summaryrefslogtreecommitdiff
path: root/stdlib/tst-strtod-overflow.c
diff options
context:
space:
mode:
authorJoseph Myers <joseph@codesourcery.com>2012-08-27 15:59:24 +0000
committerJoseph Myers <joseph@codesourcery.com>2012-08-27 15:59:24 +0000
commitd6e70f4368533224e66d10b7f2126b899a3fd5e4 (patch)
treef4dbf0ac00306d6466cc7a965ce69286d36c7999 /stdlib/tst-strtod-overflow.c
parent1f529f7d8456f09109a8e942581f89f10a901ed0 (diff)
downloadglibc-d6e70f4368533224e66d10b7f2126b899a3fd5e4.tar.gz
Fix strtod integer/buffer overflow (bug 14459).
Diffstat (limited to 'stdlib/tst-strtod-overflow.c')
-rw-r--r--stdlib/tst-strtod-overflow.c48
1 files changed, 48 insertions, 0 deletions
diff --git a/stdlib/tst-strtod-overflow.c b/stdlib/tst-strtod-overflow.c
new file mode 100644
index 0000000000..668d55ba10
--- /dev/null
+++ b/stdlib/tst-strtod-overflow.c
@@ -0,0 +1,48 @@
+/* Test for integer/buffer overflow in strtod.
+ Copyright (C) 2012 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#define EXPONENT "e-2147483649"
+#define SIZE 214748364
+
+static int
+do_test (void)
+{
+ char *p = malloc (1 + SIZE + sizeof (EXPONENT));
+ if (p == NULL)
+ {
+ puts ("malloc failed, cannot test for overflow");
+ return 0;
+ }
+ p[0] = '1';
+ memset (p + 1, '0', SIZE);
+ memcpy (p + 1 + SIZE, EXPONENT, sizeof (EXPONENT));
+ double d = strtod (p, NULL);
+ if (d != 0)
+ {
+ printf ("strtod returned wrong value: %a\n", d);
+ return 1;
+ }
+ return 0;
+}
+
+#define TEST_FUNCTION do_test ()
+#include "../test-skeleton.c"