Blame - tests/suites/test_suite_net.function - mirror/mbed-tls

blob: f429fc9221eb3355cddde18d9ba14dc530332160 [file] [log] [blame]

Gilles Peskine	1c0e48a	2021-02-24 18:37:46 +0100	[diff] [blame]	1	/* BEGIN_HEADER */
				2
				3	#include "mbedtls/net_sockets.h"
				4
Gilles Peskine	6667a78	2021-02-24 19:41:29 +0100	[diff] [blame]	5	#if defined(unix) \|\| defined(__unix__) \|\| defined(__unix) \|\| \
				6	defined(__APPLE__) \|\| defined(__QNXNTO__) \|\| \
				7	defined(__HAIKU__) \|\| defined(__midipix__)
				8	#define MBEDTLS_PLATFORM_IS_UNIXLIKE
				9	#endif
				10
				11	#if defined(MBEDTLS_PLATFORM_IS_UNIXLIKE)
				12	#include <sys/fcntl.h>
				13	#include <sys/resource.h>
				14	#include <sys/stat.h>
				15	#include <sys/time.h>
				16	#include <sys/types.h>
				17	#include <unistd.h>
				18	#endif
				19
				20
				21	#if defined(MBEDTLS_PLATFORM_IS_UNIXLIKE)
				22	/** Open a file on the given file descriptor.
				23	*
				24	* This is disruptive if there is already something open on that descriptor.
				25	* Caller beware.
				26	*
				27	* \param ctx An initialized, but unopened socket context.
				28	* On success, it refers to the opened file (\p wanted_fd).
				29	* \param wanted_fd The desired file descriptor.
				30	*
				31	* \return \c 0 on succes, a negative error code on error.
				32	*/
				33	static int open_file_on_fd( mbedtls_net_context *ctx, int wanted_fd )
				34	{
				35	int got_fd = open( "/dev/null", O_RDONLY );
				36	TEST_ASSERT( got_fd >= 0 );
				37	if( got_fd != wanted_fd )
				38	{
				39	TEST_ASSERT( dup2( got_fd, wanted_fd ) >= 0 );
				40	TEST_ASSERT( close( got_fd ) >= 0 );
				41	}
				42	ctx->fd = wanted_fd;
				43	return( 0 );
				44	exit:
				45	return( -1 );
				46	}
				47	#endif /* MBEDTLS_PLATFORM_IS_UNIXLIKE */
				48
Gilles Peskine	1c0e48a	2021-02-24 18:37:46 +0100	[diff] [blame]	49	/* END_HEADER */
				50
				51	/* BEGIN_DEPENDENCIES
				52	* depends_on:MBEDTLS_NET_C
				53	* END_DEPENDENCIES
				54	*/
				55
				56	/* BEGIN_CASE */
				57	void context_init_free( int reinit )
				58	{
				59	mbedtls_net_context ctx;
				60
				61	mbedtls_net_init( &ctx );
				62	mbedtls_net_free( &ctx );
				63
				64	if( reinit )
				65	mbedtls_net_init( &ctx );
				66	mbedtls_net_free( &ctx );
				67
				68	/* This test case always succeeds, functionally speaking. A plausible
				69	* bug might trigger an invalid pointer dereference or a memory leak. */
				70	goto exit;
				71	}
				72	/* END_CASE */
Gilles Peskine	6667a78	2021-02-24 19:41:29 +0100	[diff] [blame]	73
				74	/* BEGIN_CASE depends_on:MBEDTLS_PLATFORM_IS_UNIXLIKE */
				75	void poll_beyond_fd_setsize( )
				76	{
				77	/* Test that mbedtls_net_poll does not misbehave when given a file
Gilles Peskine	97c57fe	2021-03-01 11:40:56 +0100	[diff] [blame]	78	* descriptor greater or equal to FD_SETSIZE. This code is specific to
				79	* platforms with a Unix-like select() function, which is where
				80	* FD_SETSIZE is a concern. */
Gilles Peskine	6667a78	2021-02-24 19:41:29 +0100	[diff] [blame]	81
				82	struct rlimit rlim_nofile;
				83	int restore_rlim_nofile = 0;
				84	int ret;
				85	mbedtls_net_context ctx;
				86	uint8_t buf[1];
				87
				88	mbedtls_net_init( &ctx );
				89
				90	/* On many systems, by default, the maximum permitted file descriptor
Gilles Peskine	97c57fe	2021-03-01 11:40:56 +0100	[diff] [blame]	91	* number is less than FD_SETSIZE. If so, raise the limit if
Gilles Peskine	6667a78	2021-02-24 19:41:29 +0100	[diff] [blame]	92	* possible.
