Remove trail check in the generate_random test
The test function generate_random allocated a few extra bytes after the expected output and checked that these extra bytes were not overwritten. Memory sanity checks such as AddressSanitizer and Valgrind already detect this kind of buffer overflow, so having this test in our code was actually redundant. Remove it. This has the benefit of not triggering a build error with GCC (observed with 7.5.0 and 9.3.0) when ASan+UBSan is enabled: with the previous code using trail, GCC complained about an excessively large value passed to calloc(), which was (size_t)(-sizeof(trail)). Thus this commit fixes #4122. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
a0832d47f7
commit
9189202156
1 changed files with 1 additions and 7 deletions
|
@ -5543,7 +5543,6 @@ exit:
|
|||
void generate_random( int bytes_arg )
|
||||
{
|
||||
size_t bytes = bytes_arg;
|
||||
const unsigned char trail[] = "don't overwrite me";
|
||||
unsigned char *output = NULL;
|
||||
unsigned char *changed = NULL;
|
||||
size_t i;
|
||||
|
@ -5551,9 +5550,8 @@ void generate_random( int bytes_arg )
|
|||
|
||||
TEST_ASSERT( bytes_arg >= 0 );
|
||||
|
||||
ASSERT_ALLOC( output, bytes + sizeof( trail ) );
|
||||
ASSERT_ALLOC( output, bytes );
|
||||
ASSERT_ALLOC( changed, bytes );
|
||||
memcpy( output + bytes, trail, sizeof( trail ) );
|
||||
|
||||
PSA_ASSERT( psa_crypto_init( ) );
|
||||
|
||||
|
@ -5566,10 +5564,6 @@ void generate_random( int bytes_arg )
|
|||
memset( output, 0, bytes );
|
||||
PSA_ASSERT( psa_generate_random( output, bytes ) );
|
||||
|
||||
/* Check that no more than bytes have been overwritten */
|
||||
ASSERT_COMPARE( output + bytes, sizeof( trail ),
|
||||
trail, sizeof( trail ) );
|
||||
|
||||
for( i = 0; i < bytes; i++ )
|
||||
{
|
||||
if( output[i] != 0 )
|
||||
|
|
Loading…
Reference in a new issue