1 /* Copyright (C) 2004-2022 Free Software Foundation, Inc.
2 Copyright The GNU Toolchain Authors.
3 This file is part of the GNU C Library.
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, see
17 <https://www.gnu.org/licenses/>. */
19 /* This file tests gets. Force it to be declared. */
21 #undef __GLIBC_USE_DEPRECATED_GETS
22 #define __GLIBC_USE_DEPRECATED_GETS 1
36 #include <sys/select.h>
37 #include <sys/socket.h>
41 # define MEMPCPY memcpy
42 # define WMEMPCPY wmemcpy
43 # define MEMPCPY_RET(x) 0
44 # define WMEMPCPY_RET(x) 0
46 # define MEMPCPY mempcpy
47 # define WMEMPCPY wmempcpy
48 # define MEMPCPY_RET(x) __builtin_strlen (x)
49 # define WMEMPCPY_RET(x) wcslen (x)
52 #define obstack_chunk_alloc malloc
53 #define obstack_chunk_free free
56 static void do_prepare (void);
57 static int do_test (void);
58 #define PREPARE(argc, argv) do_prepare ()
59 #define TEST_FUNCTION do_test ()
60 #include "../test-skeleton.c"
65 int temp_fd = create_temp_file ("tst-chk1.", &temp_filename);
68 printf ("cannot create temporary file: %m\n");
72 const char *strs = "abcdefgh\nABCDEFGHI\nabcdefghij\nABCDEFGHIJ";
73 if ((size_t) write (temp_fd, strs, strlen (strs)) != strlen (strs))
75 puts ("could not write test strings into file");
76 unlink (temp_filename);
81 volatile int chk_fail_ok;
91 longjmp (chk_fail_buf, 1);
97 #if __USE_FORTIFY_LEVEL == 3
98 volatile size_t buf_size = 10;
102 #define buf_size sizeof (buf)
107 volatile wchar_t *wp;
108 const char *str1 = "JIHGFEDCBA";
109 const char *str2 = "F";
110 const char *str3 = "%s%n%s%n";
111 const char *str4 = "Hello, ";
112 const char *str5 = "World!\n";
113 const wchar_t *wstr1 = L"JIHGFEDCBA";
114 const wchar_t *wstr2 = L"F";
115 const wchar_t *wstr3 = L"%s%n%s%n";
116 const wchar_t *wstr4 = L"Hello, ";
117 const wchar_t *wstr5 = L"World!\n";
118 char buf2[10] = "%s";
123 do { printf ("Failure on line %d\n", __LINE__); ret = 1; } while (0)
124 #define CHK_FAIL_START \
126 if (! setjmp (chk_fail_buf)) \
128 #define CHK_FAIL_END \
132 #if __USE_FORTIFY_LEVEL >= 2 && (!defined __cplusplus || defined __va_arg_pack)
133 # define CHK_FAIL2_START CHK_FAIL_START
134 # define CHK_FAIL2_END CHK_FAIL_END
136 # define CHK_FAIL2_START
137 # define CHK_FAIL2_END
143 #if __USE_FORTIFY_LEVEL == 3
144 char *buf = (char *) malloc (buf_size);
145 wchar_t *wbuf = (wchar_t *) malloc (buf_size * sizeof (wchar_t));
147 set_fortify_handler (handler);
149 struct A { char buf1[9]; char buf2[1]; } a;
150 struct wA { wchar_t buf1[9]; wchar_t buf2[1]; } wa;
152 printf ("Test checking routines at fortify level %d\n",
153 #ifdef __USE_FORTIFY_LEVEL
154 (int) __USE_FORTIFY_LEVEL
160 #if defined __USE_FORTIFY_LEVEL && !defined __fortify_function
161 printf ("Test skipped");
166 /* These ops can be done without runtime checking of object size. */
167 memcpy (buf, "abcdefghij", 10);
168 memmove (buf + 1, buf, 9);
169 if (memcmp (buf, "aabcdefghi", 10))
172 memcpy (buf, "abcdefghij", 10);
173 bcopy (buf, buf + 1, 9);
174 if (memcmp (buf, "aabcdefghi", 10))
177 if (MEMPCPY (buf + 5, "abcde", 5) != buf + 5 + MEMPCPY_RET ("abcde")
178 || memcmp (buf, "aabcdabcde", 10))
181 memset (buf + 8, 'j', 2);
182 if (memcmp (buf, "aabcdabcjj", 10))
186 if (memcmp (buf, "aabcdabc\0\0", 10))
189 explicit_bzero (buf + 6, 4);
190 if (memcmp (buf, "aabcda\0\0\0\0", 10))
