1 1.1 christos #include "test/jemalloc_test.h" 2 1.1 christos 3 1.1 christos #include "jemalloc/internal/safety_check.h" 4 1.1 christos 5 1.1 christos /* 6 1.1 christos * Note that we get called through safety_check.sh, which turns on sampling for 7 1.1 christos * everything. 8 1.1 christos */ 9 1.1 christos 10 1.1 christos bool fake_abort_called; 11 1.1 christos void fake_abort(const char *message) { 12 1.1 christos (void)message; 13 1.1 christos fake_abort_called = true; 14 1.1 christos } 15 1.1 christos 16 1.1 christos static void 17 1.1 christos buffer_overflow_write(char *ptr, size_t size) { 18 1.1 christos /* Avoid overflow warnings. */ 19 1.1 christos volatile size_t idx = size; 20 1.1 christos ptr[idx] = 0; 21 1.1 christos } 22 1.1 christos 23 1.1 christos TEST_BEGIN(test_malloc_free_overflow) { 24 1.1 christos test_skip_if(!config_prof); 25 1.1 christos test_skip_if(!config_opt_safety_checks); 26 1.1 christos 27 1.1 christos safety_check_set_abort(&fake_abort); 28 1.1 christos /* Buffer overflow! */ 29 1.1 christos char* ptr = malloc(128); 30 1.1 christos buffer_overflow_write(ptr, 128); 31 1.1 christos free(ptr); 32 1.1 christos safety_check_set_abort(NULL); 33 1.1 christos 34 1.1 christos expect_b_eq(fake_abort_called, true, "Redzone check didn't fire."); 35 1.1 christos fake_abort_called = false; 36 1.1 christos } 37 1.1 christos TEST_END 38 1.1 christos 39 1.1 christos TEST_BEGIN(test_mallocx_dallocx_overflow) { 40 1.1 christos test_skip_if(!config_prof); 41 1.1 christos test_skip_if(!config_opt_safety_checks); 42 1.1 christos 43 1.1 christos safety_check_set_abort(&fake_abort); 44 1.1 christos /* Buffer overflow! */ 45 1.1 christos char* ptr = mallocx(128, 0); 46 1.1 christos buffer_overflow_write(ptr, 128); 47 1.1 christos dallocx(ptr, 0); 48 1.1 christos safety_check_set_abort(NULL); 49 1.1 christos 50 1.1 christos expect_b_eq(fake_abort_called, true, "Redzone check didn't fire."); 51 1.1 christos fake_abort_called = false; 52 1.1 christos } 53 1.1 christos TEST_END 54 1.1 christos 55 1.1 christos TEST_BEGIN(test_malloc_sdallocx_overflow) { 56 1.1 christos test_skip_if(!config_prof); 57 1.1 christos test_skip_if(!config_opt_safety_checks); 58 1.1 christos 59 1.1 christos safety_check_set_abort(&fake_abort); 60 1.1 christos /* Buffer overflow! */ 61 1.1 christos char* ptr = malloc(128); 62 1.1 christos buffer_overflow_write(ptr, 128); 63 1.1 christos sdallocx(ptr, 128, 0); 64 1.1 christos safety_check_set_abort(NULL); 65 1.1 christos 66 1.1 christos expect_b_eq(fake_abort_called, true, "Redzone check didn't fire."); 67 1.1 christos fake_abort_called = false; 68 1.1 christos } 69 1.1 christos TEST_END 70 1.1 christos 71 1.1 christos TEST_BEGIN(test_realloc_overflow) { 72 1.1 christos test_skip_if(!config_prof); 73 1.1 christos test_skip_if(!config_opt_safety_checks); 74 1.1 christos 75 1.1 christos safety_check_set_abort(&fake_abort); 76 1.1 christos /* Buffer overflow! */ 77 1.1 christos char* ptr = malloc(128); 78 1.1 christos buffer_overflow_write(ptr, 128); 79 1.1 christos ptr = realloc(ptr, 129); 80 1.1 christos