Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src Import new C and C++ ATF tests for ASan



details:   https://anonhg.NetBSD.org/src/rev/938f86d8a204
branches:  trunk
changeset: 321939:938f86d8a204
user:      kamil <kamil%NetBSD.org@localhost>
date:      Wed Apr 11 03:25:25 2018 +0000

description:
Import new C and C++ ATF tests for ASan

Add new tests:
 - tests/usr.bin/cc/t_asan_poison.sh
 - tests/usr.bin/c++/t_asan_poison.sh

These tests verify the following build options:
 - regular
 - profile
 - pic
 - pie
 - compat32
 - (static unsupported)

These tests verify whether ASan code can include compiler and sanitizer
specific header: <sanitizer/asan_interface.h>. The testing code checks
the ASAN_POISON_MEMORY_REGION() functionality, poisoning valid memory and
asserting that it triggers expected failure.

Patch submitted by <Siddharth Muralee>

diffstat:

 distrib/sets/lists/tests/mi        |    4 +-
 tests/usr.bin/c++/Makefile         |    3 +-
 tests/usr.bin/c++/t_asan_poison.sh |  277 +++++++++++++++++++++++++++++++++++++
 tests/usr.bin/cc/Makefile          |    3 +-
 tests/usr.bin/cc/t_asan_poison.sh  |  277 +++++++++++++++++++++++++++++++++++++
 5 files changed, 561 insertions(+), 3 deletions(-)

diffs (truncated from 621 to 300 lines):

diff -r dfac3120ff89 -r 938f86d8a204 distrib/sets/lists/tests/mi
--- a/distrib/sets/lists/tests/mi       Wed Apr 11 01:52:59 2018 +0000
+++ b/distrib/sets/lists/tests/mi       Wed Apr 11 03:25:25 2018 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: mi,v 1.780 2018/04/04 23:51:35 kamil Exp $
+# $NetBSD: mi,v 1.781 2018/04/11 03:25:25 kamil Exp $
 #
 # Note: don't delete entries from here - mark them as "obsolete" instead.
 #
@@ -3639,6 +3639,7 @@
 ./usr/tests/usr.bin/c++/t_asan_global_buffer_overflow  tests-usr.bin-tests     compattestfile,atf,cxx
 ./usr/tests/usr.bin/c++/t_asan_heap_overflow   tests-usr.bin-tests     compattestfile,atf,cxx
 ./usr/tests/usr.bin/c++/t_asan_off_by_one      tests-usr.bin-tests     compattestfile,atf,cxx
+./usr/tests/usr.bin/c++/t_asan_poison          tests-usr.bin-tests     compattestfile,atf,cxx
 ./usr/tests/usr.bin/c++/t_asan_uaf             tests-usr.bin-tests     compattestfile,atf,cxx
 ./usr/tests/usr.bin/c++/t_call_once            tests-usr.bin-tests     compattestfile,atf,cxx
 ./usr/tests/usr.bin/c++/t_call_once2           tests-usr.bin-tests     compattestfile,atf,cxx
@@ -3654,6 +3655,7 @@
 ./usr/tests/usr.bin/cc/t_asan_global_buffer_overflow   tests-usr.bin-tests     compattestfile,atf
 ./usr/tests/usr.bin/cc/t_asan_heap_overflow    tests-usr.bin-tests     compattestfile,atf
 ./usr/tests/usr.bin/cc/t_asan_off_by_one       tests-usr.bin-tests     compattestfile,atf
+./usr/tests/usr.bin/cc/t_asan_poison           tests-usr.bin-tests     compattestfile,atf
 ./usr/tests/usr.bin/cc/t_asan_uaf              tests-usr.bin-tests     compattestfile,atf
 ./usr/tests/usr.bin/cmp                                tests-usr.bin-tests     compattestfile,atf
 ./usr/tests/usr.bin/cmp/Atffile                        tests-usr.bin-tests     compattestfile,atf
diff -r dfac3120ff89 -r 938f86d8a204 tests/usr.bin/c++/Makefile
--- a/tests/usr.bin/c++/Makefile        Wed Apr 11 01:52:59 2018 +0000
+++ b/tests/usr.bin/c++/Makefile        Wed Apr 11 03:25:25 2018 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.7 2018/04/04 23:53:26 kamil Exp $
+# $NetBSD: Makefile,v 1.8 2018/04/11 03:25:25 kamil Exp $
 
