added unittest for unit_maybe_alloc

2025-06-09 16:51:34 +00:00 · 2020-03-30 16:01:29 +02:00 · 2020-03-30 16:01:29 +02:00 · 209aa25d27
commit 209aa25d27
parent 28e5a8031c
3 changed files with 184 additions and 6 deletions
--- a/19
+++ b/19
@ -3,13 +3,13 @@
 # -----------------------------
 #
 # Originally written by Michal Zalewski
-# 
+#
 # Copyright 2013, 2014, 2015, 2016, 2017 Google Inc. All rights reserved.
-# 
+#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at:
-# 
+#
 #   http://www.apache.org/licenses/LICENSE-2.0
 #

@ -311,13 +311,20 @@ afl-gotcpu: src/afl-gotcpu.c $(COMM_HDR) | test_x86
 document: $(COMM_HDR) include/afl-fuzz.h $(AFL_FUZZ_FILES) src/afl-common.o src/afl-sharedmem.o src/afl-forkserver.o | test_x86
 	$(CC) -D_AFL_DOCUMENT_MUTATIONS $(CFLAGS) $(CFLAGS_FLTO) $(AFL_FUZZ_FILES) src/afl-common.o src/afl-sharedmem.o src/afl-forkserver.o -o afl-fuzz-document $(PYFLAGS) $(LDFLAGS)

+test/unittests/unit_maybe_alloc.o : $(COMM_HDR) include/alloc-inl.h test/unittests/unit_maybe_alloc.c $(AFL_FUZZ_FILES)
+	$(CC) $(CFLAGS) $(CFLAGS_FLTO) -c test/unittests/unit_maybe_alloc.c -o test/unittests/unit_maybe_alloc.o

+unit_maybe_alloc: test/unittests/unit_maybe_alloc.o
+	$(CC) $(CFLAGS) -lcmocka -Wl,--wrap=exit -Wl,--wrap=printf $(LDFLAGS) test/unittests/unit_maybe_alloc.o -o test/unittests/unit_maybe_alloc
+	./test/unittests/unit_maybe_alloc
+
+unit: unit_maybe_alloc

 code-format:
 	./.custom-format.py -i src/*.c
 	./.custom-format.py -i include/*.h
-	./.custom-format.py -i libdislocator/*.c 
-	./.custom-format.py -i libtokencap/*.c 
+	./.custom-format.py -i libdislocator/*.c
+	./.custom-format.py -i libtokencap/*.c
 	./.custom-format.py -i llvm_mode/*.c
 	./.custom-format.py -i llvm_mode/*.h
 	./.custom-format.py -i llvm_mode/*.cc
@ -364,7 +371,7 @@ all_done: test_build
 .NOTPARALLEL: clean

 clean:
-	rm -f $(PROGS) libradamsa.so afl-fuzz-document afl-as as afl-g++ afl-clang afl-clang++ *.o src/*.o *~ a.out core core.[1-9][0-9]* *.stackdump .test .test1 .test2 test-instr .test-instr0 .test-instr1 qemu_mode/qemu-3.1.1.tar.xz afl-qemu-trace afl-gcc-fast afl-gcc-pass.so afl-gcc-rt.o afl-g++-fast ld *.so *.8
+	rm -f $(PROGS) libradamsa.so afl-fuzz-document afl-as as afl-g++ afl-clang afl-clang++ *.o src/*.o *~ a.out core core.[1-9][0-9]* *.stackdump .test .test1 .test2 test-instr .test-instr0 .test-instr1 qemu_mode/qemu-3.1.1.tar.xz afl-qemu-trace afl-gcc-fast afl-gcc-pass.so afl-gcc-rt.o afl-g++-fast ld *.so *.8 test/unittests/*.o test/unittests/unit_maybe_alloc
 	rm -rf out_dir qemu_mode/qemu-3.1.1 *.dSYM */*.dSYM
 	-$(MAKE) -C llvm_mode clean
 	-$(MAKE) -C gcc_plugin clean
--- a/include/alloc-inl.h
+++ b/include/alloc-inl.h
@ -784,6 +784,35 @@ static inline size_t next_pow2(size_t in) {

 }

+/* This function makes sure *size is > size_needed after call.
+ It will realloc *buf otherwise.
+ *size will grow exponentially as per:
+ https://blog.mozilla.org/nnethercote/2014/11/04/please-grow-your-buffers-exponentially/
+ Will return NULL and free *buf if size_needed is <1 or realloc failed.
+ @return For convenience, this function returns *buf.
+ */
+static inline void *maybe_grow(void **buf, size_t *size, size_t size_needed) {
+
+  /* No need to realloc */
+  if (likely(size_needed && *size >= size_needed)) return *buf;
+
+  /* No initial size was set */
+  if (size_needed < INITIAL_GROWTH_SIZE) size_needed = INITIAL_GROWTH_SIZE;
+
+  /* grow exponentially */
+  size_t next_size = next_pow2(size_needed);
+
+  /* handle overflow and zero size_needed */
+  if (!next_size) { next_size = size_needed; }
+
+  /* alloc */
+  *buf = realloc(*buf, next_size);
+  *size = *buf ? next_size : 0;
+
+  return *buf;
+
+}
+
 /* This function makes sure *size is > size_needed after call.
 It will realloc *buf otherwise.
 *size will grow exponentially as per:
@ -817,6 +846,8 @@ static inline void *ck_maybe_grow(void **buf, size_t *size,

