From 5f59ee393523698cc1823b7ad913ea8fd00087e8 Mon Sep 17 00:00:00 2001
From: jvoisin <julien.voisin@dustri.org>
Date: Mon, 27 Dec 2021 13:17:58 +0100
Subject: [PATCH] Add two tests to check that uninitialized read are zeroed

---
 test/simple-memory-corruption/Makefile             |  2 ++
 test/simple-memory-corruption/test_smc.py          |  9 +++++++++
 .../uninitialized_read_large.c                     | 14 ++++++++++++++
 .../uninitialized_read_small.c                     | 14 ++++++++++++++
 4 files changed, 39 insertions(+)
 create mode 100644 test/simple-memory-corruption/uninitialized_read_large.c
 create mode 100644 test/simple-memory-corruption/uninitialized_read_small.c

diff --git a/test/simple-memory-corruption/Makefile b/test/simple-memory-corruption/Makefile
index 7c4fd06..4f24df5 100644
--- a/test/simple-memory-corruption/Makefile
+++ b/test/simple-memory-corruption/Makefile
@@ -34,6 +34,8 @@ EXECUTABLES := \
     invalid_free_unprotected \
     invalid_free_small_region \
     invalid_free_small_region_far \
+    uninitialized_read_small \
+    uninitialized_read_large \
     uninitialized_free \
     uninitialized_realloc \
     uninitialized_malloc_usable_size \
diff --git a/test/simple-memory-corruption/test_smc.py b/test/simple-memory-corruption/test_smc.py
index f57690e..c585a7d 100644
--- a/test/simple-memory-corruption/test_smc.py
+++ b/test/simple-memory-corruption/test_smc.py
@@ -211,6 +211,15 @@ class TestSimpleMemoryCorruption(unittest.TestCase):
             "impossibly_large_malloc")
         self.assertEqual(returncode, 0)
 
+    def test_uninitialized_read_small(self):
+        _stdout, stderr, returncode = self.run_test(
+            "uninitialized_read_small")
+        self.assertEqual(returncode, 0)
+
+    def test_uninitialized_read_large(self):
+        _stdout, stderr, returncode = self.run_test(
+            "uninitialized_read_large")
+        self.assertEqual(returncode, 0)
 
 
 if __name__ == '__main__':
diff --git a/test/simple-memory-corruption/uninitialized_read_large.c b/test/simple-memory-corruption/uninitialized_read_large.c
new file mode 100644
index 0000000..05e58fc
--- /dev/null
+++ b/test/simple-memory-corruption/uninitialized_read_large.c
@@ -0,0 +1,14 @@
+#include <stdlib.h>
+
+#include "../test_util.h"
+
+OPTNONE int main(void) {
+    char *p = malloc(128 * 1024);
+    for (unsigned i = 0; i < 8; i++) {
+        if (p[i] != 0) {
+            return 1;
+        }
+    }
+    free(p);
+    return 0;
+}
diff --git a/test/simple-memory-corruption/uninitialized_read_small.c b/test/simple-memory-corruption/uninitialized_read_small.c
new file mode 100644
index 0000000..79c02ef
--- /dev/null
+++ b/test/simple-memory-corruption/uninitialized_read_small.c
@@ -0,0 +1,14 @@
+#include <stdlib.h>
+
+#include "../test_util.h"
+
+OPTNONE int main(void) {
+    char *p = malloc(8);
+    for (unsigned i = 0; i < 8; i++) {
+        if (p[i] != 0) {
+            return 1;
+        }
+    }
+    free(p);
+    return 0;
+}