1e4b7b0bcSRobert Clausecker /*- 2e4b7b0bcSRobert Clausecker * Copyright (c) 2009 David Schultz <das@FreeBSD.org> 3*61ed5748SRobert Clausecker * Copyright (c) 2023, 2024 The FreeBSD Foundation 4e4b7b0bcSRobert Clausecker * All rights reserved. 5e4b7b0bcSRobert Clausecker * 6e4b7b0bcSRobert Clausecker * Portions of this software were developed by Robert Clausecker 7e4b7b0bcSRobert Clausecker * <fuz@FreeBSD.org> under sponsorship from the FreeBSD Foundation. 8e4b7b0bcSRobert Clausecker * 9e4b7b0bcSRobert Clausecker * Redistribution and use in source and binary forms, with or without 10e4b7b0bcSRobert Clausecker * modification, are permitted provided that the following conditions 11e4b7b0bcSRobert Clausecker * are met: 12e4b7b0bcSRobert Clausecker * 1. Redistributions of source code must retain the above copyright 13e4b7b0bcSRobert Clausecker * notice, this list of conditions and the following disclaimer. 14e4b7b0bcSRobert Clausecker * 2. Redistributions in binary form must reproduce the above copyright 15e4b7b0bcSRobert Clausecker * notice, this list of conditions and the following disclaimer in the 16e4b7b0bcSRobert Clausecker * documentation and/or other materials provided with the distribution. 17e4b7b0bcSRobert Clausecker * 18e4b7b0bcSRobert Clausecker * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 19e4b7b0bcSRobert Clausecker * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20e4b7b0bcSRobert Clausecker * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21e4b7b0bcSRobert Clausecker * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 22e4b7b0bcSRobert Clausecker * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23e4b7b0bcSRobert Clausecker * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24e4b7b0bcSRobert Clausecker * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25e4b7b0bcSRobert Clausecker * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26e4b7b0bcSRobert Clausecker * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27e4b7b0bcSRobert Clausecker * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28e4b7b0bcSRobert Clausecker * SUCH DAMAGE. 29e4b7b0bcSRobert Clausecker */ 30e4b7b0bcSRobert Clausecker 31e4b7b0bcSRobert Clausecker #include <sys/cdefs.h> 32e4b7b0bcSRobert Clausecker #include <sys/param.h> 33e4b7b0bcSRobert Clausecker #include <sys/mman.h> 34e4b7b0bcSRobert Clausecker #include <assert.h> 35e4b7b0bcSRobert Clausecker #include <dlfcn.h> 36e4b7b0bcSRobert Clausecker #include <limits.h> 37e4b7b0bcSRobert Clausecker #include <stdio.h> 38e4b7b0bcSRobert Clausecker #include <stdlib.h> 39e4b7b0bcSRobert Clausecker #include <string.h> 40e4b7b0bcSRobert Clausecker 41e4b7b0bcSRobert Clausecker #include <atf-c.h> 42e4b7b0bcSRobert Clausecker 43e4b7b0bcSRobert Clausecker void *(*memccpy_fn)(void *restrict, const void *restrict, int, size_t); 44e4b7b0bcSRobert Clausecker 45e4b7b0bcSRobert Clausecker static char * 46e4b7b0bcSRobert Clausecker makebuf(size_t len, int guard_at_end) 47e4b7b0bcSRobert Clausecker { 48e4b7b0bcSRobert Clausecker char *buf; 49e4b7b0bcSRobert Clausecker size_t alloc_size, page_size; 50e4b7b0bcSRobert Clausecker 51e4b7b0bcSRobert Clausecker page_size = getpagesize(); 