From 8bf75b0574ed8cd01dd3958a4bbe468ab40ac683 Mon Sep 17 00:00:00 2001 From: Mark Rustad Date: Sun, 3 Jun 2018 00:18:21 -0700 Subject: [PATCH] safestringlib: Fix unit test failures with SAFECLIB_STR_NULL_SLACK When SAFECLIB_STR_NULL_SLACK is defined, several unit tests fail. Some fail because the functions misbehave, others fail because the tests are expecting different values in the slack buffer. Fix them all. Signed-off-by: Mark Rustad --- safeclib/stpcpy_s.c | 12 +++++++++--- safeclib/stpncpy_s.c | 4 ++-- safeclib/wcpcpy_s.c | 8 ++++++-- unittests/test_stpncpy_s.c | 28 ++++++++++++++++++++++++---- 4 files changed, 41 insertions(+), 11 deletions(-) diff --git a/safeclib/stpcpy_s.c b/safeclib/stpcpy_s.c index 8e70f04..c30b78c 100644 --- a/safeclib/stpcpy_s.c +++ b/safeclib/stpcpy_s.c @@ -157,7 +157,9 @@ stpcpy_s(char *dest, rsize_t dmax, const char *src, errno_t *err) if (*dest == '\0') { #ifdef SAFECLIB_STR_NULL_SLACK /* null slack to clear any data */ - while (dmax) { *dest = '\0'; dmax--; dest++; } + char *filler = dest; + + while (dmax) { *filler = '\0'; dmax--; filler++; } #endif *err = RCNEGATE(EOK); return dest; @@ -191,7 +193,9 @@ stpcpy_s(char *dest, rsize_t dmax, const char *src, errno_t *err) if (*dest == '\0') { #ifdef SAFECLIB_STR_NULL_SLACK /* null slack to clear any data */ - while (dmax) { *dest = '\0'; dmax--; dest++; } + char *filler = dest; + + while (dmax) { *filler = '\0'; dmax--; filler++; } #endif *err = RCNEGATE(EOK); return dest; @@ -219,7 +223,9 @@ stpcpy_s(char *dest, rsize_t dmax, const char *src, errno_t *err) if (*dest == '\0') { #ifdef SAFECLIB_STR_NULL_SLACK /* null slack to clear any data */ - while (dmax) { *dest = '\0'; dmax--; dest++; } + char *filler = dest; + + while (dmax) { *filler = '\0'; dmax--; filler++; } #endif *err = RCNEGATE(EOK); return dest; diff --git a/safeclib/stpncpy_s.c b/safeclib/stpncpy_s.c index 212d116..a52b9d2 100644 --- a/safeclib/stpncpy_s.c +++ b/safeclib/stpncpy_s.c @@ -185,7 +185,7 @@ stpncpy_s(char *dest, rsize_t dmax, const char *src, rsize_t smax, errno_t *err) #ifdef SAFECLIB_STR_NULL_SLACK /* dmwheel1: Add check to prevent destruction of overlap into destination */ - if ((src < dest) && ((src+dmax) >= dest)) { + if ((src < dest) && ((src + smax) > dest)) { invoke_safe_str_constraint_handler("stpncpy_s: src+dmax overlaps into dest", NULL, ESOVRLP); *err = RCNEGATE(ESOVRLP); @@ -193,7 +193,7 @@ stpncpy_s(char *dest, rsize_t dmax, const char *src, rsize_t smax, errno_t *err) } /* dmwheel1: Add check to prevent destruction of overlap into source */ - if ((dest < src) && ((dest+dmax) >= src)) { + if ((dest < src) && ((dest + dmax) > src)) { invoke_safe_str_constraint_handler("stpncpy_s: dest+dmax overlaps into src", NULL, ESOVRLP); *err = RCNEGATE(ESOVRLP); diff --git a/safeclib/wcpcpy_s.c b/safeclib/wcpcpy_s.c index e4cc9f6..aea6555 100644 --- a/safeclib/wcpcpy_s.c +++ b/safeclib/wcpcpy_s.c @@ -178,7 +178,9 @@ wcpcpy_s(wchar_t* dest, rsize_t dmax, const wchar_t* src, errno_t *err) if (*dest == L'\0') { #ifdef SAFECLIB_STR_NULL_SLACK /* null slack to clear any data */ - while (dmax) { *dest = L'\0'; dmax--; dest++; } + wchar_t *filler = dest; + + while (dmax) { *filler = L'\0'; dmax--; filler++; } #endif *err = RCNEGATE(EOK); return dest; /* successful return */ @@ -204,7 +206,9 @@ wcpcpy_s(wchar_t* dest, rsize_t dmax, const wchar_t* src, errno_t *err) if (*dest == L'\0') { #ifdef SAFECLIB_STR_NULL_SLACK /* null slack to clear any data */ - while (dmax) { *dest = L'\0'; dmax--; dest++; } + wchar_t *filler = dest; + + while (dmax) { *filler = L'\0'; dmax--; filler++; } #endif *err = RCNEGATE(EOK); return dest; /* successful return */ diff --git a/unittests/test_stpncpy_s.c b/unittests/test_stpncpy_s.c index 77684b9..29ce345 100644 --- a/unittests/test_stpncpy_s.c +++ b/unittests/test_stpncpy_s.c @@ -428,7 +428,12 @@ printf("Test #%d:\n", ++testno); } /* be sure that the slack is correct */ for (i=1; i<6; i++) { - if (ret[i] != 'x') { +#ifdef SAFECLIB_STR_NULL_SLACK + const char slack = '\0'; +#else + const char slack = 'x'; +#endif // SAFECLIB_STR_NULL_SLACK + if (ret[i] != slack) { printf("%s %u Incorrect Slack at returned ptr index %d Error rc=%u \n", __FUNCTION__, __LINE__, i, rc ); ++errs; @@ -473,7 +478,12 @@ printf("Test #%d:\n", ++testno); } /* be sure that the slack is correct */ for (; i<15; i++) { - if (ret[i] != 'x') { +#ifdef SAFECLIB_STR_NULL_SLACK + const char slack = '\0'; +#else + const char slack = 'x'; +#endif // SAFECLIB_STR_NULL_SLACK + if (ret[i] != slack) { printf("%s %u Incorrect Slack at returned ptr index %d Error rc=%u \n", __FUNCTION__, __LINE__, i, rc ); ++errs; @@ -511,7 +521,12 @@ printf("Test #%d:\n", ++testno); } else { /* be sure that the slack is correct */ for (i=1; i<5; i++) { - if (ret[i] != 'x') { +#ifdef SAFECLIB_STR_NULL_SLACK + const char slack = '\0'; +#else + const char slack = 'x'; +#endif // SAFECLIB_STR_NULL_SLACK + if (ret[i] != slack) { printf("%s %u Incorrect Slack at returned ptr index %d Error rc=%u \n", __FUNCTION__, __LINE__, i, rc ); ++errs; @@ -549,7 +564,12 @@ printf("Test #%d:\n", ++testno); } else { /* be sure that the slack is correct */ for (i=1; i<5; i++) { - if (ret[i] != 'x') { +#ifdef SAFECLIB_STR_NULL_SLACK + const char slack = '\0'; +#else + const char slack = 'x'; +#endif // SAFECLIB_STR_NULL_SLACK + if (ret[i] != slack) { printf("%s %u Incorrect Slack at returned ptr index %d Error rc=%u \n", __FUNCTION__, __LINE__, i, rc ); ++errs;