193 strcpy (buf + 4, "EDCBA");
194 if (memcmp (buf, "aabcEDCBA", 10))
197 if (stpcpy (buf + 8, "F") != buf + 9 || memcmp (buf, "aabcEDCBF", 10))
200 strncpy (buf + 6, "X", 4);
201 if (memcmp (buf, "aabcEDX\0\0", 10))
204 if (sprintf (buf + 7, "%s", "67") != 2 || memcmp (buf, "aabcEDX67", 10))
207 if (snprintf (buf + 7, 3, "%s", "987654") != 6
208 || memcmp (buf, "aabcEDX98", 10))
211 /* These ops need runtime checking, but shouldn't __chk_fail. */
212 memcpy (buf, "abcdefghij", l0 + 10);
213 memmove (buf + 1, buf, l0 + 9);
214 if (memcmp (buf, "aabcdefghi", 10))
217 memcpy (buf, "abcdefghij", l0 + 10);
218 bcopy (buf, buf + 1, l0 + 9);
219 if (memcmp (buf, "aabcdefghi", 10))
222 if (MEMPCPY (buf + 5, "abcde", l0 + 5) != buf + 5 + MEMPCPY_RET ("abcde")
223 || memcmp (buf, "aabcdabcde", 10))
226 memset (buf + 8, 'j', l0 + 2);
227 if (memcmp (buf, "aabcdabcjj", 10))
230 bzero (buf + 8, l0 + 2);
231 if (memcmp (buf, "aabcdabc\0\0", 10))
234 explicit_bzero (buf + 6, l0 + 4);
235 if (memcmp (buf, "aabcda\0\0\0\0", 10))
238 strcpy (buf + 4, str1 + 5);
239 if (memcmp (buf, "aabcEDCBA", 10))
242 if (stpcpy (buf + 8, str2) != buf + 9 || memcmp (buf, "aabcEDCBF", 10))
245 strncpy (buf + 6, "X", l0 + 4);
246 if (memcmp (buf, "aabcEDX\0\0", 10))
249 if (stpncpy (buf + 5, "cd", l0 + 5) != buf + 7
250 || memcmp (buf, "aabcEcd\0\0", 10))
253 if (sprintf (buf + 7, "%d", num1) != 2 || memcmp (buf, "aabcEcd67", 10))
256 if (snprintf (buf + 7, 3, "%d", num2) != 6 || memcmp (buf, "aabcEcd98", 10))
261 if (memcmp (buf, "aabcEcd9A", 10))
265 strncat (buf, "ZYXWV", l0 + 2);
266 if (memcmp (buf, "aabcEcdZY", 10))
269 /* The following tests are supposed to succeed at all fortify
270 levels, even though they overflow a.buf1 into a.buf2. */
271 memcpy (a.buf1, "abcdefghij", l0 + 10);
272 memmove (a.buf1 + 1, a.buf1, l0 + 9);
273 if (memcmp (a.buf1, "aabcdefghi", 10))
276 memcpy (a.buf1, "abcdefghij", l0 + 10);
277 bcopy (a.buf1, a.buf1 + 1, l0 + 9);
278 if (memcmp (a.buf1, "aabcdefghi", 10))
281 if (MEMPCPY (a.buf1 + 5, "abcde", l0 + 5)
282 != a.buf1 + 5 + MEMPCPY_RET ("abcde")
283 || memcmp (a.buf1, "aabcdabcde", 10))
286 memset (a.buf1 + 8, 'j', l0 + 2);
287 if (memcmp (a.buf1, "aabcdabcjj", 10))
290 bzero (a.buf1 + 8, l0 + 2);
291 if (memcmp (a.buf1, "aabcdabc\0\0", 10))
294 explicit_bzero (a.buf1 + 6, l0 + 4);
295 if (memcmp (a.buf1, "aabcda\0\0\0\0", 10))
298 #if __USE_FORTIFY_LEVEL < 2
299 /* The following tests are supposed to crash with -D_FORTIFY_SOURCE=2
300 and sufficient GCC support, as the string operations overflow
301 from a.buf1 into a.buf2. */
302 strcpy (a.buf1 + 4, str1 + 5);
303 if (memcmp (a.buf1, "aabcEDCBA", 10))
306 if (stpcpy (a.buf1 + 8, str2) != a.buf1 + 9
307 || memcmp (a.buf1, "aabcEDCBF", 10))
310 strncpy (a.buf1 + 6, "X", l0 + 4);
311 if (memcmp (a.buf1, "aabcEDX\0\0", 10))
314 if (sprintf (a.buf1 + 7, "%d", num1) != 2
315 || memcmp (a.buf1, "aabcEDX67", 10))
318 if (snprintf (a.buf1 + 7, 3, "%d", num2) != 6
319 || memcmp (a.buf1, "aabcEDX98", 10))
322 a.buf1[l0 + 8] = '\0';
323 strcat (a.buf1, "A");
324 if (memcmp (a.buf1, "aabcEDX9A", 10))
327 a.buf1[l0 + 7] = '\0';
328 strncat (a.buf1, "ZYXWV", l0 + 2);
329 if (memcmp (a.buf1, "aabcEDXZY", 10))
334 #if __USE_FORTIFY_LEVEL >= 1
335 /* Now check if all buffer overflows are caught at runtime.
