diff options
author | Dylan Noblesmith <nobled@dreamwidth.org> | 2012-06-15 22:56:37 +0000 |
---|---|---|
committer | Dylan Noblesmith <nobled@dreamwidth.org> | 2012-06-30 20:01:20 +0000 |
commit | d2bcffc470cf37dbdeb4d1ed46819360c16d92eb (patch) | |
tree | dc1565980e8459951fe0ef8b5bf51b2b31ba51b9 /tests | |
parent | b486e3aba5c7618b7f6311e82b5fdb2c93f2beab (diff) |
tests: test that path names longer than 108 bytes are rejected
These would either overflow the struct sockaddr_un, or
be truncated and leave a non-null-terminated string.
Diffstat (limited to 'tests')
-rw-r--r-- | tests/Makefile.am | 5 | ||||
-rw-r--r-- | tests/socket-test.c | 82 |
2 files changed, 86 insertions, 1 deletions
diff --git a/tests/Makefile.am b/tests/Makefile.am index fc4611c..bb92c4c 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -7,7 +7,8 @@ TESTS = \ list-test \ map-test \ os-wrappers-test \ - sanity-test + sanity-test \ + socket-test check_PROGRAMS = \ $(TESTS) \ @@ -26,6 +27,7 @@ fixed_test_SOURCES = fixed-test.c $(test_runner_src) list_test_SOURCES = list-test.c $(test_runner_src) map_test_SOURCES = map-test.c $(test_runner_src) sanity_test_SOURCES = sanity-test.c $(test_runner_src) +socket_test_SOURCES = socket-test.c $(test_runner_src) fixed_benchmark_SOURCES = fixed-benchmark.c @@ -37,6 +39,7 @@ os_wrappers_test_SOURCES = \ AM_CPPFLAGS = -I$(top_builddir)/src -I$(top_srcdir)/src AM_CFLAGS = $(GCC_CFLAGS) $(FFI_CFLAGS) LDADD = $(top_builddir)/src/libwayland-util.la \ + $(top_builddir)/src/libwayland-client.la \ $(top_builddir)/src/libwayland-server.la \ -lrt -ldl $(FFI_LIBS) diff --git a/tests/socket-test.c b/tests/socket-test.c new file mode 100644 index 0000000..0ee5ad0 --- /dev/null +++ b/tests/socket-test.c @@ -0,0 +1,82 @@ +/* + * Permission to use, copy, modify, distribute, and sell this software and its + * documentation for any purpose is hereby granted without fee, provided that + * the above copyright notice appear in all copies and that both that copyright + * notice and this permission notice appear in supporting documentation, and + * that the name of the copyright holders not be used in advertising or + * publicity pertaining to distribution of the software without specific, + * written prior permission. The copyright holders make no representations + * about the suitability of this software for any purpose. It is provided "as + * is" without express or implied warranty. + * + * THE COPYRIGHT HOLDERS DISCLAIM ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, + * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO + * EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE FOR ANY SPECIAL, INDIRECT OR + * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, + * DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER + * TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE + * OF THIS SOFTWARE. + */ + +#include <stdlib.h> +#include <assert.h> +#include <errno.h> +#include <string.h> +#include <sys/un.h> + +#include "wayland-client.h" +#include "wayland-server.h" +#include "test-runner.h" + +/* Paths longer than what the .sun_path array can contain must be rejected. + This is a hard limitation of assigning a name to AF_UNIX/AF_LOCAL sockets. + See `man 7 unix`. */ + +static const struct sockaddr_un example_sockaddr_un; + +#define TOO_LONG (1 + sizeof example_sockaddr_un.sun_path) + +TEST(socket_path_overflow_client_connect) +{ + char path[TOO_LONG]; + struct wl_display *d; + int ret; + + /* Ensure the connection doesn't fail due to lack of + XDG_RUNTIME_DIR. Don't use setenv(), as that allocates + memory and creates a spurious memory leak failure. */ + ret = putenv("XDG_RUNTIME_DIR=."); + assert(ret == 0); + + memset(path, 'a', sizeof path); + path[sizeof path - 1] = '\0'; + + d = wl_display_connect(path); + assert(d == NULL); + assert(errno == ENAMETOOLONG); +} + +TEST(socket_path_overflow_server_create) +{ + char path[TOO_LONG]; + struct wl_display *d; + int ret; + + /* Ensure the connection doesn't fail due to lack of + XDG_RUNTIME_DIR. Don't use setenv(), as that allocates + memory and creates a spurious memory leak failure. */ + ret = putenv("XDG_RUNTIME_DIR=."); + assert(ret == 0); + + memset(path, 'a', sizeof path); + path[sizeof path - 1] = '\0'; + + d = wl_display_create(); + assert(d != NULL); + + ret = wl_display_add_socket(d, path); + assert(ret < 0); + assert(errno == ENAMETOOLONG); + + wl_display_destroy(d); +} |