Skip to content

Commit bb8d9b7

Browse files
keeskees
committed
string: Merge strscpy KUnit tests into string_kunit.c
Move the strscpy() tests into string_kunit.c. Remove the separate Kconfig and Makefile rule. Reviewed-by: Andy Shevchenko <andy.shevchenko@gmail.com> Tested-by: Ivan Orlov <ivan.orlov0322@gmail.com> Link: https://lore.kernel.org/r/20240419140155.3028912-2-keescook@chromium.org Signed-off-by: Kees Cook <keescook@chromium.org>
1 parent b03442f commit bb8d9b7

5 files changed

Lines changed: 120 additions & 150 deletions

File tree

MAINTAINERS

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8442,7 +8442,6 @@ F: include/linux/fortify-string.h
84428442
F: lib/fortify_kunit.c
84438443
F: lib/memcpy_kunit.c
84448444
F: lib/strcat_kunit.c
8445-
F: lib/strscpy_kunit.c
84468445
F: lib/test_fortify/*
84478446
F: scripts/test_fortify.sh
84488447
K: \b__NO_FORTIFY\b

lib/Kconfig.debug

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -2763,11 +2763,6 @@ config STRCAT_KUNIT_TEST
27632763
depends on KUNIT
27642764
default KUNIT_ALL_TESTS
27652765

2766-
config STRSCPY_KUNIT_TEST
2767-
tristate "Test strscpy*() family of functions at runtime" if !KUNIT_ALL_TESTS
2768-
depends on KUNIT
2769-
default KUNIT_ALL_TESTS
2770-
27712766
config SIPHASH_KUNIT_TEST
27722767
tristate "Perform selftest on siphash functions" if !KUNIT_ALL_TESTS
27732768
depends on KUNIT

lib/Makefile

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -404,7 +404,6 @@ CFLAGS_fortify_kunit.o += $(call cc-disable-warning, stringop-truncation)
404404
CFLAGS_fortify_kunit.o += $(DISABLE_STRUCTLEAK_PLUGIN)
405405
obj-$(CONFIG_FORTIFY_KUNIT_TEST) += fortify_kunit.o
406406
obj-$(CONFIG_STRCAT_KUNIT_TEST) += strcat_kunit.o
407-
obj-$(CONFIG_STRSCPY_KUNIT_TEST) += strscpy_kunit.o
408407
obj-$(CONFIG_SIPHASH_KUNIT_TEST) += siphash_kunit.o
409408

410409
obj-$(CONFIG_GENERIC_LIB_DEVMEM_IS_ALLOWED) += devmem_is_allowed.o

lib/string_kunit.c

Lines changed: 120 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -326,6 +326,125 @@ static void test_strncasecmp_long_strings(struct kunit *test)
326326
strcmp_buffer2, STRCMP_CHANGE_POINT + 1);
327327
}
328328

