From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=rALo=6X=linaro.org=adhemerval.zanella@sourceware.org>
Received: from mail-oa1-x30.google.com (mail-oa1-x30.google.com [IPv6:2001:4860:4864:20::30])
	by sourceware.org (Postfix) with ESMTPS id 506DD3858D32
	for <libc-alpha@sourceware.org>; Mon, 27 Feb 2023 15:37:39 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 506DD3858D32
Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org
Received: by mail-oa1-x30.google.com with SMTP id 586e51a60fabf-17264e9b575so7745240fac.9
        for <libc-alpha@sourceware.org>; Mon, 27 Feb 2023 07:37:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linaro.org; s=google; t=1677512258;
        h=content-transfer-encoding:mime-version:message-id:date:subject:to
         :from:from:to:cc:subject:date:message-id:reply-to;
        bh=PuB/iODYr+2hS/fvKd0upoIBxQA70zrpjKIlLfsOOYY=;
        b=NO9imeBVPkmfOXFMyEqZ6D9PsXCFsdU9TjAnz0vQDVCLBiSMeyKBYv9KA/gvetO949
         ZAdncjhkSIP+Xz7XlA+kNilZnR8zLa0NCtTZxYAuBgGITi715P0oLdySjjPJOO6OYfQv
         NSbSG1KJIj2+mDiQEMWJj4NvikrkPUO82FGE7sB+1jB8GblY/YllLQV11yBQVpdPtigs
         hZcUAKHf0btorpiqKYI9y3bmw0mprS/VUO3HBIfhcTQfvwHviyjIJeaytocuIxy3cmVX
         DVl56NPXEofR978NNplJ9Ad7Mr+smX8mxQ7Gy6m9xI0Un6A7j/mlFEhcA3NWF+Q7Kde6
         DZLw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112; t=1677512258;
        h=content-transfer-encoding:mime-version:message-id:date:subject:to
         :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=PuB/iODYr+2hS/fvKd0upoIBxQA70zrpjKIlLfsOOYY=;
        b=kNdWhZK3c/sEeZdnOk511WyVjE1k5gJIhmObwTtIah1MIcRbABMElRC2uGMzd2oHnr
         uqa4ETe0vRfTRjLb6tHArAXnyNAnlA4FkOBgjr2ewSGGsc1wZt+tUQhTwqxJaCaPWbIx
         pHbpL+ulozImLgqEuQLQYJrlrx5zB+zDZJ6rslwxWvlrewkL+ScQTZ0+p8cuQfEhP6yg
         sD2Oh5FTX0lXsxbV73zGpg1CtoBvfEYQDwmXTSFvIRfvx/M7BfaT4+VPp5ZOtRTTHRzV
         pJpQbl2iOOsUwojkVeoMq9F0S9F2H0O+jPrBuELzKwWmrsfU0xp8xH6JlRsZFUmRZCql
         NTSQ==
X-Gm-Message-State: AO0yUKVV3Iqpx/S80GyxOfdpSwjouEHaOI7gTdcjdTjul7pjsYdAWCqH
	B3p9c7X6QPD/RdhHIFeL0ONxhCLqCorQVAafTYw=
X-Google-Smtp-Source: AK7set/XgSRL9wOKoTqU5mFfR1LnqgyRAwN4moA8VFBVtBFoYy60pI3RR5Ainyx9f+hM+RccM/ewtA==
X-Received: by 2002:a05:6870:6123:b0:172:79f0:e81d with SMTP id s35-20020a056870612300b0017279f0e81dmr4956241oae.8.1677512257714;
        Mon, 27 Feb 2023 07:37:37 -0800 (PST)
Received: from mandiga.. ([2804:1b3:a7c3:d849:4306:c797:b634:35c2])
        by smtp.gmail.com with ESMTPSA id 26-20020a056870111a00b0017243edbe5bsm2333424oaf.58.2023.02.27.07.37.35
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 27 Feb 2023 07:37:36 -0800 (PST)
From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
To: libc-alpha@sourceware.org,
	Wilco Dijkstra <Wilco.Dijkstra@arm.com>,
	Szabolcs Nagy <Szabolcs.Nagy@arm.com>,
	Florian Weimer <fweimer@redhat.com>
Subject: [PATCH v2] crypt: Remove invalid end of page test badsalttest
Date: Mon, 27 Feb 2023 12:37:32 -0300
Message-Id: <20230227153732.123634-1-adhemerval.zanella@linaro.org>
X-Mailer: git-send-email 2.34.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-12.9 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,KAM_SHORT,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org
List-Id: <libc-alpha.sourceware.org>

