1# Copyright (c) 2018 The NetBSD Foundation, Inc. 2# All rights reserved. 3# 4# This code is derived from software contributed to The NetBSD Foundation 5# by Yang Zheng. 6# 7# Redistribution and use in source and binary forms, with or without 8# modification, are permitted provided that the following conditions 9# are met: 10# 1. Redistributions of source code must retain the above copyright 11# notice, this list of conditions and the following disclaimer. 12# 2. Redistributions in binary form must reproduce the above copyright 13# notice, this list of conditions and the following disclaimer in the 14# documentation and/or other materials provided with the distribution. 15# 16# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 17# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 18# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 19# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 20# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 23# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 24# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 25# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26# POSSIBILITY OF SUCH DAMAGE. 27# 28 29test_target() 30{ 31 SUPPORT='n' 32 if uname -m | grep -q "amd64" && command -v c++ >/dev/null 2>&1 && \ 33 ! echo __clang__ | c++ -E - | grep -q __clang__; then 34 # only clang with major version newer than 7 is supported 35 CLANG_MAJOR=`echo __clang_major__ | c++ -E - | grep -o '^[[:digit:]]'` 36 if [ "$CLANG_MAJOR" -ge "7" ]; then 37 SUPPORT='y' 38 fi 39 fi 40} 41 42atf_test_case free 43free_head() { 44 atf_set "descr" "Test memory sanitizer for use-after-free case" 45 atf_set "require.progs" "c++ paxctl" 46} 47 48atf_test_case free_profile 49free_profile_head() { 50 atf_set "descr" "Test memory sanitizer for use-after-free with profiling option" 51 atf_set "require.progs" "c++ paxctl" 52} 53atf_test_case free_pic 54free_pic_head() { 55 atf_set "descr" "Test memory sanitizer for use-after-free with position independent code (PIC) flag" 56 atf_set "require.progs" "c++ paxctl" 57} 58atf_test_case free_pie 59free_pie_head() { 60 atf_set "descr" "Test memory sanitizer for use-after-free with position independent execution (PIE) flag" 61 atf_set "require.progs" "c++ paxctl" 62} 63 64free_body(){ 65 cat > test.cc << EOF 66#include <stdlib.h> 67int main() { 68 int *a = (int *)malloc(sizeof(int)); 69 *a = 9; 70 free(a); 71 return *a; 72} 73EOF 74 75 c++ -fsanitize=memory -o test test.cc 76 paxctl +a test 77 atf_check -s ignore -o ignore -e match:"WARNING: MemorySanitizer: use-of-uninitialized-value" ./test 78} 79 80free_profile_body(){ 81 cat > test.cc << EOF 82#include <stdlib.h> 83int main() { 84 int *a = (int *)malloc(sizeof(int)); 85 *a = 9; 86 free(a); 87 return *a; 88} 89EOF 90 91 c++ -fsanitize=memory -static -o test -pg test.cc 92 paxctl +a test 93 atf_check -s ignore -o ignore -e match:"WARNING: MemorySanitizer: use-of-uninitialized-value" ./test 94} 95 96free_pic_body(){ 97 cat > test.cc << EOF 98#include <stdio.h> 99#include <stdlib.h> 100int help(int); 101int main(int argc, char **argv) {return help(argc);} 102EOF 103 104 cat > pic.cc << EOF 105#include <stdlib.h> 106int help(int argc) { 107 int *a = (int *)malloc(sizeof(int)); 108 *a = 9; 109 free(a); 110 return *a; 111} 112EOF 113 114 c++ -fsanitize=memory -fPIC -shared -o libtest.so pic.cc 115 c++ -o test test.cc -fsanitize=memory -L. -ltest 116 paxctl +a test 117 118 export LD_LIBRARY_PATH=. 119 atf_check -s ignore -o ignore -e match:"WARNING: MemorySanitizer: use-of-uninitialized-value" ./test 120} 121free_pie_body(){ 122 123 #check whether -pie flag is supported on this architecture 124 if ! c++ -pie -dM -E - < /dev/null 2>/dev/null >/dev/null; then 125 atf_set_skip "c++ -pie not supported on this architecture" 126 fi 127 cat > test.cc << EOF 128#include <stdlib.h> 129int main() { 130 int *a = (int *)malloc(sizeof(int)); 131 *a = 9; 132 free(a); 133 return *a; 134} 135EOF 136 137 c++ -fsanitize=memory -o test -fpie -pie test.cc 138 paxctl +a test 139 atf_check -s ignore -o ignore -e match:"WARNING: MemorySanitizer: use-of-uninitialized-value" ./test 140} 141 142atf_test_case target_not_supported 143target_not_supported_head() 144{ 145 atf_set "descr" "Test forced skip" 146} 147 148target_not_supported_body() 149{ 150 atf_skip "Target is not supported" 151} 152 153atf_init_test_cases() 154{ 155 test_target 156 test $SUPPORT = 'n' && { 157 atf_add_test_case target_not_supported 158 return 0 159 } 160 atf_add_test_case free 161 atf_add_test_case free_profile 162 atf_add_test_case free_pie 163 atf_add_test_case free_pic 164} 165