336 N.B. All tests involving a length parameter need to be done
337 twice: once with the length a compile-time constant, once without. */
340 memcpy (buf + 1, "abcdefghij", 10);
344 memcpy (buf + 1, "abcdefghij", l0 + 10);
348 memmove (buf + 2, buf + 1, 9);
352 memmove (buf + 2, buf + 1, l0 + 9);
356 bcopy (buf + 1, buf + 2, 9);
360 bcopy (buf + 1, buf + 2, l0 + 9);
365 p = (char *) mempcpy (buf + 6, "abcde", 5);
369 p = (char *) mempcpy (buf + 6, "abcde", l0 + 5);
374 memset (buf + 9, 'j', 2);
378 memset (buf + 9, 'j', l0 + 2);
386 bzero (buf + 9, l0 + 2);
390 explicit_bzero (buf + 9, 2);
394 explicit_bzero (buf + 9, l0 + 2);
398 strcpy (buf + 5, str1 + 5);
402 p = stpcpy (buf + 9, str2);
406 strncpy (buf + 7, "X", 4);
410 strncpy (buf + 7, "X", l0 + 4);
414 stpncpy (buf + 6, "cd", 5);
418 stpncpy (buf + 6, "cd", l0 + 5);
421 # if !defined __cplusplus || defined __va_arg_pack
423 sprintf (buf + 8, "%d", num1);
427 snprintf (buf + 8, 3, "%d", num2);
431 snprintf (buf + 8, l0 + 3, "%d", num2);
435 swprintf (wbuf + 8, 3, L"%d", num1);
439 swprintf (wbuf + 8, l0 + 3, L"%d", num1);
443 memcpy (buf, str1 + 2, 9);
448 memcpy (buf, str1 + 3, 8);
450 strncat (buf, "ZYXWV", 3);
453 memcpy (buf, str1 + 3, 8);
455 strncat (buf, "ZYXWV", l0 + 3);
459 memcpy (a.buf1 + 1, "abcdefghij", 10);
463 memcpy (a.buf1 + 1, "abcdefghij", l0 + 10);
467 memmove (a.buf1 + 2, a.buf1 + 1, 9);
471 memmove (a.buf1 + 2, a.buf1 + 1, l0 + 9);
475 bcopy (a.buf1 + 1, a.buf1 + 2, 9);
479 bcopy (a.buf1 + 1, a.buf1 + 2, l0 + 9);
484 p = (char *) mempcpy (a.buf1 + 6, "abcde", 5);
488 p = (char *) mempcpy (a.buf1 + 6, "abcde", l0 + 5);
493 memset (a.buf1 + 9, 'j', 2);
497 memset (a.buf1 + 9, 'j', l0 + 2);
501 bzero (a.buf1 + 9, 2);
505 bzero (a.buf1 + 9, l0 + 2);
509 explicit_bzero (a.buf1 + 9, 2);
513 explicit_bzero (a.buf1 + 9, l0 + 2);
516 # if __USE_FORTIFY_LEVEL >= 2
523 strcpy (a.buf1 + (O + 4), str1 + 5);
527 p = stpcpy (a.buf1 + (O + 8), str2);
531 strncpy (a.buf1 + (O + 6), "X", 4);
535 strncpy (a.buf1 + (O + 6), "X", l0 + 4);
538 # if !defined __cplusplus || defined __va_arg_pack
540 sprintf (a.buf1 + (O + 7), "%d", num1);
544 snprintf (a.buf1 + (O + 7), 3, "%d", num2);
548 snprintf (a.buf1 + (O + 7), l0 + 3, "%d", num2);
552 memcpy (a.buf1, str1 + (3 - O), 8 + O);
554 strcat (a.buf1, "AB");
557 memcpy (a.buf1, str1 + (4 - O), 7 + O);
559 strncat (a.buf1, "ZYXWV", l0 + 3);
564 /* These ops can be done without runtime checking of object size. */
565 wmemcpy (wbuf, L"abcdefghij", 10);
566 wmemmove (wbuf + 1, wbuf, 9);
567 if (wmemcmp (wbuf, L"aabcdefghi", 10))
570 if (WMEMPCPY (wbuf + 5, L"abcde", 5) != wbuf + 5 + WMEMPCPY_RET (L"abcde")
571 || wmemcmp (wbuf, L"aabcdabcde", 10))
574 wmemset (wbuf + 8, L'j', 2);
575 if (wmemcmp (wbuf, L"aabcdabcjj", 10))
578 wcscpy (wbuf + 4, L"EDCBA");
579 if (wmemcmp (wbuf, L"aabcEDCBA", 10))
582 if (wcpcpy (wbuf + 8, L"F") != wbuf + 9 || wmemcmp (wbuf, L"aabcEDCBF", 10))
585 wcsncpy (wbuf + 6, L"X", 4);
586 if (wmemcmp (wbuf, L"aabcEDX\0\0", 10))
589 if (swprintf (wbuf + 7, 3, L"%ls", L"987654") >= 0
590 || wmemcmp (wbuf, L"aabcEDX98", 10))
593 if (swprintf (wbuf + 7, 3, L"64") != 2
594 || wmemcmp (wbuf, L"aabcEDX64", 10))
597 /* These ops need runtime checking, but shouldn't __chk_fail. */
598 wmemcpy (wbuf, L"abcdefghij", l0 + 10);
599 wmemmove (wbuf + 1, wbuf, l0 + 9);
600 if (wmemcmp (wbuf, L"aabcdefghi", 10))
603 if (WMEMPCPY (wbuf + 5, L"abcde", l0 + 5)
604 != wbuf + 5 + WMEMPCPY_RET (L"abcde")
605 || wmemcmp (wbuf, L"aabcdabcde", 10))
608 wmemset (wbuf + 8, L'j', l0 + 2);
609 if (wmemcmp (wbuf, L"aabcdabcjj", 10))
612 wcscpy (wbuf + 4, wstr1 + 5);
613 if (wmemcmp (wbuf, L"aabcEDCBA", 10))
616 if (wcpcpy (wbuf + 8, wstr2) != wbuf + 9 || wmemcmp (wbuf, L"aabcEDCBF", 10))
619 wcsncpy (wbuf + 6, L"X", l0 + 4);
620 if (wmemcmp (wbuf, L"aabcEDX\0\0", 10))
