Regression test for reads past the end of a packet (out of bounds reads).
Those should abort the bpf program. The test currently fails (out of bound reads silently return zeros), but succeeds if lo0 is replaced by an Ethernet interface and 127.0.0.1 by an address reachable through it. A fix is being worked on. Approved by martin.
This commit is contained in:
parent
55e54105e0
commit
02a38a5320
@ -1,7 +1,7 @@
|
|||||||
# $NetBSD: Makefile,v 1.2 2005/12/25 22:07:01 rpaulo Exp $
|
# $NetBSD: Makefile,v 1.3 2006/03/24 13:54:58 pavel Exp $
|
||||||
|
|
||||||
.include <bsd.own.mk>
|
.include <bsd.own.mk>
|
||||||
|
|
||||||
SUBDIR= interface
|
SUBDIR= interface out-of-bounds
|
||||||
|
|
||||||
.include <bsd.subdir.mk>
|
.include <bsd.subdir.mk>
|
||||||
|
13
regress/sys/net/bpf/out-of-bounds/Makefile
Normal file
13
regress/sys/net/bpf/out-of-bounds/Makefile
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
# $NetBSD: Makefile,v 1.1 2006/03/24 13:54:58 pavel Exp $
|
||||||
|
|
||||||
|
.ifdef REGRESS_LOG
|
||||||
|
regress:
|
||||||
|
@echo sys/net/bpf/out-of-bounds out-of-bounds \
|
||||||
|
`./out-of-bounds.sh` | tee ${REGRESS_LOG} ; true
|
||||||
|
.else
|
||||||
|
regress:
|
||||||
|
@echo sys/net/bpf/out-of-bounds out-of-bounds \
|
||||||
|
`./out-of-bounds.sh`; true
|
||||||
|
.endif
|
||||||
|
|
||||||
|
.include <bsd.prog.mk>
|
28
regress/sys/net/bpf/out-of-bounds/out-of-bounds.sh
Executable file
28
regress/sys/net/bpf/out-of-bounds/out-of-bounds.sh
Executable file
@ -0,0 +1,28 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
# an out-of-bounds read in the BPF expression should exit the bpf program,
|
||||||
|
# regardless of other expressions. Pass an expression to tcpdump which
|
||||||
|
# performs an out-of-bound read and ping with a packet which would cause
|
||||||
|
# the expression to succeed if the out-of-bounds read is not handled.
|
||||||
|
|
||||||
|
# exit status: 0 - pass, 1 - fail, 2 - skip
|
||||||
|
|
||||||
|
IFACE=${IFACE:-lo0}
|
||||||
|
ADDR=${ADDR:-127.0.0.1}
|
||||||
|
|
||||||
|
tcpdump -c1 -np -i $IFACE \( link[34000:2]=0 or icmp \) and ip[36:2]=0xcafe > /dev/null &
|
||||||
|
TCPDUMP_PID=$!
|
||||||
|
|
||||||
|
sleep 1
|
||||||
|
if ! kill -0 $TCPDUMP_PID > /dev/null 2>&1 ; then
|
||||||
|
echo "SKIPPED tcpdump exited - are you root?"; exit 2;
|
||||||
|
fi
|
||||||
|
if ! ping -c1 -p cafe $ADDR > /dev/null 2>&1 ; then
|
||||||
|
echo "SKIPPED not able to ping localhost";
|
||||||
|
kill $TCPDUMP_PID > /dev/null 2>&1 ; exit 2;
|
||||||
|
fi
|
||||||
|
sleep 2
|
||||||
|
if ! kill $TCPDUMP_PID > /dev/null 2>&1; then
|
||||||
|
echo "FAILED"; exit 1;
|
||||||
|
fi
|
||||||
|
wait $TCPDUMP_PID; echo "PASSED"; exit 0;
|
Loading…
Reference in New Issue
Block a user