1 // RUN: %clang_dfsan %s -o %t && DFSAN_OPTIONS="strict_data_dependencies=0" %run %t 2 // RUN: %clang_dfsan %s -o %t && DFSAN_OPTIONS="strict_data_dependencies=0" %run %t 3 // RUN: %clang_dfsan -DSTRICT_DATA_DEPENDENCIES %s -o %t && %run %t 4 // RUN: %clang_dfsan -DORIGIN_TRACKING -mllvm -dfsan-track-origins=1 -mllvm -dfsan-combine-pointer-labels-on-load=false -DSTRICT_DATA_DEPENDENCIES %s -o %t && %run %t 5 // RUN: %clang_dfsan -DORIGIN_TRACKING -mllvm -dfsan-track-origins=1 -mllvm -dfsan-combine-pointer-labels-on-load=false %s -o %t && DFSAN_OPTIONS="strict_data_dependencies=0" %run %t 6 // 7 // Tests custom implementations of various glibc functions. 8 // 9 // REQUIRES: x86_64-target-arch 10 11 #pragma clang diagnostic ignored "-Wformat-extra-args" 12 13 #include <sanitizer/dfsan_interface.h> 14 15 #include <arpa/inet.h> 16 #include <assert.h> 17 #include <fcntl.h> 18 #include <link.h> 19 #include <poll.h> 20 #include <pthread.h> 21 #include <pwd.h> 22 #include <sched.h> 23 #include <signal.h> 24 #include <stdint.h> 25 #include <stdio.h> 26 #include <stdlib.h> 27 #include <string.h> 28 #include <strings.h> 29 #include <sys/epoll.h> 30 #include <sys/resource.h> 31 #include <sys/select.h> 32 #include <sys/socket.h> 33 #include <sys/stat.h> 34 #include <sys/time.h> 35 #include <sys/types.h> 36 #include <time.h> 37 #include <unistd.h> 38 39 dfsan_label i_label = 0; 40 dfsan_label j_label = 0; 41 dfsan_label k_label = 0; 42 dfsan_label m_label = 0; 43 dfsan_label n_label = 0; 44 dfsan_label i_j_label = 0; 45 46 #define ASSERT_ZERO_LABEL(data) \ 47 assert(0 == dfsan_get_label((long) (data))) 48 49 #define ASSERT_READ_ZERO_LABEL(ptr, size) \ 50 assert(0 == dfsan_read_label(ptr, size)) 51 52 #define ASSERT_LABEL(data, label) \ 53 assert(label == dfsan_get_label((long) (data))) 54 55 #define ASSERT_READ_LABEL(ptr, size, label) \ 56 assert(label == dfsan_read_label(ptr, size)) 57 58 #ifdef ORIGIN_TRACKING 59 #define ASSERT_ZERO_ORIGIN(data) \ 60 assert(0 == dfsan_get_origin((long)(data))) 61 #else 62 #define ASSERT_ZERO_ORIGIN(data) 63 #endif 64 65 #ifdef ORIGIN_TRACKING 66 #define ASSERT_ZERO_ORIGINS(ptr, size) \ 67 for (int i = 0; i < size; ++i) { \ 68 assert(0 == dfsan_get_origin((long)(((char *)ptr)[i]))); \ 69 } 70 #else 71 #define ASSERT_ZERO_ORIGINS(ptr, size) 72 #endif 73 74 #ifdef ORIGIN_TRACKING 75 #define ASSERT_ORIGIN(data, origin) \ 76 assert(origin == dfsan_get_origin((long)(data))) 77 #else 78 #define ASSERT_ORIGIN(data, origin) 79 #endif 80 81 #ifdef ORIGIN_TRACKING 82 #define ASSERT_ORIGINS(ptr, size, origin) \ 83 for (int i = 0; i < size; ++i) { \ 84 assert(origin == dfsan_get_origin((long)(((char *)ptr)[i]))); \ 85 } 86 #else 87 #define ASSERT_ORIGINS(ptr, size, origin) 88 #endif 89 90 #ifdef ORIGIN_TRACKING 91 #define ASSERT_INIT_ORIGIN(ptr, origin) \ 92 assert(origin == dfsan_get_init_origin(ptr)) 93 #else 94 #define ASSERT_INIT_ORIGIN(ptr, origin) 95 #endif 96 97 #ifdef ORIGIN_TRACKING 98 #define ASSERT_INIT_ORIGIN_EQ_ORIGIN(ptr, data) \ 99 assert(dfsan_get_origin((long)(data)) == dfsan_get_init_origin(ptr)) 100 #else 101 #define ASSERT_INIT_ORIGIN_EQ_ORIGIN(ptr, data) 102 #endif 103 104 #ifdef ORIGIN_TRACKING 105 #define ASSERT_INIT_ORIGINS(ptr, size, origin) \ 106 for (int i = 0; i < size; ++i) { \ 107 assert(origin == dfsan_get_init_origin(&((char *)ptr)[i])); \ 108 } 109 #else 110 #define ASSERT_INIT_ORIGINS(ptr, size, origin) 111 #endif 112 113 #ifdef ORIGIN_TRACKING 114 #define ASSERT_EQ_ORIGIN(data1, data2) \ 115 assert(dfsan_get_origin((long)(data1)) == dfsan_get_origin((long)(data2))) 116 #else 117 #define ASSERT_EQ_ORIGIN(data1, data2) 118 #endif 119 120 #ifdef ORIGIN_TRACKING 121 #define DEFINE_AND_SAVE_ORIGINS(val) \ 122 dfsan_origin val##_o[sizeof(val)]; \ 123 for (int i = 0; i < sizeof(val); ++i) \ 124 val##_o[i] = dfsan_get_origin((long)(((char *)(&val))[i])); 125 #else 126 #define DEFINE_AND_SAVE_ORIGINS(val) 127 #endif 128 129 #ifdef ORIGIN_TRACKING 130 #define SAVE_ORIGINS(val) \ 131 for (int i = 0; i < sizeof(val); ++i) \ 132 val##_o[i] = dfsan_get_origin((long)(((char *)(&val))[i])); 133 #else 134 #define SAVE_ORIGINS(val) 135 #endif 136 137 #ifdef ORIGIN_TRACKING 138 #define ASSERT_SAVED_ORIGINS(val) \ 139 for (int i = 0; i < sizeof(val); ++i) \ 140 ASSERT_ORIGIN(((char *)(&val))[i], val##_o[i]); 141 #else 142 #define ASSERT_SAVED_ORIGINS(val) 143 #endif 144 145 #ifdef ORIGIN_TRACKING 146 #define DEFINE_AND_SAVE_N_ORIGINS(val, n) \ 147 dfsan_origin val##_o[n]; \ 148 for (int i = 0; i < n; ++i) \ 149 val##_o[i] = dfsan_get_origin((long)(val[i])); 150 #else 151 #define DEFINE_AND_SAVE_N_ORIGINS(val, n) 152 #endif 153 154 #ifdef ORIGIN_TRACKING 155 #define ASSERT_SAVED_N_ORIGINS(val, n) \ 156 for (int i = 0; i < n; ++i) \ 157 ASSERT_ORIGIN(val[i], val##_o[i]); 158 #else 159 #define ASSERT_SAVED_N_ORIGINS(val, n) 160 #endif 161 162 #if !defined(__GLIBC_PREREQ) 163 # define __GLIBC_PREREQ(a, b) 0 164 #endif 165 166 void test_stat() { 167 int i = 1; 168 dfsan_set_label(i_label, &i, sizeof(i)); 169 170 struct stat s; 171 s.st_dev = i; 172 DEFINE_AND_SAVE_ORIGINS(s) 173 int ret = stat("/", &s); 174 assert(0 == ret); 175 ASSERT_ZERO_LABEL(ret); 176 ASSERT_ZERO_LABEL(s.st_dev); 177 ASSERT_SAVED_ORIGINS(s) 178 179 s.st_dev = i; 180 SAVE_ORIGINS(s) 181 ret = stat("/nonexistent", &s); 182 assert(-1 == ret); 183 ASSERT_ZERO_LABEL(ret); 184 ASSERT_LABEL(s.st_dev, i_label); 185 ASSERT_SAVED_ORIGINS(s) 186 } 187 188 void test_fstat() { 189 int i = 1; 190 dfsan_set_label(i_label, &i, sizeof(i)); 191 192 struct stat s; 193 int fd = open("/dev/zero", O_RDONLY); 194 s.st_dev = i; 195 DEFINE_AND_SAVE_ORIGINS(s) 196 int rv = fstat(fd, &s); 197 assert(0 == rv); 198 ASSERT_ZERO_LABEL(rv); 199 ASSERT_ZERO_LABEL(s.st_dev); 200 ASSERT_SAVED_ORIGINS(s) 201 } 202 203 void test_memcmp() { 204 char str1[] = "str1", str2[] = "str2"; 205 dfsan_set_label(i_label, &str1[3], 1); 206 dfsan_set_label(j_label, &str2[3], 1); 207 208 int rv = memcmp(str1, str2, sizeof(str1)); 209 assert(rv < 0); 210 #ifdef STRICT_DATA_DEPENDENCIES 211 ASSERT_ZERO_LABEL(rv); 212 #else 213 ASSERT_LABEL(rv, i_j_label); 214 ASSERT_EQ_ORIGIN(rv, str1[3]); 215 #endif 216 217 rv = memcmp(str1, str2, sizeof(str1) - 2); 218 assert(rv == 0); 219 ASSERT_ZERO_LABEL(rv); 220 } 221 222 void test_bcmp() { 223 char str1[] = "str1", str2[] = "str2"; 224 dfsan_set_label(i_label, &str1[3], 1); 225 dfsan_set_label(j_label, &str2[3], 1); 226 227 int rv = bcmp(str1, str2, sizeof(str1)); 228 assert(rv != 0); 229 #ifdef STRICT_DATA_DEPENDENCIES 230 ASSERT_ZERO_LABEL(rv); 231 #else 232 ASSERT_LABEL(rv, i_j_label); 233 ASSERT_EQ_ORIGIN(rv, str1[3]); 234 #endif 235 236 rv = bcmp(str1, str2, sizeof(str1) - 2); 237 assert(rv == 0); 238 ASSERT_ZERO_LABEL(rv); 239 } 240 241 void test_memcpy() { 242 char str1[] = "str1"; 243 char str2[sizeof(str1)]; 244 dfsan_set_label(i_label, &str1[3], 1); 245 246 DEFINE_AND_SAVE_ORIGINS(str1) 247 248 char *ptr2 = str2; 249 dfsan_set_label(j_label, &ptr2, sizeof(ptr2)); 250 251 void *r = memcpy(ptr2, str1, sizeof(str1)); 252 ASSERT_LABEL(r, j_label); 253 ASSERT_EQ_ORIGIN(r, ptr2); 254 assert(0 == memcmp(str2, str1, sizeof(str1))); 255 ASSERT_ZERO_LABEL(str2[0]); 256 ASSERT_LABEL(str2[3], i_label); 257 258 for (int i = 0; i < sizeof(str2); ++i) { 259 if (!dfsan_get_label(str2[i])) 260 continue; 261 ASSERT_INIT_ORIGIN(&(str2[i]), str1_o[i]); 262 } 263 } 264 265 void test_memmove() { 266 char str[] = "str1xx"; 267 dfsan_set_label(i_label, &str[3], 1); 268 269 DEFINE_AND_SAVE_ORIGINS(str) 270 271 char *ptr = str + 2; 272 dfsan_set_label(j_label, &ptr, sizeof(ptr)); 273 274 void *r = memmove(ptr, str, 4); 275 ASSERT_LABEL(r, j_label); 276 ASSERT_EQ_ORIGIN(r, ptr); 277 assert(0 == memcmp(str + 2, "str1", 4)); 278 ASSERT_ZERO_LABEL(str[4]); 