623 if (wcpncpy (wbuf + 5, L"cd", l0 + 5) != wbuf + 7
624 || wmemcmp (wbuf, L"aabcEcd\0\0", 10))
627 if (swprintf (wbuf + 7, 3, L"%d", num2) >= 0
628 || wmemcmp (wbuf, L"aabcEcd98", 10))
631 wbuf[l0 + 8] = L'\0';
633 if (wmemcmp (wbuf, L"aabcEcd9A", 10))
636 wbuf[l0 + 7] = L'\0';
637 wcsncat (wbuf, L"ZYXWV", l0 + 2);
638 if (wmemcmp (wbuf, L"aabcEcdZY", 10))
641 wmemcpy (wa.buf1, L"abcdefghij", l0 + 10);
642 wmemmove (wa.buf1 + 1, wa.buf1, l0 + 9);
643 if (wmemcmp (wa.buf1, L"aabcdefghi", 10))
646 if (WMEMPCPY (wa.buf1 + 5, L"abcde", l0 + 5)
647 != wa.buf1 + 5 + WMEMPCPY_RET (L"abcde")
648 || wmemcmp (wa.buf1, L"aabcdabcde", 10))
651 wmemset (wa.buf1 + 8, L'j', l0 + 2);
652 if (wmemcmp (wa.buf1, L"aabcdabcjj", 10))
655 #if __USE_FORTIFY_LEVEL < 2
656 /* The following tests are supposed to crash with -D_FORTIFY_SOURCE=2
657 and sufficient GCC support, as the string operations overflow
658 from a.buf1 into a.buf2. */
659 wcscpy (wa.buf1 + 4, wstr1 + 5);
660 if (wmemcmp (wa.buf1, L"aabcEDCBA", 10))
663 if (wcpcpy (wa.buf1 + 8, wstr2) != wa.buf1 + 9
664 || wmemcmp (wa.buf1, L"aabcEDCBF", 10))
667 wcsncpy (wa.buf1 + 6, L"X", l0 + 4);
668 if (wmemcmp (wa.buf1, L"aabcEDX\0\0", 10))
671 if (swprintf (wa.buf1 + 7, 3, L"%d", num2) >= 0
672 || wmemcmp (wa.buf1, L"aabcEDX98", 10))
675 wa.buf1[l0 + 8] = L'\0';
676 wcscat (wa.buf1, L"A");
677 if (wmemcmp (wa.buf1, L"aabcEDX9A", 10))
680 wa.buf1[l0 + 7] = L'\0';
681 wcsncat (wa.buf1, L"ZYXWV", l0 + 2);
682 if (wmemcmp (wa.buf1, L"aabcEDXZY", 10))
687 #if __USE_FORTIFY_LEVEL >= 1
688 /* Now check if all buffer overflows are caught at runtime.
689 N.B. All tests involving a length parameter need to be done
690 twice: once with the length a compile-time constant, once without. */
693 wmemcpy (wbuf + 1, L"abcdefghij", 10);
697 wmemcpy (wbuf + 1, L"abcdefghij", l0 + 10);
701 wmemcpy (wbuf + 9, L"abcdefghij", 10);
705 wmemcpy (wbuf + 9, L"abcdefghij", l0 + 10);
709 wmemmove (wbuf + 2, wbuf + 1, 9);
713 wmemmove (wbuf + 2, wbuf + 1, l0 + 9);
718 wp = wmempcpy (wbuf + 6, L"abcde", 5);
722 wp = wmempcpy (wbuf + 6, L"abcde", l0 + 5);
727 wmemset (wbuf + 9, L'j', 2);
731 wmemset (wbuf + 9, L'j', l0 + 2);
735 wcscpy (wbuf + 5, wstr1 + 5);
739 wp = wcpcpy (wbuf + 9, wstr2);
743 wcsncpy (wbuf + 7, L"X", 4);
747 wcsncpy (wbuf + 7, L"X", l0 + 4);
751 wcsncpy (wbuf + 9, L"XABCDEFGH", 8);
755 wcpncpy (wbuf + 9, L"XABCDEFGH", 8);
759 wcpncpy (wbuf + 6, L"cd", 5);
763 wcpncpy (wbuf + 6, L"cd", l0 + 5);
766 wmemcpy (wbuf, wstr1 + 2, 9);
768 wcscat (wbuf, L"AB");
771 wmemcpy (wbuf, wstr1 + 3, 8);
773 wcsncat (wbuf, L"ZYXWV", l0 + 3);
777 wmemcpy (wa.buf1 + 1, L"abcdefghij", 10);
781 wmemcpy (wa.buf1 + 1, L"abcdefghij", l0 + 10);
785 wmemmove (wa.buf1 + 2, wa.buf1 + 1, 9);
789 wmemmove (wa.buf1 + 2, wa.buf1 + 1, l0 + 9);
794 wp = wmempcpy (wa.buf1 + 6, L"abcde", 5);
798 wp = wmempcpy (wa.buf1 + 6, L"abcde", l0 + 5);
803 wmemset (wa.buf1 + 9, L'j', 2);
807 wmemset (wa.buf1 + 9, L'j', l0 + 2);
810 #if __USE_FORTIFY_LEVEL >= 2
817 wcscpy (wa.buf1 + (O + 4), wstr1 + 5);
821 wp = wcpcpy (wa.buf1 + (O + 8), wstr2);
825 wcsncpy (wa.buf1 + (O + 6), L"X", 4);
829 wcsncpy (wa.buf1 + (O + 6), L"X", l0 + 4);
832 wmemcpy (wa.buf1, wstr1 + (3 - O), 8 + O);
834 wcscat (wa.buf1, L"AB");
837 wmemcpy (wa.buf1, wstr1 + (4 - O), 7 + O);
839 wcsncat (wa.buf1, L"ZYXWV", l0 + 3);
844 /* Now checks for %n protection. */
846 /* Constant literals passed directly are always ok
847 (even with warnings about possible bugs from GCC). */
849 if (sprintf (buf, "%s%n%s%n", str2, &n1, str2, &n2) != 2
850 || n1 != 1 || n2 != 2)
853 /* In this case the format string is not known at compile time,
854 but resides in read-only memory, so is ok. */
855 if (snprintf (buf, 4, str3, str2, &n1, str2, &n2) != 2
856 || n1 != 1 || n2 != 2)
859 strcpy (buf2 + 2, "%n%s%n");
