From 645414cc9f7689ae43f5da935d3f436dc46df716 Mon Sep 17 00:00:00 2001 From: Daniel Micay Date: Mon, 3 Jan 2022 21:20:15 -0500 Subject: [PATCH] add 1 byte overflow tests --- test/simple-memory-corruption/Makefile | 6 ++++-- .../overflow_large_1_byte.c | 14 +++++++++++++ ...erflow_large.c => overflow_large_8_byte.c} | 0 .../overflow_small_1_byte.c | 14 +++++++++++++ ...erflow_small.c => overflow_small_8_byte.c} | 0 test/simple-memory-corruption/test_smc.py | 20 +++++++++++++++---- 6 files changed, 48 insertions(+), 6 deletions(-) create mode 100644 test/simple-memory-corruption/overflow_large_1_byte.c rename test/simple-memory-corruption/{eight_byte_overflow_large.c => overflow_large_8_byte.c} (100%) create mode 100644 test/simple-memory-corruption/overflow_small_1_byte.c rename test/simple-memory-corruption/{eight_byte_overflow_small.c => overflow_small_8_byte.c} (100%) diff --git a/test/simple-memory-corruption/Makefile b/test/simple-memory-corruption/Makefile index 4f24df5..e22d90d 100644 --- a/test/simple-memory-corruption/Makefile +++ b/test/simple-memory-corruption/Makefile @@ -39,8 +39,10 @@ EXECUTABLES := \ uninitialized_free \ uninitialized_realloc \ uninitialized_malloc_usable_size \ - eight_byte_overflow_small \ - eight_byte_overflow_large \ + overflow_large_1_byte \ + overflow_large_8_byte \ + overflow_small_1_byte \ + overflow_small_8_byte \ string_overflow \ delete_type_size_mismatch \ unaligned_malloc_usable_size_small \ diff --git a/test/simple-memory-corruption/overflow_large_1_byte.c b/test/simple-memory-corruption/overflow_large_1_byte.c new file mode 100644 index 0000000..d9402c6 --- /dev/null +++ b/test/simple-memory-corruption/overflow_large_1_byte.c @@ -0,0 +1,14 @@ +#include + +#include "../test_util.h" + +OPTNONE int main(void) { + char *p = malloc(256 * 1024); + if (!p) { + return 1; + } + size_t size = malloc_usable_size(p); + *(p + size) = 0; + free(p); + return 0; +} diff --git a/test/simple-memory-corruption/eight_byte_overflow_large.c b/test/simple-memory-corruption/overflow_large_8_byte.c similarity index 100% rename from test/simple-memory-corruption/eight_byte_overflow_large.c rename to test/simple-memory-corruption/overflow_large_8_byte.c diff --git a/test/simple-memory-corruption/overflow_small_1_byte.c b/test/simple-memory-corruption/overflow_small_1_byte.c new file mode 100644 index 0000000..86529c8 --- /dev/null +++ b/test/simple-memory-corruption/overflow_small_1_byte.c @@ -0,0 +1,14 @@ +#include + +#include "../test_util.h" + +OPTNONE int main(void) { + char *p = malloc(8); + if (!p) { + return 1; + } + size_t size = malloc_usable_size(p); + *(p + size) = 1; + free(p); + return 0; +} diff --git a/test/simple-memory-corruption/eight_byte_overflow_small.c b/test/simple-memory-corruption/overflow_small_8_byte.c similarity index 100% rename from test/simple-memory-corruption/eight_byte_overflow_small.c rename to test/simple-memory-corruption/overflow_small_8_byte.c diff --git a/test/simple-memory-corruption/test_smc.py b/test/simple-memory-corruption/test_smc.py index c585a7d..23179ae 100644 --- a/test/simple-memory-corruption/test_smc.py +++ b/test/simple-memory-corruption/test_smc.py @@ -48,14 +48,26 @@ class TestSimpleMemoryCorruption(unittest.TestCase): self.assertEqual(stderr.decode("utf-8"), "fatal allocator error: double free (quarantine)\n") - def test_eight_byte_overflow_large(self): + def test_overflow_large_1_byte(self): _stdout, _stderr, returncode = self.run_test( - "eight_byte_overflow_large") + "overflow_large_1_byte") self.assertEqual(returncode, -11) - def test_eight_byte_overflow_small(self): + def test_overflow_large_8_byte(self): + _stdout, _stderr, returncode = self.run_test( + "overflow_large_8_byte") + self.assertEqual(returncode, -11) + + def test_overflow_small_1_byte(self): _stdout, stderr, returncode = self.run_test( - "eight_byte_overflow_small") + "overflow_small_1_byte") + self.assertEqual(returncode, -6) + self.assertEqual(stderr.decode("utf-8"), + "fatal allocator error: canary corrupted\n") + + def test_overflow_small_8_byte(self): + _stdout, stderr, returncode = self.run_test( + "overflow_small_8_byte") self.assertEqual(returncode, -6) self.assertEqual(stderr.decode("utf-8"), "fatal allocator error: canary corrupted\n")