279 ASSERT_LABEL(str[5], i_label); 280 281 for (int i = 0; i < 4; ++i) { 282 if (!dfsan_get_label(ptr[i])) 283 continue; 284 ASSERT_INIT_ORIGIN(&(ptr[i]), str_o[i]); 285 } 286 } 287 288 void test_memset() { 289 char buf[8]; 290 int j = 'a'; 291 char *ptr = buf; 292 dfsan_set_label(j_label, &j, sizeof(j)); 293 dfsan_set_label(k_label, &ptr, sizeof(ptr)); 294 void *ret = memset(ptr, j, sizeof(buf)); 295 ASSERT_LABEL(ret, k_label); 296 ASSERT_EQ_ORIGIN(ret, ptr); 297 for (int i = 0; i < 8; ++i) { 298 ASSERT_LABEL(buf[i], j_label); 299 ASSERT_EQ_ORIGIN(buf[i], j); 300 assert(buf[i] == 'a'); 301 } 302 } 303 304 void test_strcmp() { 305 char str1[] = "str1", str2[] = "str2"; 306 dfsan_set_label(i_label, &str1[3], 1); 307 dfsan_set_label(j_label, &str2[3], 1); 308 309 int rv = strcmp(str1, str2); 310 assert(rv < 0); 311 #ifdef STRICT_DATA_DEPENDENCIES 312 ASSERT_ZERO_LABEL(rv); 313 #else 314 ASSERT_LABEL(rv, i_j_label); 315 ASSERT_EQ_ORIGIN(rv, str1[3]); 316 #endif 317 318 rv = strcmp(str1, str1); 319 assert(rv == 0); 320 #ifdef STRICT_DATA_DEPENDENCIES 321 ASSERT_ZERO_LABEL(rv); 322 ASSERT_ZERO_ORIGIN(rv); 323 #else 324 ASSERT_LABEL(rv, i_label); 325 ASSERT_EQ_ORIGIN(rv, str1[3]); 326 #endif 327 } 328 329 void test_strcat() { 330 char src[] = "world"; 331 int volatile x = 0; // buffer to ensure src and dst do not share origins 332 (void)x; 333 char dst[] = "hello \0 "; 334 int volatile y = 0; // buffer to ensure dst and p do not share origins 335 (void)y; 336 char *p = dst; 337 dfsan_set_label(k_label, &p, sizeof(p)); 338 dfsan_set_label(i_label, src, sizeof(src)); 339 dfsan_set_label(j_label, dst, sizeof(dst)); 340 dfsan_origin dst_o = dfsan_get_origin((long)dst[0]); 341 (void)dst_o; 342 char *ret = strcat(p, src); 343 ASSERT_LABEL(ret, k_label); 344 ASSERT_EQ_ORIGIN(ret, p); 345 assert(ret == dst); 346 assert(strcmp(src, dst + 6) == 0); 347 // Origins are assigned for every 4 contiguous 4-aligned bytes. After 348 // appending src to dst, origins of src can overwrite origins of dst if their 349 // application adddresses are within [start_aligned_down, end_aligned_up). 350 // Other origins are not changed. 351 char *start_aligned_down = (char *)(((size_t)(dst + 6)) & ~3UL); 352 char *end_aligned_up = (char *)(((size_t)(dst + 11 + 4)) & ~3UL); 353 for (int i = 0; i < 12; ++i) { 354 if (dst + i < start_aligned_down || dst + i >= end_aligned_up) { 355 ASSERT_INIT_ORIGIN(&dst[i], dst_o); 356 } else { 357 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&dst[i], src[0]); 358 } 359 } 360 for (int i = 0; i < 6; ++i) { 361 ASSERT_LABEL(dst[i], j_label); 362 } 363 for (int i = 6; i < strlen(dst); ++i) { 364 ASSERT_LABEL(dst[i], i_label); 365 assert(dfsan_get_label(dst[i]) == dfsan_get_label(src[i - 6])); 366 } 367 ASSERT_LABEL(dst[11], j_label); 368 } 369 370 void test_strlen() { 371 char str1[] = "str1"; 372 dfsan_set_label(i_label, &str1[3], 1); 373 374 int rv = strlen(str1); 375 assert(rv == 4); 376 #ifdef STRICT_DATA_DEPENDENCIES 377 ASSERT_ZERO_LABEL(rv); 378 #else 379 ASSERT_LABEL(rv, i_label); 380 ASSERT_EQ_ORIGIN(rv, str1[3]); 381 #endif 382 } 383 384 void test_strdup() { 385 char str1[] = "str1"; 386 dfsan_set_label(i_label, &str1[3], 1); 387 DEFINE_AND_SAVE_ORIGINS(str1) 388 389 char *strd = strdup(str1); 390 ASSERT_ZERO_LABEL(strd); 391 ASSERT_ZERO_LABEL(strd[0]); 392 ASSERT_LABEL(strd[3], i_label); 393 394 for (int i = 0; i < strlen(strd); ++i) { 395 if (!dfsan_get_label(strd[i])) 396 continue; 397 ASSERT_INIT_ORIGIN(&(strd[i]), str1_o[i]); 398 } 399 400 free(strd); 401 } 402 403 void test_strncpy() { 404 char str1[] = "str1"; 405 char str2[sizeof(str1)]; 406 dfsan_set_label(i_label, &str1[3], 1); 407 408 char *strd = strncpy(str2, str1, 5); 409 assert(strd == str2); 410 assert(strcmp(str1, str2) == 0); 411 ASSERT_ZERO_LABEL(strd); 412 ASSERT_ZERO_LABEL(strd[0]); 413 ASSERT_ZERO_LABEL(strd[1]); 414 ASSERT_ZERO_LABEL(strd[2]); 415 ASSERT_LABEL(strd[3], i_label); 416 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&(strd[3]), str1[3]); 417 418 char *p2 = str2; 419 dfsan_set_label(j_label, &p2, sizeof(p2)); 420 strd = strncpy(p2, str1, 3); 421 assert(strd == str2); 422 assert(strncmp(str1, str2, 3) == 0); 423 ASSERT_LABEL(strd, j_label); 424 ASSERT_EQ_ORIGIN(strd, p2); 425 // When -dfsan-combine-pointer-labels-on-load is on, strd's label propagates 426 // to strd[i]'s label. When ORIGIN_TRACKING is defined, 427 // -dfsan-combine-pointer-labels-on-load is always off, otherwise the flag 428 // is on by default. 429 #if defined(ORIGIN_TRACKING) 430 ASSERT_ZERO_LABEL(strd[0]); 431 ASSERT_ZERO_LABEL(strd[1]); 432 ASSERT_ZERO_LABEL(strd[2]); 433 #else 434 ASSERT_LABEL(strd[0], j_label); 435 ASSERT_LABEL(strd[1], j_label); 436 ASSERT_LABEL(strd[2], j_label); 437 #endif 438 } 439 440 void test_strncmp() { 441 char str1[] = "str1", str2[] = "str2"; 442 dfsan_set_label(i_label, &str1[3], 1); 443 dfsan_set_label(j_label, &str2[3], 1); 444 445 int rv = strncmp(str1, str2, sizeof(str1)); 446 assert(rv < 0); 447 #ifdef STRICT_DATA_DEPENDENCIES 448 ASSERT_ZERO_LABEL(rv); 449 #else 450 ASSERT_LABEL(rv, dfsan_union(i_label, j_label)); 451 ASSERT_EQ_ORIGIN(rv, str1[3]); 452 #endif 453 454 rv = strncmp(str1, str2, 0); 455 assert(rv == 0); 456 ASSERT_ZERO_LABEL(rv); 457 458 rv = strncmp(str1, str2, 3); 459 assert(rv == 0); 460 ASSERT_ZERO_LABEL(rv); 461 462 rv = strncmp(str1, str1, 4); 463 assert(rv == 0); 464 #ifdef STRICT_DATA_DEPENDENCIES 465 ASSERT_ZERO_LABEL(rv); 466 #else 467 ASSERT_LABEL(rv, i_label); 468 ASSERT_EQ_ORIGIN(rv, str1[3]); 469 #endif 470 } 471 472 void test_strcasecmp() { 473 char str1[] = "str1", str2[] = "str2", str3[] = "Str1"; 474 dfsan_set_label(i_label, &str1[3], 1); 475 dfsan_set_label(j_label, &str2[3], 1); 476 dfsan_set_label(j_label, &str3[2], 1); 477 478 int rv = strcasecmp(str1, str2); 479 assert(rv < 0); 480 #ifdef STRICT_DATA_DEPENDENCIES 481 ASSERT_ZERO_LABEL(rv); 482 #else 483 ASSERT_LABEL(rv, dfsan_union(i_label, j_label)); 484 ASSERT_EQ_ORIGIN(rv, str1[3]); 485 #endif 486 487 rv = strcasecmp(str1, str3); 488 assert(rv == 0); 489 #ifdef STRICT_DATA_DEPENDENCIES 490 ASSERT_ZERO_LABEL(rv); 491 #else 492 ASSERT_LABEL(rv, dfsan_union(i_label, j_label)); 493 ASSERT_EQ_ORIGIN(rv, str1[3]); 494 #endif 495 496 char s1[] = "AbZ"; 497 char s2[] = "aBy"; 498 dfsan_set_label(i_label, &s1[2], 1); 499 dfsan_set_label(j_label, &s2[2], 1); 500 501 rv = strcasecmp(s1, s2); 502 assert(rv > 0); // 'Z' > 'y' 503 #ifdef STRICT_DATA_DEPENDENCIES 504 ASSERT_ZERO_LABEL(rv); 505 #else 506 ASSERT_LABEL(rv, dfsan_union(i_label, j_label)); 507 ASSERT_EQ_ORIGIN(rv, s1[2]); 508 #endif 509 } 510 511 void test_strncasecmp() { 512 char str1[] = "Str1", str2[] = "str2"; 513 dfsan_set_label(i_label, &str1[3], 1); 514 dfsan_set_label(j_label, &str2[3], 1); 515 516 int rv = strncasecmp(str1, str2, sizeof(str1)); 517 assert(rv < 0); 518 #ifdef STRICT_DATA_DEPENDENCIES 519 ASSERT_ZERO_LABEL(rv); 520 #else 521 ASSERT_LABEL(rv, dfsan_union(i_label, j_label)); 522 ASSERT_EQ_ORIGIN(rv, str1[3]); 523 #endif 524 525 rv = strncasecmp(str1, str2, 3); 526 assert(rv == 0); 527 ASSERT_ZERO_LABEL(rv); 528 529 char s1[] = "AbZ"; 530 char s2[] = "aBy"; 531 dfsan_set_label(i_label, &s1[2], 1); 532 dfsan_set_label(j_label, &s2[2], 1); 533 534 rv = strncasecmp(s1, s2, 0); 535 assert(rv == 0); // Compare zero chars. 