 .include <bsd.own.mk>
 
@@ -9,6 +9,7 @@
 TESTS_SH+=     t_asan_global_buffer_overflow
 TESTS_SH+=     t_asan_heap_overflow
 TESTS_SH+=     t_asan_off_by_one
+TESTS_SH+=     t_asan_poison
 TESTS_SH+=     t_asan_uaf
 TESTS_SH+=     t_call_once
 TESTS_SH+=     t_call_once2
diff -r dfac3120ff89 -r 938f86d8a204 tests/usr.bin/c++/t_asan_poison.sh
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/usr.bin/c++/t_asan_poison.sh        Wed Apr 11 03:25:25 2018 +0000
@@ -0,0 +1,277 @@
+#      $NetBSD: t_asan_poison.sh,v 1.1 2018/04/11 03:25:25 kamil Exp $
+#
+# Copyright (c) 2018 The NetBSD Foundation, Inc.
+# All rights reserved.
+#
+# This code is derived from software contributed to The NetBSD Foundation
+# by Siddharth Muralee.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+#
+
+SUPPORT='n'
+test_target() {
+       if uname -m | grep -q "amd64"; then
+               SUPPORT='y'
+       fi
+
+       if uname -m | grep -q "i386"; then
+               SUPPORT='y'
+       fi
+}
+
+atf_test_case poison
+poison_head() {
+       atf_set "descr" "compile and run \"Use after Poison example\""
+       atf_set "require.progs" "c++ paxctl"
+}
+
+atf_test_case poison_profile
+poison_profile_head() {
+       atf_set "descr" "compile and run \"Use after Poison example\" with profiling option"
+       atf_set "require.progs" "c++ paxctl"
+}
+
+atf_test_case poison_pic
+poison_pic_head() {
+       atf_set "descr" "compile and run PIC \"Use after Poison example\""
+       atf_set "require.progs" "c++ paxctl"
+}
+
+atf_test_case poison_pie
+poison_pie_head() {
+       atf_set "descr" "compile and run position independent (PIE) \"Use after Poison example\""
+       atf_set "require.progs" "c++ paxctl"
+}
+
+atf_test_case poison32
+poison32_head() {
+       atf_set "descr" "compile and run \"Use after Poison example\" for/in netbsd32 emulation"
+       atf_set "require.progs" "c++ paxctl file diff cat"
+}
+
+atf_test_case target_not_supported
+target_not_supported_head()
+{
+       atf_set "descr" "Test forced skip"
+}
+
+poison_body() {
+       cat > test.c << EOF
+#include <stdio.h>
+#include <stdlib.h>
+#include <sanitizer/asan_interface.h>
+int foo() {
+       int p = 2;
+       int *a;
+       ASAN_POISON_MEMORY_REGION(&p, sizeof(int));
+       a=&p;
+       printf("%d", *a);
+}
+
+int main() {
+       foo();
+       printf("CHECK\n");
+       exit(0);
+}
+EOF
+       c++ -fsanitize=address -o test test.c
+       paxctl +a test
+       atf_check -s not-exit:0 -o not-match:"CHECK\n" -e match:"use-after-poison" ./test
+}
+
+poison_profile_body() {
+       cat > test.c << EOF
+#include <stdio.h>
+#include <stdlib.h>
+#include <sanitizer/asan_interface.h>
+int foo() {
+       int p = 2;
+       int *a;
+       ASAN_POISON_MEMORY_REGION(&p, sizeof(int));
+       a=&p;
+       printf("%d", *a);
+}
+
+int main() {
+       foo();
+       printf("CHECK\n");
+       exit(0);
+}
+EOF
+       c++ -fsanitize=address -o test -pg test.c
+       paxctl +a test
+       atf_check -s not-exit:0 -o not-match:"CHECK\n" -e match:"use-after-poison" ./test
+}
+
+poison_pic_body() {
+       cat > test.c << EOF
+#include <stdio.h>
+#include <stdlib.h>
+#include <sanitizer/asan_interface.h>
+int foo();
+int main() {
+       foo();
+       printf("CHECK\n");
