Codebase list i3-gaps / 277d436 testcases / t / 547-nested-variables.t
277d436

Tree @277d436 (Download .tar.gz)

547-nested-variables.t @277d436raw · history · blame 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
#!perl
# vim:ts=4:sw=4:expandtab
#
# Please read the following documents before working on tests:
# • https://build.i3wm.org/docs/testsuite.html
#   (or docs/testsuite)
#
# • https://build.i3wm.org/docs/lib-i3test.html
#   (alternatively: perldoc ./testcases/lib/i3test.pm)
#
# • https://build.i3wm.org/docs/ipc.html
#   (or docs/ipc)
#
# • http://onyxneon.com/books/modern_perl/modern_perl_a4.pdf
#   (unless you are already familiar with Perl)
#
# Test that i3 doesn't crash if the config contains nested variables.
# Ticket: #5002

use i3test i3_autostart => 0;

#######################################################################
# Test calloc crash
#######################################################################

my $config = <<'EOT';
# i3 config file (v4)
set $long_variable_name_with_short_value 1
set $$long_variable_name_with_short_value 2
set $$$long_variable_name_with_short_value 3
EOT

my $pid = launch_with_config($config);

# ==2108678==ERROR: AddressSanitizer: requested allocation size 0xffffffffffffffe1 (0x7e8 after adjustments for alignment, red zones etc.) exceeds maximum supported size of 0x10000000000 (thread T0)
#     #0 0x7feaa9cbf411 in __interceptor_calloc /usr/src/debug/gcc/libsanitizer/asan/asan_malloc_linux.cpp:77
#     #1 0x560867c0c13d in scalloc ../libi3/safewrappers.c:29
#     #2 0x560867b7bd63 in parse_file ../src/config_parser.c:1030
#     #3 0x560867b6b1b8 in load_configuration ../src/config.c:261
#     #4 0x560867baf9cf in main ../src/main.c:677
#     #5 0x7feaa95b52cf  (/usr/lib/libc.so.6+0x232cf)

does_i3_live;

exit_gracefully($pid);


#######################################################################
# Test buffer overflow
#######################################################################

$config = <<'EOT';
# i3 config file (v4)
set $x 1
set $$x 2
EOT

$pid = launch_with_config($config);

# ==2110007==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6070000014f2 at pc 0x558590f680ba bp 0x7ffced72b760 sp 0x7ffced72b750
# WRITE of size 1 at 0x6070000014f2 thread T0
#     #0 0x558590f680b9 in parse_file ../src/config_parser.c:1051
#     #1 0x558590f571b8 in load_configuration ../src/config.c:261
#     #2 0x558590f9b9cf in main ../src/main.c:677
#     #3 0x7f81c61c82cf  (/usr/lib/libc.so.6+0x232cf)
#     #4 0x7f81c61c8389 in __libc_start_main (/usr/lib/libc.so.6+0x23389)
#     #5 0x558590f0bd54 in _start ../sysdeps/x86_64/start.S:115

# 0x6070000014f2 is located 0 bytes to the right of 66-byte region [0x6070000014b0,0x6070000014f2)
# allocated by thread T0 here:
#     #0 0x7f81c68bf411 in __interceptor_calloc /usr/src/debug/gcc/libsanitizer/asan/asan_malloc_linux.cpp:77
#     #1 0x558590ff813d in scalloc ../libi3/safewrappers.c:29
#     #2 0x558590f67d63 in parse_file ../src/config_parser.c:1030
#     #3 0x558590f571b8 in load_configuration ../src/config.c:261
#     #4 0x558590f9b9cf in main ../src/main.c:677
#     #5 0x7f81c61c82cf  (/usr/lib/libc.so.6+0x232cf)

does_i3_live;

exit_gracefully($pid);
done_testing;