From 07c83f27ad8ffaeaa55b2697d99a65d4b26a5bf9 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 6 Apr 2020 09:50:58 +0200 Subject: [PATCH 1/4] unit tests: Backport ARRAY_LENGTH macro Signed-off-by: Ronald Cron --- tests/suites/helpers.function | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index ccd4d4255..278de164d 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -229,6 +229,40 @@ typedef enum mbedtls_exit( 1 ); \ } +#if defined(__GNUC__) +/* Test if arg and &(arg)[0] have the same type. This is true if arg is + * an array but not if it's a pointer. */ +#define IS_ARRAY_NOT_POINTER( arg ) \ + ( ! __builtin_types_compatible_p( __typeof__( arg ), \ + __typeof__( &( arg )[0] ) ) ) +#else +/* On platforms where we don't know how to implement this check, + * omit it. Oh well, a non-portable check is better than nothing. */ +#define IS_ARRAY_NOT_POINTER( arg ) 1 +#endif + +/* A compile-time constant with the value 0. If `const_expr` is not a + * compile-time constant with a nonzero value, cause a compile-time error. */ +#define STATIC_ASSERT_EXPR( const_expr ) \ + ( 0 && sizeof( struct { int STATIC_ASSERT : 1 - 2 * ! ( const_expr ); } ) ) +/* Return the scalar value `value` (possibly promoted). This is a compile-time + * constant if `value` is. `condition` must be a compile-time constant. + * If `condition` is false, arrange to cause a compile-time error. */ +#define STATIC_ASSERT_THEN_RETURN( condition, value ) \ + ( STATIC_ASSERT_EXPR( condition ) ? 0 : ( value ) ) + +#define ARRAY_LENGTH_UNSAFE( array ) \ + ( sizeof( array ) / sizeof( *( array ) ) ) +/** Return the number of elements of a static or stack array. + * + * \param array A value of array (not pointer) type. + * + * \return The number of elements of the array. + */ +#define ARRAY_LENGTH( array ) \ + ( STATIC_ASSERT_THEN_RETURN( IS_ARRAY_NOT_POINTER( array ), \ + ARRAY_LENGTH_UNSAFE( array ) ) ) + /* * 32-bit integer manipulation macros (big endian) */ From bde4d3045bff0a0e8b8880d5499bba850cd76bd4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 16 Sep 2019 15:10:47 +0200 Subject: [PATCH 2/4] Prefer unsigned types for non-negative numbers Use size_t for some variables that are array indices. Use unsigned for some variables that are counts of "small" things. This is a backport of commit 3c1c8ea3e7. Signed-off-by: Ronald Cron --- tests/suites/host_test.function | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function index 26a7be443..b7b00ec50 100644 --- a/tests/suites/host_test.function +++ b/tests/suites/host_test.function @@ -385,15 +385,16 @@ int execute_tests( int argc , const char ** argv ) const char *default_filename = "DATA_FILE"; const char *test_filename = NULL; const char **test_files = NULL; - int testfile_count = 0; + size_t testfile_count = 0; int option_verbose = 0; int function_id = 0; /* Other Local variables */ int arg_index = 1; const char *next_arg; - int testfile_index, ret, i, cnt; - int total_errors = 0, total_tests = 0, total_skipped = 0; + size_t testfile_index, i, cnt; + int ret; + unsigned total_errors = 0, total_tests = 0, total_skipped = 0; FILE *file; char buf[5000]; char *params[50]; @@ -473,7 +474,7 @@ int execute_tests( int argc , const char ** argv ) testfile_index < testfile_count; testfile_index++ ) { - int unmet_dep_count = 0; + size_t unmet_dep_count = 0; int unmet_dependencies[20]; test_filename = test_files[ testfile_index ]; @@ -641,8 +642,8 @@ int execute_tests( int argc , const char ** argv ) else mbedtls_fprintf( stdout, "FAILED" ); - mbedtls_fprintf( stdout, " (%d / %d tests (%d skipped))\n", - total_tests - total_errors, total_tests, total_skipped ); + mbedtls_fprintf( stdout, " (%u / %u tests (%u skipped))\n", + total_tests - total_errors, total_tests, total_skipped ); #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \ !defined(TEST_SUITE_MEMORY_BUFFER_ALLOC) From 69cc6307506d3b6707857f05d894a4e8a6f895fa Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 1 Apr 2020 15:52:06 +0200 Subject: [PATCH 3/4] unit tests: Fix potential buffer overflow Fix potential buffer overflow when tracking the unmet dependencies of a test case. The identifiers of unmet dependencies are stored in an array of fixed size. Ensure that we don't overrun the array. Signed-off-by: Ronald Cron --- tests/suites/host_test.function | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function index b7b00ec50..aff49ca56 100644 --- a/tests/suites/host_test.function +++ b/tests/suites/host_test.function @@ -521,8 +521,12 @@ int execute_tests( int argc , const char ** argv ) int dep_id = strtol( params[i], NULL, 10 ); if( dep_check( dep_id ) != DEPENDENCY_SUPPORTED ) { - unmet_dependencies[unmet_dep_count] = dep_id; - unmet_dep_count++; + if( unmet_dep_count < + ARRAY_LENGTH( unmet_dependencies ) ) + { + unmet_dependencies[unmet_dep_count] = dep_id; + unmet_dep_count++; + } } } From b19ad118dd561b7703a3313066f7cfea1884a0d0 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 1 Apr 2020 16:04:41 +0200 Subject: [PATCH 4/4] unit tests: Indicate missing unmet dependencies The identifiers of the unmet dependencies of a test case are stored in a buffer of fixed size that can be potentially too small to store all the unmet dependencies. Indicate in test reports if some unmet dependencies are missing. Signed-off-by: Ronald Cron --- tests/suites/host_test.function | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function index aff49ca56..5951e465a 100644 --- a/tests/suites/host_test.function +++ b/tests/suites/host_test.function @@ -476,6 +476,7 @@ int execute_tests( int argc , const char ** argv ) { size_t unmet_dep_count = 0; int unmet_dependencies[20]; + int missing_unmet_dependencies = 0; test_filename = test_files[ testfile_index ]; @@ -496,6 +497,7 @@ int execute_tests( int argc , const char ** argv ) mbedtls_exit( MBEDTLS_EXIT_FAILURE ); } unmet_dep_count = 0; + missing_unmet_dependencies = 0; if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 ) break; @@ -527,6 +529,10 @@ int execute_tests( int argc , const char ** argv ) unmet_dependencies[unmet_dep_count] = dep_id; unmet_dep_count++; } + else + { + missing_unmet_dependencies = 1; + } } } @@ -595,11 +601,14 @@ int execute_tests( int argc , const char ** argv ) mbedtls_fprintf( stdout, "%d ", unmet_dependencies[i] ); } + if( missing_unmet_dependencies ) + mbedtls_fprintf( stdout, "..." ); } mbedtls_fprintf( stdout, "\n" ); fflush( stdout ); unmet_dep_count = 0; + missing_unmet_dependencies = 0; } else if( ret == DISPATCH_TEST_SUCCESS ) {