536 ASSERT_ZERO_LABEL(rv); 537 538 rv = strncasecmp(s1, s2, 1); 539 assert(rv == 0); // 'A' == 'a' 540 ASSERT_ZERO_LABEL(rv); 541 542 rv = strncasecmp(s1, s2, 2); 543 assert(rv == 0); // 'b' == 'B' 544 ASSERT_ZERO_LABEL(rv); 545 546 rv = strncasecmp(s1, s2, 3); 547 assert(rv > 0); // 'Z' > 'y' 548 #ifdef STRICT_DATA_DEPENDENCIES 549 ASSERT_ZERO_LABEL(rv); 550 #else 551 ASSERT_LABEL(rv, dfsan_union(i_label, j_label)); 552 ASSERT_EQ_ORIGIN(rv, s1[2]); 553 #endif 554 } 555 556 void test_strchr() { 557 char str1[] = "str1"; 558 dfsan_set_label(i_label, &str1[3], 1); 559 560 char *p1 = str1; 561 char c = 'r'; 562 dfsan_set_label(k_label, &c, sizeof(c)); 563 564 char *crv = strchr(p1, c); 565 assert(crv == &str1[2]); 566 #ifdef STRICT_DATA_DEPENDENCIES 567 ASSERT_ZERO_LABEL(crv); 568 #else 569 ASSERT_LABEL(crv, k_label); 570 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&crv, c); 571 #endif 572 573 dfsan_set_label(j_label, &p1, sizeof(p1)); 574 crv = strchr(p1, 'r'); 575 assert(crv == &str1[2]); 576 ASSERT_LABEL(crv, j_label); 577 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&crv, p1); 578 579 crv = strchr(p1, '1'); 580 assert(crv == &str1[3]); 581 #ifdef STRICT_DATA_DEPENDENCIES 582 ASSERT_LABEL(crv, j_label); 583 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&crv, p1); 584 #else 585 ASSERT_LABEL(crv, i_j_label); 586 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&crv, str1[3]); 587 #endif 588 589 crv = strchr(p1, 'x'); 590 assert(!crv); 591 #ifdef STRICT_DATA_DEPENDENCIES 592 ASSERT_LABEL(crv, j_label); 593 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&crv, p1); 594 #else 595 ASSERT_LABEL(crv, i_j_label); 596 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&crv, str1[3]); 597 #endif 598 599 // `man strchr` says: 600 // The terminating null byte is considered part of the string, so that if c 601 // is specified as '\0', these functions return a pointer to the terminator. 602 crv = strchr(p1, '\0'); 603 assert(crv == &str1[4]); 604 #ifdef STRICT_DATA_DEPENDENCIES 605 ASSERT_LABEL(crv, j_label); 606 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&crv, p1); 607 #else 608 ASSERT_LABEL(crv, i_j_label); 609 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&crv, str1[3]); 610 #endif 611 } 612 613 void test_recvmmsg() { 614 int sockfds[2]; 615 int ret = socketpair(AF_UNIX, SOCK_DGRAM, 0, sockfds); 616 assert(ret != -1); 617 618 // Setup messages to send. 619 struct mmsghdr smmsg[2] = {}; 620 char sbuf0[] = "abcdefghijkl"; 621 struct iovec siov0[2] = {{&sbuf0[0], 4}, {&sbuf0[4], 4}}; 622 smmsg[0].msg_hdr.msg_iov = siov0; 623 smmsg[0].msg_hdr.msg_iovlen = 2; 624 char sbuf1[] = "1234567890"; 625 struct iovec siov1[1] = {{&sbuf1[0], 7}}; 626 smmsg[1].msg_hdr.msg_iov = siov1; 627 smmsg[1].msg_hdr.msg_iovlen = 1; 628 629 // Send messages. 630 int sent_msgs = sendmmsg(sockfds[0], smmsg, 2, 0); 631 assert(sent_msgs == 2); 632 633 // Setup receive buffers. 634 struct mmsghdr rmmsg[2] = {}; 635 char rbuf0[128]; 636 struct iovec riov0[2] = {{&rbuf0[0], 4}, {&rbuf0[4], 4}}; 637 rmmsg[0].msg_hdr.msg_iov = riov0; 638 rmmsg[0].msg_hdr.msg_iovlen = 2; 639 char rbuf1[128]; 640 struct iovec riov1[1] = {{&rbuf1[0], 16}}; 641 rmmsg[1].msg_hdr.msg_iov = riov1; 642 rmmsg[1].msg_hdr.msg_iovlen = 1; 643 struct timespec timeout = {1, 1}; 644 dfsan_set_label(i_label, rbuf0, sizeof(rbuf0)); 645 dfsan_set_label(i_label, rbuf1, sizeof(rbuf1)); 646 dfsan_set_label(i_label, &rmmsg[0].msg_len, sizeof(rmmsg[0].msg_len)); 647 dfsan_set_label(i_label, &rmmsg[1].msg_len, sizeof(rmmsg[1].msg_len)); 648 dfsan_set_label(i_label, &timeout, sizeof(timeout)); 649 650 dfsan_origin msg_len0_o = dfsan_get_origin((long)(rmmsg[0].msg_len)); 651 dfsan_origin msg_len1_o = dfsan_get_origin((long)(rmmsg[1].msg_len)); 652 #ifndef ORIGIN_TRACKING 653 (void)msg_len0_o; 654 (void)msg_len1_o; 655 #endif 656 657 // Receive messages and check labels. 658 int received_msgs = recvmmsg(sockfds[1], rmmsg, 2, 0, &timeout); 659 assert(received_msgs == sent_msgs); 660 assert(rmmsg[0].msg_len == smmsg[0].msg_len); 661 assert(rmmsg[1].msg_len == smmsg[1].msg_len); 662 assert(memcmp(sbuf0, rbuf0, 8) == 0); 663 assert(memcmp(sbuf1, rbuf1, 7) == 0); 664 ASSERT_ZERO_LABEL(received_msgs); 665 ASSERT_ZERO_LABEL(rmmsg[0].msg_len); 666 ASSERT_ZERO_LABEL(rmmsg[1].msg_len); 667 ASSERT_READ_ZERO_LABEL(&rbuf0[0], 8); 668 ASSERT_READ_LABEL(&rbuf0[8], 1, i_label); 669 ASSERT_READ_ZERO_LABEL(&rbuf1[0], 7); 670 ASSERT_READ_LABEL(&rbuf1[7], 1, i_label); 671 ASSERT_LABEL(timeout.tv_sec, i_label); 672 ASSERT_LABEL(timeout.tv_nsec, i_label); 673 674 ASSERT_ORIGIN((long)(rmmsg[0].msg_len), msg_len0_o); 675 ASSERT_ORIGIN((long)(rmmsg[1].msg_len), msg_len1_o); 676 677 close(sockfds[0]); 678 close(sockfds[1]); 679 } 680 681 void test_recvmsg() { 682 int sockfds[2]; 683 int ret = socketpair(AF_UNIX, SOCK_DGRAM, 0, sockfds); 684 assert(ret != -1); 685 686 char sbuf[] = "abcdefghijkl"; 687 struct iovec siovs[2] = {{&sbuf[0], 4}, {&sbuf[4], 4}}; 688 struct msghdr smsg = {}; 689 smsg.msg_iov = siovs; 690 smsg.msg_iovlen = 2; 691 692 ssize_t sent = sendmsg(sockfds[0], &smsg, 0); 693 assert(sent > 0); 694 695 char rbuf[128]; 696 struct iovec riovs[2] = {{&rbuf[0], 4}, {&rbuf[4], 4}}; 697 struct msghdr rmsg = {}; 698 rmsg.msg_iov = riovs; 699 rmsg.msg_iovlen = 2; 700 701 dfsan_set_label(i_label, rbuf, sizeof(rbuf)); 702 dfsan_set_label(i_label, &rmsg, sizeof(rmsg)); 703 704 DEFINE_AND_SAVE_ORIGINS(rmsg) 705 706 ssize_t received = recvmsg(sockfds[1], &rmsg, 0); 707 assert(received == sent); 708 assert(memcmp(sbuf, rbuf, 8) == 0); 709 ASSERT_ZERO_LABEL(received); 710 ASSERT_READ_ZERO_LABEL(&rmsg, sizeof(rmsg)); 711 ASSERT_READ_ZERO_LABEL(&rbuf[0], 8); 712 ASSERT_READ_LABEL(&rbuf[8], 1, i_label); 713 714 ASSERT_SAVED_ORIGINS(rmsg) 715 716 close(sockfds[0]); 717 close(sockfds[1]); 718 } 719 720 void test_read() { 721 char buf[16]; 722 dfsan_set_label(i_label, buf, 1); 723 dfsan_set_label(j_label, buf + 15, 1); 724 725 DEFINE_AND_SAVE_ORIGINS(buf) 726 ASSERT_LABEL(buf[0], i_label); 727 ASSERT_LABEL(buf[15], j_label); 728 729 int fd = open("/dev/zero", O_RDONLY); 730 int rv = read(fd, buf, sizeof(buf)); 731 assert(rv == sizeof(buf)); 732 ASSERT_ZERO_LABEL(rv); 733 ASSERT_ZERO_LABEL(buf[0]); 734 ASSERT_ZERO_LABEL(buf[15]); 735 ASSERT_SAVED_ORIGINS(buf) 736 close(fd); 737 } 738 739 void test_pread() { 740 char buf[16]; 741 dfsan_set_label(i_label, buf, 1); 742 dfsan_set_label(j_label, buf + 15, 1); 743 744 DEFINE_AND_SAVE_ORIGINS(buf) 745 ASSERT_LABEL(buf[0], i_label); 746 ASSERT_LABEL(buf[15], j_label); 747 748 int fd = open("/bin/sh", O_RDONLY); 749 int rv = pread(fd, buf, sizeof(buf), 0); 750 assert(rv == sizeof(buf)); 751 ASSERT_ZERO_LABEL(rv); 752 ASSERT_ZERO_LABEL(buf[0]); 753 ASSERT_ZERO_LABEL(buf[15]); 754 ASSERT_SAVED_ORIGINS(buf) 755 close(fd); 756 } 757 758 void test_dlopen() { 759 void *map = dlopen(NULL, RTLD_NOW); 760 assert(map); 761 ASSERT_ZERO_LABEL(map); 762 dlclose(map); 763 map = dlopen("/nonexistent", RTLD_NOW); 764 assert(!map); 765 ASSERT_ZERO_LABEL(map); 766 } 767 768 void test_clock_gettime() { 769 struct timespec tp; 770 dfsan_set_label(j_label, ((char *)&tp) + 3, 1); 771 dfsan_origin origin = dfsan_get_origin((long)(((char *)&tp)[3])); 772 #ifndef ORIGIN_TRACKING 773 (void)origin; 774 #endif 775 int t = clock_gettime(CLOCK_REALTIME, &tp); 776 assert(t == 0); 777 ASSERT_ZERO_LABEL(t); 778 ASSERT_ZERO_LABEL(((char *)&tp)[3]); 779 ASSERT_ORIGIN(((char *)&tp)[3], origin); 780 } 781 782 void test_ctime_r() { 783 char *buf = (char*) malloc(64); 784 time_t t = 0; 785 786 DEFINE_AND_SAVE_ORIGINS(buf) 787 dfsan_origin t_o = dfsan_get_origin((long)t); 788 789 char *ret = ctime_r(&t, buf); 790 ASSERT_ZERO_LABEL(ret); 791 assert(buf == ret); 792 ASSERT_READ_ZERO_LABEL(buf, strlen(buf) + 1); 793 ASSERT_SAVED_ORIGINS(buf) 794 795 dfsan_set_label(i_label, &t, sizeof(t)); 796 t_o = dfsan_get_origin((long)t); 797 ret = ctime_r(&t, buf); 798 ASSERT_ZERO_LABEL(ret); 799 ASSERT_READ_LABEL(buf, strlen(buf) + 1, i_label); 800 for (int i = 0; i < strlen(buf) + 1; ++i) 801 ASSERT_ORIGIN(buf[i], t_o); 802 803 t = 0; 804 dfsan_set_label(j_label, &buf, sizeof(&buf)); 805 dfsan_origin buf_ptr_o = dfsan_get_origin((long)buf); 806 #ifndef ORIGIN_TRACKING 807 (void)buf_ptr_o; 808 #endif 809 ret = ctime_r(&t, buf); 810 ASSERT_LABEL(ret, j_label); 811 ASSERT_ORIGIN(ret, buf_ptr_o); 812 ASSERT_READ_ZERO_LABEL(buf, strlen(buf) + 1); 813 for (int i = 0; i < strlen(buf) + 1; ++i) 814 ASSERT_ORIGIN(buf[i], t_o); 815 } 816 817 static int write_callback_count = 0; 818 static int last_fd; 819 static const unsigned char *last_buf; 820 static size_t last_count; 821 822 void write_callback(int fd, const void *buf, size_t count) { 823 write_callback_count++; 824 825 last_fd = fd; 826 last_buf = (const unsigned char*) buf; 827 last_count = count; 828 } 829 830 void test_dfsan_set_write_callback() { 831 char buf[] = "Sample chars"; 832 int buf_len = strlen(buf); 833 834 int fd = open("/dev/null", O_WRONLY); 835 836 dfsan_set_write_callback(write_callback); 837 838 write_callback_count = 0; 839 840 DEFINE_AND_SAVE_ORIGINS(buf) 841 842 // Callback should be invoked on every call to write(). 