[LTP] [PATCH v2] syscalls/statmount07: change "invalid buffer size" test
Cyril Hrubis
chrubis@suse.cz
Tue Oct 15 14:07:39 CEST 2024
Hi!
> Signed-off-by: Jan Stancek <jstancek@redhat.com>
> ---
> testcases/kernel/syscalls/statmount/statmount07.c | 9 +++++----
> 1 file changed, 5 insertions(+), 4 deletions(-)
>
> diff --git a/testcases/kernel/syscalls/statmount/statmount07.c b/testcases/kernel/syscalls/statmount/statmount07.c
> index 0cc83429872f..58fcc20acce7 100644
> --- a/testcases/kernel/syscalls/statmount/statmount07.c
> +++ b/testcases/kernel/syscalls/statmount/statmount07.c
> @@ -20,10 +20,10 @@
> static struct statmount *st_mount;
> static struct statmount *st_mount_null;
> static struct statmount *st_mount_small;
> +static struct statmount *st_mount_bad;
> static uint64_t mnt_id;
> static uint64_t mnt_id_dont_exist = -1;
> static size_t buff_size;
> -static size_t buff_size_invalid = -1;
>
> struct tcase {
> int exp_errno;
> @@ -90,12 +90,12 @@ struct tcase {
> },
> {
> EFAULT,
> - "invalid buffer size",
> + "buffer crosses to PROT_NONE",
> &mnt_id,
> 0,
> 0,
> - &buff_size_invalid,
> - &st_mount
> + &buff_size,
> + &st_mount_bad
> },
> {
> EFAULT,
> @@ -139,6 +139,7 @@ static struct tst_test test = {
> .bufs = (struct tst_buffers []) {
> {&st_mount, .size = sizeof(struct statmount)},
> {&st_mount_small, .size = sizeof(struct statmount)},
> + {&st_mount_bad, .size = 1},
With this we create a mapping where PROT_NONE is before the buffer, not
after it, since guarded buffers are primarily guarding about off-by-one
at the start of the buffer. There is a canaray after after the allocated
buffer that will potentialy be rewritten, but that would be detected
only at the test exit.
If I remmeber correctly the mappings will look like:
| PROT_NONE |_ CANARY BYTES |
^
And this is our 1-byte buffer.
--
Cyril Hrubis
chrubis@suse.cz
More information about the ltp
mailing list