diff options
author | zea@chromium.org <zea@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-01-26 00:53:15 +0000 |
---|---|---|
committer | zea@chromium.org <zea@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-01-26 00:53:15 +0000 |
commit | b3a14a7da7f2539715bb52faab519e7a755f6189 (patch) | |
tree | bf5d7a25a82bfadd9b20c7606f456acacd755ae4 /base/security_unittest.cc | |
parent | 4733fda0dad4d53f8edf62ab1568c1e2a21b613d (diff) | |
download | chromium_src-b3a14a7da7f2539715bb52faab519e7a755f6189.zip chromium_src-b3a14a7da7f2539715bb52faab519e7a755f6189.tar.gz chromium_src-b3a14a7da7f2539715bb52faab519e7a755f6189.tar.bz2 |
Revert 178928
> Base: add a security test to check for new[] or calloc()
> overflowing
>
> BUG=172149
> NOTRY=true
>
> Review URL: https://chromiumcodereview.appspot.com/12033064
Reverted due to failing base_unittests (speculative revert).
TBR=jln@chromium.org
Review URL: https://codereview.chromium.org/12086009
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@178972 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'base/security_unittest.cc')
-rw-r--r-- | base/security_unittest.cc | 91 |
1 files changed, 0 insertions, 91 deletions
diff --git a/base/security_unittest.cc b/base/security_unittest.cc index 483d2a8..5db18fd 100644 --- a/base/security_unittest.cc +++ b/base/security_unittest.cc @@ -14,7 +14,6 @@ #include "testing/gtest/include/gtest/gtest.h" using std::nothrow; -using std::numeric_limits; namespace { @@ -101,94 +100,4 @@ TEST(SecurityTest, ALLOC_TEST(MemoryAllocationRestrictionsNewArray)) { } } -// The tests bellow check for overflows in new[] and calloc(). - -#if defined(OS_IOS) - #define DISABLE_ON_IOS(function) DISABLED_##function -#else - #define DISABLE_ON_IOS(function) function -#endif - -#if defined(ADDRESS_SANITIZER) - #define DISABLE_ON_ASAN(function) DISABLED_##function -#else - #define DISABLE_ON_ASAN(function) function -#endif - -// There are platforms where these tests are known to fail. We would like to -// be able to easily check the status on the bots, but marking tests as -// FAILS_ is too clunky. -void OverflowTestsSoftExpectTrue(bool overflow_detected) { - if (!overflow_detected) { -#if defined(OS_LINUX) || defined(OS_ANDROID) || defined(OS_MACOSX) - // Sadly, on Linux, Android, and OSX we don't have a good story yet. Don't - // fail the test, but report. - printf("Platform has overflow: %s\n", - !overflow_detected ? "yes." : "no."); -#else - // Otherwise, fail the test. (Note: EXPECT are ok in subfunctions, ASSERT - // aren't). - EXPECT_TRUE(overflow_detected); -#endif - } -} - -// This function acts as a compiler optimization barrier. We use it to -// prevent the compiler from making an expression a compile-time constant. -// We also use it so that the compiler doesn't discard certain return values -// as something we don't need (see the comment with calloc below). -template <typename Type> -Type HideValueFromCompiler(volatile Type value) { - return value; -} - -// Test array[TooBig][X] and array[X][TooBig] allocations for int overflows. -// IOS doesn't honor nothrow, so disable the test there. -TEST(SecurityTest, DISABLE_ON_IOS(NewOverflow)) { - const size_t kArraySize = 4096; - // We want something "dynamic" here, so that the compiler doesn't - // immediately reject crazy arrays. - const size_t kDynamicArraySize = HideValueFromCompiler(kArraySize); - // numeric_limits are still not constexpr until we switch to C++11, so we - // use an ugly cast. - const size_t kMaxSizeT = ~static_cast<size_t>(0); - ASSERT_EQ(numeric_limits<size_t>::max(), kMaxSizeT); - const size_t kArraySize2 = kMaxSizeT / kArraySize + 10; - const size_t kDynamicArraySize2 = HideValueFromCompiler(kArraySize2); - { - scoped_ptr<char[][kArraySize]> array_pointer(new (nothrow) - char[kDynamicArraySize2][kArraySize]); - OverflowTestsSoftExpectTrue(array_pointer == NULL); - } - { - scoped_ptr<char[][kArraySize2]> array_pointer(new (nothrow) - char[kDynamicArraySize][kArraySize2]); - OverflowTestsSoftExpectTrue(array_pointer == NULL); - } -} - -// Test if calloc() can overflow. Disable on ASAN for now since the -// overflow seems present there. -TEST(SecurityTest, DISABLE_ON_ASAN(CallocOverflow)) { - const size_t kArraySize = 4096; - const size_t kMaxSizeT = numeric_limits<size_t>::max(); - const size_t kArraySize2 = kMaxSizeT / kArraySize + 10; - { - scoped_ptr<char> array_pointer( - static_cast<char*>(calloc(kArraySize, kArraySize2))); - // We need the call to HideValueFromCompiler(): we have seen LLVM - // optimize away the call to calloc() entirely and assume - // the pointer to not be NULL. - EXPECT_TRUE(HideValueFromCompiler(array_pointer.get()) == NULL); - } - { - scoped_ptr<char> array_pointer( - static_cast<char*>(calloc(kArraySize2, kArraySize))); - // We need the call to HideValueFromCompiler(): we have seen LLVM - // optimize away the call to calloc() entirely and assume - // the pointer to not be NULL. - EXPECT_TRUE(HideValueFromCompiler(array_pointer.get()) == NULL); - } -} - } // namespace |