1 /* Make sure longjmp fortification catches bad signal stacks.
2    Copyright (C) 2013-2022 Free Software Foundation, Inc.
3    This file is part of the GNU C Library.
4 
5    The GNU C Library is free software; you can redistribute it and/or
6    modify it under the terms of the GNU Lesser General Public
7    License as published by the Free Software Foundation; either
8    version 2.1 of the License, or (at your option) any later version.
9 
10    The GNU C Library is distributed in the hope that it will be useful,
11    but WITHOUT ANY WARRANTY; without even the implied warranty of
12    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
13    Lesser General Public License for more details.
14 
15    You should have received a copy of the GNU Lesser General Public
16    License along with the GNU C Library; if not, see
17    <https://www.gnu.org/licenses/>.  */
18 
19 #include <setjmp.h>
20 #include <signal.h>
21 #include <string.h>
22 
23 static int do_test (void);
24 #define TEST_FUNCTION do_test ()
25 #include "../test-skeleton.c"
26 
27 static char buf[SIGSTKSZ * 4];
28 static jmp_buf jb;
29 
30 static void
handler(int sig)31 handler (int sig)
32 {
33   if (sig == SIGUSR1)
34     {
35       if (setjmp (jb) != 0)
36 	{
37 	  puts ("setjmp should not have been called");
38 	  kill (getpid (), SIGTERM);
39 	}
40     }
41   else if (sig == SIGABRT)
42     {
43       /* Yeah it worked.  */
44       _exit (0);
45     }
46 }
47 
48 static int
do_test(void)49 do_test (void)
50 {
51   stack_t ss;
52 
53   set_fortify_handler (handler);
54 
55   /* Create a valid signal stack and enable it.  */
56   ss.ss_sp = buf;
57   ss.ss_size = sizeof (buf);
58   ss.ss_flags = 0;
59   if (sigaltstack (&ss, NULL) < 0)
60     {
61       printf ("first sigaltstack failed: %m\n");
62       return 1;
63     }
64 
65   /* Trigger the signal handler which will create a jmpbuf that points to the
66      end of the signal stack.  */
67   signal (SIGUSR1, handler);
68   kill (getpid (), SIGUSR1);
69 
70   /* Shrink the signal stack so the jmpbuf is now invalid.
71      We adjust the start & end to handle stacks that grow up & down.  */
72   ss.ss_sp = buf + sizeof (buf) / 2;
73   ss.ss_size = sizeof (buf) / 4;
74   if (sigaltstack (&ss, NULL) < 0)
75     {
76       printf ("second sigaltstack failed: %m\n");
77       return 1;
78     }
79 
80   /* This should fail.  */
81   longjmp (jb, 1);
82 
83   puts ("longjmp returned and shouldn't");
84   return 1;
85 }
86