843 int res = write(fd, buf, buf_len); 844 assert(write_callback_count == 1); 845 ASSERT_READ_ZERO_LABEL(&res, sizeof(res)); 846 ASSERT_READ_ZERO_LABEL(&last_fd, sizeof(last_fd)); 847 ASSERT_READ_ZERO_LABEL(last_buf, sizeof(last_buf)); 848 ASSERT_READ_ZERO_LABEL(&last_count, sizeof(last_count)); 849 850 for (int i = 0; i < buf_len; ++i) 851 ASSERT_ORIGIN(last_buf[i], buf_o[i]); 852 853 ASSERT_ZERO_ORIGINS(&last_count, sizeof(last_count)); 854 855 // Add a label to write() arguments. Check that the labels are readable from 856 // the values passed to the callback. 857 dfsan_set_label(i_label, &fd, sizeof(fd)); 858 dfsan_set_label(j_label, &(buf[3]), 1); 859 dfsan_set_label(k_label, &buf_len, sizeof(buf_len)); 860 861 dfsan_origin fd_o = dfsan_get_origin((long)fd); 862 dfsan_origin buf3_o = dfsan_get_origin((long)(buf[3])); 863 dfsan_origin buf_len_o = dfsan_get_origin((long)buf_len); 864 #ifndef ORIGIN_TRACKING 865 (void)fd_o; 866 (void)buf3_o; 867 (void)buf_len_o; 868 #endif 869 870 res = write(fd, buf, buf_len); 871 assert(write_callback_count == 2); 872 ASSERT_READ_ZERO_LABEL(&res, sizeof(res)); 873 ASSERT_READ_LABEL(&last_fd, sizeof(last_fd), i_label); 874 ASSERT_READ_LABEL(&last_buf[3], sizeof(last_buf[3]), j_label); 875 ASSERT_READ_LABEL(last_buf, sizeof(last_buf), j_label); 876 ASSERT_READ_LABEL(&last_count, sizeof(last_count), k_label); 877 ASSERT_ZERO_ORIGINS(&res, sizeof(res)); 878 ASSERT_INIT_ORIGINS(&last_fd, sizeof(last_fd), fd_o); 879 ASSERT_INIT_ORIGINS(&last_buf[3], sizeof(last_buf[3]), buf3_o); 880 881 // Origins are assigned for every 4 contiguous 4-aligned bytes. After 882 // appending src to dst, origins of src can overwrite origins of dst if their 883 // application adddresses are within an aligned range. Other origins are not 884 // changed. 885 for (int i = 0; i < buf_len; ++i) { 886 size_t i_addr = size_t(&last_buf[i]); 887 if (((size_t(&last_buf[3]) & ~3UL) > i_addr) || 888 (((size_t(&last_buf[3]) + 4) & ~3UL) <= i_addr)) 889 ASSERT_ORIGIN(last_buf[i], buf_o[i]); 890 } 891 892 ASSERT_INIT_ORIGINS(&last_count, sizeof(last_count), buf_len_o); 893 894 dfsan_set_write_callback(NULL); 895 } 896 897 void test_fgets() { 898 char *buf = (char*) malloc(128); 899 FILE *f = fopen("/etc/passwd", "r"); 900 dfsan_set_label(j_label, buf, 1); 901 DEFINE_AND_SAVE_N_ORIGINS(buf, 128) 902 903 char *ret = fgets(buf, sizeof(buf), f); 904 assert(ret == buf); 905 ASSERT_ZERO_LABEL(ret); 906 ASSERT_EQ_ORIGIN(ret, buf); 907 ASSERT_READ_ZERO_LABEL(buf, 128); 908 ASSERT_SAVED_N_ORIGINS(buf, 128) 909 910 dfsan_set_label(j_label, &buf, sizeof(&buf)); 911 ret = fgets(buf, sizeof(buf), f); 912 ASSERT_LABEL(ret, j_label); 913 ASSERT_EQ_ORIGIN(ret, buf); 914 ASSERT_SAVED_N_ORIGINS(buf, 128) 915 916 fclose(f); 917 free(buf); 918 } 919 920 void test_getcwd() { 921 char buf[1024]; 922 char *ptr = buf; 923 dfsan_set_label(i_label, buf + 2, 2); 924 DEFINE_AND_SAVE_ORIGINS(buf) 925 926 char* ret = getcwd(buf, sizeof(buf)); 927 assert(ret == buf); 928 assert(ret[0] == '/'); 929 ASSERT_ZERO_LABEL(ret); 930 ASSERT_EQ_ORIGIN(ret, buf); 931 ASSERT_READ_ZERO_LABEL(buf + 2, 2); 932 ASSERT_SAVED_ORIGINS(buf) 933 934 dfsan_set_label(i_label, &ptr, sizeof(ptr)); 935 ret = getcwd(ptr, sizeof(buf)); 936 ASSERT_LABEL(ret, i_label); 937 ASSERT_EQ_ORIGIN(ret, ptr); 938 ASSERT_SAVED_ORIGINS(buf) 939 } 940 941 void test_get_current_dir_name() { 942 char* ret = get_current_dir_name(); 943 assert(ret); 944 assert(ret[0] == '/'); 945 ASSERT_READ_ZERO_LABEL(ret, strlen(ret) + 1); 946 ASSERT_ZERO_LABEL(ret); 947 } 948 949 void test_getentropy() { 950 char buf[64]; 951 dfsan_set_label(i_label, buf + 2, 2); 952 DEFINE_AND_SAVE_ORIGINS(buf) 953 #if __GLIBC_PREREQ(2, 25) 954 // glibc >= 2.25 has getentropy() 955 int ret = getentropy(buf, sizeof(buf)); 956 ASSERT_ZERO_LABEL(ret); 957 if (ret == 0) { 958 ASSERT_READ_ZERO_LABEL(buf + 2, 2); 959 ASSERT_SAVED_ORIGINS(buf) 960 } 961 #endif 962 } 963 964 void test_gethostname() { 965 char buf[1024]; 966 dfsan_set_label(i_label, buf + 2, 2); 967 DEFINE_AND_SAVE_ORIGINS(buf) 968 int ret = gethostname(buf, sizeof(buf)); 969 assert(ret == 0); 970 ASSERT_ZERO_LABEL(ret); 971 ASSERT_READ_ZERO_LABEL(buf + 2, 2); 972 ASSERT_SAVED_ORIGINS(buf) 973 } 974 975 void test_getrlimit() { 976 struct rlimit rlim; 977 dfsan_set_label(i_label, &rlim, sizeof(rlim)); 978 DEFINE_AND_SAVE_ORIGINS(rlim); 979 int ret = getrlimit(RLIMIT_CPU, &rlim); 980 assert(ret == 0); 981 ASSERT_ZERO_LABEL(ret); 982 ASSERT_READ_ZERO_LABEL(&rlim, sizeof(rlim)); 983 ASSERT_SAVED_ORIGINS(rlim) 984 } 985 986 void test_getrusage() { 987 struct rusage usage; 988 dfsan_set_label(i_label, &usage, sizeof(usage)); 989 DEFINE_AND_SAVE_ORIGINS(usage); 990 int ret = getrusage(RUSAGE_SELF, &usage); 991 assert(ret == 0); 992 ASSERT_ZERO_LABEL(ret); 993 ASSERT_READ_ZERO_LABEL(&usage, sizeof(usage)); 994 ASSERT_SAVED_ORIGINS(usage) 995 } 996 997 void test_strcpy() { 998 char src[] = "hello world"; 999 char dst[sizeof(src) + 2]; 1000 char *p_dst = dst; 1001 dfsan_set_label(0, src, sizeof(src)); 1002 dfsan_set_label(0, dst, sizeof(dst)); 1003 dfsan_set_label(k_label, &p_dst, sizeof(p_dst)); 1004 dfsan_set_label(i_label, src + 2, 1); 1005 dfsan_set_label(j_label, src + 3, 1); 1006 dfsan_set_label(j_label, dst + 4, 1); 1007 dfsan_set_label(i_label, dst + 12, 1); 1008 char *ret = strcpy(p_dst, src); 1009 assert(ret == dst); 1010 assert(strcmp(src, dst) == 0); 1011 ASSERT_LABEL(ret, k_label); 1012 ASSERT_EQ_ORIGIN(ret, p_dst); 1013 for (int i = 0; i < strlen(src) + 1; ++i) { 1014 assert(dfsan_get_label(dst[i]) == dfsan_get_label(src[i])); 1015 if (dfsan_get_label(dst[i])) 1016 assert(dfsan_get_init_origin(&dst[i]) == dfsan_get_origin(src[i])); 1017 } 1018 // Note: if strlen(src) + 1 were used instead to compute the first untouched 1019 // byte of dest, the label would be I|J. This is because strlen() might 1020 // return a non-zero label, and because by default pointer labels are not 1021 // ignored on loads. 