Merge remote-tracking branch 'public/pr/1724' into development
This commit is contained in:
commit
5ca06c763c
1 changed files with 12 additions and 2 deletions
|
@ -1031,12 +1031,22 @@ cd "$MBEDTLS_ROOT_DIR"
|
|||
rm -rf "$OUT_OF_SOURCE_DIR"
|
||||
unset MBEDTLS_ROOT_DIR
|
||||
|
||||
# Test that the function mbedtls_platform_zeroize() is not optimized away by
|
||||
# different combinations of compilers and optimization flags by using an
|
||||
# auxiliary GDB script. Unfortunately, GDB does not return error values to the
|
||||
# system in all cases that the script fails, so we must manually search the
|
||||
# output to check whether the pass string is present and no failure strings
|
||||
# were printed.
|
||||
for optimization_flag in -O2 -O3 -Ofast -Os; do
|
||||
for compiler in clang gcc; do
|
||||
msg "test: $compiler $optimization_flag, mbedtls_platform_zeroize()"
|
||||
cleanup
|
||||
CC="$compiler" DEBUG=1 CFLAGS="$optimization_flag" make programs
|
||||
gdb -x tests/scripts/test_zeroize.gdb -nw -batch -nx
|
||||
make programs CC="$compiler" DEBUG=1 CFLAGS="$optimization_flag"
|
||||
if_build_succeeded gdb -x tests/scripts/test_zeroize.gdb -nw -batch -nx 2>&1 | tee test_zeroize.log
|
||||
if_build_succeeded [ -s test_zeroize.log ]
|
||||
if_build_succeeded grep "The buffer was correctly zeroized" test_zeroize.log
|
||||
if_build_succeeded not grep -i "error" test_zeroize.log
|
||||
rm -f test_zeroize.log
|
||||
done
|
||||
done
|
||||
|
||||
|
|
Loading…
Reference in a new issue