[PATCH] tests: avoid write-beyond-end-of-heap buffer

Jim Meyering jim at meyering.net
Fri Nov 11 11:38:19 CET 2011 

In libgcrypt's "make check" (latest from git), I was surprised to
see the "basic" test fail.  Here's a patch:

Avoid scary-looking (with MALLOC_CHECK_=3) "make check" test failure:

  *** glibc detected *** /h/j/w/co/libgcrypt/tests/.libs/lt-basic: free(): invalid
  pointer: 0x0000000001f9d080 ***
  ======= Backtrace: =========
  /lib64/libc.so.6[0x3a5807c606]
  /w/libgcrypt/src/.libs/libgcrypt.so.19(+0x100c9)[0x7f890edb90c9]
  /w/libgcrypt/src/.libs/libgcrypt.so.19(+0xb03e)[0x7f890edb403e]
  /w/libgcrypt/src/.libs/libgcrypt.so.19(gcry_free+0x18)[0x7f890edb1eef]
  /w/libgcrypt/tests/.libs/lt-basic[0x4091f4]
  /w/libgcrypt/tests/.libs/lt-basic[0x40b541]
  /lib64/libc.so.6(__libc_start_main+0xed)[0x3a5802169d]
  /w/libgcrypt/tests/.libs/lt-basic[0x401979]
  ======= Memory map: ========
  00400000-00411000 r-xp 00000000 08:08 2787510 /w/co/libgcrypt/tests/.libs/lt-basic
  ...


>From 722e6d470371bb3d995e0a6a67cd9c2ffd7bb664 Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering at redhat.com>
Date: Fri, 11 Nov 2011 11:34:45 +0100
Subject: [PATCH] tests: avoid write-beyond-end-of-heap buffer

* basic.c (check_bulk_cipher_modes): Allocate one more byte in
each of the two test buffers.  Otherwise, running
"env -i MALLOC_CHECK_=3 ./basic" would abort.
---
 tests/ChangeLog |    7 +++++++
 tests/basic.c   |    4 ++--
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/tests/ChangeLog b/tests/ChangeLog
index 8e96898..573b331 100644
--- a/tests/ChangeLog
+++ b/tests/ChangeLog
@@ -1,3 +1,10 @@
+2011-11-11  Jim Meyering  <meyering at redhat.com>
+
+	tests: avoid write-beyond-end-of-heap buffer
+	* basic.c (check_bulk_cipher_modes): Allocate one more byte in
+	each of the two test buffers.  Otherwise, running
+	"env -i MALLOC_CHECK_=3 ./basic" would abort.
+
 2011-09-15  Werner Koch  <wk at g10code.com>

 	* register.c: Remove.
diff --git a/tests/basic.c b/tests/basic.c
index cdc3462..9b2d0a8 100644
--- a/tests/basic.c
+++ b/tests/basic.c
@@ -1251,9 +1251,9 @@ check_bulk_cipher_modes (void)
     fprintf (stderr, "Starting bulk cipher checks.\n");

   buflen = 16*100;  /* We check a 1600 byte buffer.  */
-  buffer_base = gcry_xmalloc (buflen+15);
+  buffer_base = gcry_xmalloc (buflen+16);
   buffer = buffer_base + (16 - ((size_t)buffer_base & 0x0f));
-  outbuf_base = gcry_xmalloc (buflen+15);
+  outbuf_base = gcry_xmalloc (buflen+16);
   outbuf = outbuf_base + (16 - ((size_t)outbuf_base & 0x0f));


--
1.7.8.rc0.61.g8a042

More information about the Gnupg-devel mailing list