From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pj1-x1030.google.com (mail-pj1-x1030.google.com [IPv6:2607:f8b0:4864:20::1030]) by sourceware.org (Postfix) with ESMTPS id D794F3839C45 for ; Wed, 23 Jun 2021 18:30:28 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org D794F3839C45 Received: by mail-pj1-x1030.google.com with SMTP id g24so1984713pji.4 for ; Wed, 23 Jun 2021 11:30:28 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=1bbV48b1ypIJPaOLIeNHo8xvdfea7GKDuxNntZB/nDI=; b=G87ZWMDa0rF064IOIRfWaxCz2vYS0TI8R+ER77X7ttiHihouUV2X2XT39SZuQmXldj 9HOFGOT1+54CQosL03WKlFM3NUJc6UrbKjss++g0FBxf2QLsfvVosx7iRuY/nw5QyMOr cfCvMQ18ExNsaOYFhplPWxT/eAIjYHZyyowVf2TNiHspwUrJARE8cuMAffdYYsUb0tAx M0rtRxtw+trP4BVa4XXLchDfmnvf+PNs686bx/mk5VBR+VbfKJv11eUURL3KgrVS5q7F HC3hK41KvRMZKCPAnZCkvh7iHNyKbS29/C9J36Nv2/xWajM7V2O0HqY8kVs7gLMiIdQe 8QsA== X-Gm-Message-State: AOAM533JJjHYOnUsgYo7Bu713uok2L00MuxRw1OfgYbdRKO4c0MiOX/b 1+Mlgnxr/ncpDt3ig1Tek4VNJ1w657gTdIvQ/S9qCwgn X-Google-Smtp-Source: ABdhPJwWFVGcq0tgNpUm/LihDxH0nMBrPSWZBDnM3E34LnEMAd+MMR0jCWsCNbkFSkBnoujW4L3SH0GtACTH2Ruc0QQ= X-Received: by 2002:a17:90a:d141:: with SMTP id t1mr3488588pjw.131.1624473027996; Wed, 23 Jun 2021 11:30:27 -0700 (PDT) MIME-Version: 1.0 References: <20210609205257.123944-1-goldstein.w.n@gmail.com> <20210623063149.1167067-1-goldstein.w.n@gmail.com> In-Reply-To: From: Noah Goldstein Date: Wed, 23 Jun 2021 14:30:17 -0400 Message-ID: Subject: Re: [PATCH v3 1/3] String: Add overflow tests for strnlen, memchr, and strncat [BZ #27974] To: "H.J. Lu" Cc: GNU C Library , "Carlos O'Donell" X-Spam-Status: No, score=-9.8 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, HTML_MESSAGE, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Jun 2021 18:30:31 -0000 On Wed, Jun 23, 2021 at 1:30 PM H.J. Lu wrote: > On Tue, Jun 22, 2021 at 11:32 PM Noah Goldstein > wrote: > > > > This commit adds tests for a bug in the wide char variant of the > > functions where the implementation may assume that maxlen for wcsnlen > > or n for wmemchr/strncat will not overflow when multiplied by > > sizeof(wchar_t). > > > > These tests show the following implementations failing on x86_64: > > > > wcsnlen-sse4_1 > > wcsnlen-avx2 > > > > wmemchr-sse2 > > wmemchr-avx2 > > > > strncat would fail as well if it where on a system that prefered > > either of the wcsnlen implementations that failed as it relies on > > wcsnlen. > > > > Signed-off-by: Noah Goldstein > > --- > > Rebased on: [PATCH v1 1/4] x86-64: Add wcslen optimize for sse4.1 > > string/test-memchr.c | 39 ++++++++++++++++++++++++--- > > string/test-strncat.c | 61 +++++++++++++++++++++++++++++++++++++++++++ > > string/test-strnlen.c | 33 +++++++++++++++++++++++ > > 3 files changed, 130 insertions(+), 3 deletions(-) > > > > diff --git a/string/test-memchr.c b/string/test-memchr.c > > index 665edc32af..ce964284aa 100644 > > --- a/string/test-memchr.c > > +++ b/string/test-memchr.c > > @@ -65,8 +65,8 @@ do_one_test (impl_t *impl, const CHAR *s, int c, > size_t n, CHAR *exp_res) > > CHAR *res = CALL (impl, s, c, n); > > if (res != exp_res) > > { > > - error (0, 0, "Wrong result in function %s %p %p", impl->name, > > - res, exp_res); > > + error (0, 0, "Wrong result in function %s (%p, %d, %zu) -> %p != > %p", > > + impl->name, s, c, n, res, exp_res); > > ret = 1; > > return; > > } > > @@ -91,7 +91,7 @@ do_test (size_t align, size_t pos, size_t len, size_t > n, int seek_char) > > } > > buf[align + len] = 0; > > > > - if (pos < len) > > + if (pos < MIN(n, len)) > > { > > buf[align + pos] = seek_char; > > buf[align + len] = -seek_char; > > @@ -107,6 +107,38 @@ do_test (size_t align, size_t pos, size_t len, > size_t n, int seek_char) > > do_one_test (impl, (CHAR *) (buf + align), seek_char, n, result); > > } > > > > +static void > > +do_overflow_tests (void) > > +{ > > + size_t i, j, len; > > + const size_t one = 1; > > + uintptr_t buf_addr = (uintptr_t) buf1; > > + > > + for (i = 0; i < 750; ++i) > > + { > > + do_test (0, i, 751, SIZE_MAX - i, BIG_CHAR); > > + do_test (0, i, 751, i - buf_addr, BIG_CHAR); > > + do_test (0, i, 751, -buf_addr - i, BIG_CHAR); > > + do_test (0, i, 751, SIZE_MAX - buf_addr - i, BIG_CHAR); > > + do_test (0, i, 751, SIZE_MAX - buf_addr + i, BIG_CHAR); > > + > > + len = 0; > > + for (j = 8 * sizeof(size_t) - 1; j ; --j) > > + { > > + len |= one << j; > > + do_test (0, i, 751, len - i, BIG_CHAR); > > + do_test (0, i, 751, len + i, BIG_CHAR); > > + do_test (0, i, 751, len - buf_addr - i, BIG_CHAR); > > + do_test (0, i, 751, len - buf_addr + i, BIG_CHAR); > > + > > + do_test (0, i, 751, ~len - i, BIG_CHAR); > > + do_test (0, i, 751, ~len + i, BIG_CHAR); > > + do_test (0, i, 751, ~len - buf_addr - i, BIG_CHAR); > > + do_test (0, i, 751, ~len - buf_addr + i, BIG_CHAR); > > + } > > + } > > +} > > + > > static void > > do_random_tests (void) > > { > > @@ -221,6 +253,7 @@ test_main (void) > > do_test (page_size / 2 - i, i, i, 1, 0x9B); > > > > do_random_tests (); > > + do_overflow_tests (); > > return ret; > > } > > > > diff --git a/string/test-strncat.c b/string/test-strncat.c > > index 2ef917b820..37ea26ea05 100644 > > --- a/string/test-strncat.c > > +++ b/string/test-strncat.c > > @@ -134,6 +134,66 @@ do_test (size_t align1, size_t align2, size_t len1, > size_t len2, > > } > > } > > > > +static void > > +do_overflow_tests (void) > > +{ > > + size_t i, j, len; > > + const size_t one = 1; > > + CHAR *s1, *s2; > > + uintptr_t s1_addr; > > + s1 = (CHAR *) buf1; > > + s2 = (CHAR *) buf2; > > + s1_addr = (uintptr_t)s1; > > + for (j = 0; j < 200; ++j) > > + s2[j] = 32 + 23 * j % (BIG_CHAR - 32); > > + s2[200] = 0; > > + for (i = 0; i < 750; ++i) { > > + for (j = 0; j < i; ++j) > > + s1[j] = 32 + 23 * j % (BIG_CHAR - 32); > > + s1[i] = '\0'; > > + > > + FOR_EACH_IMPL (impl, 0) > > + { > > + s2[200] = '\0'; > > + do_one_test (impl, s2, s1, SIZE_MAX - i); > > + s2[200] = '\0'; > > + do_one_test (impl, s2, s1, i - s1_addr); > > + s2[200] = '\0'; > > + do_one_test (impl, s2, s1, -s1_addr - i); > > + s2[200] = '\0'; > > + do_one_test (impl, s2, s1, SIZE_MAX - s1_addr - i); > > + s2[200] = '\0'; > > + do_one_test (impl, s2, s1, SIZE_MAX - s1_addr + i); > > + } > > + > > + len = 0; > > + for (j = 8 * sizeof(size_t) - 1; j ; --j) > > + { > > + len |= one << j; > > + FOR_EACH_IMPL (impl, 0) > > + { > > + s2[200] = '\0'; > > + do_one_test (impl, s2, s1, len - i); > > + s2[200] = '\0'; > > + do_one_test (impl, s2, s1, len + i); > > + s2[200] = '\0'; > > + do_one_test (impl, s2, s1, len - s1_addr - i); > > + s2[200] = '\0'; > > + do_one_test (impl, s2, s1, len - s1_addr + i); > > + > > + s2[200] = '\0'; > > + do_one_test (impl, s2, s1, ~len - i); > > + s2[200] = '\0'; > > + do_one_test (impl, s2, s1, ~len + i); > > + s2[200] = '\0'; > > + do_one_test (impl, s2, s1, ~len - s1_addr - i); > > + s2[200] = '\0'; > > + do_one_test (impl, s2, s1, ~len - s1_addr + i); > > + } > > + } > > + } > > +} > > + > > static void > > do_random_tests (void) > > { > > @@ -316,6 +376,7 @@ test_main (void) > > } > > > > do_random_tests (); > > + do_overflow_tests (); > > return ret; > > } > > > > diff --git a/string/test-strnlen.c b/string/test-strnlen.c > > index 920f58e97b..f53e09263f 100644 > > --- a/string/test-strnlen.c > > +++ b/string/test-strnlen.c > > @@ -89,6 +89,38 @@ do_test (size_t align, size_t len, size_t maxlen, int > max_char) > > do_one_test (impl, (CHAR *) (buf + align), maxlen, MIN (len, > maxlen)); > > } > > > > +static void > > +do_overflow_tests (void) > > +{ > > + size_t i, j, len; > > + const size_t one = 1; > > + uintptr_t buf_addr = (uintptr_t) buf1; > > + > > + for (i = 0; i < 750; ++i) > > + { > > + do_test (0, i, SIZE_MAX - i, BIG_CHAR); > > + do_test (0, i, i - buf_addr, BIG_CHAR); > > + do_test (0, i, -buf_addr - i, BIG_CHAR); > > + do_test (0, i, SIZE_MAX - buf_addr - i, BIG_CHAR); > > + do_test (0, i, SIZE_MAX - buf_addr + i, BIG_CHAR); > > + > > + len = 0; > > + for (j = 8 * sizeof(size_t) - 1; j ; --j) > > + { > > + len |= one << j; > > + do_test (0, i, len - i, BIG_CHAR); > > + do_test (0, i, len + i, BIG_CHAR); > > + do_test (0, i, len - buf_addr - i, BIG_CHAR); > > + do_test (0, i, len - buf_addr + i, BIG_CHAR); > > + > > + do_test (0, i, ~len - i, BIG_CHAR); > > + do_test (0, i, ~len + i, BIG_CHAR); > > + do_test (0, i, ~len - buf_addr - i, BIG_CHAR); > > + do_test (0, i, ~len - buf_addr + i, BIG_CHAR); > > + } > > + } > > +} > > + > > static void > > do_random_tests (void) > > { > > @@ -283,6 +315,7 @@ test_main (void) > > do_random_tests (); > > do_page_tests (); > > do_page_2_tests (); > > + do_overflow_tests (); > > return ret; > > } > > > > -- > > 2.25.1 > > > > LGTM. > > Reviewed-by: H.J. Lu > > Thanks. > > -- > H.J. > Pushed and closed the bug report (left comment in bug report with the commits).