strtoll_strict.c source code [compiler-rt/test/asan/TestCases/strtoll_strict.c]

1	// Test strict_string_checks option in strtoll function
2	// RUN: %clang_asan %s -o %t
3	// RUN: %run %t test1 2>&1
4	// RUN: %env_asan_opts=strict_string_checks=false %run %t test1 2>&1
5	// RUN: %env_asan_opts=strict_string_checks=true not %run %t test1 2>&1 \| FileCheck %s --check-prefix=CHECK1
6	// RUN: %run %t test2 2>&1
7	// RUN: %env_asan_opts=strict_string_checks=false %run %t test2 2>&1
8	// RUN: %env_asan_opts=strict_string_checks=true not %run %t test2 2>&1 \| FileCheck %s --check-prefix=CHECK2
9	// RUN: %run %t test3 2>&1
10	// RUN: %env_asan_opts=strict_string_checks=false %run %t test3 2>&1
11	// RUN: %env_asan_opts=strict_string_checks=true not %run %t test3 2>&1 \| FileCheck %s --check-prefix=CHECK3
12	// RUN: %run %t test4 2>&1
13	// RUN: %env_asan_opts=strict_string_checks=false %run %t test4 2>&1
14	// RUN: %env_asan_opts=strict_string_checks=true not %run %t test4 2>&1 \| FileCheck %s --check-prefix=CHECK4
15	// RUN: %run %t test5 2>&1
16	// RUN: %env_asan_opts=strict_string_checks=false %run %t test5 2>&1
17	// RUN: %env_asan_opts=strict_string_checks=true not %run %t test5 2>&1 \| FileCheck %s --check-prefix=CHECK5
18	// RUN: %run %t test6 2>&1
19	// RUN: %env_asan_opts=strict_string_checks=false %run %t test6 2>&1
20	// RUN: %env_asan_opts=strict_string_checks=true not %run %t test6 2>&1 \| FileCheck %s --check-prefix=CHECK6
21	// RUN: %run %t test7 2>&1
22	// RUN: %env_asan_opts=strict_string_checks=false %run %t test7 2>&1
23	// RUN: %env_asan_opts=strict_string_checks=true not %run %t test7 2>&1 \| FileCheck %s --check-prefix=CHECK7
24
25	// FIXME: Enable strtoll interceptor.
26	// REQUIRES: shadow-scale-3
27	// XFAIL: target={{.windows-msvc.}}
28
29	#include <assert.h>
30	#include <stdlib.h>
31	#include <string.h>
32	#include <sanitizer/asan_interface.h>
33
34	void test1(char array, char* *endptr) {
35	// Buffer overflow if there is no terminating null (depends on base)
36	long long r = strtoll(nptr: array, endptr: &endptr, base: `3`);
37	assert(array + `2` == endptr);
38	assert(r == `5`);
39	}
40
41	void test2(char array, char* *endptr) {
42	// Buffer overflow if there is no terminating null (depends on base)
43	array[`2`] = `'z'`;
44	long long r = strtoll(nptr: array, endptr: &endptr, base: `35`);
45	assert(array + `2` == endptr);
46	assert(r == `37`);
47	}
48
49	void test3(char array, char* *endptr) {
50	// Buffer overflow if base is invalid.
51	memset(s: array, c: `0`, n: `8`);
52	ASAN_POISON_MEMORY_REGION(array, `8`);
53	long long r = strtoll(nptr: array + `1`, NULL, base: -`1`);
54	assert(r == `0`);
55	ASAN_UNPOISON_MEMORY_REGION(array, `8`);
56	}
57
58	void test4(char array, char* *endptr) {
59	// Buffer overflow if base is invalid.
60	long long r = strtoll(nptr: array + `3`, NULL, base: `1`);
61	assert(r == `0`);
62	}
63
64	void test5(char array, char* *endptr) {
65	// Overflow if no digits are found.
66	array[`0`] = `' '`;
67	array[`1`] = `'+'`;
68	array[`2`] = `'-'`;
69	long long r = strtoll(nptr: array, NULL, base: `0`);
70	assert(r == `0`);
71	}
72
73	void test6(char array, char* *endptr) {
74	// Overflow if no digits are found.
75	array[`0`] = `' '`;
76	array[`1`] = array[`2`] = `'z'`;
77	long long r = strtoll(nptr: array, endptr: &endptr, base: `0`);
78	assert(array == endptr);
79	assert(r == `0`);
80	}
81
82	void test7(char array, char* *endptr) {
83	// Overflow if no digits are found.
84	array[`2`] = `'z'`;
85	long long r = strtoll(nptr: array + `2`, NULL, base: `0`);
86	assert(r == `0`);
87	}
88
89	int main(int argc, char **argv) {
90	char array0 = (char**)malloc(size: `11`);
91	char* array = array0 + `8`;
92	char *endptr = NULL;
93	array[`0`] = `'1'`;
94	array[`1`] = `'2'`;
95	array[`2`] = `'3'`;
96	if (argc != `2`) return `1`;
97	if (!strcmp(s1: argv[`1`], s2: "test1")) test1(array, endptr);
98	// CHECK1: {{.ERROR: AddressSanitizer: heap-buffer-overflow on address}}*
99	// CHECK1: READ of size 4
100	if (!strcmp(s1: argv[`1`], s2: "test2")) test2(array, endptr);
101	// CHECK2: {{.ERROR: AddressSanitizer: heap-buffer-overflow on address}}*
102	// CHECK2: READ of size 4
103	if (!strcmp(s1: argv[`1`], s2: "test3")) test3(array: array0, endptr);
104	// CHECK3: {{.ERROR: AddressSanitizer: use-after-poison on address}}*
105	// CHECK3: READ of size 1
106	if (!strcmp(s1: argv[`1`], s2: "test4")) test4(array, endptr);
107	// CHECK4: {{.ERROR: AddressSanitizer: heap-buffer-overflow on address}}*
108	// CHECK4: READ of size 1
109	if (!strcmp(s1: argv[`1`], s2: "test5")) test5(array, endptr);
110	// CHECK5: {{.ERROR: AddressSanitizer: heap-buffer-overflow on address}}*
111	// CHECK5: READ of size 4
112	if (!strcmp(s1: argv[`1`], s2: "test6")) test6(array, endptr);
113	// CHECK6: {{.ERROR: AddressSanitizer: heap-buffer-overflow on address}}*
114	// CHECK6: READ of size 4
115	if (!strcmp(s1: argv[`1`], s2: "test7")) test7(array, endptr);
116	// CHECK7: {{.ERROR: AddressSanitizer: heap-buffer-overflow on address}}*
117	// CHECK7: READ of size 2
118	free(ptr: array0);
119	return `0`;
120	}
121

source code of compiler-rt/test/asan/TestCases/strtoll_strict.c