cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-30 17:09:41 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8286 from gilles-peskine-arm/check_mbedtls_calloc_overallocation-disable_with_asan

Browse Source 
Fix test_suite_platform failure with Asan on modern Clang
This commit is contained in:
Dave Rodgman 2023-11-28 16:48:31 +00:00 committed by GitHub
commit c3cd410acf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 71 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
tests/include/test/helpers.h
View File

@ -20,6 +20,21 @@
#include "mbedtls/build_info.h" #include "mbedtls/build_info.h"
#if defined(__SANITIZE_ADDRESS__) /* gcc -fsanitize=address */
# define MBEDTLS_TEST_HAVE_ASAN
#endif
#if defined(__has_feature)
# if __has_feature(address_sanitizer) /* clang -fsanitize=address */
# define MBEDTLS_TEST_HAVE_ASAN
# endif
# if __has_feature(memory_sanitizer) /* clang -fsanitize=memory */
# define MBEDTLS_TEST_HAVE_MSAN
# endif
# if __has_feature(thread_sanitizer) /* clang -fsanitize=thread */
# define MBEDTLS_TEST_HAVE_TSAN
# endif
#endif
#if defined(MBEDTLS_THREADING_C) && defined(MBEDTLS_THREADING_PTHREAD) && \ #if defined(MBEDTLS_THREADING_C) && defined(MBEDTLS_THREADING_PTHREAD) && \
defined(MBEDTLS_TEST_HOOKS) defined(MBEDTLS_TEST_HOOKS)
#define MBEDTLS_TEST_MUTEX_USAGE #define MBEDTLS_TEST_MUTEX_USAGE