1022 ASSERT_LABEL(dst[12], i_label); 1023 } 1024 1025 void test_strtol() { 1026 char non_number_buf[] = "ab "; 1027 char *endptr = NULL; 1028 long int ret = strtol(non_number_buf, &endptr, 10); 1029 assert(ret == 0); 1030 assert(endptr == non_number_buf); 1031 ASSERT_ZERO_LABEL(ret); 1032 1033 char buf[] = "1234578910"; 1034 int base = 10; 1035 dfsan_set_label(k_label, &base, sizeof(base)); 1036 ret = strtol(buf, &endptr, base); 1037 assert(ret == 1234578910); 1038 assert(endptr == buf + 10); 1039 ASSERT_LABEL(ret, k_label); 1040 ASSERT_EQ_ORIGIN(ret, base); 1041 1042 dfsan_set_label(i_label, buf + 1, 1); 1043 dfsan_set_label(j_label, buf + 10, 1); 1044 ret = strtol(buf, &endptr, 10); 1045 assert(ret == 1234578910); 1046 assert(endptr == buf + 10); 1047 ASSERT_LABEL(ret, i_j_label); 1048 ASSERT_EQ_ORIGIN(ret, buf[1]); 1049 } 1050 1051 void test_strtoll() { 1052 char non_number_buf[] = "ab "; 1053 char *endptr = NULL; 1054 long long int ret = strtoll(non_number_buf, &endptr, 10); 1055 assert(ret == 0); 1056 assert(endptr == non_number_buf); 1057 ASSERT_ZERO_LABEL(ret); 1058 1059 char buf[] = "1234578910 "; 1060 int base = 10; 1061 dfsan_set_label(k_label, &base, sizeof(base)); 1062 ret = strtoll(buf, &endptr, base); 1063 assert(ret == 1234578910); 1064 assert(endptr == buf + 10); 1065 ASSERT_LABEL(ret, k_label); 1066 ASSERT_EQ_ORIGIN(ret, base); 1067 1068 dfsan_set_label(i_label, buf + 1, 1); 1069 dfsan_set_label(j_label, buf + 2, 1); 1070 ret = strtoll(buf, &endptr, 10); 1071 assert(ret == 1234578910); 1072 assert(endptr == buf + 10); 1073 ASSERT_LABEL(ret, i_j_label); 1074 ASSERT_EQ_ORIGIN(ret, buf[1]); 1075 } 1076 1077 void test_strtoul() { 1078 char non_number_buf[] = "xy "; 1079 char *endptr = NULL; 1080 long unsigned int ret = strtoul(non_number_buf, &endptr, 16); 1081 assert(ret == 0); 1082 assert(endptr == non_number_buf); 1083 ASSERT_ZERO_LABEL(ret); 1084 1085 char buf[] = "ffffffffffffaa"; 1086 int base = 16; 1087 dfsan_set_label(k_label, &base, sizeof(base)); 1088 ret = strtoul(buf, &endptr, base); 1089 assert(ret == 72057594037927850); 1090 assert(endptr == buf + 14); 1091 ASSERT_LABEL(ret, k_label); 1092 ASSERT_EQ_ORIGIN(ret, base); 1093 1094 dfsan_set_label(i_label, buf + 1, 1); 1095 dfsan_set_label(j_label, buf + 2, 1); 1096 ret = strtoul(buf, &endptr, 16); 1097 assert(ret == 72057594037927850); 1098 assert(endptr == buf + 14); 1099 ASSERT_LABEL(ret, i_j_label); 1100 ASSERT_EQ_ORIGIN(ret, buf[1]); 1101 } 1102 1103 void test_strtoull() { 1104 char non_number_buf[] = "xy "; 1105 char *endptr = NULL; 1106 long long unsigned int ret = strtoull(non_number_buf, &endptr, 16); 1107 assert(ret == 0); 1108 assert(endptr == non_number_buf); 1109 ASSERT_ZERO_LABEL(ret); 1110 1111 char buf[] = "ffffffffffffffaa"; 1112 int base = 16; 1113 dfsan_set_label(k_label, &base, sizeof(base)); 1114 ret = strtoull(buf, &endptr, base); 1115 assert(ret == 0xffffffffffffffaa); 1116 assert(endptr == buf + 16); 1117 ASSERT_LABEL(ret, k_label); 1118 ASSERT_EQ_ORIGIN(ret, base); 1119 1120 dfsan_set_label(i_label, buf + 1, 1); 1121 dfsan_set_label(j_label, buf + 2, 1); 1122 ret = strtoull(buf, &endptr, 16); 1123 assert(ret == 0xffffffffffffffaa); 1124 assert(endptr == buf + 16); 1125 ASSERT_LABEL(ret, i_j_label); 1126 ASSERT_EQ_ORIGIN(ret, buf[1]); 1127 } 1128 1129 void test_strtod() { 1130 char non_number_buf[] = "ab "; 1131 char *endptr = NULL; 1132 double ret = strtod(non_number_buf, &endptr); 1133 assert(ret == 0); 1134 assert(endptr == non_number_buf); 1135 ASSERT_ZERO_LABEL(ret); 1136 1137 char buf[] = "12345.76 foo"; 1138 dfsan_set_label(i_label, buf + 1, 1); 1139 dfsan_set_label(j_label, buf + 6, 1); 1140 ret = strtod(buf, &endptr); 1141 assert(ret == 12345.76); 1142 assert(endptr == buf + 8); 1143 ASSERT_LABEL(ret, i_j_label); 1144 ASSERT_EQ_ORIGIN(ret, buf[1]); 1145 } 1146 1147 void test_time() { 1148 time_t t = 0; 1149 dfsan_set_label(i_label, &t, 1); 1150 DEFINE_AND_SAVE_ORIGINS(t) 1151 time_t ret = time(&t); 1152 assert(ret == t); 1153 assert(ret > 0); 1154 ASSERT_ZERO_LABEL(ret); 1155 ASSERT_ZERO_LABEL(t); 1156 ASSERT_SAVED_ORIGINS(t) 1157 } 1158 1159 void test_inet_pton() { 1160 char addr4[] = "127.0.0.1"; 1161 dfsan_set_label(i_label, addr4 + 3, 1); 1162 struct in_addr in4; 1163 int ret4 = inet_pton(AF_INET, addr4, &in4); 1164 assert(ret4 == 1); 1165 ASSERT_ZERO_LABEL(ret4); 1166 ASSERT_READ_LABEL(&in4, sizeof(in4), i_label); 1167 ASSERT_ORIGINS(&in4, sizeof(in4), dfsan_get_origin((long)(addr4[3]))) 1168 assert(in4.s_addr == htonl(0x7f000001)); 1169 1170 char addr6[] = "::1"; 1171 dfsan_set_label(j_label, addr6 + 3, 1); 1172 struct in6_addr in6; 1173 int ret6 = inet_pton(AF_INET6, addr6, &in6); 1174 assert(ret6 == 1); 1175 ASSERT_ZERO_LABEL(ret6); 1176 ASSERT_READ_LABEL(((char *) &in6) + sizeof(in6) - 1, 1, j_label); 1177 ASSERT_ORIGINS(&in6, sizeof(in6), dfsan_get_origin((long)(addr6[3]))) 1178 } 1179 1180 void test_localtime_r() { 1181 time_t t0 = 1384800998; 1182 struct tm t1; 1183 dfsan_set_label(i_label, &t0, sizeof(t0)); 1184 dfsan_origin t0_o = dfsan_get_origin((long)t0); 1185 struct tm *pt1 = &t1; 1186 dfsan_set_label(j_label, &pt1, sizeof(pt1)); 1187 dfsan_origin pt1_o = dfsan_get_origin((long)pt1); 1188 1189 #ifndef ORIGIN_TRACKING 1190 (void)t0_o; 1191 (void)pt1_o; 1192 #endif 1193 1194 struct tm *ret = localtime_r(&t0, pt1); 1195 assert(ret == &t1); 1196 assert(t1.tm_min == 56); 1197 ASSERT_LABEL(ret, j_label); 1198 ASSERT_INIT_ORIGIN(&ret, pt1_o); 1199 ASSERT_READ_LABEL(&ret, sizeof(ret), j_label); 1200 ASSERT_LABEL(t1.tm_mon, i_label); 1201 ASSERT_ORIGIN(t1.tm_mon, t0_o); 1202 } 1203 1204 void test_getpwuid_r() { 1205 struct passwd pwd; 1206 char buf[1024]; 1207 struct passwd *result; 1208 1209 dfsan_set_label(i_label, &pwd, 4); 1210 DEFINE_AND_SAVE_ORIGINS(pwd) 1211 DEFINE_AND_SAVE_ORIGINS(buf) 1212 int ret = getpwuid_r(0, &pwd, buf, sizeof(buf), &result); 1213 assert(ret == 0); 1214 assert(strcmp(pwd.pw_name, "root") == 0); 1215 assert(result == &pwd); 1216 ASSERT_ZERO_LABEL(ret); 1217 ASSERT_READ_ZERO_LABEL(&pwd, 4); 1218 ASSERT_SAVED_ORIGINS(pwd) 1219 ASSERT_SAVED_ORIGINS(buf) 1220 } 1221 1222 void test_epoll_wait() { 1223 // Set up a pipe to monitor with epoll. 1224 int pipe_fds[2]; 1225 int ret = pipe(pipe_fds); 1226 assert(ret != -1); 1227 1228 // Configure epoll to monitor the pipe. 1229 int epfd = epoll_create1(0); 1230 assert(epfd != -1); 1231 struct epoll_event event; 1232 event.events = EPOLLIN; 1233 event.data.fd = pipe_fds[0]; 1234 ret = epoll_ctl(epfd, EPOLL_CTL_ADD, pipe_fds[0], &event); 1235 assert(ret != -1); 1236 1237 // Test epoll_wait when no events have occurred. 1238 event = {}; 1239 dfsan_set_label(i_label, &event, sizeof(event)); 1240 DEFINE_AND_SAVE_ORIGINS(event) 1241 ret = epoll_wait(epfd, &event, /*maxevents=*/1, /*timeout=*/0); 1242 assert(ret == 0); 1243 assert(event.events == 0); 1244 assert(event.data.fd == 0); 1245 ASSERT_ZERO_LABEL(ret); 1246 ASSERT_READ_LABEL(&event, sizeof(event), i_label); 1247 ASSERT_SAVED_ORIGINS(event) 1248 1249 // Test epoll_wait when an event occurs. 1250 write(pipe_fds[1], "x", 1); 1251 ret = epoll_wait(epfd, &event, /*maxevents=*/1, /*timeout=*/0); 1252 assert(ret == 1); 1253 assert(event.events == EPOLLIN); 1254 assert(event.data.fd == pipe_fds[0]); 1255 ASSERT_ZERO_LABEL(ret); 1256 ASSERT_READ_ZERO_LABEL(&event, sizeof(event)); 1257 ASSERT_SAVED_ORIGINS(event) 1258 1259 // Clean up. 1260 close(epfd); 1261 close(pipe_fds[0]); 1262 close(pipe_fds[1]); 1263 } 1264 1265 void test_poll() { 1266 struct pollfd fd; 1267 fd.fd = 0; 1268 fd.events = POLLIN; 1269 dfsan_set_label(i_label, &fd.revents, sizeof(fd.revents)); 1270 DEFINE_AND_SAVE_ORIGINS(fd) 1271 int ret = poll(&fd, 1, 1); 1272 ASSERT_ZERO_LABEL(ret); 1273 ASSERT_ZERO_LABEL(fd.revents); 1274 ASSERT_SAVED_ORIGINS(fd) 1275 assert(ret >= 0); 1276 } 1277 1278 void test_select() { 1279 struct timeval t; 1280 fd_set fds; 1281 t.tv_sec = 2; 1282 FD_SET(0, &fds); 1283 dfsan_set_label(i_label, &fds, sizeof(fds)); 1284 dfsan_set_label(j_label, &t, sizeof(t)); 1285 DEFINE_AND_SAVE_ORIGINS(fds) 1286 DEFINE_AND_SAVE_ORIGINS(t) 1287 int ret = select(1, &fds, NULL, NULL, &t); 1288 assert(ret >= 0); 1289 ASSERT_ZERO_LABEL(ret); 1290 ASSERT_ZERO_LABEL(t.tv_sec); 1291 ASSERT_READ_ZERO_LABEL(&fds, sizeof(fds)); 1292 ASSERT_SAVED_ORIGINS(fds) 1293 ASSERT_SAVED_ORIGINS(t) 1294 } 1295 1296 void test_sched_getaffinity() { 1297 cpu_set_t mask; 1298 dfsan_set_label(j_label, &mask, 1); 1299 DEFINE_AND_SAVE_ORIGINS(mask) 1300 int ret = sched_getaffinity(0, sizeof(mask), &mask); 1301 assert(ret == 0); 1302 