 }

+
+
 /* Swaps buf1 ptr and buf2 ptr, as well as their sizes */
 static inline void swap_bufs(void **buf1, size_t *size1, void **buf2,
                             size_t *size2) {
--- a/test/unittests/unit_maybe_alloc.c
+++ b/test/unittests/unit_maybe_alloc.c
@ -0,0 +1,140 @@
+#include <stdarg.h>
+#include <stddef.h>
+#include <setjmp.h>
+#include <assert.h>
+#include <cmocka.h>
+
+extern void mock_assert(const int result, const char* const expression,
+                        const char * const file, const int line);
+#undef assert
+#define assert(expression) \
+    mock_assert((int)(expression), #expression, __FILE__, __LINE__);
+#include "alloc-inl.h"
+
+/* remap exit -> assert, then use cmocka's mock_assert
+    (compile with `--wrap=exit`) */
+extern void exit(int status);
+extern void __real_exit(int status);
+void __wrap_exit(int status) {
+    assert(0);
+}
+
+/* ignore all printfs */
+extern int printf(const char *format, ...);
+extern int __real_printf(const char *format, ...);
+int __wrap_printf(const char *format, ...) {
+    return 1;
+}
+
+#define BUF_PARAMS (void **)&buf, &size
+
+static int setup(void **state) {
+
+    return 0;
+
+}
+
+static void test_null_allocs(void **state) {
+
+    void *buf = NULL;
+    size_t size = 0;
+    void *ptr = ck_maybe_grow(BUF_PARAMS, 100);
+    assert_true(buf == ptr);
+    assert_true(size >= 100);
+    ck_free(ptr);
+
+}
+
+static void test_nonpow2_size(void **state) {
+
+    char *buf = ck_alloc(150);
+    size_t size = 150;
+    buf[140] = '5';
+    char *ptr = ck_maybe_grow(BUF_PARAMS, 160);
+    assert_ptr_equal(buf, ptr);
+    assert_true(size >= 160);
+    assert_true(buf[140] == '5');
+    ck_free(ptr);
+
+}
+
+static void test_zero_size() {
+
+    char *buf = NULL;
+    size_t size = 0;
+    //assert_non_null(maybe_grow(BUF_PARAMS, 0));
+    free(buf);
+    buf = NULL;
+    size = 0;
+
+    char *ptr = ck_maybe_grow(BUF_PARAMS, 100);
+    assert_non_null(ptr);
+    assert_ptr_equal(buf, ptr);
+    assert_true(size >= 100);
+
+    expect_assert_failure(ck_maybe_grow(BUF_PARAMS, 0));
+
+}
+
+static void test_unchanged_size(void **state) {
+
+    void *buf = ck_alloc(100);
+    size_t size = 100;
+    void *buf_before = buf;
+    void *buf_after = ck_maybe_grow(BUF_PARAMS, 100);
+    assert_ptr_equal(buf, buf_after);
+    assert_ptr_equal(buf_after, buf_before);
+    ck_free(buf);
+
+}
+
+static void test_grow_multiple(void **state) {
+
+    char *buf = NULL;
+    size_t size = 0;
+
+    char *ptr = ck_maybe_grow(BUF_PARAMS, 100);
+    assert_ptr_equal(ptr, buf);
+    assert_true(size >= 100);
+    assert_int_equal(size, next_pow2(size));
+    buf[50] = '5';
+
+    ptr = (char *)ck_maybe_grow(BUF_PARAMS, 1000);
+    assert_ptr_equal(ptr, buf);
+    assert_true(size >= 100);
+    assert_int_equal(size, next_pow2(size));
+    buf[500] = '5';
+
+    ptr = (char *)ck_maybe_grow(BUF_PARAMS, 10000);
+    assert_ptr_equal(ptr, buf);
+    assert_true(size >= 10000);
+    assert_int_equal(size, next_pow2(size));
+    buf[5000] = '5';
+
+    assert_int_equal(buf[50], '5');
+    assert_int_equal(buf[500], '5');
+    assert_int_equal(buf[5000], '5');
+
+    ck_free(buf);
+
+}
+
+static int teardown(void **state) {
+
+    return 0;
+
+}
+
+int main(int argc, char **argv) {
+
+	const struct CMUnitTest tests[] = {
+		cmocka_unit_test(test_null_allocs),
+		cmocka_unit_test(test_nonpow2_size),
+		cmocka_unit_test(test_zero_size),
+        cmocka_unit_test(test_unchanged_size),
+        cmocka_unit_test(test_grow_multiple),
+	};
+
+    return cmocka_run_group_tests (tests, setup, teardown);
+
+}