From 91892021569f3aa87d1adcfe3e4de65c85dcfa4e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 8 Feb 2021 19:50:26 +0100 Subject: [PATCH] Remove trail check in the generate_random test The test function generate_random allocated a few extra bytes after the expected output and checked that these extra bytes were not overwritten. Memory sanity checks such as AddressSanitizer and Valgrind already detect this kind of buffer overflow, so having this test in our code was actually redundant. Remove it. This has the benefit of not triggering a build error with GCC (observed with 7.5.0 and 9.3.0) when ASan+UBSan is enabled: with the previous code using trail, GCC complained about an excessively large value passed to calloc(), which was (size_t)(-sizeof(trail)). Thus this commit fixes #4122. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_psa_crypto.function | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 4cf53ca0b..ef35d578f 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -5543,7 +5543,6 @@ exit: void generate_random( int bytes_arg ) { size_t bytes = bytes_arg; - const unsigned char trail[] = "don't overwrite me"; unsigned char *output = NULL; unsigned char *changed = NULL; size_t i; @@ -5551,9 +5550,8 @@ void generate_random( int bytes_arg ) TEST_ASSERT( bytes_arg >= 0 ); - ASSERT_ALLOC( output, bytes + sizeof( trail ) ); + ASSERT_ALLOC( output, bytes ); ASSERT_ALLOC( changed, bytes ); - memcpy( output + bytes, trail, sizeof( trail ) ); PSA_ASSERT( psa_crypto_init( ) ); @@ -5566,10 +5564,6 @@ void generate_random( int bytes_arg ) memset( output, 0, bytes ); PSA_ASSERT( psa_generate_random( output, bytes ) ); - /* Check that no more than bytes have been overwritten */ - ASSERT_COMPARE( output + bytes, sizeof( trail ), - trail, sizeof( trail ) ); - for( i = 0; i < bytes; i++ ) { if( output[i] != 0 )