860 /* When the format string is writable and contains %n,
861 with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */
863 if (sprintf (buf, buf2, str2, &n1, str2, &n1) != 2)
868 if (snprintf (buf, 3, buf2, str2, &n1, str2, &n1) != 2)
872 /* But if there is no %n, even writable format string
875 if (sprintf (buf, buf2 + 4, str2) != 1)
878 /* Constant literals passed directly are always ok
879 (even with warnings about possible bugs from GCC). */
880 if (printf ("%s%n%s%n", str4, &n1, str5, &n2) != 14
881 || n1 != 7 || n2 != 14)
884 /* In this case the format string is not known at compile time,
885 but resides in read-only memory, so is ok. */
886 if (printf (str3, str4, &n1, str5, &n2) != 14
887 || n1 != 7 || n2 != 14)
890 strcpy (buf2 + 2, "%n%s%n");
891 /* When the format string is writable and contains %n,
892 with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */
894 if (printf (buf2, str4, &n1, str5, &n1) != 14)
898 /* But if there is no %n, even writable format string
901 if (printf (buf2 + 4, str5) != 7)
906 /* Constant literals passed directly are always ok
907 (even with warnings about possible bugs from GCC). */
908 if (fprintf (fp, "%s%n%s%n", str4, &n1, str5, &n2) != 14
909 || n1 != 7 || n2 != 14)
912 /* In this case the format string is not known at compile time,
913 but resides in read-only memory, so is ok. */
914 if (fprintf (fp, str3, str4, &n1, str5, &n2) != 14
915 || n1 != 7 || n2 != 14)
918 strcpy (buf2 + 2, "%n%s%n");
919 /* When the format string is writable and contains %n,
920 with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */
922 if (fprintf (fp, buf2, str4, &n1, str5, &n1) != 14)
926 /* But if there is no %n, even writable format string
929 if (fprintf (fp, buf2 + 4, str5) != 7)
934 strcpy (buf2 + 2, "%n%s%n");
935 /* When the format string is writable and contains %n,
936 with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */
938 if (asprintf (&my_ptr, buf2, str4, &n1, str5, &n1) != 14)
947 if (obstack_printf (&obs, buf2, str4, &n1, str5, &n1) != 14)
950 obstack_free (&obs, NULL);
953 if (asprintf (&my_ptr, "%s%n%s%n", str4, &n1, str5, &n1) != 14)
959 if (obstack_printf (&obs, "%s%n%s%n", str4, &n1, str5, &n1) != 14)
961 obstack_free (&obs, NULL);
964 if (freopen (temp_filename, "r", stdin) == NULL)
966 puts ("could not open temporary file");
970 if (gets (buf) != buf || memcmp (buf, "abcdefgh", 9))
972 if (gets (buf) != buf || memcmp (buf, "ABCDEFGHI", 10))
975 #if __USE_FORTIFY_LEVEL >= 1
977 if (gets (buf) != buf)
984 if (fgets (buf, buf_size, stdin) != buf
985 || memcmp (buf, "abcdefgh\n", 10))
987 if (fgets (buf, buf_size, stdin) != buf || memcmp (buf, "ABCDEFGHI", 10))
992 if (fgets (buf, l0 + buf_size, stdin) != buf
993 || memcmp (buf, "abcdefgh\n", 10))
996 #if __USE_FORTIFY_LEVEL >= 1
998 if (fgets (buf, buf_size + 1, stdin) != buf)
1003 if (fgets (buf, l0 + buf_size + 1, stdin) != buf)
1011 if (fgets_unlocked (buf, buf_size, stdin) != buf
1012 || memcmp (buf, "abcdefgh\n", 10))
1014 if (fgets_unlocked (buf, buf_size, stdin) != buf
1015 || memcmp (buf, "ABCDEFGHI", 10))
1020 if (fgets_unlocked (buf, l0 + buf_size, stdin) != buf
1021 || memcmp (buf, "abcdefgh\n", 10))
1024 #if __USE_FORTIFY_LEVEL >= 1
1026 if (fgets_unlocked (buf, buf_size + 1, stdin) != buf)
1031 if (fgets_unlocked (buf, l0 + buf_size + 1, stdin) != buf)
1039 if (fread (buf, 1, buf_size, stdin) != buf_size
1040 || memcmp (buf, "abcdefgh\nA", 10))
1042 if (fread (buf, buf_size, 1, stdin) != 1
1043 || memcmp (buf, "BCDEFGHI\na", 10))
1048 if (fread (buf, l0 + 1, buf_size, stdin) != buf_size
1049 || memcmp (buf, "abcdefgh\nA", 10))
1051 if (fread (buf, buf_size, l0 + 1, stdin) != 1
1052 || memcmp (buf, "BCDEFGHI\na", 10))
1055 #if __USE_FORTIFY_LEVEL >= 1
1057 if (fread (buf, 1, buf_size + 1, stdin) != buf_size + 1)
1062 if (fread (buf, buf_size + 1, l0 + 1, stdin) != 1)