The input argument passes an invalid string without a NUL terminator
on crypt settings inputs, which might lead to invalid OOB on strncmp.

Implementations only assume there is a NUL terminator if the string is
shorter than the specified size, so strings don't need to always be NUL
terminated (stratcliff.c has tests for this).

Also adapt the code to use libsupport.

Checked on arm-linux-gnuabihf.
---
 crypt/badsalttest.c | 52 ++++++++-------------------------------------
 1 file changed, 9 insertions(+), 43 deletions(-)

diff --git a/crypt/badsalttest.c b/crypt/badsalttest.c
index bc1e5c1442..b8239a695b 100644
--- a/crypt/badsalttest.c
+++ b/crypt/badsalttest.c
@@ -16,11 +16,12 @@
    License along with the GNU C Library; if not, see
    <https://www.gnu.org/licenses/>.  */
 
-#include <stdio.h>
-#include <unistd.h>
-#include <sys/mman.h>
+#include <array_length.h>
+#include <stddef.h>
 #include <crypt.h>
 
+#include <support/check.h>
+
 static const char *tests[][2] =
   {
     { "no salt", "" },
@@ -30,59 +31,24 @@ static const char *tests[][2] =
     { "both chars bad", ":@" },
     { "un$upported algorithm", "$2$" },
     { "unsupported_algorithm", "_1" },
-    { "end of page", NULL }
   };
 
 static int
 do_test (void)
 {
-  int result = 0;
   struct crypt_data cd;
-  size_t n = sizeof (tests) / sizeof (*tests);
-  size_t pagesize = (size_t) sysconf (_SC_PAGESIZE);
-  char *page;
-
-  /* Check that crypt won't look at the second character if the first
-     one is invalid.  */
-  page = mmap (NULL, pagesize * 2, PROT_READ | PROT_WRITE,
-	       MAP_PRIVATE | MAP_ANON, -1, 0);
-  if (page == MAP_FAILED)
-    {
-      perror ("mmap");
-      n--;
-    }
-  else
-    {
-      if (mmap (page + pagesize, pagesize, 0,
-		MAP_PRIVATE | MAP_ANON | MAP_FIXED,
-		-1, 0) != page + pagesize)
-	perror ("mmap 2");
-      page[pagesize - 1] = '*';
-      tests[n - 1][1] = &page[pagesize - 1];
-    }
 
   /* Mark cd as initialized before first call to crypt_r.  */
   cd.initialized = 0;
 
-  for (size_t i = 0; i < n; i++)
+  for (size_t i = 0; i < array_length (tests); i++)
     {
-      if (crypt (tests[i][0], tests[i][1]))
-	{
-	  result++;
-	  printf ("%s: crypt returned non-NULL with salt \"%s\"\n",
-		  tests[i][0], tests[i][1]);
-	}
+      TEST_VERIFY (crypt (tests[i][0], tests[i][1]) == NULL);
 
-      if (crypt_r (tests[i][0], tests[i][1], &cd))
-	{
-	  result++;
-	  printf ("%s: crypt_r returned non-NULL with salt \"%s\"\n",
-		  tests[i][0], tests[i][1]);
-	}
+      TEST_VERIFY (crypt_r (tests[i][0], tests[i][1], &cd) == NULL);
     }
 
-  return result;
+  return 0;
 }
 
-#define TEST_FUNCTION do_test ()
-#include "../test-skeleton.c"
+#include <support/test-driver.c>
-- 
2.34.1