safestring: Fix unit test failures with SAFECLIB_STR_NULL_SLACK

When SAFECLIB_STR_NULL_SLACK is defined, several unit tests fail. Some fail because the functions misbehave, others fail because the tests are expecting different values in the slack buffer. Fix them all. Signed-off-by: Mark Rustad <MRustad@gmail.com>
intel · Jun 3, 2018 · a69f95d · a69f95d
1 parent d76c66a
commit a69f95d
Show file tree

Hide file tree

Showing 4 changed files with 41 additions and 11 deletions.
diff --git a/safeclib/stpcpy_s.c b/safeclib/stpcpy_s.c
@@ -157,7 +157,9 @@ stpcpy_s(char *dest, rsize_t dmax, const char *src, errno_t *err)
  if (*dest == '\0') {
 #ifdef SAFECLIB_STR_NULL_SLACK
  /* null slack to clear any data */
- while (dmax) { *dest = '\0'; dmax--; dest++; }
+ char *filler = dest;
+
+ while (dmax) { *filler = '\0'; dmax--; filler++; }
 #endif
  *err = RCNEGATE(EOK);
  return dest;
@@ -191,7 +193,9 @@ stpcpy_s(char *dest, rsize_t dmax, const char *src, errno_t *err)
  if (*dest == '\0') {
 #ifdef SAFECLIB_STR_NULL_SLACK
  /* null slack to clear any data */
- while (dmax) { *dest = '\0'; dmax--; dest++; }
+ char *filler = dest;
+
+ while (dmax) { *filler = '\0'; dmax--; filler++; }
 #endif
  *err = RCNEGATE(EOK);
  return dest;
@@ -219,7 +223,9 @@ stpcpy_s(char *dest, rsize_t dmax, const char *src, errno_t *err)
  if (*dest == '\0') {
 #ifdef SAFECLIB_STR_NULL_SLACK
  /* null slack to clear any data */
- while (dmax) { *dest = '\0'; dmax--; dest++; }
+ char *filler = dest;
+
+ while (dmax) { *filler = '\0'; dmax--; filler++; }
 #endif
  *err = RCNEGATE(EOK);
  return dest;

diff --git a/safeclib/stpncpy_s.c b/safeclib/stpncpy_s.c
@@ -185,15 +185,15 @@ stpncpy_s(char *dest, rsize_t dmax, const char *src, rsize_t smax, errno_t *err)
 
 #ifdef SAFECLIB_STR_NULL_SLACK
  /* dmwheel1: Add check to prevent destruction of overlap into destination */
- if ((src < dest) && ((src+dmax) >= dest)) {
+ if ((src < dest) && ((src + smax) > dest)) {
  invoke_safe_str_constraint_handler("stpncpy_s: src+dmax overlaps into dest",
  NULL, ESOVRLP);
  *err = RCNEGATE(ESOVRLP);
  return NULL;
  }
 
  /* dmwheel1: Add check to prevent destruction of overlap into source */
- if ((dest < src) && ((dest+dmax) >= src)) {
+ if ((dest < src) && ((dest + dmax) > src)) {
  invoke_safe_str_constraint_handler("stpncpy_s: dest+dmax overlaps into src",
  NULL, ESOVRLP);
  *err = RCNEGATE(ESOVRLP);

diff --git a/safeclib/wcpcpy_s.c b/safeclib/wcpcpy_s.c
@@ -178,7 +178,9 @@ wcpcpy_s(wchar_t* dest, rsize_t dmax, const wchar_t* src, errno_t *err)
  if (*dest == L'\0') {
 #ifdef SAFECLIB_STR_NULL_SLACK
  /* null slack to clear any data */
- while (dmax) { *dest = L'\0'; dmax--; dest++; }
+ wchar_t *filler = dest;
+
+ while (dmax) { *filler = L'\0'; dmax--; filler++; }
 #endif
  *err = RCNEGATE(EOK);
  return dest; /* successful return */
@@ -204,7 +206,9 @@ wcpcpy_s(wchar_t* dest, rsize_t dmax, const wchar_t* src, errno_t *err)
  if (*dest == L'\0') {
 #ifdef SAFECLIB_STR_NULL_SLACK
  /* null slack to clear any data */
- while (dmax) { *dest = L'\0'; dmax--; dest++; }
+ wchar_t *filler = dest;
+
+ while (dmax) { *filler = L'\0'; dmax--; filler++; }
 #endif
  *err = RCNEGATE(EOK);
  return dest; /* successful return */

diff --git a/unittests/test_stpncpy_s.c b/unittests/test_stpncpy_s.c
@@ -428,7 +428,12 @@ printf("Test #%d:\n", ++testno);
  }
  /* be sure that the slack is correct */
  for (i=1; i<6; i++) {
- if (ret[i] != 'x') {
+#ifdef SAFECLIB_STR_NULL_SLACK
+ const char slack = '\0';
+#else
+ const char slack = 'x';
+#endif // SAFECLIB_STR_NULL_SLACK
+ if (ret[i] != slack) {
  printf("%s %u Incorrect Slack at returned ptr index %d Error rc=%u \n",
  __FUNCTION__, __LINE__, i, rc );
  ++errs;
@@ -473,7 +478,12 @@ printf("Test #%d:\n", ++testno);
  }
  /* be sure that the slack is correct */
  for (; i<15; i++) {
- if (ret[i] != 'x') {
+#ifdef SAFECLIB_STR_NULL_SLACK
+ const char slack = '\0';
+#else
+ const char slack = 'x';
+#endif // SAFECLIB_STR_NULL_SLACK
+ if (ret[i] != slack) {
  printf("%s %u Incorrect Slack at returned ptr index %d Error rc=%u \n",
  __FUNCTION__, __LINE__, i, rc );
  ++errs;
@@ -511,7 +521,12 @@ printf("Test #%d:\n", ++testno);
  } else {
  /* be sure that the slack is correct */
  for (i=1; i<5; i++) {
- if (ret[i] != 'x') {
+#ifdef SAFECLIB_STR_NULL_SLACK
+ const char slack = '\0';
+#else
+ const char slack = 'x';
+#endif // SAFECLIB_STR_NULL_SLACK
+ if (ret[i] != slack) {
  printf("%s %u Incorrect Slack at returned ptr index %d Error rc=%u \n",
  __FUNCTION__, __LINE__, i, rc );
  ++errs;
@@ -549,7 +564,12 @@ printf("Test #%d:\n", ++testno);
  } else {
  /* be sure that the slack is correct */
  for (i=1; i<5; i++) {
- if (ret[i] != 'x') {
+#ifdef SAFECLIB_STR_NULL_SLACK
+ const char slack = '\0';
+#else
+ const char slack = 'x';
+#endif // SAFECLIB_STR_NULL_SLACK
+ if (ret[i] != slack) {
  printf("%s %u Incorrect Slack at returned ptr index %d Error rc=%u \n",
  __FUNCTION__, __LINE__, i, rc );
  ++errs;