[LTP] [PATCH] syscalls/keyctl06: update to test for follow-on fix
Xiao Yang
yangx.jy@cn.fujitsu.com
Fri Nov 3 02:44:14 CET 2017
Hi Eric,
It looks better to me. Thanks for updating this test. :-)
Thanks,
Xiao Yang
On 2017/11/03 1:15, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
>
> The original fix for the buffer overflow bug changed keyring_read() to
> start returning a short value if the specified buffer is too small, but
> the documented behavior is actually to return the size needed. Update
> the test to expect the documented behavior, as is provided by a
> follow-on fix.
>
> Signed-off-by: Eric Biggers <ebiggers@google.com>
> ---
> testcases/kernel/syscalls/keyctl/keyctl06.c | 41 ++++++++++++++++++-----------
> 1 file changed, 25 insertions(+), 16 deletions(-)
>
> diff --git a/testcases/kernel/syscalls/keyctl/keyctl06.c b/testcases/kernel/syscalls/keyctl/keyctl06.c
> index 88734313d..c62010e0b 100644
> --- a/testcases/kernel/syscalls/keyctl/keyctl06.c
> +++ b/testcases/kernel/syscalls/keyctl/keyctl06.c
> @@ -16,8 +16,16 @@
> */
>
> /*
> - * Regression test for commit e645016abc80 ("KEYS: fix writing past end of
> - * user-supplied buffer in keyring_read()").
> + * Regression test for:
> + *
> + * commit e645016abc80 ("KEYS: fix writing past end of user-supplied buffer
> + * in keyring_read()").
> + *
> + * as well as its follow-on fix:
> + *
> + * commit 3239b6f29bdf ("KEYS: return full count in keyring_read() if
> + * buffer is too small")
> + *
> */
>
> #include <errno.h>
> @@ -25,20 +33,20 @@
> #include "tst_test.h"
> #include "lapi/keyctl.h"
>
> -static key_serial_t add_test_key(const char *description)
> +static void add_test_key(const char *description)
> {
> TEST(add_key("user", description, "payload", 7,
> KEY_SPEC_PROCESS_KEYRING));
> if (TEST_RETURN < 0)
> tst_brk(TBROK | TTERRNO, "Failed to add test key");
> - return TEST_RETURN;
> }
>
> static void do_test(void)
> {
> key_serial_t key_ids[2];
> - key_serial_t key_id_1 = add_test_key("key1");
> - key_serial_t key_id_2 = add_test_key("key2");
> +
> + add_test_key("key1");
> + add_test_key("key2");
>
> memset(key_ids, 0, sizeof(key_ids));
> TEST(keyctl(KEYCTL_READ, KEY_SPEC_PROCESS_KEYRING,
> @@ -46,21 +54,22 @@ static void do_test(void)
> if (TEST_RETURN < 0)
> tst_brk(TBROK | TTERRNO, "KEYCTL_READ failed");
>
> + /*
> + * Do not check key_ids[0], as the contents of the buffer are
> + * unspecified if it was too small. However, key_ids[1] must not have
> + * been written to, as it was outside the buffer.
> + */
> +
> if (key_ids[1] != 0)
> tst_brk(TFAIL, "KEYCTL_READ overran the buffer");
>
> - if (key_ids[0] == 0)
> - tst_brk(TBROK, "KEYCTL_READ didn't read anything");
> -
> - if (key_ids[0] != key_id_1 && key_ids[0] != key_id_2)
> - tst_brk(TBROK, "KEYCTL_READ didn't return correct key ID");
> -
> - if (TEST_RETURN != sizeof(key_serial_t)) {
> - tst_brk(TBROK, "KEYCTL_READ returned %ld but expected %zu",
> - TEST_RETURN, sizeof(key_serial_t));
> + if (TEST_RETURN != sizeof(key_ids)) {
> + tst_brk(TFAIL, "KEYCTL_READ returned %ld but expected %zu",
> + TEST_RETURN, sizeof(key_ids));
> }
>
> - tst_res(TPASS, "KEYCTL_READ didn't overrun the buffer");
> + tst_res(TPASS,
> + "KEYCTL_READ returned full count but didn't overrun the buffer");
> }
>
> static struct tst_test test = {
More information about the ltp
mailing list