From patchwork Thu Sep 19 13:53:23 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Aaron Merey X-Patchwork-Id: 97710 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 6F0033858D39 for ; Thu, 19 Sep 2024 13:53:59 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTP id 700033858D29 for ; Thu, 19 Sep 2024 13:53:29 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 700033858D29 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 700033858D29 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1726754012; cv=none; b=uA4RqiZrpLSgZX0F3oLhPu55Ne1u9eWKw/CLunI0yHb3yTwiitv02ze9J2Ff5qFvN/CLu7abtYKhzvqxjud0p7ONqfidPZqr8QWrgslK3RYRjVqZae+TUJaEsDyBFopEG51iQcxCI0//+0WI2MxKPG5eYQEf3eUSmt8gUNZK1m4= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1726754012; c=relaxed/simple; bh=xEbPunnPkvmA7lM1jewJjjaej63+bHSHbIw0mbBYCKA=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=mVQOKrBgXe/X4Plw6aIq0yR1hKMPcTKzN9Nu1eboHo+73CMs0QN2mWRiQ7odrbaoWvagrPekkzdiMENOMIPvXFmXb3hLWOabc/vsyarCemYqXBU4oMK2aC4nSsLyvbcmyRCQ4TDdp9HxAN/iPqZmm0SWnrJ31SObXT84GpQZzNw= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1726754009; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=WE7XVncrXZlTp7S2FjzSCw3QilgZWtIYfRYKz+28l+E=; b=UV5nQEse/LdPPWra7jkE5yDirz6X3zGsibRs7U43J1dFsdwKw4aHkLN3bT14ERJQ0osKHe mxgcAFVZnLfjd4q7Yy8J3mlpg/2Mc32aLotHMu154oVxO+sFjw7R+ShaebHfOU/5GmCsuQ iR3iyGGs/AfIOE7TXBfNmXqUP34GhJU= Received: from mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-586-t338zirmOV6ZtC-K6CMB7Q-1; Thu, 19 Sep 2024 09:53:28 -0400 X-MC-Unique: t338zirmOV6ZtC-K6CMB7Q-1 Received: from mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (unknown [10.30.177.17]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 414E41954B0E for ; Thu, 19 Sep 2024 13:53:27 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.22.64.231]) by mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 7910B1956052; Thu, 19 Sep 2024 13:53:26 +0000 (UTC) From: Aaron Merey To: libc-alpha@sourceware.org Cc: Aaron Merey Subject: [PATCH] Add another test for fclose on an unopened file Date: Thu, 19 Sep 2024 09:53:23 -0400 Message-ID: <20240919135323.11583-1-amerey@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.17 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com X-Spam-Status: No, score=-11.6 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces~patchwork=sourceware.org@sourceware.org Add new file libio/tst-fclose-unopened2.c that tests whether fclose on an unopened file returns EOF. This test differs from tst-fclose-unopened.c by ensuring the file's buffer is allocated prior to double-fclose. A comment in tst-fclose-unopened.c now clarifies that it is testing a file with an unallocated buffer. Calling fclose on unopened files normally causes a use-after-free bug, however the standard streams are an exception since they are not deallocated by fclose. Tested for x86_64. --- libio/Makefile | 12 ++++++++ libio/tst-fclose-unopened.c | 8 +++-- libio/tst-fclose-unopened2.c | 50 ++++++++++++++++++++++++++++++++ libio/tst-fclose-unopened2.input | 1 + 4 files changed, 68 insertions(+), 3 deletions(-) create mode 100644 libio/tst-fclose-unopened2.c create mode 100644 libio/tst-fclose-unopened2.input diff --git a/libio/Makefile b/libio/Makefile index 59f3ee0b7c..57ce64eab2 100644 --- a/libio/Makefile +++ b/libio/Makefile @@ -96,6 +96,7 @@ tests = \ tst-ext \ tst-ext2 \ tst-fclose-unopened \ + tst-fclose-unopened2 \ tst-fdopen-seek-failure \ tst-fgetc-after-eof \ tst-fgetwc \ @@ -251,6 +252,9 @@ LDFLAGS-tst-bz24228 = -Wl,--version-script=tst-bz24228.map tst_wprintf2-ARGS = "Some Text" +tst-fclose-unopened2-ENV = \ + MALLOC_TRACE=$(objjpfx)tst-fclose-unopened2.mtrace \ + LD_PRELOAD=$(common-objpfx)/malloc/libc_malloc_debug.so test-fmemopen-ENV = MALLOC_TRACE=$(objpfx)test-fmemopen.mtrace \ LD_PRELOAD=$(common-objpfx)/malloc/libc_malloc_debug.so tst-fdopen-seek-failure-ENV = \ @@ -275,6 +279,8 @@ generated += \ tst-bz22415.mtrace \ tst-bz24228.check \ tst-bz24228.mtrace \ + tst-fclose-unopened2.check \ + tst-fclose-unopened2.mtrace \ tst-fdopen-seek-failure.check \ tst-fdopen-seek-failure.mtrace \ tst-fopenloc.check \ @@ -313,6 +319,7 @@ tests-special += \ $(objpfx)test-fmemopen-mem.out \ $(objpfx)tst-bz22415-mem.out \ $(objpfx)tst-bz24228-mem.out \ + $(objpfx)tst-fclose-unopened2-mem.out \ $(objpfx)tst-fdopen-seek-failure-mem.out \ $(objpfx)tst-fopenloc-mem.out \ # tests-special @@ -400,6 +407,11 @@ $(objpfx)test-fmemopen-mem.out: $(objpfx)test-fmemopen.out $(common-objpfx)malloc/mtrace $(objpfx)test-fmemopen.mtrace > $@; \ $(evaluate-test) +$(objpfx)tst-fclose-unopened2-mem.out: $(objpfx)tst-fclose-unopened2.out + $(common-objpfx)malloc/mtrace \ + $(objpfx)tst-fclose-unopened2.mtrace > $@; \ + $(evaluate-test) + $(objpfx)tst-fdopen-seek-failure-mem.out: $(objpfx)tst-fdopen-seek-failure.out $(common-objpfx)malloc/mtrace \ $(objpfx)tst-fdopen-seek-failure.mtrace > $@; \ diff --git a/libio/tst-fclose-unopened.c b/libio/tst-fclose-unopened.c index 1f1cad042d..4fed2ffdfe 100644 --- a/libio/tst-fclose-unopened.c +++ b/libio/tst-fclose-unopened.c @@ -19,9 +19,11 @@ #include #include -/* Verify that fclose on an unopened file returns EOF. This is not part - of the fclose external contract but there are dependancies on this - behaviour. */ +/* Verify that fclose on an unopened file returns EOF. This test uses + a file with an unallocated buffer. + + This is not part of the fclose external contract but there are + dependencies on this behaviour. */ static int do_test (void) diff --git a/libio/tst-fclose-unopened2.c b/libio/tst-fclose-unopened2.c new file mode 100644 index 0000000000..6b5c811308 --- /dev/null +++ b/libio/tst-fclose-unopened2.c @@ -0,0 +1,50 @@ +/* Test using fclose on an unopened file. + Copyright (C) 2024 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include + +/* Verify that fclose on an unopened file returns EOF. This test uses + a file with an allocated buffer. + + This is not part of the fclose external contract but there are + dependencies on this behaviour. */ + +static int +do_test (void) +{ + mtrace (); + + char buf[6]; + + /* Read from the file to ensure its internal buffer is allocated. */ + TEST_COMPARE (fread (buf, 1, sizeof (buf), stdin), sizeof (buf)); + + TEST_COMPARE (fclose (stdin), 0); + + /* Attempt to close the unopened file and verify that EOF is returned. + Calling fclose on a file twice normally causes a use-after-free bug, + however the standard streams are an exception since they are not + deallocated by fclose. */ + TEST_COMPARE (fclose (stdin), EOF); + + return 0; +} + +#include diff --git a/libio/tst-fclose-unopened2.input b/libio/tst-fclose-unopened2.input new file mode 100644 index 0000000000..399f9ba41a --- /dev/null +++ b/libio/tst-fclose-unopened2.input @@ -0,0 +1 @@ +fclose