1069 if (fread_unlocked (buf, 1, buf_size, stdin) != buf_size
1070 || memcmp (buf, "abcdefgh\nA", 10))
1072 if (fread_unlocked (buf, buf_size, 1, stdin) != 1
1073 || memcmp (buf, "BCDEFGHI\na", 10))
1078 if (fread_unlocked (buf, 1, 4, stdin) != 4
1079 || memcmp (buf, "abcdFGHI\na", 10))
1081 if (fread_unlocked (buf, 4, 1, stdin) != 1
1082 || memcmp (buf, "efghFGHI\na", 10))
1087 if (fread_unlocked (buf, l0 + 1, buf_size, stdin) != buf_size
1088 || memcmp (buf, "abcdefgh\nA", 10))
1090 if (fread_unlocked (buf, buf_size, l0 + 1, stdin) != 1
1091 || memcmp (buf, "BCDEFGHI\na", 10))
1094 #if __USE_FORTIFY_LEVEL >= 1
1096 if (fread_unlocked (buf, 1, buf_size + 1, stdin) != buf_size + 1)
1101 if (fread_unlocked (buf, buf_size + 1, l0 + 1, stdin) != 1)
1106 lseek (fileno (stdin), 0, SEEK_SET);
1108 if (read (fileno (stdin), buf, buf_size - 1) != buf_size - 1
1109 || memcmp (buf, "abcdefgh\n", 9))
1111 if (read (fileno (stdin), buf, buf_size - 1) != buf_size - 1
1112 || memcmp (buf, "ABCDEFGHI", 9))
1115 lseek (fileno (stdin), 0, SEEK_SET);
1117 if (read (fileno (stdin), buf, l0 + buf_size - 1) != buf_size - 1
1118 || memcmp (buf, "abcdefgh\n", 9))
1121 #if __USE_FORTIFY_LEVEL >= 1
1123 if (read (fileno (stdin), buf, buf_size + 1) != buf_size + 1)
1128 if (read (fileno (stdin), buf, l0 + buf_size + 1) != buf_size + 1)
1133 if (pread (fileno (stdin), buf, buf_size - 1, buf_size - 2)
1135 || memcmp (buf, "\nABCDEFGH", 9))
1137 if (pread (fileno (stdin), buf, buf_size - 1, 0) != buf_size - 1
1138 || memcmp (buf, "abcdefgh\n", 9))
1140 if (pread (fileno (stdin), buf, l0 + buf_size - 1, buf_size - 3)
1142 || memcmp (buf, "h\nABCDEFG", 9))
1145 #if __USE_FORTIFY_LEVEL >= 1
1147 if (pread (fileno (stdin), buf, buf_size + 1, 2 * buf_size)
1153 if (pread (fileno (stdin), buf, l0 + buf_size + 1, 2 * buf_size)
1159 if (pread64 (fileno (stdin), buf, buf_size - 1, buf_size - 2)
1161 || memcmp (buf, "\nABCDEFGH", 9))
1163 if (pread64 (fileno (stdin), buf, buf_size - 1, 0) != buf_size - 1
1164 || memcmp (buf, "abcdefgh\n", 9))
1166 if (pread64 (fileno (stdin), buf, l0 + buf_size - 1, buf_size - 3)
1168 || memcmp (buf, "h\nABCDEFG", 9))
1171 #if __USE_FORTIFY_LEVEL >= 1
1173 if (pread64 (fileno (stdin), buf, buf_size + 1, 2 * buf_size)
1179 if (pread64 (fileno (stdin), buf, l0 + buf_size + 1, 2 * buf_size)
1185 if (freopen (temp_filename, "r", stdin) == NULL)
1187 puts ("could not open temporary file");
1191 if (fseek (stdin, 9 + 10 + 11, SEEK_SET))
1193 puts ("could not seek in test file");
1197 #if __USE_FORTIFY_LEVEL >= 1
1199 if (gets (buf) != buf)
1204 /* Check whether missing N$ formats are detected. */
1206 printf ("%3$d\n", 1, 2, 3, 4);
1210 fprintf (stdout, "%3$d\n", 1, 2, 3, 4);
1214 sprintf (buf, "%3$d\n", 1, 2, 3, 4);
1218 snprintf (buf, buf_size, "%3$d\n", 1, 2, 3, 4);
1222 if (socketpair (PF_UNIX, SOCK_STREAM, 0, sp))
1226 const char *sendstr = "abcdefgh\nABCDEFGH\n0123456789\n";
1227 if ((size_t) send (sp[0], sendstr, strlen (sendstr), 0)
1228 != strlen (sendstr))
1232 if (recv (sp[1], recvbuf, sizeof recvbuf, MSG_PEEK)
1234 || memcmp (recvbuf, sendstr, sizeof recvbuf) != 0)
1237 if (recv (sp[1], recvbuf + 6, l0 + sizeof recvbuf - 7, MSG_PEEK)
1238 != sizeof recvbuf - 7
1239 || memcmp (recvbuf + 6, sendstr, sizeof recvbuf - 7) != 0)
1242 #if __USE_FORTIFY_LEVEL >= 1
1244 if (recv (sp[1], recvbuf + 1, sizeof recvbuf, MSG_PEEK)
1250 if (recv (sp[1], recvbuf + 4, l0 + sizeof recvbuf - 3, MSG_PEEK)
1251 != sizeof recvbuf - 3)
1257 struct sockaddr_un sa_un;
1259 sl = sizeof (sa_un);
1260 if (recvfrom (sp[1], recvbuf, sizeof recvbuf, MSG_PEEK,
1261 (struct sockaddr *) &sa_un, &sl)
1263 || memcmp (recvbuf, sendstr, sizeof recvbuf) != 0)
1266 sl = sizeof (sa_un);
1267 if (recvfrom (sp[1], recvbuf + 6, l0 + sizeof recvbuf - 7, MSG_PEEK,
