mirrors/wayland
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/wayland/wayland.git synced 2026-03-25 09:07:23 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
wayland/tests
History
David Benjamin 8a7ecd774c util: fix undefined behavior in wl_array_for_each 
If a wl_array has size zero, wl_array_for_each computes NULL + 0 to get
to the end pointer. This should be fine, and indeed it would be fine in
C++. But the C specification has a mistake here and it is actually
undefined behavior. See
https://davidben.net/2024/01/15/empty-slices.html

Clang's -fsanitize=undefined flags this. I ran into this in Chromium's
build with wayland-scanner on one of our XML files.

../../third_party/wayland/src/src/scanner.c:1853:2: runtime error: applying zero offset to null pointer
    #0 0x55c979b8e02c in emit_code third_party/wayland/src/src/scanner.c:1853:2
    #1 0x55c979b89323 in main third_party/wayland/src/src/scanner.c
    #2 0x7f8dfdb8c6c9 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
    #3 0x7f8dfdb8c784 in __libc_start_main csu/../csu/libc-start.c:360:3
    #4 0x55c979b70f39 in _start (...)

An empty XML file is sufficient to hit this case, so I've added it as a
test. To reproduce, undo the fix and include only the test, then build
with:

  CC=clang CFLAGS="-fno-sanitize-recover=undefined" meson build/ -Db_sanitize=undefined -Db_lundef=false
  ninja -C build test

Signed-off-by: David Benjamin <davidben@google.com>
2024-03-24 20:00:01 -04:00
..
data util: fix undefined behavior in wl_array_for_each 2024-03-24 20:00:01 -04:00
array-test.c
client-test.c Mitigate UAF crashes due to wl_client_destroy reentrancy 2024-02-23 00:40:32 +00:00
compositor-introspection-test.c
connection-test.c Do not allow nullable new_id 2022-07-14 08:38:49 -07:00
cpp-compile-test.cpp
display-test.c
event-loop-test.c
exec-fd-leak-checker.c
fixed-test.c
headers-protocol-core-test.c
headers-protocol-test.c
headers-test.c
interface-test.c
list-test.c
map-test.c
meson.build build: add a gen-scanner-test target 2024-01-15 14:29:10 +01:00
message-test.c Do not allow nullable new_id 2022-07-14 08:38:49 -07:00
newsignal-test.c
os-wrappers-test.c tests: manually wrap libc functions 2023-06-27 13:31:50 +02:00
protocol-logger-test.c
proxy-test.c client: Add method to get display for a given proxy 2023-08-07 13:38:01 +00:00
queue-test.c client: Allow setting names for queues 2024-01-22 12:34:14 +00:00
resources-test.c Mitigate UAF crashes due to iteration over freed wl_resources 2024-02-07 09:45:41 +00:00
sanity-test.c tests: Capture the test client log 2023-02-28 11:22:04 +00:00
scanner-test-gen.sh util: fix undefined behavior in wl_array_for_each 2024-03-24 20:00:01 -04:00
scanner-test.sh util: fix undefined behavior in wl_array_for_each 2024-03-24 20:00:01 -04:00
signal-test.c
socket-test.c
test-compositor.c compat: prefer waitpid() over waitid() 2024-02-21 15:46:41 +00:00
test-compositor.h tests: Support tests that check for client failure 2023-02-28 11:22:04 +00:00
test-helpers.c build: fix build and provide compat for OpenBSD 2024-02-21 15:46:41 +00:00
test-runner.c build: fix build and provide compat for OpenBSD 2024-02-21 15:46:41 +00:00
test-runner.h