From patchwork Thu Sep 26 14:30:29 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tulio Magno Quites Machado Filho X-Patchwork-Id: 1989851 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=ascii.art.br header.i=@ascii.art.br header.a=rsa-sha256 header.s=dreamhost header.b=WCkN0/gN; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=8.43.85.97; helo=server2.sourceware.org; envelope-from=libc-alpha-bounces~incoming=patchwork.ozlabs.org@sourceware.org; receiver=patchwork.ozlabs.org) Received: from server2.sourceware.org (server2.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4XDwyX30Blz1xsn for ; Fri, 27 Sep 2024 00:31:32 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 158CE3858CDA for ; Thu, 26 Sep 2024 14:31:30 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from silver.cherry.relay.mailchannels.net (silver.cherry.relay.mailchannels.net [23.83.223.166]) by sourceware.org (Postfix) with ESMTPS id 6C9B13858D28 for ; Thu, 26 Sep 2024 14:30:58 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 6C9B13858D28 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=ascii.art.br Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=ascii.art.br ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 6C9B13858D28 Authentication-Results: server2.sourceware.org; arc=pass smtp.remote-ip=23.83.223.166 ARC-Seal: i=2; a=rsa-sha256; d=sourceware.org; s=key; t=1727361061; cv=pass; b=Knh3MRE91OrVBcLngFN5lhITqmtyFWxT4kv859Gt86WHCNGuIxGlcH79pqZKE2qpQc5BaMtRpDAqqVYis3y3GMsOuYeHzE+r8f8tNZfufQi0ZsxN4OEFr8NAsRzwI0Xsp4AB5UyarmnHEkhsK3IbhToys6i41INZxLPrh8ifyYk= ARC-Message-Signature: i=2; a=rsa-sha256; d=sourceware.org; s=key; t=1727361061; c=relaxed/simple; bh=xK6Js/2fw5eTlxIAveizJqUQVZNf8ov2wcFH8DbKLmk=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=VSsAbtluMZN8qB/6Ag+jQ9M9uIUfYRQ6PPB3R08DVQQ4zzCs4yg/EHmYS+sTiOvRvEYeWXqK/r5xI+ViBtofYgcPHfynP9mZXy4Kt0+Vkmh/vWhN1nFygu2Dw9tPM6Zhn9pFgoiYmq/JrSxiFOZW28FHClaYci+9kNTT7Oo5Bv0= ARC-Authentication-Results: i=2; server2.sourceware.org X-Sender-Id: dreamhost|x-authsender|tuliom@ascii.art.br Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 7869F903B18; Thu, 26 Sep 2024 14:30:57 +0000 (UTC) Received: from pdx1-sub0-mail-a308.dreamhost.com (100-99-103-226.trex-nlb.outbound.svc.cluster.local [100.99.103.226]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id CEDE59068DF; Thu, 26 Sep 2024 14:30:55 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1727361055; a=rsa-sha256; cv=none; b=srs1DIzSaV9/9OLHTLpneZxQc9Mb88yVNUuzmhevRzVEYye1snX4ElyIGb+QUajDe4AY5S tjPpN20iOdN7Bz6gYdEY/z+s4c0Zj4sTWfI7cOelInUhsW4a8mzT3ccFoZgHU0TyUqfLTG +ELQZoLAVZLJhxfraU/uCJr4hoe+GR2nzc1GZIQLzMyWtNa8RmZHIv8tHdU2l9iDlc1gLL 2qbZQafYWCFvkHdnUsAzZJCAA2UVFhByPWz52zFu/gULNmqZuZrB9z9WOXo+Ip2dP13IAq ufFMrzJFEtn90z0EMpnCi0oFYFO+xZAo82ChnK4ZeLhWCcRCAn4OWwaTVJStrw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1727361055; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=vI/Xy4zP30YODg2DQMTkXDYnacX1zBA1G0OyHVWP0MM=; b=WkmV9F0CGBKZ2oXl/4SeyUg7Ndjh44CbBRt8XArlBilwGS5eCKlLYTAx9b9EVvVbSIxyF7 XqKMm6meKXB4mwz/thv5wNvCAsb2bzIuo1v4tZ8Usav//2TQCXLFZ8U9cM/XoitAztBryQ DA+PzQlZKIE9HwsZwhiA3znpl8OK8eO8ZJ4SvjX+wEKbuQp8WZR6GRFGiwTWgbvSG27kTw 9tDVtXT+lrostk7ZOblbpajwt4TKWhtebyZv0Lkxl+dtGLXHcgj0fOrRROKtQGFhkf2OWH