commit e4c33f4941897d0d2691e34ad91d3d471be9de5f
author Jerome Forissier <jerome@forissier.org> Tue Sep 21 11:26:17 2021 +0200
committer Jérôme Forissier <jerome@forissier.org> Wed Sep 22 11:30:30 2021 +0200
tree b1beb9b77da9a9413083546f4edc3dc3e13ab607
parent 3771479b43bb3b782d6a17b8e5c6e737d59b6a75

regression 1010: test zero-size TEE_Malloc()

Check that TEE_Malloc() returns a non-NULL pointer when requested size
is zero and that the returned pointer is inaccessible for read or write.
Testing feature introduced in optee_os commit a83ee50a8047 ("libutee:
Handle zero sized buffer allocations") [1].

Link: https://github.com/OP-TEE/optee_os/commit/a83ee50a8047
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

ta/os_test/os_test.c

diff --git a/ta/os_test/os_test.c b/ta/os_test/os_test.c
index cfe3590..d695c78 100644
--- a/ta/os_test/os_test.c
+++ b/ta/os_test/os_test.c
@@ -988,6 +988,8 @@
 	long int stack = 0;
 	long int stack_addr = (long int)&stack;
 	void (*volatile null_fn_ptr)(void) = NULL;
+	char *zero_size_malloc = NULL;
+	volatile char c = 0;
 
 	if (param_types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_VALUE_INPUT, 0, 0, 0) &&
 	    param_types != TEE_PARAM_TYPES(TEE_PARAM_TYPE_VALUE_INPUT,
@@ -1010,6 +1012,18 @@
 	case 5:
 		undef_instr();
 		break;
+	case 6:
+		zero_size_malloc = TEE_Malloc(0, 0);
+		if (!zero_size_malloc)
+			return TEE_ERROR_GENERIC;
+		c = *zero_size_malloc;
+		break;
+	case 7:
+		zero_size_malloc = TEE_Malloc(0, 0);
+		if (!zero_size_malloc)
+			return TEE_ERROR_GENERIC;
+		*zero_size_malloc = 0;
+		break;
 	default:
 		break;
 	}