52e4b7b0bcSRobert Clausecker alloc_size = roundup2(len, page_size) + page_size; 53e4b7b0bcSRobert Clausecker 54e4b7b0bcSRobert Clausecker buf = mmap(NULL, alloc_size, PROT_READ | PROT_WRITE, MAP_ANON, -1, 0); 55e4b7b0bcSRobert Clausecker assert(buf); 56e4b7b0bcSRobert Clausecker if (guard_at_end) { 57*61ed5748SRobert Clausecker assert(mprotect(buf + alloc_size - page_size, page_size, PROT_NONE) == 0); 58e4b7b0bcSRobert Clausecker return (buf + alloc_size - page_size - len); 59e4b7b0bcSRobert Clausecker } else { 60*61ed5748SRobert Clausecker assert(mprotect(buf, page_size, PROT_NONE) == 0); 61e4b7b0bcSRobert Clausecker return (buf + page_size); 62e4b7b0bcSRobert Clausecker } 63e4b7b0bcSRobert Clausecker } 64e4b7b0bcSRobert Clausecker 65e4b7b0bcSRobert Clausecker static void 66*61ed5748SRobert Clausecker freebuf(char * buf, size_t len, int guard_at_end) 67*61ed5748SRobert Clausecker { 68*61ed5748SRobert Clausecker size_t alloc_size, page_size; 69*61ed5748SRobert Clausecker 70*61ed5748SRobert Clausecker page_size = getpagesize(); 71*61ed5748SRobert Clausecker alloc_size = roundup2(len, page_size) + page_size; 72*61ed5748SRobert Clausecker 73*61ed5748SRobert Clausecker if (guard_at_end) 74*61ed5748SRobert Clausecker munmap(buf + len + page_size - alloc_size, alloc_size); 75*61ed5748SRobert Clausecker else 76*61ed5748SRobert Clausecker munmap(buf - page_size, alloc_size); 77*61ed5748SRobert Clausecker } 78*61ed5748SRobert Clausecker 79*61ed5748SRobert Clausecker static void 80*61ed5748SRobert Clausecker test_memccpy(const char *s, size_t size) 81e4b7b0bcSRobert Clausecker { 82e4b7b0bcSRobert Clausecker char *src, *dst, *expected; 83*61ed5748SRobert Clausecker size_t bufsize, x; 84e4b7b0bcSRobert Clausecker int i, j; 85e4b7b0bcSRobert Clausecker 86e4b7b0bcSRobert Clausecker for (i = 0; i <= 1; i++) { 87e4b7b0bcSRobert Clausecker for (j = 0; j <= 1; j++) { 88*61ed5748SRobert Clausecker for (bufsize = 0; bufsize <= size + 32; bufsize++) { 89*61ed5748SRobert Clausecker dst = makebuf(bufsize, j); 90*61ed5748SRobert Clausecker if (bufsize < size) { 91*61ed5748SRobert Clausecker src = makebuf(bufsize, i); 92*61ed5748SRobert Clausecker memcpy(src, s, bufsize); 93*61ed5748SRobert Clausecker expected = NULL; 94*61ed5748SRobert Clausecker } else { 95e4b7b0bcSRobert Clausecker src = makebuf(size, i); 96e4b7b0bcSRobert Clausecker memcpy(src, s, size); 97*61ed5748SRobert Clausecker expected = dst + size; 98*61ed5748SRobert Clausecker } 99*61ed5748SRobert Clausecker 100e4b7b0bcSRobert Clausecker memset(dst, 'X', bufsize); 101*61ed5748SRobert Clausecker assert(memccpy_fn(dst, src, s[size-1], bufsize) == expected); 102*61ed5748SRobert Clausecker assert(memcmp(src, dst, MIN(bufsize, size)) == 0); 103e4b7b0bcSRobert Clausecker for (x = size; x < bufsize; x++) 104e4b7b0bcSRobert Clausecker assert(dst[x] == 'X'); 105*61ed5748SRobert Clausecker 106*61ed5748SRobert Clausecker freebuf(dst, bufsize, j); 107*61ed5748SRobert Clausecker freebuf(src, bufsize < size ? bufsize : size, i); 108e4b7b0bcSRobert Clausecker } 109e4b7b0bcSRobert Clausecker } 110e4b7b0bcSRobert Clausecker } 111e4b7b0bcSRobert Clausecker } 112e4b7b0bcSRobert Clausecker 113e4b7b0bcSRobert