51
tests/scripts/analyze_outcomes.py
View File

@ -232,6 +232,12 @@ KNOWN_TASKS = {
'psa_crypto_low_hash.generated', # testing the builtins 'psa_crypto_low_hash.generated', # testing the builtins
], ],
'ignored_tests': { 'ignored_tests': {
'test_suite_platform': [
# Incompatible with sanitizers (e.g. ASan). If the driver
# component uses a sanitizer but the reference component
# doesn't, we have a PASS vs SKIP mismatch.
'Check mbedtls_calloc overallocation',
],
} }
} }
}, },
@ -255,6 +261,12 @@ KNOWN_TASKS = {
'test_suite_pem': [ 'test_suite_pem': [
re.compile(r'PEM read .*(AES|DES|\bencrypt).*'), re.compile(r'PEM read .*(AES|DES|\bencrypt).*'),
], ],
'test_suite_platform': [
# Incompatible with sanitizers (e.g. ASan). If the driver
# component uses a sanitizer but the reference component
# doesn't, we have a PASS vs SKIP mismatch.
'Check mbedtls_calloc overallocation',
],
# Following tests depend on AES_C/DES_C but are not about # Following tests depend on AES_C/DES_C but are not about
# them really, just need to know some error code is there. # them really, just need to know some error code is there.
'test_suite_error': [ 'test_suite_error': [
@ -297,6 +309,12 @@ KNOWN_TASKS = {
'ecdsa', 'ecdh', 'ecjpake', 'ecdsa', 'ecdh', 'ecjpake',
], ],
'ignored_tests': { 'ignored_tests': {
'test_suite_platform': [
# Incompatible with sanitizers (e.g. ASan). If the driver
# component uses a sanitizer but the reference component
# doesn't, we have a PASS vs SKIP mismatch.
'Check mbedtls_calloc overallocation',
],
# This test wants a legacy function that takes f_rng, p_rng # This test wants a legacy function that takes f_rng, p_rng
# arguments, and uses legacy ECDSA for that. The test is # arguments, and uses legacy ECDSA for that. The test is
# really about the wrapper around the PSA RNG, not ECDSA. # really about the wrapper around the PSA RNG, not ECDSA.
@ -330,6 +348,12 @@ KNOWN_TASKS = {
'ecp', 'ecdsa', 'ecdh', 'ecjpake', 'ecp', 'ecdsa', 'ecdh', 'ecjpake',
], ],
'ignored_tests': { 'ignored_tests': {
'test_suite_platform': [
# Incompatible with sanitizers (e.g. ASan). If the driver
# component uses a sanitizer but the reference component
# doesn't, we have a PASS vs SKIP mismatch.
'Check mbedtls_calloc overallocation',
],
# See ecp_light_only # See ecp_light_only
'test_suite_random': [ 'test_suite_random': [
'PSA classic wrapper: ECDSA signature (SECP256R1)', 'PSA classic wrapper: ECDSA signature (SECP256R1)',
@ -363,6 +387,12 @@ KNOWN_TASKS = {
'bignum.generated', 'bignum.misc', 'bignum.generated', 'bignum.misc',
], ],
'ignored_tests': { 'ignored_tests': {
'test_suite_platform': [
# Incompatible with sanitizers (e.g. ASan). If the driver
# component uses a sanitizer but the reference component
# doesn't, we have a PASS vs SKIP mismatch.
'Check mbedtls_calloc overallocation',
],
# See ecp_light_only # See ecp_light_only
'test_suite_random': [ 'test_suite_random': [
'PSA classic wrapper: ECDSA signature (SECP256R1)', 'PSA classic wrapper: ECDSA signature (SECP256R1)',
@ -400,6 +430,12 @@ KNOWN_TASKS = {
'bignum.generated', 'bignum.misc', 'bignum.generated', 'bignum.misc',
], ],
'ignored_tests': { 'ignored_tests': {
'test_suite_platform': [
# Incompatible with sanitizers (e.g. ASan). If the driver
# component uses a sanitizer but the reference component
# doesn't, we have a PASS vs SKIP mismatch.
'Check mbedtls_calloc overallocation',
],
# See ecp_light_only # See ecp_light_only
'test_suite_random': [ 'test_suite_random': [
'PSA classic wrapper: ECDSA signature (SECP256R1)', 'PSA classic wrapper: ECDSA signature (SECP256R1)',
@ -431,7 +467,14 @@ KNOWN_TASKS = {
'component_ref': 'test_psa_crypto_config_reference_ffdh', 'component_ref': 'test_psa_crypto_config_reference_ffdh',
'component_driver': 'test_psa_crypto_config_accel_ffdh', 'component_driver': 'test_psa_crypto_config_accel_ffdh',
'ignored_suites': ['dhm'], 'ignored_suites': ['dhm'],
'ignored_tests': {} 'ignored_tests': {
'test_suite_platform': [
# Incompatible with sanitizers (e.g. ASan). If the driver
# component uses a sanitizer but the reference component
# doesn't, we have a PASS vs SKIP mismatch.
'Check mbedtls_calloc overallocation',
],
}
} }
}, },
'analyze_driver_vs_reference_tfm_config': { 'analyze_driver_vs_reference_tfm_config': {
@ -447,6 +490,12 @@ KNOWN_TASKS = {
'bignum.generated', 'bignum.misc', 'bignum.generated', 'bignum.misc',
], ],
'ignored_tests': { 'ignored_tests': {
'test_suite_platform': [
# Incompatible with sanitizers (e.g. ASan). If the driver
# component uses a sanitizer but the reference component
# doesn't, we have a PASS vs SKIP mismatch.
'Check mbedtls_calloc overallocation',
],
# See ecp_light_only # See ecp_light_only
'test_suite_random': [ 'test_suite_random': [
'PSA classic wrapper: ECDSA signature (SECP256R1)', 'PSA classic wrapper: ECDSA signature (SECP256R1)',

6
tests/suites/test_suite_platform.data
View File

@ -6,4 +6,10 @@ Time: get seconds
time_get_seconds: time_get_seconds:
Check mbedtls_calloc overallocation Check mbedtls_calloc overallocation
# This test case exercises an integer overflow in calloc. Under Asan, with
# a modern Clang, this triggers an ASan/MSan/TSan complaint. The complaint
# can be avoided with e.g. ASAN_OPTIONS=allocator_may_return_null=1,
# but this has to be set in the environment before the program starts,
# and could hide other errors.
depends_on:!MBEDTLS_TEST_HAVE_ASAN:!MBEDTLS_TEST_HAVE_MSAN:!MBEDTLS_TEST_HAVE_TSAN
check_mbedtls_calloc_overallocation:SIZE_MAX/2:SIZE_MAX/2 check_mbedtls_calloc_overallocation:SIZE_MAX/2:SIZE_MAX/2