tst-fortify-wide.c source code [glibc/debug/tst-fortify-wide.c]

1	/ Fortify check for wprintf.*
2	Copyright (C) 2023-2024 Free Software Foundation, Inc.
3	Copyright The GNU Toolchain Authors.
4	This file is part of the GNU C Library.
5
6	The GNU C Library is free software; you can redistribute it and/or
7	modify it under the terms of the GNU Lesser General Public
8	License as published by the Free Software Foundation; either
9	version 2.1 of the License, or (at your option) any later version.
10
11	The GNU C Library is distributed in the hope that it will be useful,
12	but WITHOUT ANY WARRANTY; without even the implied warranty of
13	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14	Lesser General Public License for more details.
15
16	You should have received a copy of the GNU Lesser General Public
17	License along with the GNU C Library; if not, see
18	<https://www.gnu.org/licenses/>. /*
19
20	#include <setjmp.h>
21	#include <stdio.h>
22	#include <wchar.h>
23	#include <unistd.h>
24
25	#include <support/support.h>
26
27	static volatile int chk_fail_ok;
28	static volatile int ret;
29	static jmp_buf chk_fail_buf;
30
31	static void
32	handler (int sig)
33	{
34	if (chk_fail_ok)
35	{
36	chk_fail_ok = `0`;
37	longjmp (chk_fail_buf, `1`);
38	}
39	else
40	_exit (`127`);
41	}
42
43	static const wchar_t *wstr3 = L"%ls%n%ls%n";
44	static const wchar_t *wstr4 = L"Hello, ";
45	static const wchar_t *wstr5 = L"World!\n";
46	static wchar_t wbuf2[`20`] = L"%ls";
47
48	#define WFAIL \
49	do { wprintf (L"Failure on line %d\n", __LINE__); ret = 1; } while (0)
50	#define CHK_FAIL_START \
51	chk_fail_ok = 1; \
52	if (! setjmp (chk_fail_buf)) \
53	{
54	#define CHK_FAIL_END \
55	chk_fail_ok = 0; \
56	WFAIL; \
57	}
58
59	static int
60	do_test (void)
61	{
62	set_fortify_handler (handler);
63
64	int n1, n2;
65
66	int orientation = fwide (stdout, mode: `1`);
67	if (orientation <= `0`)
68	WFAIL;
69
70	/ Constant literals passed directly are always ok*
71	(even with warnings about possible bugs from GCC). /*
72	if (wprintf (format: L"%ls%n%ls%n", wstr4, &n1, wstr5, &n2) != `14`
73	\|\| n1 != `7` \|\| n2 != `14`)
74	WFAIL;
75
76	/ In this case the format string is not known at compile time,*
77	but resides in read-only memory, so is ok. /*
78	if (wprintf (format: wstr3, wstr4, &n1, wstr5, &n2) != `14`
79	\|\| n1 != `7` \|\| n2 != `14`)
80	WFAIL;
81
82	wcpcpy (dest: &wbuf2[`3`], src: L"%n%ls%n");
83	/ When the format string is writable and contains %n,*
84	with -D_FORTIFY_SOURCE=2 it causes __chk_fail. /*
85	CHK_FAIL_START
86	if (wprintf (format: wbuf2, wstr4, &n1, wstr5, &n1) != `14`)
87	WFAIL;
88	CHK_FAIL_END
89
90	/ But if there is no %n, even writable format string*
91	should work. /*
92	wbuf2[`8`] = L`'\0'`;
93	if (wprintf (format: &wbuf2[`5`], wstr5) != `7`)
94	WFAIL;
95
96	/ Check whether missing N$ formats are detected. /
97	CHK_FAIL_START
98	wprintf (format: L"%3$d\n", `1`, `2`, `3`, `4`);
99	CHK_FAIL_END
100
101	return ret;
102	}
103
104	#include <support/test-driver.c>
105

source code of glibc/debug/tst-fortify-wide.c