ASSERT_ZERO_LABEL(ret); 1303 ASSERT_READ_ZERO_LABEL(&mask, sizeof(mask)); 1304 ASSERT_SAVED_ORIGINS(mask) 1305 } 1306 1307 void test_sigemptyset() { 1308 sigset_t set; 1309 dfsan_set_label(j_label, &set, 1); 1310 DEFINE_AND_SAVE_ORIGINS(set) 1311 int ret = sigemptyset(&set); 1312 assert(ret == 0); 1313 ASSERT_ZERO_LABEL(ret); 1314 ASSERT_READ_ZERO_LABEL(&set, sizeof(set)); 1315 ASSERT_SAVED_ORIGINS(set) 1316 } 1317 1318 static void SignalHandler(int signo) {} 1319 1320 static void SignalAction(int signo, siginfo_t *si, void *uc) {} 1321 1322 void test_sigaction() { 1323 struct sigaction newact_with_sigaction = {}; 1324 newact_with_sigaction.sa_flags = SA_SIGINFO; 1325 newact_with_sigaction.sa_sigaction = SignalAction; 1326 1327 // Set sigaction to be SignalAction, save the last one into origin_act 1328 struct sigaction origin_act; 1329 dfsan_set_label(j_label, &origin_act, 1); 1330 DEFINE_AND_SAVE_ORIGINS(origin_act) 1331 int ret = sigaction(SIGUSR1, &newact_with_sigaction, &origin_act); 1332 assert(ret == 0); 1333 ASSERT_ZERO_LABEL(ret); 1334 ASSERT_READ_ZERO_LABEL(&origin_act, sizeof(origin_act)); 1335 ASSERT_SAVED_ORIGINS(origin_act) 1336 1337 struct sigaction newact_with_sighandler = {}; 1338 newact_with_sighandler.sa_handler = SignalHandler; 1339 1340 // Set sigaction to be SignalHandler, check the last one is SignalAction 1341 struct sigaction oldact; 1342 assert(0 == sigaction(SIGUSR1, &newact_with_sighandler, &oldact)); 1343 assert(oldact.sa_sigaction == SignalAction); 1344 assert(oldact.sa_flags & SA_SIGINFO); 1345 1346 // Set SIG_IGN or SIG_DFL, and check the previous one is expected. 1347 newact_with_sighandler.sa_handler = SIG_IGN; 1348 assert(0 == sigaction(SIGUSR1, &newact_with_sighandler, &oldact)); 1349 assert(oldact.sa_handler == SignalHandler); 1350 assert((oldact.sa_flags & SA_SIGINFO) == 0); 1351 1352 newact_with_sighandler.sa_handler = SIG_DFL; 1353 assert(0 == sigaction(SIGUSR1, &newact_with_sighandler, &oldact)); 1354 assert(oldact.sa_handler == SIG_IGN); 1355 assert((oldact.sa_flags & SA_SIGINFO) == 0); 1356 1357 // Restore sigaction to the orginal setting, check the last one is SignalHandler 1358 assert(0 == sigaction(SIGUSR1, &origin_act, &oldact)); 1359 assert(oldact.sa_handler == SIG_DFL); 1360 assert((oldact.sa_flags & SA_SIGINFO) == 0); 1361 } 1362 1363 void test_signal() { 1364 // Set signal to be SignalHandler, save the previous one into 1365 // old_signal_handler. 1366 sighandler_t old_signal_handler = signal(SIGHUP, SignalHandler); 1367 ASSERT_ZERO_LABEL(old_signal_handler); 1368 1369 // Set SIG_IGN or SIG_DFL, and check the previous one is expected. 1370 assert(SignalHandler == signal(SIGHUP, SIG_DFL)); 1371 assert(SIG_DFL == signal(SIGHUP, SIG_IGN)); 1372 1373 // Restore signal to old_signal_handler. 1374 assert(SIG_IGN == signal(SIGHUP, old_signal_handler)); 1375 } 1376 1377 void test_sigaltstack() { 1378 stack_t old_altstack = {}; 1379 dfsan_set_label(j_label, &old_altstack, sizeof(old_altstack)); 1380 DEFINE_AND_SAVE_ORIGINS(old_altstack) 1381 int ret = sigaltstack(NULL, &old_altstack); 1382 assert(ret == 0); 1383 ASSERT_ZERO_LABEL(ret); 1384 ASSERT_READ_ZERO_LABEL(&old_altstack, sizeof(old_altstack)); 1385 ASSERT_SAVED_ORIGINS(old_altstack) 1386 } 1387 1388 void test_gettimeofday() { 1389 struct timeval tv; 1390 struct timezone tz; 1391 dfsan_set_label(i_label, &tv, sizeof(tv)); 1392 dfsan_set_label(j_label, &tz, sizeof(tz)); 1393 DEFINE_AND_SAVE_ORIGINS(tv) 1394 DEFINE_AND_SAVE_ORIGINS(tz) 1395 int ret = gettimeofday(&tv, &tz); 1396 assert(ret == 0); 1397 ASSERT_READ_ZERO_LABEL(&tv, sizeof(tv)); 1398 ASSERT_READ_ZERO_LABEL(&tz, sizeof(tz)); 1399 ASSERT_SAVED_ORIGINS(tv) 1400 ASSERT_SAVED_ORIGINS(tz) 1401 } 1402 1403 void *pthread_create_test_cb(void *p) { 1404 assert(p == (void *)1); 1405 ASSERT_ZERO_LABEL(p); 1406 return (void *)2; 1407 } 1408 1409 void test_pthread_create() { 1410 pthread_t pt; 1411 int create_ret = pthread_create(&pt, 0, pthread_create_test_cb, (void *)1); 1412 assert(create_ret == 0); 1413 ASSERT_ZERO_LABEL(create_ret); 1414 void *cbrv; 1415 dfsan_set_label(i_label, &cbrv, sizeof(cbrv)); 1416 DEFINE_AND_SAVE_ORIGINS(cbrv) 1417 int joint_ret = pthread_join(pt, &cbrv); 1418 assert(joint_ret == 0); 1419 assert(cbrv == (void *)2); 1420 ASSERT_ZERO_LABEL(joint_ret); 1421 ASSERT_ZERO_LABEL(cbrv); 1422 ASSERT_SAVED_ORIGINS(cbrv); 1423 } 1424 1425 // Tested by test_pthread_create(). This empty function is here to appease the 1426 // check-wrappers script. 1427 void test_pthread_join() {} 1428 1429 int dl_iterate_phdr_test_cb(struct dl_phdr_info *info, size_t size, 1430 void *data) { 1431 assert(data == (void *)3); 1432 ASSERT_ZERO_LABEL(info); 1433 ASSERT_ZERO_LABEL(size); 1434 ASSERT_ZERO_LABEL(data); 1435 return 0; 1436 } 1437 1438 void test_dl_iterate_phdr() { 1439 dl_iterate_phdr(dl_iterate_phdr_test_cb, (void *)3); 1440 } 1441 1442 // On glibc < 2.27, this symbol is not available. Mark it weak so we can skip 1443 // testing in this case. 1444 __attribute__((weak)) extern "C" void _dl_get_tls_static_info(size_t *sizep, 1445 size_t *alignp); 1446 1447 void test__dl_get_tls_static_info() { 1448 if (!_dl_get_tls_static_info) 1449 return; 1450 size_t sizep = 0, alignp = 0; 1451 dfsan_set_label(i_label, &sizep, sizeof(sizep)); 1452 dfsan_set_label(i_label, &alignp, sizeof(alignp)); 1453 dfsan_origin sizep_o = dfsan_get_origin(sizep); 1454 dfsan_origin alignp_o = dfsan_get_origin(alignp); 1455 #ifndef ORIGIN_TRACKING 1456 (void)sizep_o; 1457 (void)alignp_o; 1458 #endif 1459 _dl_get_tls_static_info(&sizep, &alignp); 1460 ASSERT_ZERO_LABEL(sizep); 1461 ASSERT_ZERO_LABEL(alignp); 1462 ASSERT_ORIGIN(sizep, sizep_o); 1463 ASSERT_ORIGIN(alignp, alignp_o); 1464 } 1465 1466 void test_strrchr() { 1467 char str1[] = "str1str1"; 1468 1469 char *p = str1; 1470 dfsan_set_label(j_label, &p, sizeof(p)); 1471 1472 char *rv = strrchr(p, 'r'); 1473 assert(rv == &str1[6]); 1474 ASSERT_LABEL(rv, j_label); 1475 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, p); 1476 1477 char c = 'r'; 1478 dfsan_set_label(k_label, &c, sizeof(c)); 1479 rv = strrchr(str1, c); 1480 assert(rv == &str1[6]); 1481 #ifdef STRICT_DATA_DEPENDENCIES 1482 ASSERT_ZERO_LABEL(rv); 1483 #else 1484 ASSERT_LABEL(rv, k_label); 1485 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, c); 1486 #endif 1487 1488 dfsan_set_label(i_label, &str1[7], 1); 1489 1490 rv = strrchr(str1, 'r'); 1491 assert(rv == &str1[6]); 1492 #ifdef STRICT_DATA_DEPENDENCIES 1493 ASSERT_ZERO_LABEL(rv); 1494 #else 1495 ASSERT_LABEL(rv, i_label); 1496 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, str1[7]); 1497 #endif 1498 } 1499 1500 void test_strstr() { 1501 char str1[] = "str1str1"; 1502 1503 char *p1 = str1; 1504 dfsan_set_label(k_label, &p1, sizeof(p1)); 1505 char *rv = strstr(p1, "1s"); 1506 assert(rv == &str1[3]); 1507 ASSERT_LABEL(rv, k_label); 1508 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, p1); 1509 1510 char str2[] = "1s"; 1511 char *p2 = str2; 1512 dfsan_set_label(m_label, &p2, sizeof(p2)); 1513 rv = strstr(str1, p2); 1514 assert(rv == &str1[3]); 1515 #ifdef STRICT_DATA_DEPENDENCIES 1516 ASSERT_ZERO_LABEL(rv); 1517 #else 1518 ASSERT_LABEL(rv, m_label); 1519 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, p2); 1520 #endif 1521 1522 dfsan_set_label(n_label, &str2[0], 1); 1523 rv = strstr(str1, str2); 1524 assert(rv == &str1[3]); 1525 #ifdef STRICT_DATA_DEPENDENCIES 1526 ASSERT_ZERO_LABEL(rv); 1527 #else 1528 ASSERT_LABEL(rv, n_label); 1529 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, str2[0]); 1530 #endif 1531 1532 dfsan_set_label(i_label, &str1[3], 1); 1533 dfsan_set_label(j_label, &str1[5], 1); 1534 1535 rv = strstr(str1, "1s"); 1536 assert(rv == &str1[3]); 1537 #ifdef STRICT_DATA_DEPENDENCIES 1538 