t_asan_poison.sh revision 1.1
11.1Skamil# $NetBSD: t_asan_poison.sh,v 1.1 2018/04/11 03:25:25 kamil Exp $ 21.1Skamil# 31.1Skamil# Copyright (c) 2018 The NetBSD Foundation, Inc. 41.1Skamil# All rights reserved. 51.1Skamil# 61.1Skamil# This code is derived from software contributed to The NetBSD Foundation 71.1Skamil# by Siddharth Muralee. 81.1Skamil# 91.1Skamil# Redistribution and use in source and binary forms, with or without 101.1Skamil# modification, are permitted provided that the following conditions 111.1Skamil# are met: 121.1Skamil# 1. Redistributions of source code must retain the above copyright 131.1Skamil# notice, this list of conditions and the following disclaimer. 141.1Skamil# 2. Redistributions in binary form must reproduce the above copyright 151.1Skamil# notice, this list of conditions and the following disclaimer in the 161.1Skamil# documentation and/or other materials provided with the distribution. 171.1Skamil# 181.1Skamil# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 191.1Skamil# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 201.1Skamil# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 211.1Skamil# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 221.1Skamil# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 231.1Skamil# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 241.1Skamil# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 251.1Skamil# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 261.1Skamil# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 271.1Skamil# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 281.1Skamil# POSSIBILITY OF SUCH DAMAGE. 291.1Skamil# 301.1Skamil 311.1SkamilSUPPORT='n' 321.1Skamiltest_target() { 331.1Skamil if uname -m | grep -q "amd64"; then 341.1Skamil SUPPORT='y' 351.1Skamil fi 361.1Skamil 371.1Skamil if uname -m | grep -q "i386"; then 381.1Skamil SUPPORT='y' 391.1Skamil fi 401.1Skamil} 411.1Skamil 421.1Skamilatf_test_case poison 431.1Skamilpoison_head() { 441.1Skamil atf_set "descr" "compile and run \"Use after Poison example\"" 451.1Skamil atf_set "require.progs" "c++ paxctl" 461.1Skamil} 471.1Skamil 481.1Skamilatf_test_case poison_profile 491.1Skamilpoison_profile_head() { 501.1Skamil atf_set "descr" "compile and run \"Use after Poison example\" with profiling option" 511.1Skamil atf_set "require.progs" "c++ paxctl" 521.1Skamil} 531.1Skamil 541.1Skamilatf_test_case poison_pic 551.1Skamilpoison_pic_head() { 561.1Skamil atf_set "descr" "compile and run PIC \"Use after Poison example\"" 571.1Skamil atf_set "require.progs" "c++ paxctl" 581.1Skamil} 591.1Skamil 601.1Skamilatf_test_case poison_pie 611.1Skamilpoison_pie_head() { 621.1Skamil atf_set "descr" "compile and run position independent (PIE) \"Use after Poison example\"" 631.1Skamil atf_set "require.progs" "c++ paxctl" 641.1Skamil} 651.1Skamil 661.1Skamilatf_test_case poison32 671.1Skamilpoison32_head() { 681.1Skamil atf_set "descr" "compile and run \"Use after Poison example\" for/in netbsd32 emulation" 691.1Skamil atf_set "require.progs" "c++ paxctl file diff cat" 701.1Skamil} 711.1Skamil 721.1Skamilatf_test_case target_not_supported 731.1Skamiltarget_not_supported_head() 741.1Skamil{ 751.1Skamil atf_set "descr" "Test forced skip" 761.1Skamil} 771.1Skamil 