+       exit(0);
+}
+EOF
+       cat > pic.c << EOF
+#include <stdio.h>
+#include <stdlib.h>
+#include <sanitizer/asan_interface.h>
+int foo() {
+       int p = 2;
+       int *a;
+       ASAN_POISON_MEMORY_REGION(&p, sizeof(int));
+       a=&p;
+       printf("%d", *a);
+}
+EOF
+
+       c++ -fPIC -fsanitize=address -shared -o libtest.so pic.c
+       c++ -o test test.c -fsanitize=address -L. -ltest
+       paxctl +a test
+
+       export LD_LIBRARY_PATH=.
+       atf_check -s not-exit:0 -o not-match:"CHECK\n" -e match:"use-after-poison" ./test
+}
+
+poison_pie_body() {
+       # check whether this arch supports -pice
+       if ! c++ -pie -dM -E - < /dev/null 2>/dev/null >/dev/null; then
+               atf_set_skip "c++ -pie not supported on this architecture"
+       fi
+       cat > test.c << EOF
+#include <stdio.h>
+#include <stdlib.h>
+#include <sanitizer/asan_interface.h>
+int foo() {
+       int p = 2;
+       int *a;
+       ASAN_POISON_MEMORY_REGION(&p, sizeof(int));
+       a=&p;
+       printf("%d", *a);
+}
+
+int main() {
+       foo();
+       printf("CHECK\n");
+       exit(0);
+}
+EOF
+       c++ -fsanitize=address -fpie -pie -o test test.c
+       paxctl +a test
+       atf_check -s not-exit:0 -o not-match:"CHECK\n" -e match:"use-after-poison" ./test
+}
+
+poison32_body() {
+       # check whether this arch is 64bit
+       if ! c++ -dM -E - < /dev/null | fgrep -q _LP64; then
+               atf_skip "this is not a 64 bit architecture"
+       fi
+       if ! c++ -m32 -dM -E - < /dev/null 2>/dev/null > ./def32; then
+               atf_skip "c++ -m32 not supported on this architecture"
+       else
+               if fgrep -q _LP64 ./def32; then
+               atf_fail "c++ -m32 does not generate netbsd32 binaries"
+       fi
+fi
+
+       cat > test.c << EOF
+#include <stdio.h>
+#include <stdlib.h>
+#include <sanitizer/asan_interface.h>
+int foo() {
+       int p = 2;
+       int *a;
+       ASAN_POISON_MEMORY_REGION(&p, sizeof(int));
+       a=&p;
+       printf("%d", *a);
+}
+
+int main() {
+       foo();
+       printf("CHECK\n");
+       exit(0);
+}
+EOF
+       c++ -fsanitize=address -o psn32 -m32 test.c
+       c++ -fsanitize=address -o psn64 test.c
+       file -b ./psn32 > ./ftype32
+       file -b ./psn64 > ./ftype64
+       if diff ./ftype32 ./ftype64 >/dev/null; then
+               atf_fail "generated binaries do not differ"
+       fi
+       echo "32bit binaries on this platform are:"
+       cat ./ftype32
+       echo "While native (64bit) binaries are:"
+       cat ./ftype64
+       paxctl +a psn32
+       atf_check -s not-exit:0 -o not-match:"CHECK\n" -e match:"use-after-poison" ./psn32
+
+# and another test with profile 32bit binaries
+       cat > test.c << EOF
+#include <stdio.h>
+#include <stdlib.h>
+#include <sanitizer/asan_interface.h>
+int foo() {
+       int p = 2;
+       int *a;
+       ASAN_POISON_MEMORY_REGION(&p, sizeof(int));
+       a=&p;
+       printf("%d", *a);
+}
+
+int main() {
+       foo();
+       printf("CHECK\n");
+       exit(0);
+}
+EOF
+       c++ -o test -m32 -fsanitize=address -pg test.c
+       paxctl +a test
+       atf_check -s not-exit:0 -o not-match:"CHECK\n" -e match:"use-after-poison" ./test
+}



Home | Main Index | Thread Index | Old Index