Mercurial > pub > dyncall > dyncall

diff test/suite_aggrs/main.c @ 458:1c18c2377c24

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
suite_aggr: - bounds checking memory of struct return values, to spot overflow errors by dcCallStruct - added clearing of space aggregate data is written to, to be in line with other data which is cleared - some optimization
author Tassilo Philipp
date Sat, 29 Jan 2022 12:02:56 +0100
parents 20fa684221a1
children 0ae555528709
line wrap: on
line diff
--- a/test/suite_aggrs/main.c	Fri Jan 28 14:11:21 2022 +0100
+++ b/test/suite_aggrs/main.c	Sat Jan 29 12:02:56 2022 +0100
@@ -51,6 +51,7 @@
   char const * sig_args;
   char         rtype;
   DCstruct *   rtype_st = NULL;
+  int          rtype_size = 0;
   funptr       rtype_st_cmp = NULL;
   char         atype;
   int          pos = 0;
@@ -70,6 +71,7 @@
     rtype = *sig;
     sig += len;
 
+    rtype_size = G_agg_sizes[i];
     rtype_st_cmp = G_agg_cmpfuncs[i];
     rtype_st = ((DCstruct*(*)())G_agg_touchdcstfuncs[i])();
     dcBeginCallStruct(p, rtype_st);
@@ -121,7 +123,17 @@
     case 'f': s = (dcCallFloat   (p,t) == K_f[pos]) ; break;
     case 'd': s = (dcCallDouble  (p,t) == K_d[pos]) ; break;
     case '{': {
-      s = ((int(*)(const void*,const void*))rtype_st_cmp)(dcCallStruct(p,t,rtype_st, V_a[0]/*unused space for retval*/), K_a[pos]);
+      /* bound check memory adjacent to returned struct, to check for overflows by dcCallStruct */
+      long long* adj_ll = (get_max_aggr_size() - rtype_size) > sizeof(long long) ? (long long*)((char*)V_a[0] + rtype_size) : NULL;
+      if(adj_ll)
+        *adj_ll = 0x0123456789abcdef;
+
+      s = ((int(*)(const void*,const void*))rtype_st_cmp)(dcCallStruct(p, t, rtype_st, V_a[0]), K_a[pos]);
+
+      if(*adj_ll != 0x0123456789abcdef) {
+        printf("writing rval overflowed into adjacent memory;");
+        return 0;
+      }
       break;
     }
     default: printf("unknown rtype '%c'", rtype); return 0;