Added test checking that a simple overflow is caught via -D_FORTIFY_SOURCE

author: Cristian Cadar <c.cadar@imperial.ac.uk> 2020-10-13 16:12:20 +0100
committer: MartinNowack <2443641+MartinNowack@users.noreply.github.com> 2020-11-09 19:39:13 +0000
commit: d28c99001b6b0690195a16de13239441178e2abf (patch)
tree: d289f0606efadd7d164a939b66bdffc57f8e3bff
parent: 08b8cb021d0fcda5607eac61a70fcf4fe0b5b098 (diff)
download: klee-d28c99001b6b0690195a16de13239441178e2abf.tar.gz
1 files changed, 27 insertions, 0 deletions
diff --git a/test/Runtime/FreeStanding/memcpy_chk_err.c b/test/Runtime/FreeStanding/memcpy_chk_err.c
new file mode 100644
index 00000000..b6071469
--- /dev/null
+++ b/test/Runtime/FreeStanding/memcpy_chk_err.c
@@ -0,0 +1,27 @@
+// This test checks that __memcpy_chk find the kind of errors it was
+// designed to find
+
+// It requires clang >= 10, otherwise a direct call to memcpy is
+// emitted instead of to __memcpy_chk
+// REQUIRES: geq-llvm-10.0
+
+// RUN: %clang %s -emit-llvm -O2 -g -c -D_FORTIFY_SOURCE=1 -o %t2.bc
+// RUN: rm -rf %t.klee-out
+// RUN: %klee --output-dir=%t.klee-out %t2.bc
+
+// RUN: test -f %t.klee-out/test000001.ptr.err
+// RUN: FileCheck --input-file %t.klee-out/test000001.ptr.err %s
+// CHECK: memcpy overflow
+
+#include "klee/klee.h"
+
+#include <assert.h>
+#include <stdlib.h>
+#include <string.h>
+
+int main() {
+  char d[5];
+  char* s = "1234567890";
+
+  memcpy(d, s, 10);
+}
author	Cristian Cadar <c.cadar@imperial.ac.uk>	2020-10-13 16:12:20 +0100
committer	MartinNowack <2443641+MartinNowack@users.noreply.github.com>	2020-11-09 19:39:13 +0000
commit	d28c99001b6b0690195a16de13239441178e2abf (patch)
tree	d289f0606efadd7d164a939b66bdffc57f8e3bff
parent	08b8cb021d0fcda5607eac61a70fcf4fe0b5b098 (diff)
download	klee-d28c99001b6b0690195a16de13239441178e2abf.tar.gz