kunit/fortify: Fix memcmp() test to be amplitude agnostic

When memcmp() returns a non-zero value, only the signed bit has any
meaning. The actual value may differ between implementations.

Reported-by: Nathan Chancellor <nathan@kernel.org>
Closes: https://github.com/ClangBuiltLinux/linux/issues/2025
Tested-by: Nathan Chancellor <nathan@kernel.org>
Link: https://lore.kernel.org/r/20240518184020.work.604-kees@kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
This commit is contained in:
Kees Cook 2024-05-18 11:40:23 -07:00
parent 890a64810d
commit ae1a863bcd

View File

@ -990,7 +990,7 @@ static void fortify_test_memcmp(struct kunit *test)
KUNIT_ASSERT_EQ(test, memcmp(one, two, one_len), 0); KUNIT_ASSERT_EQ(test, memcmp(one, two, one_len), 0);
KUNIT_EXPECT_EQ(test, fortify_read_overflows, 0); KUNIT_EXPECT_EQ(test, fortify_read_overflows, 0);
/* Still in bounds, but no longer matching. */ /* Still in bounds, but no longer matching. */
KUNIT_ASSERT_EQ(test, memcmp(one, two, one_len + 1), -32); KUNIT_ASSERT_LT(test, memcmp(one, two, one_len + 1), 0);
KUNIT_EXPECT_EQ(test, fortify_read_overflows, 0); KUNIT_EXPECT_EQ(test, fortify_read_overflows, 0);
/* Catch too-large ranges. */ /* Catch too-large ranges. */