Add a test to prove that hardened_malloc handles too-large-to-be-true allocations
This pattern, used by https://github.com/kaist-hacking/HardsHeap, uncovered bugs in other memory allocators.pull/169/head
parent
75952581ee
commit
cff1d6d4b5
|
@ -45,7 +45,8 @@ EXECUTABLES := \
|
||||||
malloc_object_size \
|
malloc_object_size \
|
||||||
malloc_object_size_offset \
|
malloc_object_size_offset \
|
||||||
invalid_malloc_object_size_small \
|
invalid_malloc_object_size_small \
|
||||||
invalid_malloc_object_size_small_quarantine
|
invalid_malloc_object_size_small_quarantine \
|
||||||
|
impossibly_large_malloc
|
||||||
|
|
||||||
all: $(EXECUTABLES)
|
all: $(EXECUTABLES)
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,9 @@
|
||||||
|
#include <malloc.h>
|
||||||
|
#include <stddef.h>
|
||||||
|
|
||||||
|
#include "../test_util.h"
|
||||||
|
|
||||||
|
OPTNONE int main(void) {
|
||||||
|
char *p = malloc(-8);
|
||||||
|
return !(p == NULL);
|
||||||
|
}
|
|
@ -206,6 +206,12 @@ class TestSimpleMemoryCorruption(unittest.TestCase):
|
||||||
self.assertEqual(stderr.decode(
|
self.assertEqual(stderr.decode(
|
||||||
"utf-8"), "fatal allocator error: invalid malloc_object_size (quarantine)\n")
|
"utf-8"), "fatal allocator error: invalid malloc_object_size (quarantine)\n")
|
||||||
|
|
||||||
|
def test_impossibly_large_malloc(self):
|
||||||
|
_stdout, stderr, returncode = self.run_test(
|
||||||
|
"impossibly_large_malloc")
|
||||||
|
self.assertEqual(returncode, 0)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
unittest.main()
|
unittest.main()
|
||||||
|
|
Loading…
Reference in New Issue