eNRKOjLEki9jfj302meQYnvgLm8SDoPq0EEmikglSSIjWzDlmfmrQdI3n+lnPw== ARC-Authentication-Results: i=1; rspamd-5b46bcd97f-tdrpd; auth=pass smtp.auth=dreamhost smtp.mailfrom=tuliom@ascii.art.br X-Sender-Id: dreamhost|x-authsender|tuliom@ascii.art.br X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|tuliom@ascii.art.br X-MailChannels-Auth-Id: dreamhost X-Troubled-Bottle: 419fe5e650cb0b25_1727361056077_152163876 X-MC-Loop-Signature: 1727361056077:3401343174 X-MC-Ingress-Time: 1727361056077 Received: from pdx1-sub0-mail-a308.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.99.103.226 (trex/7.0.2); Thu, 26 Sep 2024 14:30:56 +0000 Received: from ascii.art.br (ip-191-5-86-11.isp.valenet.com.br [191.5.86.11]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: tuliom@ascii.art.br) by pdx1-sub0-mail-a308.dreamhost.com (Postfix) with ESMTPSA id 4XDwxq0qBqz8m; Thu, 26 Sep 2024 07:30:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ascii.art.br; s=dreamhost; t=1727361055; bh=vI/Xy4zP30YODg2DQMTkXDYnacX1zBA1G0OyHVWP0MM=; h=From:To:Cc:Subject:Date:Content-Transfer-Encoding; b=WCkN0/gNsDA0l1k/1kutEzeKg/Q8/WOfxtnC4giaiyhprRiwqDcIyY1PhPW30B3/Q LKWW9m2Huh8oZjLy9xmudYmEDuALrOoF/Ib+W6nWl3Xt6Bl+y1lDe+qZ+WmKgAHOvv qcqf/GxW0iyuuTikDrqSKS+DCRomtD1KJt6a8dv50F8ke5XhVDWQbn+tGTIuNG0Mz9 PL4dad8yPt6Se93aGBA0at50CtShaPnt4verhzVOIwp4VTWvWVcrJpiWiAs/Gz3vUq Jcr8bG3M9JMVIenKOU4sdTUgdpP4w2IJUeocihkTvLwHrI7NJBAGfgPypr67t7M0c3 K8rmXeLZ29pFA== From: Tulio Magno Quites Machado Filho To: libc-alpha@sourceware.org Cc: Joseph Myers , Carlos O'Donell Subject: [PATCH v2] Add a new fwrite test that exercises buffer overflow Date: Thu, 26 Sep 2024 11:30:29 -0300 Message-ID: <20240926143029.3076523-1-tuliom@ascii.art.br> X-Mailer: git-send-email 2.46.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-8.3 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, RCVD_IN_BARRACUDACENTRAL, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces~incoming=patchwork.ozlabs.org@sourceware.org From: Tulio Magno Quites Machado Filho Changes since v1: - Many styling changes; - Replaced malloc() with xmalloc(); - Added tests where size != 1; - Fixed an error where only half ot the input was being initialized. -->8-- Exercises fwrite's internal buffer when doing a file operation. The new test, exercises 2 overflow behaviors: 1. Call fwrite multiple times making usage of fwrite's internal buffer. The total number of bytes written is larger than fwrite's internal buffer, forcing an automatic flush. 2. Call fwrite a single time with an amount of data that is larger than fwrite's internal buffer. Reviewed-by: Carlos O'Donell --- stdio-common/Makefile | 1 + stdio-common/tst-fwrite-overflow.c | 130 +++++++++++++++++++++++++++++ 2 files changed, 131 insertions(+) create mode 100644 stdio-common/tst-fwrite-overflow.c diff --git a/stdio-common/Makefile b/stdio-common/Makefile index e3e5f634c5..c4e6d0a8b2 100644 --- a/stdio-common/Makefile +++ b/stdio-common/Makefile @@ -230,6 +230,7 @@ tests := \ tst-fseek \ tst-fwrite \ tst-fwrite-memstrm \ + tst-fwrite-overflow \ tst-fwrite-ro \ tst-getline \ tst-getline-enomem \ diff --git a/stdio-common/tst-fwrite-overflow.c b/stdio-common/tst-fwrite-overflow.c new file mode 100644 index 0000000000..fe503fd589 --- /dev/null +++ b/stdio-common/tst-fwrite-overflow.c @@ -0,0 +1,130 @@ +/* Test the overflow of fwrite's internal buffer. + Copyright (C) 2024 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +/* stdio.h provides BUFSIZ, which is the size of fwrite's internal buffer. */ +#include +#include +#include +#include +#include +#include +#include +#include + +/* Length of the buffers in bytes. */ +#define RWBUF_SIZE (2 * BUFSIZ) + +void +test_one_rw (const char *in, size_t size, size_t nmemb, size_t blocks) +{ + int fd; + FILE *f; + char *out; + size_t written, to_write; + const size_t requested = size * nmemb; + + printf ("Testing with size = %zd, nmemb = %zd, blocks = %zd\n", + size, nmemb, blocks); + + TEST_VERIFY_EXIT (requested <= RWBUF_SIZE); + /* Ensure fwrite's internal buffer will overflow. */ + TEST_VERIFY_EXIT (requested > BUFSIZ); + + /* Create a temporary file and open it for reading and writing. */ + fd = create_temp_file ("tst-fwrite-overflow", NULL); + TEST_VERIFY_EXIT (fd != -1); + f = fdopen (fd, "w+"); + TEST_VERIFY_EXIT (f != NULL); + + /* Call fwrite() as many times as needed, until all data is written, + limiting the amount of data written per call to block items. */ + for (written = 0; written < nmemb; written += to_write) + { + if (written + blocks <= nmemb) + to_write = blocks; + else + to_write = nmemb - written; + /* Check if fwrite() returns the expected value. No errors are + expected. */ + TEST_COMPARE (fwrite (in + size * written, size, to_write, f), + to_write); + TEST_COMPARE (ferror (f), 0); + } + TEST_VERIFY_EXIT (written == nmemb); + + /* Ensure all the data is flushed to file. */ + TEST_COMPARE (fflush (f), 0); + + /* We have to check if the contents in the file are correct. Go back to + the beginning of the file. */ + rewind (f); + /* Try to allocate a buffer and save the contents of the generated file to + it. */ + out = xmalloc (RWBUF_SIZE); + TEST_COMPARE (fread (out, size, nmemb, f), nmemb); + + /* Ensure the output has the expected contents. */ + TEST_COMPARE (memcmp (out, in, requested), 0); + + xfclose (f); + free (out); +} + +static int +do_test (void) +{ + char * in; + int i, j; + size_t nmemb[] = {BUFSIZ + 1, RWBUF_SIZE, 0}; + /* Maximum number of items written for each fwrite call. */ + size_t block[] = {100, 1024, 2047, 0}; + /* The largest block must fit entirely in fwrite's buffer. */ + _Static_assert (2047 < BUFSIZ, + "a block must fit in fwrite's internal buffer"); + + in = xmalloc (RWBUF_SIZE); + for (i = 0; i < RWBUF_SIZE; i++) + in[i] = i % 0xff; + + for (i = 0; nmemb[i] != 0; i++) + for (j = 0; block[j] != 0; j++) + { + /* Run a test with an array of nmemb bytes. Write at most block + items per fwrite call. */ + test_one_rw (in, 1, nmemb[i], block[j]); + /* Run a test that overflows fwrite's internal buffer in a single call + by writting a single item of nmemb bytes. + This call should not use the buffer and should be written directly + to the file. */ + test_one_rw (in, nmemb[i], 1, nmemb[i]); + } + + for (j = 0; block[j] != 0; j++) + { + /* Run a test with size=2 and the minimum nmemb value that still + overflows the buffer. Write at most block items per fwrite call. */ + test_one_rw (in, 2, BUFSIZ / 2 + 1, block[j]); + /* Likewise, but size=3. */ + test_one_rw (in, 3, BUFSIZ / 3 + 1, block[j]); + } + + free (in); + return 0; +} + +#include