From 5085883cd2bea9abd8216c4ca1ce4bc46b506910 Mon Sep 17 00:00:00 2001
From: Michael Poole <mdpoole@troilus.org>
Date: Tue, 18 Nov 2008 03:16:05 +0000
Subject: [PATCH] Update the match() unit test to catch buffer over-reads.

git-svn-id: file:///home/klmitch/undernet-ircu/undernet-ircu-svn/ircu2/branches/u2_10_12_branch@1892 c9e4aea6-c8fd-4c43-8297-357d70d61c8c
---
 ChangeLog                |  5 +++
 ircd/test/ircd_match_t.c | 83 +++++++++++++++++++++++++++++++++++++++-
 2 files changed, 86 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 229c71d..e96b988 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,11 @@
 	* ircd/match.c (match): Fix an error in backtracking (apparently
 	exacerbated by escapes).
 
+	* ircd/test/ircd_match_t.c: Update headers and make sure we have a
+	mmap() anonymous request flag.
+	(test_match): New function.
+	(do_match_test): Use it instead of calling match() directly.
+
 2008-09-07  Perry Lorier <isomer@undernet.org>
 	
 	* ircd/m_kill.c: Remove the . from the end of the nickname in kill
diff --git a/ircd/test/ircd_match_t.c b/ircd/test/ircd_match_t.c
index da7a28f..9c45495 100644
--- a/ircd/test/ircd_match_t.c
+++ b/ircd/test/ircd_match_t.c
@@ -4,8 +4,21 @@
 
 #include "ircd_log.h"
 #include "match.h"
+
+#include <errno.h>    /* errno */
+#include <fcntl.h>    /* O_RDONLY */
 #include <stdio.h>
 #include <string.h>
+#include <sys/mman.h> /* mmap(), munmap() */
+#include <unistd.h>   /* sysconf() */
+
+#if !defined(MAP_ANONYMOUS)
+# if defined(MAP_ANON)
+#  define MAP_ANONYMOUS MAP_ANON
+# else
+#  error I do not know how to request an anonymous mmap from your OS.
+# endif
+#endif
 
 struct match_test {
   const char *glob;
@@ -32,9 +45,75 @@ const struct match_test match_tests[] = {
   { "\\?",
     "?\0",
     "a\0" },
+  { "*\\\\[*!~*",
+    "har\\[dy!~boy\0",
+    "dark\\s|de!pimp\0joe\\[mama\0" },
   { NULL, NULL, NULL }
 };
 
+int test_match(const char glob[], const char name[])
+{
+  static unsigned int page_size;
+  static char *pages;
+  char *test_glob;
+  char *test_name;
+  size_t length;
+  int res;
+
+  /* If we have not yet set up our test mappings, do so. */
+  if (!page_size)
+  {
+    int dev_zero_fd;
+
+    page_size = sysconf(_SC_PAGE_SIZE);
+    if (page_size == 0 || page_size == (unsigned int)-1)
+    {
+      fprintf(stderr, "sysconf(_SC_PAGE_SIZE) failed: %s\n", strerror(errno));
+      assert(0);
+    }
+    dev_zero_fd = open("/dev/zero", O_RDONLY);
+    /* If dev_zero_fd == -1 (failed), we may still be able to mmap anonymously. */
+    pages = mmap(NULL, 4 * page_size, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, dev_zero_fd, 0);
+    if (pages == MAP_FAILED)
+    {
+      /* Try using fd == -1 for MAP_ANONYMOUS, which BSD systems require. */
+      pages = mmap(NULL, 4 * page_size, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
+    }
+    if (pages == MAP_FAILED)
+    {
+      fprintf(stderr, "Unable to map pages: %s\n", strerror(errno));
+      assert(0);
+    }
+    if (dev_zero_fd >= 0)
+    {
+      close(dev_zero_fd);
+      dev_zero_fd = -1;
+    }
+    res = munmap(pages + page_size * 1, page_size);
+    if (res < 0)
+    {
+      fprintf(stderr, "Unable to unmap page 2/4: %s\n", strerror(errno));
+      /* Dysfunctional OSes */
+    }
+    munmap(pages + page_size * 3, page_size);
+    if (res < 0)
+    {
+      fprintf(stderr, "Unable to unmap page 4/4: %s\n", strerror(errno));
+    }
+  }
+
+  /* Copy the strings to the end of their respective pages. */
+  length = strlen(glob) + 1;
+  test_glob = pages + page_size * 1 - length;
+  memcpy(test_glob, glob, length);
+  length = strlen(name) + 1;
+  test_name = pages + page_size * 3 - length;
+  memcpy(test_name, name, length);
+
+  /* Perform the test. */
+  return match(test_glob, test_name);
+}
+
 void do_match_test(const struct match_test *test)
 {
   const char *candidate;
@@ -44,7 +123,7 @@ void do_match_test(const struct match_test *test)
   for (candidate = test->should_match, matched = 0;
        *candidate;
        candidate += strlen(candidate) + 1, ++matched) {
-    res = match(test->glob, candidate);
+    res = test_match(test->glob, candidate);
     if (res != 0) {
       fprintf(stderr, "\"%s\" failed to match \"%s\".\n", test->glob, candidate);
       assert(0);
@@ -54,7 +133,7 @@ void do_match_test(const struct match_test *test)
   for (candidate = test->shouldnt_match, not_matched = 0;
        *candidate;
        candidate += strlen(candidate) + 1, ++not_matched) {
-    res = match(test->glob, candidate);
+    res = test_match(test->glob, candidate);
     if (res == 0) {
       fprintf(stderr, "\"%s\" incorrectly matched \"%s\".\n", test->glob, candidate);
       assert(0);
-- 
2.20.1