summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSteven Luong <sluong@cisco.com>2020-02-25 11:06:17 -0800
committerAndrew Yourtchenko <ayourtch@gmail.com>2020-08-13 08:12:25 +0000
commitdf76172d8add7ada1d804041f972d1218e6cd009 (patch)
tree9dcc37adebc7051b4f0d75a3d4160dcc2100ac32
parentf17be8ae96fdb09693bdfa07eabb56392aff3ba1 (diff)
unittest: Skip string test case for sizeof (src) > sizeof (dst)
coverity complains that the subject test may cause dst buffer overrun problem and it is right. The problem is when __builtin_constant_p (n) returns true, memcpy_s_inline skips all the errors checking and does the copy blindly. Please see the code in memcpy_s_inline. The fix is to skip the subject test when the aformentioned builtin function returns true. Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I50de91cc0c853a134b3bcf3b0cd8d45d7668b092 (cherry picked from commit 2da39718f560478678caacccd198ee4c0c9673c3)
-rw-r--r--MAINTAINERS6
-rw-r--r--src/plugins/unittest/string_test.c17
2 files changed, 19 insertions, 4 deletions
diff --git a/MAINTAINERS b/MAINTAINERS
index 6f6718a98a3..586e3e0c722 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -436,6 +436,12 @@ I: dns
M: Dave Barach <dave@barachs.net>
F: src/plugins/dns/
+Plugin - Unit Tests
+I: unittest
+M: Dave Barach <dave@barachs.net>
+M: Florin Coras <fcoras@cisco.com
+F: src/plugins/unittest/
+
Test Infrastructure
I: tests
M: Klement Sekera <ksekera@cisco.com>
diff --git a/src/plugins/unittest/string_test.c b/src/plugins/unittest/string_test.c
index 5016a86ac82..95a95d78c1d 100644
--- a/src/plugins/unittest/string_test.c
+++ b/src/plugins/unittest/string_test.c
@@ -85,11 +85,20 @@ test_memcpy_s (vlib_main_t * vm, unformat_input_t * input)
if (src[i] != dst[i])
return -1;
- /* Size fail */
- err = memcpy_s (dst + 1, sizeof (dst) - 1, src, sizeof (src));
+ /*
+ * Size test: sizeof (src) > sizeof (dst)
+ * Skip this test when __builtin_constant_p (sizeof (src)) is true.
+ * This is because memcpy_s_inline skips all the errors checking when the
+ * the above buildin function returns true which may cause overrun problem
+ * for dst buffer if this test is executed.
+ */
+ if (__builtin_constant_p (sizeof (src)) == 0)
+ {
+ err = memcpy_s (dst + 1, sizeof (dst) - 1, src, sizeof (src));
- if (err == EOK)
- return -1;
+ if (err == EOK)
+ return -1;
+ }
/* overlap fail */
err = memcpy_s (dst, sizeof (dst), dst + 1, sizeof (dst) - 1);