ASSERT_ZERO_LABEL(rv); 1539 #else 1540 ASSERT_LABEL(rv, i_label); 1541 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, str1[3]); 1542 #endif 1543 1544 rv = strstr(str1, "2s"); 1545 assert(rv == NULL); 1546 #ifdef STRICT_DATA_DEPENDENCIES 1547 ASSERT_ZERO_LABEL(rv); 1548 #else 1549 ASSERT_LABEL(rv, i_j_label); 1550 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, str1[3]); 1551 #endif 1552 } 1553 1554 void test_strpbrk() { 1555 char s[] = "abcdefg"; 1556 char accept[] = "123fd"; 1557 1558 char *p_s = s; 1559 char *p_accept = accept; 1560 1561 dfsan_set_label(n_label, &p_accept, sizeof(p_accept)); 1562 1563 char *rv = strpbrk(p_s, p_accept); 1564 assert(rv == &s[3]); 1565 #ifdef STRICT_DATA_DEPENDENCIES 1566 ASSERT_ZERO_LABEL(rv); 1567 #else 1568 ASSERT_LABEL(rv, n_label); 1569 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, p_accept); 1570 #endif 1571 1572 dfsan_set_label(m_label, &p_s, sizeof(p_s)); 1573 1574 rv = strpbrk(p_s, p_accept); 1575 assert(rv == &s[3]); 1576 #ifdef STRICT_DATA_DEPENDENCIES 1577 ASSERT_LABEL(rv, m_label); 1578 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, p_s); 1579 #else 1580 ASSERT_LABEL(rv, dfsan_union(m_label, n_label)); 1581 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, p_s); 1582 #endif 1583 1584 dfsan_set_label(i_label, &s[5], 1); 1585 dfsan_set_label(j_label, &accept[1], 1); 1586 1587 rv = strpbrk(s, accept); 1588 assert(rv == &s[3]); 1589 #ifdef STRICT_DATA_DEPENDENCIES 1590 ASSERT_ZERO_LABEL(rv); 1591 #else 1592 ASSERT_LABEL(rv, j_label); 1593 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, accept[1]); 1594 #endif 1595 1596 char *ps = s; 1597 dfsan_set_label(j_label, &ps, sizeof(ps)); 1598 1599 rv = strpbrk(ps, "123gf"); 1600 assert(rv == &s[5]); 1601 #ifdef STRICT_DATA_DEPENDENCIES 1602 ASSERT_LABEL(rv, j_label); 1603 #else 1604 ASSERT_LABEL(rv, i_j_label); 1605 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, s[5]); 1606 #endif 1607 1608 rv = strpbrk(ps, "123"); 1609 assert(rv == NULL); 1610 #ifdef STRICT_DATA_DEPENDENCIES 1611 ASSERT_ZERO_LABEL(rv); 1612 #else 1613 ASSERT_LABEL(rv, i_j_label); 1614 ASSERT_INIT_ORIGIN_EQ_ORIGIN(&rv, s[5]); 1615 #endif 1616 } 1617 1618 void test_memchr() { 1619 char str1[] = "str1"; 1620 dfsan_set_label(i_label, &str1[3], 1); 1621 dfsan_set_label(j_label, &str1[4], 1); 1622 1623 char *crv = (char *) memchr(str1, 'r', sizeof(str1)); 1624 assert(crv == &str1[2]); 1625 ASSERT_ZERO_LABEL(crv); 1626 1627 char c = 'r'; 1628 dfsan_set_label(k_label, &c, sizeof(c)); 1629 crv = (char *)memchr(str1, c, sizeof(str1)); 1630 assert(crv == &str1[2]); 1631 #ifdef STRICT_DATA_DEPENDENCIES 1632 ASSERT_ZERO_LABEL(crv); 1633 #else 1634 ASSERT_LABEL(crv, k_label); 1635 ASSERT_EQ_ORIGIN(crv, c); 1636 #endif 1637 1638 char *ptr = str1; 1639 dfsan_set_label(k_label, &ptr, sizeof(ptr)); 1640 crv = (char *)memchr(ptr, 'r', sizeof(str1)); 1641 assert(crv == &str1[2]); 1642 ASSERT_LABEL(crv, k_label); 1643 ASSERT_EQ_ORIGIN(crv, ptr); 1644 1645 crv = (char *) memchr(str1, '1', sizeof(str1)); 1646 assert(crv == &str1[3]); 1647 #ifdef STRICT_DATA_DEPENDENCIES 1648 ASSERT_ZERO_LABEL(crv); 1649 #else 1650 ASSERT_LABEL(crv, i_label); 1651 ASSERT_EQ_ORIGIN(crv, str1[3]); 1652 #endif 1653 1654 crv = (char *) memchr(str1, 'x', sizeof(str1)); 1655 assert(!crv); 1656 #ifdef STRICT_DATA_DEPENDENCIES 1657 ASSERT_ZERO_LABEL(crv); 1658 #else 1659 ASSERT_LABEL(crv, i_j_label); 1660 ASSERT_EQ_ORIGIN(crv, str1[3]); 1661 #endif 1662 } 1663 1664 void alarm_handler(int unused) { 1665 ; 1666 } 1667 1668 void test_nanosleep() { 1669 struct timespec req, rem; 1670 req.tv_sec = 1; 1671 req.tv_nsec = 0; 1672 dfsan_set_label(i_label, &rem, sizeof(rem)); 1673 DEFINE_AND_SAVE_ORIGINS(rem) 1674 1675 // non interrupted 1676 int rv = nanosleep(&req, &rem); 1677 assert(rv == 0); 1678 ASSERT_ZERO_LABEL(rv); 1679 ASSERT_READ_LABEL(&rem, 1, i_label); 1680 ASSERT_SAVED_ORIGINS(rem) 1681 1682 // interrupted by an alarm 1683 signal(SIGALRM, alarm_handler); 1684 req.tv_sec = 3; 1685 alarm(1); 1686 rv = nanosleep(&req, &rem); 1687 assert(rv == -1); 1688 ASSERT_ZERO_LABEL(rv); 1689 ASSERT_READ_ZERO_LABEL(&rem, sizeof(rem)); 1690 ASSERT_SAVED_ORIGINS(rem) 1691 } 1692 1693 void test_socketpair() { 1694 int fd[2]; 1695 dfsan_origin fd_o[2]; 1696 1697 dfsan_set_label(i_label, fd, sizeof(fd)); 1698 fd_o[0] = dfsan_get_origin((long)(fd[0])); 1699 fd_o[1] = dfsan_get_origin((long)(fd[1])); 1700 int rv = socketpair(PF_LOCAL, SOCK_STREAM, 0, fd); 1701 assert(rv == 0); 1702 ASSERT_ZERO_LABEL(rv); 1703 ASSERT_READ_ZERO_LABEL(fd, sizeof(fd)); 1704 ASSERT_ORIGIN(fd[0], fd_o[0]); 1705 ASSERT_ORIGIN(fd[1], fd_o[1]); 1706 } 1707 1708 void test_getpeername() { 1709 int sockfds[2]; 1710 int ret = socketpair(AF_UNIX, SOCK_DGRAM, 0, sockfds); 1711 assert(ret != -1); 1712 1713 struct sockaddr addr = {}; 1714 socklen_t addrlen = sizeof(addr); 1715 dfsan_set_label(i_label, &addr, addrlen); 1716 dfsan_set_label(i_label, &addrlen, sizeof(addrlen)); 1717 DEFINE_AND_SAVE_ORIGINS(addr) 1718 DEFINE_AND_SAVE_ORIGINS(addrlen) 1719 1720 ret = getpeername(sockfds[0], &addr, &addrlen); 1721 assert(ret != -1); 1722 ASSERT_ZERO_LABEL(ret); 1723 ASSERT_ZERO_LABEL(addrlen); 1724 assert(addrlen < sizeof(addr)); 1725 ASSERT_READ_ZERO_LABEL(&addr, addrlen); 1726 ASSERT_READ_LABEL(((char *)&addr) + addrlen, 1, i_label); 1727 ASSERT_SAVED_ORIGINS(addr) 1728 ASSERT_SAVED_ORIGINS(addrlen) 1729 1730 close(sockfds[0]); 1731 close(sockfds[1]); 1732 } 1733 1734 void test_getsockname() { 1735 int sockfd = socket(AF_UNIX, SOCK_DGRAM, 0); 1736 assert(sockfd != -1); 1737 1738 struct sockaddr addr = {}; 1739 socklen_t addrlen = sizeof(addr); 1740 dfsan_set_label(i_label, &addr, addrlen); 1741 dfsan_set_label(i_label, &addrlen, sizeof(addrlen)); 1742 DEFINE_AND_SAVE_ORIGINS(addr) 1743 DEFINE_AND_SAVE_ORIGINS(addrlen) 1744 int ret = getsockname(sockfd, &addr, &addrlen); 1745 assert(ret != -1); 1746 ASSERT_ZERO_LABEL(ret); 1747 ASSERT_ZERO_LABEL(addrlen); 1748 assert(addrlen < sizeof(addr)); 1749 ASSERT_READ_ZERO_LABEL(&addr, addrlen); 1750 ASSERT_READ_LABEL(((char *)&addr) + addrlen, 1, i_label); 1751 ASSERT_SAVED_ORIGINS(addr) 1752 ASSERT_SAVED_ORIGINS(addrlen) 1753 1754 close(sockfd); 1755 } 1756 1757 void test_getsockopt() { 1758 int sockfd = socket(AF_UNIX, SOCK_DGRAM, 0); 1759 assert(sockfd != -1); 1760 1761 int optval[2] = {-1, -1}; 1762 socklen_t optlen = sizeof(optval); 1763 dfsan_set_label(i_label, &optval, sizeof(optval)); 1764 dfsan_set_label(i_label, &optlen, sizeof(optlen)); 1765 DEFINE_AND_SAVE_ORIGINS(optval) 1766 DEFINE_AND_SAVE_ORIGINS(optlen) 1767 int ret = getsockopt(sockfd, SOL_SOCKET, SO_KEEPALIVE, &optval, &optlen); 1768 assert(ret != -1); 1769 assert(optlen == sizeof(int)); 1770 assert(optval[0] == 0); 1771 assert(optval[1] == -1); 1772 ASSERT_ZERO_LABEL(ret); 1773 ASSERT_ZERO_LABEL(optlen); 1774 ASSERT_ZERO_LABEL(optval[0]); 1775 ASSERT_LABEL(optval[1], i_label); 1776 ASSERT_SAVED_ORIGINS(optval) 1777 ASSERT_SAVED_ORIGINS(optlen) 1778 1779 close(sockfd); 1780 } 1781 1782 void test_write() { 1783 int fd = open("/dev/null", O_WRONLY); 1784 1785 char buf[] = "a string"; 1786 int len = strlen(buf); 1787 1788 // The result of a write always unlabeled. 1789 int res = write(fd, buf, len); 1790 assert(res > 0); 1791 ASSERT_ZERO_LABEL(res); 1792 1793 // Label all arguments to write(). 1794 dfsan_set_label(i_label, &(buf[3]), 1); 1795 dfsan_set_label(j_label, &fd, sizeof(fd)); 1796 dfsan_set_label(i_label, &len, sizeof(len)); 1797 1798 // The value returned by write() should have no label. 