781.1Skamilpoison_body() { 791.1Skamil cat > test.c << EOF 801.1Skamil#include <stdio.h> 811.1Skamil#include <stdlib.h> 821.1Skamil#include <sanitizer/asan_interface.h> 831.1Skamilint foo() { 841.1Skamil int p = 2; 851.1Skamil int *a; 861.1Skamil ASAN_POISON_MEMORY_REGION(&p, sizeof(int)); 871.1Skamil a=&p; 881.1Skamil printf("%d", *a); 891.1Skamil} 901.1Skamil 911.1Skamilint main() { 921.1Skamil foo(); 931.1Skamil printf("CHECK\n"); 941.1Skamil exit(0); 951.1Skamil} 961.1SkamilEOF 971.1Skamil c++ -fsanitize=address -o test test.c 981.1Skamil paxctl +a test 991.1Skamil atf_check -s not-exit:0 -o not-match:"CHECK\n" -e match:"use-after-poison" ./test 1001.1Skamil} 1011.1Skamil 1021.1Skamilpoison_profile_body() { 1031.1Skamil cat > test.c << EOF 1041.1Skamil#include <stdio.h> 1051.1Skamil#include <stdlib.h> 1061.1Skamil#include <sanitizer/asan_interface.h> 1071.1Skamilint foo() { 1081.1Skamil int p = 2; 1091.1Skamil int *a; 1101.1Skamil ASAN_POISON_MEMORY_REGION(&p, sizeof(int)); 1111.1Skamil a=&p; 1121.1Skamil printf("%d", *a); 1131.1Skamil} 1141.1Skamil 1151.1Skamilint main() { 1161.1Skamil foo(); 1171.1Skamil printf("CHECK\n"); 1181.1Skamil exit(0); 1191.1Skamil} 1201.1SkamilEOF 1211.1Skamil c++ -fsanitize=address -o test -pg test.c 1221.1Skamil paxctl +a test 1231.1Skamil atf_check -s not-exit:0 -o not-match:"CHECK\n" -e match:"use-after-poison" ./test 1241.1Skamil} 1251.1Skamil 1261.1Skamilpoison_pic_body() { 1271.1Skamil cat > test.c << EOF 1281.1Skamil#include <stdio.h> 1291.1Skamil#include <stdlib.h> 1301.1Skamil#include <sanitizer/asan_interface.h> 1311.1Skamilint foo(); 1321.1Skamilint main() { 1331.1Skamil foo(); 1341.1Skamil printf("CHECK\n"); 1351.1Skamil exit(0); 1361.1Skamil} 1371.1SkamilEOF 1381.1Skamil cat > pic.c << EOF 1391.1Skamil#include <stdio.h> 1401.1Skamil#include <stdlib.h> 1411.1Skamil#include <sanitizer/asan_interface.h> 1421.1Skamilint foo() { 1431.1Skamil int p = 2; 1441.1Skamil int *a; 1451.1Skamil ASAN_POISON_MEMORY_REGION(&p, sizeof(int)); 1461.1Skamil a=&p; 1471.1Skamil printf("%d", *a); 1481.1Skamil} 1491.1SkamilEOF 1501.1Skamil 1511.1Skamil c++ -fPIC -fsanitize=address -shared -o libtest.so pic.c 1521.1Skamil c++ -o test test.c -fsanitize=address -L. -ltest 1531.1Skamil paxctl +a test 1541.1Skamil 1551.1Skamil export LD_LIBRARY_PATH=. 1561.1Skamil atf_check -s not-exit:0 -o not-match:"CHECK\n" -e match:"use-after-poison" ./test 1571.1Skamil} 1581.1Skamil 1591.1Skamilpoison_pie_body() { 1601.1Skamil # check whether this arch supports -pice 1611.1Skamil if ! c++ -pie -dM -E - < /dev/null 2>/dev/null >/dev/null; then 1621.1Skamil atf_set_skip "c++ -pie not supported on this architecture" 1631.1Skamil fi 1641.1Skamil cat > test.c << EOF 1651.1Skamil#include <stdio.h> 1661.1Skamil#include <stdlib.h> 1671.1Skamil#include <sanitizer/asan_interface.h> 1681.1Skamilint foo() { 1691.1Skamil int p = 2; 1701.1Skamil int *a; 1711.1Skamil ASAN_POISON_MEMORY_REGION(&p, sizeof(int)); 1721.1Skamil a=&p; 1731.1Skamil printf("%d", *a); 1741.1Skamil} 1751.1Skamil 1761.1Skamilint main() { 1771.1Skamil foo(); 1781.1Skamil printf("CHECK\n"); 1791.1Skamil exit(0); 1801.1Skamil} 1811.1SkamilEOF 1821.1Skamil c++ -fsanitize=address -fpie -pie -o test test.c 1831.1Skamil paxctl +a test 1841.1Skamil