329+
/**
330+
* strscpy_check() - Run a specific test case.
331+
* @test: KUnit test context pointer
332+
* @src: Source string, argument to strscpy_pad()
333+
* @count: Size of destination buffer, argument to strscpy_pad()
334+
* @expected: Expected return value from call to strscpy_pad()
335+
* @chars: Number of characters from the src string expected to be
336+
* written to the dst buffer.
337+
* @terminator: 1 if there should be a terminating null byte 0 otherwise.
338+
* @pad: Number of pad characters expected (in the tail of dst buffer).
339+
* (@pad does not include the null terminator byte.)
340+
*
341+
* Calls strscpy_pad() and verifies the return value and state of the
342+
* destination buffer after the call returns.
343+
*/
344+
static void strscpy_check(struct kunit *test, char *src, int count,
345+
int expected, int chars, int terminator, int pad)
346+
{
347+
int nr_bytes_poison;
348+
int max_expected;
349+
int max_count;
350+
int written;
351+
char buf[6];
352+
int index, i;
353+
const char POISON = 'z';
354+
355+
KUNIT_ASSERT_TRUE_MSG(test, src != NULL,
356+
"null source string not supported");
357+
358+
memset(buf, POISON, sizeof(buf));
359+
/* Future proofing test suite, validate args */
360+
max_count = sizeof(buf) - 2; /* Space for null and to verify overflow */
361+
max_expected = count - 1; /* Space for the null */
362+
363+
KUNIT_ASSERT_LE_MSG(test, count, max_count,
364+
"count (%d) is too big (%d) ... aborting", count, max_count);
365+
KUNIT_EXPECT_LE_MSG(test, expected, max_expected,
366+
"expected (%d) is bigger than can possibly be returned (%d)",
367+
expected, max_expected);
368+
369+
written = strscpy_pad(buf, src, count);
370+
KUNIT_ASSERT_EQ(test, written, expected);
371+
372+
if (count && written == -E2BIG) {
373+
KUNIT_ASSERT_EQ_MSG(test, 0, strncmp(buf, src, count - 1),
374+
"buffer state invalid for -E2BIG");
375+
KUNIT_ASSERT_EQ_MSG(test, buf[count - 1], '\0',
376+
"too big string is not null terminated correctly");
377+
}
378+
379+
for (i = 0; i < chars; i++)
380+
KUNIT_ASSERT_EQ_MSG(test, buf[i], src[i],
381+
"buf[i]==%c != src[i]==%c", buf[i], src[i]);
382+
383+
if (terminator)
384+
KUNIT_ASSERT_EQ_MSG(test, buf[count - 1], '\0',
385+
"string is not null terminated correctly");
386+
387+
for (i = 0; i < pad; i++) {
388+
index = chars + terminator + i;
389+
KUNIT_ASSERT_EQ_MSG(test, buf[index], '\0',
390+
"padding missing at index: %d", i);
391+
}
392+
393+
nr_bytes_poison = sizeof(buf) - chars - terminator - pad;
394+
for (i = 0; i < nr_bytes_poison; i++) {
395+
index = sizeof(buf) - 1 - i; /* Check from the end back */
396+
KUNIT_ASSERT_EQ_MSG(test, buf[index], POISON,
397+
"poison value missing at index: %d", i);
398+
}
399+
}
400+
401+
static void test_strscpy(struct kunit *test)
402+
{
403+
char dest[8];
404+
405+
/*
406+
* strscpy_check() uses a destination buffer of size 6 and needs at
407+
* least 2 characters spare (one for null and one to check for
408+
* overflow). This means we should only call tc() with
409+
* strings up to a maximum of 4 characters long and 'count'
410+
* should not exceed 4. To test with longer strings increase
411+
* the buffer size in tc().
412+
*/
413+
414+
/* strscpy_check(test, src, count, expected, chars, terminator, pad) */
415+
strscpy_check(test, "a", 0, -E2BIG, 0, 0, 0);
416+
strscpy_check(test, "", 0, -E2BIG, 0, 0, 0);
417+
418+
strscpy_check(test, "a", 1, -E2BIG, 0, 1, 0);
419+
strscpy_check(test, "", 1, 0, 0, 1, 0);
420+
421+
strscpy_check(test, "ab", 2, -E2BIG, 1, 1, 0);
422+
strscpy_check(test, "a", 2, 1, 1, 1, 0);
423+
strscpy_check(test, "", 2, 0, 0, 1, 1);
424+
425+
strscpy_check(test, "abc", 3, -E2BIG, 2, 1, 0);
426+
strscpy_check(test, "ab", 3, 2, 2, 1, 0);
427+
strscpy_check(test, "a", 3, 1, 1, 1, 1);
428+
strscpy_check(test, "", 3, 0, 0, 1, 2);
429+
430+
strscpy_check(test, "abcd", 4, -E2BIG, 3, 1, 0);
431+
strscpy_check(test, "abc", 4, 3, 3, 1, 0);
432+
strscpy_check(test, "ab", 4, 2, 2, 1, 1);
433+
strscpy_check(test, "a", 4, 1, 1, 1, 2);
434+
strscpy_check(test, "", 4, 0, 0, 1, 3);
435+
436+
/* Compile-time-known source strings. */
437+
KUNIT_EXPECT_EQ(test, strscpy(dest, "", ARRAY_SIZE(dest)), 0);
438+
KUNIT_EXPECT_EQ(test, strscpy(dest, "", 3), 0);
439+
KUNIT_EXPECT_EQ(test, strscpy(dest, "", 1), 0);
440+
KUNIT_EXPECT_EQ(test, strscpy(dest, "", 0), -E2BIG);
441+
KUNIT_EXPECT_EQ(test, strscpy(dest, "Fixed", ARRAY_SIZE(dest)), 5);
442+
KUNIT_EXPECT_EQ(test, strscpy(dest, "Fixed", 3), -E2BIG);
443+
KUNIT_EXPECT_EQ(test, strscpy(dest, "Fixed", 1), -E2BIG);
444+
KUNIT_EXPECT_EQ(test, strscpy(dest, "Fixed", 0), -E2BIG);
445+
KUNIT_EXPECT_EQ(test, strscpy(dest, "This is too long", ARRAY_SIZE(dest)), -E2BIG);
446+
}
447+
329448
static struct kunit_case string_test_cases[] = {
330449
KUNIT_CASE(test_memset16),
331450
KUNIT_CASE(test_memset32),
@@ -341,6 +460,7 @@ static struct kunit_case string_test_cases[] = {
341460
KUNIT_CASE(test_strcasecmp_long_strings),
342461
KUNIT_CASE(test_strncasecmp),
343462
KUNIT_CASE(test_strncasecmp_long_strings),
463+
KUNIT_CASE(test_strscpy),
344464
{}
345465
};
346466

lib/strscpy_kunit.c

Lines changed: 0 additions & 143 deletions
This file was deleted.

0 commit comments

Comments
 (0)