1799 res = write(fd, buf, len); 1800 ASSERT_ZERO_LABEL(res); 1801 1802 close(fd); 1803 } 1804 1805 template <class T> 1806 void test_sprintf_chunk(const char* expected, const char* format, T arg) { 1807 char buf[512]; 1808 memset(buf, 'a', sizeof(buf)); 1809 1810 char padded_expected[512]; 1811 strcpy(padded_expected, "foo "); 1812 strcat(padded_expected, expected); 1813 strcat(padded_expected, " bar"); 1814 1815 char padded_format[512]; 1816 strcpy(padded_format, "foo "); 1817 strcat(padded_format, format); 1818 strcat(padded_format, " bar"); 1819 1820 // Non labelled arg. 1821 assert(sprintf(buf, padded_format, arg) == strlen(padded_expected)); 1822 assert(strcmp(buf, padded_expected) == 0); 1823 ASSERT_READ_LABEL(buf, strlen(padded_expected), 0); 1824 memset(buf, 'a', sizeof(buf)); 1825 1826 // Labelled arg. 1827 dfsan_set_label(i_label, &arg, sizeof(arg)); 1828 dfsan_origin a_o = dfsan_get_origin((long)(arg)); 1829 #ifndef ORIGIN_TRACKING 1830 (void)a_o; 1831 #endif 1832 assert(sprintf(buf, padded_format, arg) == strlen(padded_expected)); 1833 assert(strcmp(buf, padded_expected) == 0); 1834 ASSERT_READ_LABEL(buf, 4, 0); 1835 ASSERT_READ_LABEL(buf + 4, strlen(padded_expected) - 8, i_label); 1836 ASSERT_INIT_ORIGINS(buf + 4, strlen(padded_expected) - 8, a_o); 1837 ASSERT_READ_LABEL(buf + (strlen(padded_expected) - 4), 4, 0); 1838 } 1839 1840 void test_sprintf() { 1841 char buf[2048]; 1842 memset(buf, 'a', sizeof(buf)); 1843 1844 // Test formatting (no conversion specifier). 1845 assert(sprintf(buf, "Hello world!") == 12); 1846 assert(strcmp(buf, "Hello world!") == 0); 1847 ASSERT_READ_LABEL(buf, sizeof(buf), 0); 1848 1849 // Test for extra arguments. 1850 assert(sprintf(buf, "Hello world!", 42, "hello") == 12); 1851 assert(strcmp(buf, "Hello world!") == 0); 1852 ASSERT_READ_LABEL(buf, sizeof(buf), 0); 1853 1854 // Test formatting & label propagation (multiple conversion specifiers): %s, 1855 // %d, %n, %f, and %%. 1856 const char* s = "world"; 1857 int m = 8; 1858 int d = 27; 1859 dfsan_set_label(k_label, (void *) (s + 1), 2); 1860 dfsan_origin s_o = dfsan_get_origin((long)(s[1])); 1861 dfsan_set_label(i_label, &m, sizeof(m)); 1862 dfsan_origin m_o = dfsan_get_origin((long)m); 1863 dfsan_set_label(j_label, &d, sizeof(d)); 1864 dfsan_origin d_o = dfsan_get_origin((long)d); 1865 #ifndef ORIGIN_TRACKING 1866 (void)s_o; 1867 (void)m_o; 1868 (void)d_o; 1869 #endif 1870 int n; 1871 int r = sprintf(buf, "hello %s, %-d/%d/%d %f %% %n%d", s, 2014, m, d, 1872 12345.6781234, &n, 1000); 1873 assert(r == 42); 1874 assert(strcmp(buf, "hello world, 2014/8/27 12345.678123 % 1000") == 0); 1875 ASSERT_READ_LABEL(buf, 7, 0); 1876 ASSERT_READ_LABEL(buf + 7, 2, k_label); 1877 ASSERT_INIT_ORIGINS(buf + 7, 2, s_o); 1878 ASSERT_READ_LABEL(buf + 9, 9, 0); 1879 ASSERT_READ_LABEL(buf + 18, 1, i_label); 1880 ASSERT_INIT_ORIGINS(buf + 18, 1, m_o); 1881 ASSERT_READ_LABEL(buf + 19, 1, 0); 1882 ASSERT_READ_LABEL(buf + 20, 2, j_label); 1883 ASSERT_INIT_ORIGINS(buf + 20, 2, d_o); 1884 ASSERT_READ_LABEL(buf + 22, 15, 0); 1885 ASSERT_LABEL(r, 0); 1886 assert(n == 38); 1887 1888 // Test formatting & label propagation (single conversion specifier, with 1889 // additional length and precision modifiers). 1890 test_sprintf_chunk("-559038737", "%d", 0xdeadbeef); 1891 test_sprintf_chunk("3735928559", "%u", 0xdeadbeef); 1892 test_sprintf_chunk("12345", "%i", 12345); 1893 test_sprintf_chunk("751", "%o", 0751); 1894 test_sprintf_chunk("babe", "%x", 0xbabe); 1895 test_sprintf_chunk("0000BABE", "%.8X", 0xbabe); 1896 test_sprintf_chunk("-17", "%hhd", 0xdeadbeef); 1897 test_sprintf_chunk("-16657", "%hd", 0xdeadbeef); 1898 test_sprintf_chunk("deadbeefdeadbeef", "%lx", 0xdeadbeefdeadbeef); 1899 test_sprintf_chunk("0xdeadbeefdeadbeef", "%p", 1900 (void *) 0xdeadbeefdeadbeef); 1901 test_sprintf_chunk("18446744073709551615", "%ju", (intmax_t) -1); 1902 test_sprintf_chunk("18446744073709551615", "%zu", (size_t) -1); 1903 test_sprintf_chunk("18446744073709551615", "%tu", (size_t) -1); 1904 1905 test_sprintf_chunk("0x1.f9acffa7eb6bfp-4", "%a", 0.123456); 1906 test_sprintf_chunk("0X1.F9ACFFA7EB6BFP-4", "%A", 0.123456); 1907 test_sprintf_chunk("0.12346", "%.5f", 0.123456); 1908 test_sprintf_chunk("0.123456", "%g", 0.123456); 1909 test_sprintf_chunk("1.234560e-01", "%e", 0.123456); 1910 test_sprintf_chunk("1.234560E-01", "%E", 0.123456); 1911 test_sprintf_chunk("0.1234567891234560", "%.16Lf", 1912 (long double) 0.123456789123456); 1913 1914 test_sprintf_chunk("z", "%c", 'z'); 1915 1916 // %n, %s, %d, %f, and %% already tested 1917 1918 // Test formatting with width passed as an argument. 1919 r = sprintf(buf, "hi %*d my %*s friend %.*f", 3, 1, 6, "dear", 4, 3.14159265359); 1920 assert(r == 30); 1921 assert(strcmp(buf, "hi 1 my dear friend 3.1416") == 0); 1922 } 1923 1924 void test_snprintf() { 1925 char buf[2048]; 1926 memset(buf, 'a', sizeof(buf)); 1927 dfsan_set_label(0, buf, sizeof(buf)); 1928 const char* s = "world"; 1929 int y = 2014; 1930 int m = 8; 1931 int d = 27; 1932 dfsan_set_label(k_label, (void *) (s + 1), 2); 1933 dfsan_origin s_o = dfsan_get_origin((long)(s[1])); 1934 dfsan_set_label(i_label, &y, sizeof(y)); 1935 dfsan_origin y_o = dfsan_get_origin((long)y); 1936 dfsan_set_label(j_label, &m, sizeof(m)); 1937 dfsan_origin m_o = dfsan_get_origin((long)m); 1938 #ifndef ORIGIN_TRACKING 1939 (void)s_o; 1940 (void)y_o; 1941 (void)m_o; 1942 #endif 1943 int r = snprintf(buf, 19, "hello %s, %-d/ %d/%d %f", s, y, m, d, 1944 12345.6781234); 1945 // The return value is the number of bytes that would have been written to 1946 // the final string if enough space had been available. 1947 assert(r == 38); 1948 assert(memcmp(buf, "hello world, 2014/", 19) == 0); 1949 ASSERT_READ_LABEL(buf, 7, 0); 1950 ASSERT_READ_LABEL(buf + 7, 2, k_label); 1951 ASSERT_INIT_ORIGINS(buf + 7, 2, s_o); 1952 ASSERT_READ_LABEL(buf + 9, 4, 0); 1953 ASSERT_READ_LABEL(buf + 13, 4, i_label); 1954 ASSERT_INIT_ORIGINS(buf + 13, 4, y_o); 1955 ASSERT_READ_LABEL(buf + 17, 2, 0); 1956 ASSERT_LABEL(r, 0); 1957 } 1958 1959 // Tested by a seperate source file. This empty function is here to appease the 1960 // check-wrappers script. 1961 void test_fork() {} 1962 1963 int main(void) { 1964 i_label = 1; 1965 j_label = 2; 1966 k_label = 4; 1967 m_label = 8; 1968 n_label = 16; 1969 i_j_label = dfsan_union(i_label, j_label); 1970 assert(i_j_label != i_label); 1971 assert(i_j_label != j_label); 1972 assert(i_j_label != k_label); 1973 1974 test__dl_get_tls_static_info(); 1975 test_bcmp(); 1976 test_clock_gettime(); 1977 test_ctime_r(); 1978 test_dfsan_set_write_callback(); 1979 test_dl_iterate_phdr(); 1980 test_dlopen(); 1981 test_epoll_wait(); 1982 test_fgets(); 1983 test_fork(); 1984 test_fstat(); 1985 test_get_current_dir_name(); 1986 test_getcwd(); 1987 test_getentropy(); 1988 test_gethostname(); 1989 test_getpeername(); 1990 test_getpwuid_r(); 1991 test_getrlimit(); 1992 test_getrusage(); 1993 test_getsockname(); 1994 test_getsockopt(); 1995 test_gettimeofday(); 1996 test_inet_pton(); 1997 test_localtime_r(); 1998 test_memchr(); 1999 test_memcmp(); 2000 test_memcpy(); 2001 test_memmove(); 2002 test_memset(); 2003 test_nanosleep(); 2004 test_poll(); 2005 test_pread(); 2006 test_pthread_create(); 2007 test_pthread_join(); 2008 test_read(); 2009 test_recvmmsg(); 2010 test_recvmsg(); 2011 test_sched_getaffinity(); 2012 test_select(); 2013 test_sigaction(); 2014 test_signal(); 2015 test_sigaltstack(); 2016 test_sigemptyset(); 2017 test_snprintf(); 2018 test_socketpair(); 2019 test_sprintf(); 2020 test_stat(); 2021 test_strcasecmp(); 2022 test_strchr(); 2023 test_strcmp(); 2024 test_strcat(); 2025 test_strcpy(); 2026 test_strdup(); 2027 test_strlen(); 2028 test_strncasecmp(); 2029 test_strncmp(); 2030 test_strncpy(); 2031 test_strpbrk(); 2032 test_strrchr(); 2033 test_strstr(); 2034 test_strtod(); 2035 test_strtol(); 2036 test_strtoll(); 2037 test_strtoul(); 2038 test_strtoull(); 2039 test_time(); 2040 test_write(); 2041 } 2042