Clausecker static void 114e4b7b0bcSRobert Clausecker test_sentinel(char *dest, char *src, size_t destlen, size_t srclen) 115e4b7b0bcSRobert Clausecker { 116e4b7b0bcSRobert Clausecker size_t i, effective_len; 117e4b7b0bcSRobert Clausecker void *res, *wantres; 118e4b7b0bcSRobert Clausecker const char *fail = NULL; 119e4b7b0bcSRobert Clausecker char terminator; 120e4b7b0bcSRobert Clausecker 121e4b7b0bcSRobert Clausecker for (i = 0; i < srclen; i++) 122e4b7b0bcSRobert Clausecker /* src will never include (){} */ 123e4b7b0bcSRobert Clausecker src[i] = '0' + i; 124e4b7b0bcSRobert Clausecker 125e4b7b0bcSRobert Clausecker /* source sentinels: not to be copied */ 126e4b7b0bcSRobert Clausecker src[-1] = '('; 127e4b7b0bcSRobert Clausecker src[srclen] = ')'; 128e4b7b0bcSRobert Clausecker 129e4b7b0bcSRobert Clausecker memset(dest, '\xee', destlen); 130e4b7b0bcSRobert Clausecker 131e4b7b0bcSRobert Clausecker /* destination sentinels: not to be touched */ 132e4b7b0bcSRobert Clausecker dest[-1] = '{'; 133e4b7b0bcSRobert Clausecker dest[destlen] = '}'; 134e4b7b0bcSRobert Clausecker 135e4b7b0bcSRobert Clausecker effective_len = srclen < destlen ? srclen : destlen; 136e4b7b0bcSRobert Clausecker wantres = srclen <= destlen ? dest + srclen : NULL; 137e4b7b0bcSRobert Clausecker terminator = src[srclen-1]; 138e4b7b0bcSRobert Clausecker res = memccpy_fn(dest, src, terminator, destlen); 139e4b7b0bcSRobert Clausecker 140e4b7b0bcSRobert Clausecker if (dest[-1] != '{') 141e4b7b0bcSRobert Clausecker fail = "start sentinel overwritten"; 142e4b7b0bcSRobert Clausecker else if (dest[destlen] != '}') 143e4b7b0bcSRobert Clausecker fail = "end sentinel overwritten"; 144e4b7b0bcSRobert Clausecker else if (res != wantres) 145e4b7b0bcSRobert Clausecker fail = "incorrect return value"; 146e4b7b0bcSRobert Clausecker else if (destlen > 0 && memcmp(src, dest, effective_len) != 0) 147e4b7b0bcSRobert Clausecker fail = "string not copied correctly"; 148e4b7b0bcSRobert Clausecker else for (i = srclen; i < destlen; i++) 149e4b7b0bcSRobert Clausecker if (dest[i] != '\xee') { 150e4b7b0bcSRobert Clausecker fail = "buffer mutilated behind string"; 151e4b7b0bcSRobert Clausecker break; 152e4b7b0bcSRobert Clausecker } 153e4b7b0bcSRobert Clausecker 154e4b7b0bcSRobert Clausecker if (fail) 155e4b7b0bcSRobert Clausecker atf_tc_fail_nonfatal("%s\n" 156e4b7b0bcSRobert Clausecker "memccpy(%p \"%s\", %p \"%s\", %u '%c', %zu) = %p (want %p)\n", 157e4b7b0bcSRobert Clausecker fail, dest, dest, src, src, terminator, terminator, destlen, res, wantres); 158e4b7b0bcSRobert Clausecker } 159e4b7b0bcSRobert Clausecker 160e4b7b0bcSRobert Clausecker ATF_TC_WITHOUT_HEAD(null); 161e4b7b0bcSRobert Clausecker ATF_TC_BODY(null, tc) 162e4b7b0bcSRobert Clausecker { 163e4b7b0bcSRobert Clausecker ATF_CHECK_EQ(memccpy_fn(NULL, "foo", 42, 0), NULL); 164e4b7b0bcSRobert Clausecker } 165e4b7b0bcSRobert Clausecker 166e4b7b0bcSRobert Clausecker ATF_TC(zero_extension); 167e4b7b0bcSRobert Clausecker ATF_TC_HEAD(zero_extension, tc) 168e4b7b0bcSRobert Clausecker { 169e4b7b0bcSRobert Clausecker atf_tc_set_md_var(tc, "descr", 170e4b7b0bcSRobert Clausecker "Ensure the upper bits of the terminator are ignored"); 171e4b7b0bcSRobert