_READ_LABEL(&fval, sizeof(fval), m_label);
2203 ASSERT_INIT_ORIGINS(&fval, sizeof(fval), f_o);
2204 ASSERT_READ_LABEL(&val, 4, 0);
2205 ASSERT_LABEL(r, 0);
2206 assert(n == 41);
2207 assert(val == 1000);
2208
2209 // Test formatting & label propagation (single conversion specifier, with
2210 // additional length and precision modifiers).
2211 char input_buf[512];
2212 char *input_ptr = input_buf;
2213 strcpy(dest: input_buf, src: "-559038737");
2214 test_sscanf_chunk(expected: -559038737, format: "%d", input: input_ptr, items_num: 1);
2215 strcpy(dest: input_buf, src: "3735928559");
2216 test_sscanf_chunk(expected: 3735928559, format: "%u", input: input_ptr, items_num: 1);
2217 strcpy(dest: input_buf, src: "12345");
2218 test_sscanf_chunk(expected: 12345, format: "%i", input: input_ptr, items_num: 1);
2219 strcpy(dest: input_buf, src: "0751");
2220 test_sscanf_chunk(expected: 489, format: "%o", input: input_ptr, items_num: 1);
2221 strcpy(dest: input_buf, src: "0xbabe");
2222 test_sscanf_chunk(expected: 47806, format: "%x", input: input_ptr, items_num: 1);
2223 strcpy(dest: input_buf, src: "0x0000BABE");
2224 test_sscanf_chunk(expected: 47806, format: "%10X", input: input_ptr, items_num: 1);
2225 strcpy(dest: input_buf, src: "3735928559");
2226 test_sscanf_chunk(expected: (char)-17, format: "%hhd", input: input_ptr, items_num: 1);
2227 strcpy(dest: input_buf, src: "3735928559");
2228 test_sscanf_chunk(expected: (short)-16657, format: "%hd", input: input_ptr, items_num: 1);
2229 strcpy(dest: input_buf, src: "0xdeadbeefdeadbeef");
2230 test_sscanf_chunk(expected: 0xdeadbeefdeadbeefL, format: "%lx", input: input_buf, items_num: 1);
2231 test_sscanf_chunk(expected: (void *)0xdeadbeefdeadbeefL, format: "%p", input: input_buf, items_num: 1);
2232
2233 intmax_t _x = (intmax_t)-1;
2234 char _buf[256];
2235 memset(s: _buf, c: 0, n: sizeof(_buf));
2236 sprintf(s: _buf, format: "%ju", _x);
2237 test_sscanf_chunk(expected: (intmax_t)18446744073709551615, format: "%ju", input: _buf, items_num: 1);
2238 memset(s: _buf, c: 0, n: sizeof(_buf));
2239 size_t _y = (size_t)-1;
2240 sprintf(s: _buf, format: "%zu", _y);
2241 test_sscanf_chunk(expected: (size_t)18446744073709551615, format: "%zu", input: _buf, items_num: 1);
2242 memset(s: _buf, c: 0, n: sizeof(_buf));
2243 ptrdiff_t _z = (size_t)-1;
2244 sprintf(s: _buf, format: "%tu", _z);
2245 test_sscanf_chunk(expected: (ptrdiff_t)18446744073709551615, format: "%tu", input: _buf, items_num: 1);
2246
2247 strcpy(dest: input_buf, src: "0.123456");
2248 test_sscanf_chunk(expected: (float)0.123456, format: "%8f", input: input_ptr, items_num: 1);
2249 test_sscanf_chunk(expected: (float)0.123456, format: "%g", input: input_ptr, items_num: 1);
2250 test_sscanf_chunk(expected: (float)1.234560e-01, format: "%e", input: input_ptr, items_num: 1);
2251 test_sscanf_chunk(expected: (char)'z', format: "%c", input: "z", items_num: 1);
2252
2253 // %n, %s, %d, %f, and %% already tested
2254}
2255
2256// Tested by a seperate source file. This empty function is here to appease the
2257// check-wrappers script.
2258void test_fork() {}
2259
2260int main(void) {
2261 i_label = 1;
2262 j_label = 2;
2263 k_label = 4;
2264 m_label = 8;
2265 n_label = 16;
2266 i_j_label = dfsan_union(l1: i_label, l2: j_label);
2267 assert(i_j_label != i_label);
2268 assert(i_j_label != j_label);
2269 assert(i_j_label != k_label);
2270
2271 test__dl_get_tls_static_info();
2272 test_bcmp();
2273 test_clock_gettime();
2274 test_ctime_r();
2275 test_dfsan_set_write_callback();
2276 test_dl_iterate_phdr();
2277 test_dlopen();
2278 test_epoll_wait();
2279 test_fgets();
2280 test_fork();
2281 test_fstat();
2282 test_get_current_dir_name();
2283 test_getcwd();
2284 test_getentropy();
2285 test_gethostname();
2286 test_getpeername();
2287 test_getpwuid_r();
2288 test_getrlimit();
2289 test_getrusage();
2290 test_getsockname();
2291 test_getsockopt();
2292 test_gettimeofday();
2293 test_inet_pton();
2294 test_localtime_r();
2295 test_memchr();
2296 test_memcmp();
2297 test_memcpy();
2298 test_memmove();
2299 test_memset();
2300 test_nanosleep();
2301 test_poll();
2302 test_pread();
2303 test_pthread_create();
2304 test_pthread_join();
2305 test_read();
2306 test_recvmmsg();
2307 test_recvmsg();
2308 test_sched_getaffinity();
2309 test_select();
2310 test_sigaction();
2311 test_signal();
2312 test_sigaltstack();
2313 test_sigemptyset();
2314 test_snprintf();
2315 test_sscanf();
2316 test_socketpair();
2317 test_sprintf();
2318 test_stat();
2319 test_strcasecmp();
2320 test_strchr();
2321 test_strcmp();
2322 test_strcat();
2323 test_strncat(n: 5);
2324 test_strncat(n: 2);
2325 test_strcpy();
2326 test_strdup();
2327 test_strlen();
2328 test_strnlen();
2329 test_strncasecmp();
2330 test_strncmp();
2331 test_strncpy();
2332 test_strpbrk();
2333 test_strsep();
2334 test_strrchr();
2335 test_strstr();
2336 test_strtod();
2337 test_strtol();
2338 test_strtoll();
2339 test_strtoul();
2340 test_strtoull();
2341 test_time();
2342 test_write();
2343}
2344

source code of compiler-rt/test/dfsan/custom.cpp