1268 (struct sockaddr *) &sa_un, &sl) != sizeof recvbuf - 7
1269 || memcmp (recvbuf + 6, sendstr, sizeof recvbuf - 7) != 0)
1272 #if __USE_FORTIFY_LEVEL >= 1
1274 sl = sizeof (sa_un);
1275 if (recvfrom (sp[1], recvbuf + 1, sizeof recvbuf, MSG_PEEK,
1276 (struct sockaddr *) &sa_un, &sl) != sizeof recvbuf)
1281 sl = sizeof (sa_un);
1282 if (recvfrom (sp[1], recvbuf + 4, l0 + sizeof recvbuf - 3, MSG_PEEK,
1283 (struct sockaddr *) &sa_un, &sl) != sizeof recvbuf - 3)
1292 char fname[] = "/tmp/tst-chk1-dir-XXXXXX\0foo";
1293 char *enddir = strchr (fname, '\0');
1294 if (mkdtemp (fname) == NULL)
1296 printf ("mkdtemp failed: %m\n");
1300 if (symlink ("bar", fname) != 0)
1303 char readlinkbuf[4];
1304 if (readlink (fname, readlinkbuf, 4) != 3
1305 || memcmp (readlinkbuf, "bar", 3) != 0)
1307 if (readlink (fname, readlinkbuf + 1, l0 + 3) != 3
1308 || memcmp (readlinkbuf, "bbar", 4) != 0)
1311 #if __USE_FORTIFY_LEVEL >= 1
1313 if (readlink (fname, readlinkbuf + 2, l0 + 3) != 3)
1318 if (readlink (fname, readlinkbuf + 3, 4) != 3)
1323 int tmpfd = open ("/tmp", O_RDONLY | O_DIRECTORY);
1327 if (readlinkat (tmpfd, fname + sizeof ("/tmp/") - 1, readlinkbuf, 4) != 3
1328 || memcmp (readlinkbuf, "bar", 3) != 0)
1330 if (readlinkat (tmpfd, fname + sizeof ("/tmp/") - 1, readlinkbuf + 1,
1332 || memcmp (readlinkbuf, "bbar", 4) != 0)
1335 #if __USE_FORTIFY_LEVEL >= 1
1337 if (readlinkat (tmpfd, fname + sizeof ("/tmp/") - 1, readlinkbuf + 2,
1343 if (readlinkat (tmpfd, fname + sizeof ("/tmp/") - 1, readlinkbuf + 3,
1351 char *cwd1 = getcwd (NULL, 0);
1355 char *cwd2 = getcwd (NULL, 250);
1361 if (strcmp (cwd1, cwd2) != 0)
1368 char *cwd3 = getcwd (NULL, 0);
1371 if (strcmp (fname, cwd3) != 0)
1372 printf ("getcwd after chdir is '%s' != '%s',"
1373 "get{c,}wd tests skipped\n", cwd3, fname);
1376 char getcwdbuf[sizeof fname - 3];
1378 char *cwd4 = getcwd (getcwdbuf, sizeof getcwdbuf);
1379 if (cwd4 != getcwdbuf
1380 || strcmp (getcwdbuf, fname) != 0)
1383 cwd4 = getcwd (getcwdbuf + 1, l0 + sizeof getcwdbuf - 1);
1384 if (cwd4 != getcwdbuf + 1
1385 || getcwdbuf[0] != fname[0]
1386 || strcmp (getcwdbuf + 1, fname) != 0)
1389 #if __USE_FORTIFY_LEVEL >= 1
1391 if (getcwd (getcwdbuf + 2, l0 + sizeof getcwdbuf)
1397 if (getcwd (getcwdbuf + 2, sizeof getcwdbuf)
1403 if (getwd (getcwdbuf) != getcwdbuf
1404 || strcmp (getcwdbuf, fname) != 0)
1407 if (getwd (getcwdbuf + 1) != getcwdbuf + 1
1408 || strcmp (getcwdbuf + 1, fname) != 0)
1411 #if __USE_FORTIFY_LEVEL >= 1
1413 if (getwd (getcwdbuf + 2) != getcwdbuf + 2)
1419 if (chdir (cwd1) != 0)
1427 if (unlink (fname) != 0)
1431 if (rmdir (fname) != 0)
1436 char largebuf[PATH_MAX];
1437 char *realres = realpath (".", largebuf);
1438 if (realres != largebuf)
1441 # if __USE_FORTIFY_LEVEL >= 1
1444 realres = realpath (".", realbuf);
1445 if (realres != realbuf)
1451 if (setlocale (LC_ALL, "de_DE.UTF-8") != NULL)
1453 assert (MB_CUR_MAX <= 10);
1455 /* First a simple test. */
1457 if (wctomb (enough, L'A') != 1)
1460 #if __USE_FORTIFY_LEVEL >= 1
1461 /* We know the wchar_t encoding is ISO 10646. So pick a
1462 character which has a multibyte representation which does not
1466 if (wctomb (smallbuf, L'\x100') != 2)
1472 memset (&s, '\0', sizeof (s));
1473 if (wcrtomb (enough, L'D', &s) != 1 || enough[0] != 'D')
1476 #if __USE_FORTIFY_LEVEL >= 1
1477 /* We know the wchar_t encoding is ISO 10646. So pick a
1478 character which has a multibyte representation which does not
1482 if (wcrtomb (smallbuf, L'\x100', &s) != 2)
1486 /* Same input with a large enough buffer and we're good. */
1487 char bigenoughbuf[2];
1488 if (wcrtomb (bigenoughbuf, L'\x100', &s) != 2)
1492 wchar_t wenough[10];
1493 memset (&s, '\0', sizeof (s));
1494 const char *cp = "A";
1495 if (mbsrtowcs (wenough, &cp, 10, &s) != 1
1496 || wcscmp (wenough, L"A") != 0)
1500 if (mbsrtowcs (wenough, &cp, l0 + 10, &s) != 2