Clausecker } 172e4b7b0bcSRobert Clausecker ATF_TC_BODY(zero_extension, tc) 173e4b7b0bcSRobert Clausecker { 174e4b7b0bcSRobert Clausecker int mask = -1 & ~UCHAR_MAX; 175e4b7b0bcSRobert Clausecker char buf[16]; 176e4b7b0bcSRobert Clausecker 177e4b7b0bcSRobert Clausecker memset(buf, 0xcc, sizeof(buf)); 178e4b7b0bcSRobert Clausecker ATF_CHECK_EQ(memccpy(buf, "foobar", 'r', sizeof(buf)), buf + sizeof("foobar") - 1); 179e4b7b0bcSRobert Clausecker ATF_CHECK_EQ(memcmp(buf, "foobar", sizeof("foobar") - 1), 0); 180e4b7b0bcSRobert Clausecker 181e4b7b0bcSRobert Clausecker memset(buf, 0xcc, sizeof(buf)); 182e4b7b0bcSRobert Clausecker ATF_CHECK_EQ(memccpy(buf, "foobar", mask | 'r', sizeof(buf)), buf + sizeof("foobar") - 1); 183e4b7b0bcSRobert Clausecker ATF_CHECK_EQ(memcmp(buf, "foobar", sizeof("foobar") - 1), 0); 184e4b7b0bcSRobert Clausecker } 185e4b7b0bcSRobert Clausecker 186e4b7b0bcSRobert Clausecker ATF_TC_WITHOUT_HEAD(bounds); 187e4b7b0bcSRobert Clausecker ATF_TC_BODY(bounds, tc) 188e4b7b0bcSRobert Clausecker { 189e4b7b0bcSRobert Clausecker size_t i; 190e4b7b0bcSRobert Clausecker char buf[64]; 191e4b7b0bcSRobert Clausecker 192e4b7b0bcSRobert Clausecker for (i = 0; i < sizeof(buf) - 1; i++) { 193e4b7b0bcSRobert Clausecker buf[i] = ' ' + i; 194*61ed5748SRobert Clausecker buf[i+1] = '\0'; 195*61ed5748SRobert Clausecker test_memccpy(buf, i + 1); 196e4b7b0bcSRobert Clausecker } 197e4b7b0bcSRobert Clausecker } 198e4b7b0bcSRobert Clausecker 199e4b7b0bcSRobert Clausecker ATF_TC_WITHOUT_HEAD(alignments); 200e4b7b0bcSRobert Clausecker ATF_TC_BODY(alignments, tc) 201e4b7b0bcSRobert Clausecker { 202e4b7b0bcSRobert Clausecker size_t srcalign, destalign, srclen, destlen; 203e4b7b0bcSRobert Clausecker char src[15+2+64]; /* 15 offsets + 64 max length + sentinels */ 204e4b7b0bcSRobert Clausecker char dest[15+2+64]; /* 15 offsets + 64 max length + sentinels */ 205e4b7b0bcSRobert Clausecker 206e4b7b0bcSRobert Clausecker for (srcalign = 0; srcalign < 16; srcalign++) 207e4b7b0bcSRobert Clausecker for (destalign = 0; destalign < 16; destalign++) 208e4b7b0bcSRobert Clausecker for (srclen = 1; srclen < 64; srclen++) 209e4b7b0bcSRobert Clausecker for (destlen = 0; destlen < 64; destlen++) 210e4b7b0bcSRobert Clausecker test_sentinel(dest+destalign+1, 211e4b7b0bcSRobert Clausecker src+srcalign+1, destlen, srclen); 212e4b7b0bcSRobert Clausecker } 213e4b7b0bcSRobert Clausecker 214e4b7b0bcSRobert Clausecker ATF_TP_ADD_TCS(tp) 215e4b7b0bcSRobert Clausecker { 216e4b7b0bcSRobert Clausecker void *dl_handle; 217e4b7b0bcSRobert Clausecker 218e4b7b0bcSRobert Clausecker dl_handle = dlopen(NULL, RTLD_LAZY); 219e4b7b0bcSRobert Clausecker memccpy_fn = dlsym(dl_handle, "test_memccpy"); 220e4b7b0bcSRobert Clausecker if (memccpy_fn == NULL) 221e4b7b0bcSRobert Clausecker memccpy_fn = memccpy; 222e4b7b0bcSRobert Clausecker 223e4b7b0bcSRobert Clausecker ATF_TP_ADD_TC(tp, null); 224e4b7b0bcSRobert Clausecker ATF_TP_ADD_TC(tp, zero_extension); 225e4b7b0bcSRobert Clausecker ATF_TP_ADD_TC(tp, bounds); 226e4b7b0bcSRobert Clausecker ATF_TP_ADD_TC(tp, alignments); 227e4b7b0bcSRobert Clausecker 228e4b7b0bcSRobert Clausecker return (atf_no_error()); 229e4b7b0bcSRobert Clausecker } 230