Received: by 2002:a5b:505:0:0:0:0:0 with SMTP id o5csp5434629ybp; Mon, 14 Oct 2019 22:41:02 -0700 (PDT) X-Google-Smtp-Source: APXvYqw03mxyfiApMJGduNw3BIKKcpzCRo+mC1VxYrt2IWypXfTAzy/3ui5sWdG/G64+R4RE+dTR X-Received: by 2002:a05:6402:1804:: with SMTP id g4mr31915723edy.266.1571118062498; Mon, 14 Oct 2019 22:41:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1571118062; cv=none; d=google.com; s=arc-20160816; b=dKNp3BzOTUfyPZBbyakD64BZeiuVFsETJ4YL2XlFJJ9z0JRVt5oNF2hGWJ8CKRLLLJ RaHt0Oce38D31wSJ45kdDr+CIx8m7535ZMl7OmuLn6KlrBh7MRpyN9+zOTouYMiewtS4 +d77kwi+DztMalddPpSpu22UqI8CwE2fqRmuzKSvIWbXcJQHyEj6b1pW3YCoIqr6jVNu HmdjNMB+sQoSrVuPyIenY8ePmu+gI4KAKU3ybg2O/WomkSwq6+OEIzNWVNY1BsZIFcw4 CxvZ/d6iocotfEJVZ+ne+3SBmdIn3io06NGIkkxZKY4rzaKvQLWbjlGBNwK/ZPYRPXhz BBJg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:message-id:date:subject:cc :to:from; bh=AOnbhAxZKUPhDl3erX8sCfBDgQz5TkhEn3TpyuU6OzI=; b=DYPtOJw/TyjhnUyEJdnwMxFgcR/GFis7RuLVBebq8F/2pXu4USd4XsLznrvZ0AAma9 f/56Oj59/xT/gLowO0OKvKBh7UkcoSUqopbrgEYg6VrpBOCoZvqIWb/igVax7ylSkTU9 H/g0KB05hdNC7s419CdqEVWOdPgJLY5kt7Jchp2iCZcLvZdQqojNwn1LtbScxW8rbqym Q3KKa5ZVtZlyD0cBsYUN6VWo1Vnek4lLbkqWeFcKG3Jhbb1S+ZcXEQ5jeO2Ja4zDiNxQ CEYV5MUIdSqieMk+UxDsutKcDOYe3lgENjcEQHbooqM0TeHmFeWUg5XXb7Unv+l70nii lJiw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=mediatek.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k17si11882226ejz.227.2019.10.14.22.40.39; Mon, 14 Oct 2019 22:41:02 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=mediatek.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728147AbfJOFCi (ORCPT + 99 others); Tue, 15 Oct 2019 01:02:38 -0400 Received: from mailgw02.mediatek.com ([210.61.82.184]:3291 "EHLO mailgw02.mediatek.com" rhost-flags-OK-FAIL-OK-FAIL) by vger.kernel.org with ESMTP id S1728123AbfJOFCi (ORCPT ); Tue, 15 Oct 2019 01:02:38 -0400 X-UUID: 62f03084beeb45c09eb9d12c94df3f27-20191015 X-UUID: 62f03084beeb45c09eb9d12c94df3f27-20191015 Received: from mtkexhb02.mediatek.inc [(172.21.101.103)] by mailgw02.mediatek.com (envelope-from ) (Cellopoint E-mail Firewall v4.1.10 Build 0809 with TLS) with ESMTP id 706590738; Tue, 15 Oct 2019 13:02:33 +0800 Received: from mtkcas07.mediatek.inc (172.21.101.84) by mtkmbs08n2.mediatek.inc (172.21.101.56) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Tue, 15 Oct 2019 13:02:29 +0800 Received: from mtksdccf07.mediatek.inc (172.21.84.99) by mtkcas07.mediatek.inc (172.21.101.73) with Microsoft SMTP Server id 15.0.1395.4 via Frontend Transport; Tue, 15 Oct 2019 13:02:29 +0800 From: Walter Wu To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Matthias Brugger CC: , , , , , , Walter Wu Subject: [PATCH v2 2/2] kasan: add test for invalid size in memmove Date: Tue, 15 Oct 2019 13:02:30 +0800 Message-ID: <20191015050230.20521-1-walter-zh.wu@mediatek.com> X-Mailer: git-send-email 2.18.0 MIME-Version: 1.0 Content-Type: text/plain X-TM-SNTS-SMTP: 76C7B23B7010F871BB120DC39271DA7F14504898BA30BE7C2D2C7F7C49CAD97A2000:8 X-MTK: N Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Test negative size in memmove in order to verify whether it correctly get KASAN report. Casting negative numbers to size_t would indeed turn up as a 'large' size_t, so it will have out-of-bounds bug and detected by KASAN. Changes in v2: Add some descriptions for clarity the testcase. Signed-off-by: Walter Wu Reviewed-by: Dmitry Vyukov --- lib/test_kasan.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/lib/test_kasan.c b/lib/test_kasan.c index 49cc4d570a40..06942cf585cc 100644 --- a/lib/test_kasan.c +++ b/lib/test_kasan.c @@ -283,6 +283,23 @@ static noinline void __init kmalloc_oob_in_memset(void) kfree(ptr); } +static noinline void __init kmalloc_memmove_invalid_size(void) +{ + char *ptr; + size_t size = 64; + + pr_info("invalid size in memmove\n"); + ptr = kmalloc(size, GFP_KERNEL); + if (!ptr) { + pr_err("Allocation failed\n"); + return; + } + + memset((char *)ptr, 0, 64); + memmove((char *)ptr, (char *)ptr + 4, -2); + kfree(ptr); +} + static noinline void __init kmalloc_uaf(void) { char *ptr; @@ -773,6 +790,7 @@ static int __init kmalloc_tests_init(void) kmalloc_oob_memset_4(); kmalloc_oob_memset_8(); kmalloc_oob_memset_16(); + kmalloc_memmove_invalid_size(); kmalloc_uaf(); kmalloc_uaf_memset(); kmalloc_uaf2(); -- 2.18.0