safety_check_set_abort(NULL); 81 1.1 christos free(ptr); 82 1.1 christos 83 1.1 christos expect_b_eq(fake_abort_called, true, "Redzone check didn't fire."); 84 1.1 christos fake_abort_called = false; 85 1.1 christos } 86 1.1 christos TEST_END 87 1.1 christos 88 1.1 christos TEST_BEGIN(test_rallocx_overflow) { 89 1.1 christos test_skip_if(!config_prof); 90 1.1 christos test_skip_if(!config_opt_safety_checks); 91 1.1 christos 92 1.1 christos safety_check_set_abort(&fake_abort); 93 1.1 christos /* Buffer overflow! */ 94 1.1 christos char* ptr = malloc(128); 95 1.1 christos buffer_overflow_write(ptr, 128); 96 1.1 christos ptr = rallocx(ptr, 129, 0); 97 1.1 christos safety_check_set_abort(NULL); 98 1.1 christos free(ptr); 99 1.1 christos 100 1.1 christos expect_b_eq(fake_abort_called, true, "Redzone check didn't fire."); 101 1.1 christos fake_abort_called = false; 102 1.1 christos } 103 1.1 christos TEST_END 104 1.1 christos 105 1.1 christos TEST_BEGIN(test_xallocx_overflow) { 106 1.1 christos test_skip_if(!config_prof); 107 1.1 christos test_skip_if(!config_opt_safety_checks); 108 1.1 christos 109 1.1 christos safety_check_set_abort(&fake_abort); 110 1.1 christos /* Buffer overflow! */ 111 1.1 christos char* ptr = malloc(128); 112 1.1 christos buffer_overflow_write(ptr, 128); 113 1.1 christos size_t result = xallocx(ptr, 129, 0, 0); 114 1.1 christos expect_zu_eq(result, 128, ""); 115 1.1 christos free(ptr); 116 1.1 christos expect_b_eq(fake_abort_called, true, "Redzone check didn't fire."); 117 1.1 christos fake_abort_called = false; 118 1.1 christos safety_check_set_abort(NULL); 119 1.1 christos } 120 1.1 christos TEST_END 121 1.1 christos 122 1.1 christos TEST_BEGIN(test_realloc_no_overflow) { 123 1.1 christos char* ptr = malloc(128); 124 1.1 christos ptr = realloc(ptr, 256); 125 1.1 christos ptr[128] = 0; 126 1.1 christos ptr[255] = 0; 127 1.1 christos free(ptr); 128 1.1 christos 129 1.1 christos ptr = malloc(128); 130 1.1 christos ptr = realloc(ptr, 64); 131 1.1 christos ptr[63] = 0; 132 1.1 christos ptr[0] = 0; 133 1.1 christos free(ptr); 134 1.1 christos } 135 1.1 christos TEST_END 136 1.1 christos 137 1.1 christos TEST_BEGIN(test_rallocx_no_overflow) { 138 1.1 christos char* ptr = malloc(128); 139 1.1 christos ptr = rallocx(ptr, 256, 0); 140 1.1 christos ptr[128] = 0; 141 1.1 christos ptr[255] = 0; 142 1.1 christos free(ptr); 143 1.1 christos 144 1.1 christos ptr = malloc(128); 145 1.1 christos ptr = rallocx(ptr, 64, 0); 146 1.1 christos ptr[63] = 0; 147 1.1 christos ptr[0] = 0; 148 1.1 christos free(ptr); 149 1.1 christos } 150 1.1 christos TEST_END 151 1.1 christos 152 1.1 christos int 153 1.1 christos main(void) { 154 1.1 christos return test( 155 1.1 christos test_malloc_free_overflow, 156 1.1 christos test_mallocx_dallocx_overflow, 157 1.1 christos test_malloc_sdallocx_overflow, 158 1.1 christos test_realloc_overflow, 159 1.1 christos test_rallocx_overflow, 160 1.1 christos test_xallocx_overflow, 161 1.1 christos test_realloc_no_overflow, 162 1.1 christos test_rallocx_no_overflow); 163 1.1 christos } 164
Indexes created Sat Apr 25 00:22:52 UTC 2026