1501 || wcscmp (wenough, L"BC") != 0)
1504 #if __USE_FORTIFY_LEVEL >= 1
1506 wchar_t wsmallbuf[2];
1508 mbsrtowcs (wsmallbuf, &cp, 10, &s);
1512 /* Bug 29030 regresion check */
1514 if (mbsrtowcs (NULL, &cp, (size_t)-1, &s) != 10)
1518 if (mbstowcs (wenough, cp, 10) != 1
1519 || wcscmp (wenough, L"A") != 0)
1523 if (mbstowcs (wenough, cp, l0 + 10) != 3
1524 || wcscmp (wenough, L"DEF") != 0)
1527 #if __USE_FORTIFY_LEVEL >= 1
1529 wchar_t wsmallbuf[2];
1531 mbstowcs (wsmallbuf, cp, 10);
1535 memset (&s, '\0', sizeof (s));
1537 wcscpy (wenough, L"DEF");
1538 if (mbsnrtowcs (wenough, &cp, 1, 10, &s) != 1
1539 || wcscmp (wenough, L"AEF") != 0)
1543 if (mbsnrtowcs (wenough, &cp, 1, l0 + 10, &s) != 1
1544 || wcscmp (wenough, L"IEF") != 0)
1547 #if __USE_FORTIFY_LEVEL >= 1
1549 wchar_t wsmallbuf[2];
1551 mbsnrtowcs (wsmallbuf, &cp, 3, 10, &s);
1555 memset (&s, '\0', sizeof (s));
1556 const wchar_t *wcp = L"A";
1557 if (wcsrtombs (enough, &wcp, 10, &s) != 1
1558 || strcmp (enough, "A") != 0)
1562 if (wcsrtombs (enough, &wcp, l0 + 10, &s) != 2
1563 || strcmp (enough, "BC") != 0)
1566 #if __USE_FORTIFY_LEVEL >= 1
1570 wcsrtombs (smallbuf, &wcp, 10, &s);
1574 memset (enough, 'Z', sizeof (enough));
1576 if (wcstombs (enough, wcp, 10) != 2
1577 || strcmp (enough, "EF") != 0)
1581 if (wcstombs (enough, wcp, l0 + 10) != 1
1582 || strcmp (enough, "G") != 0)
1585 #if __USE_FORTIFY_LEVEL >= 1
1589 wcstombs (smallbuf, wcp, 10);
1593 memset (&s, '\0', sizeof (s));
1595 if (wcsnrtombs (enough, &wcp, 1, 10, &s) != 1
1596 || strcmp (enough, "A") != 0)
1600 if (wcsnrtombs (enough, &wcp, 1, l0 + 10, &s) != 1
1601 || strcmp (enough, "B") != 0)
1604 #if __USE_FORTIFY_LEVEL >= 1
1608 wcsnrtombs (smallbuf, &wcp, 3, 10, &s);
1614 puts ("cannot set locale");
1621 fd = posix_openpt (O_RDWR);
1625 if (ptsname_r (fd, enough, sizeof (enough)) != 0)
1628 #if __USE_FORTIFY_LEVEL >= 1
1631 if (ptsname_r (fd, smallbuf, sizeof (smallbuf) + 1) == 0)
1640 confstr (_CS_GNU_LIBC_VERSION, largebuf, sizeof (largebuf));
1641 # if __USE_FORTIFY_LEVEL >= 1
1644 confstr (_CS_GNU_LIBC_VERSION, smallbuf, sizeof (largebuf));
1650 int ngr = getgroups (5, grpslarge);
1651 asm volatile ("" : : "r" (ngr));
1652 #if __USE_FORTIFY_LEVEL >= 1
1655 ngr = getgroups (5, (gid_t *) smallbuf);
1656 asm volatile ("" : : "r" (ngr));
1660 fd = open (_PATH_TTY, O_RDONLY);
1664 if (ttyname_r (fd, enough, sizeof (enough)) != 0)
1667 #if __USE_FORTIFY_LEVEL >= 1
1670 if (ttyname_r (fd, smallbuf, sizeof (smallbuf) + 1) == 0)
1677 char hostnamelarge[1000];
1678 gethostname (hostnamelarge, sizeof (hostnamelarge));
1679 #if __USE_FORTIFY_LEVEL >= 1
1682 gethostname (smallbuf, sizeof (hostnamelarge));
1686 char loginlarge[1000];
1687 getlogin_r (loginlarge, sizeof (hostnamelarge));
1688 #if __USE_FORTIFY_LEVEL >= 1
1691 getlogin_r (smallbuf, sizeof (loginlarge));
1695 char domainnamelarge[1000];
1696 int res = getdomainname (domainnamelarge, sizeof (domainnamelarge));
1697 asm volatile ("" : : "r" (res));
1698 #if __USE_FORTIFY_LEVEL >= 1
1701 res = getdomainname (smallbuf, sizeof (domainnamelarge));
1702 asm volatile ("" : : "r" (res));
1709 FD_SET (FD_SETSIZE - 1, &s);
1710 #if __USE_FORTIFY_LEVEL >= 1
1712 FD_SET (FD_SETSIZE, &s);
1716 FD_SET (l0 + FD_SETSIZE, &s);
1720 FD_CLR (FD_SETSIZE - 1, &s);
1721 #if __USE_FORTIFY_LEVEL >= 1
1723 FD_CLR (FD_SETSIZE, &s);
1727 FD_SET (l0 + FD_SETSIZE, &s);
1731 FD_ISSET (FD_SETSIZE - 1, &s);
1732 #if __USE_FORTIFY_LEVEL >= 1
1734 FD_ISSET (FD_SETSIZE, &s);
1738 FD_ISSET (l0 + FD_SETSIZE, &s);
1742 struct pollfd fds[1];
1743 fds[0].fd = STDOUT_FILENO;
1744 fds[0].events = POLLOUT;
1746 #if __USE_FORTIFY_LEVEL >= 1
1752 poll (fds, l0 + 2, 0);
1756 ppoll (fds, 1, NULL, NULL);
1757 # if __USE_FORTIFY_LEVEL >= 1
1759 ppoll (fds, 2, NULL, NULL);
1763 ppoll (fds, l0 + 2, NULL, NULL);