atf_check -s not-exit:0 -o not-match:"CHECK\n" -e match:"use-after-poison" ./test 1851.1Skamil} 1861.1Skamil 1871.1Skamilpoison32_body() { 1881.1Skamil # check whether this arch is 64bit 1891.1Skamil if ! c++ -dM -E - < /dev/null | fgrep -q _LP64; then 1901.1Skamil atf_skip "this is not a 64 bit architecture" 1911.1Skamil fi 1921.1Skamil if ! c++ -m32 -dM -E - < /dev/null 2>/dev/null > ./def32; then 1931.1Skamil atf_skip "c++ -m32 not supported on this architecture" 1941.1Skamil else 1951.1Skamil if fgrep -q _LP64 ./def32; then 1961.1Skamil atf_fail "c++ -m32 does not generate netbsd32 binaries" 1971.1Skamil fi 1981.1Skamilfi 1991.1Skamil 2001.1Skamil cat > test.c << EOF 2011.1Skamil#include <stdio.h> 2021.1Skamil#include <stdlib.h> 2031.1Skamil#include <sanitizer/asan_interface.h> 2041.1Skamilint foo() { 2051.1Skamil int p = 2; 2061.1Skamil int *a; 2071.1Skamil ASAN_POISON_MEMORY_REGION(&p, sizeof(int)); 2081.1Skamil a=&p; 2091.1Skamil printf("%d", *a); 2101.1Skamil} 2111.1Skamil 2121.1Skamilint main() { 2131.1Skamil foo(); 2141.1Skamil printf("CHECK\n"); 2151.1Skamil exit(0); 2161.1Skamil} 2171.1SkamilEOF 2181.1Skamil c++ -fsanitize=address -o psn32 -m32 test.c 2191.1Skamil c++ -fsanitize=address -o psn64 test.c 2201.1Skamil file -b ./psn32 > ./ftype32 2211.1Skamil file -b ./psn64 > ./ftype64 2221.1Skamil if diff ./ftype32 ./ftype64 >/dev/null; then 2231.1Skamil atf_fail "generated binaries do not differ" 2241.1Skamil fi 2251.1Skamil echo "32bit binaries on this platform are:" 2261.1Skamil cat ./ftype32 2271.1Skamil echo "While native (64bit) binaries are:" 2281.1Skamil cat ./ftype64 2291.1Skamil paxctl +a psn32 2301.1Skamil atf_check -s not-exit:0 -o not-match:"CHECK\n" -e match:"use-after-poison" ./psn32 2311.1Skamil 2321.1Skamil# and another test with profile 32bit binaries 2331.1Skamil cat > test.c << EOF 2341.1Skamil#include <stdio.h> 2351.1Skamil#include <stdlib.h> 2361.1Skamil#include <sanitizer/asan_interface.h> 2371.1Skamilint foo() { 2381.1Skamil int p = 2; 2391.1Skamil int *a; 2401.1Skamil ASAN_POISON_MEMORY_REGION(&p, sizeof(int)); 2411.1Skamil a=&p; 2421.1Skamil printf("%d", *a); 2431.1Skamil} 2441.1Skamil 2451.1Skamilint main() { 2461.1Skamil foo(); 2471.1Skamil printf("CHECK\n"); 2481.1Skamil exit(0); 2491.1Skamil} 2501.1SkamilEOF 2511.1Skamil c++ -o test -m32 -fsanitize=address -pg test.c 2521.1Skamil paxctl +a test 2531.1Skamil atf_check -s not-exit:0 -o not-match:"CHECK\n" -e match:"use-after-poison" ./test 2541.1Skamil} 2551.1Skamil 2561.1Skamiltarget_not_supported_body() 2571.1Skamil{ 2581.1Skamil atf_skip "Target is not supported" 2591.1Skamil} 2601.1Skamil 2611.1Skamilatf_init_test_cases() 2621.1Skamil{ 2631.1Skamil test_target 2641.1Skamil test $SUPPORT = 'n' && { 2651.1Skamil atf_add_test_case target_not_supported 2661.1Skamil return 0 2671.1Skamil } 2681.1Skamil 2691.1Skamil atf_add_test_case poison 2701.1Skamil atf_add_test_case poison_profile 2711.1Skamil atf_add_test_case poison_pic 2721.1Skamil atf_add_test_case poison_pie 2731.1Skamil atf_add_test_case poison32 2741.1Skamil # static option not supported 2751.1Skamil # -static and -fsanitize=address can't be used together for compilation 2761.1Skamil # (gcc version 5.4.0 and clang 7.1) tested on April 2nd 2018. 2771.1Skamil} 278