From ac8cc9e300a002228eb7e660df3e7b333d9a7414 Mon Sep 17 00:00:00 2001 From: Mike Frysinger Date: Sun, 29 Dec 2013 23:15:03 +0000 Subject: [PATCH] tst-longjmp_chk3: new test for checking sigaltstack edge cases Make sure the longjmp checking logic catches stacks that are slightly outside of a valid alternative signal stack. Signed-off-by: Mike Frysinger --- ChangeLog | 6 ++++ debug/Makefile | 2 ++ debug/tst-longjmp_chk3.c | 85 ++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 93 insertions(+) create mode 100644 debug/tst-longjmp_chk3.c diff --git a/ChangeLog b/ChangeLog index 610eef6..8e06921 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,11 @@ 2014-02-08 Mike Frysinger + * debug/Makefile (CFLAGS-tst-longjmp_chk3.c): Define. + (CPPFLAGS-tst-longjmp_chk3.c): Likewise. + * debug/tst-longjmp_chk3.c: New file. + +2014-02-08 Mike Frysinger + * benchtests/bench-strcpy_chk.c: Move test-skeleton.c to top. (test_main): Replace code with set_fortify_handler call. * debug/test-strcpy_chk.c: Likewise. diff --git a/debug/Makefile b/debug/Makefile index ab06c17..fc15ef3 100644 --- a/debug/Makefile +++ b/debug/Makefile @@ -90,6 +90,8 @@ CFLAGS-tst-longjmp_chk.c = -fexceptions -fasynchronous-unwind-tables CPPFLAGS-tst-longjmp_chk.c = -D_FORTIFY_SOURCE=1 CFLAGS-tst-longjmp_chk2.c = -fexceptions -fasynchronous-unwind-tables CPPFLAGS-tst-longjmp_chk2.c = -D_FORTIFY_SOURCE=1 +CFLAGS-tst-longjmp_chk3.c = -fexceptions -fasynchronous-unwind-tables +CPPFLAGS-tst-longjmp_chk3.c = -D_FORTIFY_SOURCE=1 # We know these tests have problems with format strings, this is what # we are testing. Disable that warning. diff --git a/debug/tst-longjmp_chk3.c b/debug/tst-longjmp_chk3.c new file mode 100644 index 0000000..f0f67e5 --- /dev/null +++ b/debug/tst-longjmp_chk3.c @@ -0,0 +1,85 @@ +/* Make sure longjmp fortification catches bad signal stacks. + Copyright (C) 2013-2014 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include + +static int do_test (void); +#define TEST_FUNCTION do_test () +#include "../test-skeleton.c" + +static char buf[SIGSTKSZ * 4]; +static jmp_buf jb; + +static void +handler (int sig) +{ + if (sig == SIGUSR1) + { + if (setjmp (jb) != 0) + { + puts ("setjmp should not have been called"); + kill (getpid (), SIGTERM); + } + } + else if (sig == SIGABRT) + { + /* Yeah it worked. */ + _exit (0); + } +} + +static int +do_test (void) +{ + stack_t ss; + + set_fortify_handler (handler); + + /* Create a valid signal stack and enable it. */ + ss.ss_sp = buf; + ss.ss_size = sizeof (buf); + ss.ss_flags = 0; + if (sigaltstack (&ss, NULL) < 0) + { + printf ("first sigaltstack failed: %m\n"); + return 1; + } + + /* Trigger the signal handler which will create a jmpbuf that points to the + end of the signal stack. */ + signal (SIGUSR1, handler); + kill (getpid (), SIGUSR1); + + /* Shrink the signal stack so the jmpbuf is now invalid. + We adjust the start & end to handle stacks that grow up & down. */ + ss.ss_sp = buf + sizeof (buf) / 2; + ss.ss_size = sizeof (buf) / 4; + if (sigaltstack (&ss, NULL) < 0) + { + printf ("second sigaltstack failed: %m\n"); + return 1; + } + + /* This should fail. */ + longjmp (jb, 1); + + puts ("longjmp returned and shouldn't"); + return 1; +} -- 2.7.4