				93	*
Gilles Peskine	97c57fe	2021-03-01 11:40:56 +0100	[diff] [blame]	94	* If the limit can't be raised, a file descriptor opened by the
				95	* net_sockets module will be less than FD_SETSIZE, so the test
				96	* is not necessary and we mark it as skipped.
Gilles Peskine	574cf7b	2021-03-01 11:43:22 +0100	[diff] [blame]	97	* A file descriptor could still be higher than FD_SETSIZE if it was
				98	* opened before the limit was lowered (which is something an application
				99	* might do); but we don't do such things in our test code, so the unit
				100	* test will run if it can.
Gilles Peskine	6667a78	2021-02-24 19:41:29 +0100	[diff] [blame]	101	*/
				102	TEST_ASSERT( getrlimit( RLIMIT_NOFILE, &rlim_nofile ) == 0 );
Gilles Peskine	97c57fe	2021-03-01 11:40:56 +0100	[diff] [blame]	103	if( rlim_nofile.rlim_cur < FD_SETSIZE + 1 )
Gilles Peskine	6667a78	2021-02-24 19:41:29 +0100	[diff] [blame]	104	{
				105	rlim_t old_rlim_cur = rlim_nofile.rlim_cur;
				106	rlim_nofile.rlim_cur = FD_SETSIZE + 1;
				107	TEST_ASSUME( setrlimit( RLIMIT_NOFILE, &rlim_nofile ) == 0 );
				108	rlim_nofile.rlim_cur = old_rlim_cur;
				109	restore_rlim_nofile = 1;
				110	}
				111
				112	TEST_ASSERT( open_file_on_fd( &ctx, FD_SETSIZE ) == 0 );
				113
				114	/* In principle, mbedtls_net_poll() with valid arguments should succeed.
				115	* However, we know that on Unix-like platforms (and others), this function
				116	* is implemented on top of select() and fd_set, which do not support
Gilles Peskine	97c57fe	2021-03-01 11:40:56 +0100	[diff] [blame]	117	* file descriptors greater or equal to FD_SETSIZE. So we expect to hit
				118	* this platform limitation.
Gilles Peskine	6667a78	2021-02-24 19:41:29 +0100	[diff] [blame]	119	*
				120	* If mbedtls_net_poll() does not proprely check that ctx.fd is in range,
				121	* it may still happen to return the expected failure code, but if this
				122	* is problematic on the particular platform where the code is running,
				123	* a memory sanitizer such as UBSan should catch it.
				124	*/
				125	ret = mbedtls_net_poll( &ctx, MBEDTLS_NET_POLL_READ, 0 );
				126	TEST_EQUAL( ret, MBEDTLS_ERR_NET_POLL_FAILED );
				127
				128	/* mbedtls_net_recv_timeout() uses select() and fd_set in the same way. */
				129	ret = mbedtls_net_recv_timeout( &ctx, buf, sizeof( buf ), 0 );
				130	TEST_EQUAL( ret, MBEDTLS_ERR_NET_POLL_FAILED );
				131
				132	exit:
				133	mbedtls_net_free( &ctx );
				134	if( restore_rlim_nofile )
				135	setrlimit( RLIMIT_NOFILE, &rlim_nofile );
				136	}
				137	/* END_CASE */