From: Pádraig Brady <P@draigBrady.com>
Date: Wed, 20 Apr 2016 13:03:05 +0000 (+0100)
Subject: tests: avoid potential overflows with `expr`
X-Git-Tag: v8.26~115
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ff6cc22d062c493c9fee27cfe1d2e6328d502a43;p=thirdparty%2Fcoreutils.git

tests: avoid potential overflows with `expr`

* cfg.mk (sc_prohibit_expr_unsigned): expr uses intmax_t internally
when GMP is not available, so flag any uses of unsigned limits.
* tests/misc/timeout-parameters.sh: Remove the overflow related
to UINT_MAX as it's handled by the following case.  Change the
following case from 99... to $TIME_T_OFLOW to be more expressive
in what it's actually testing.  Directly check that commands succeed,
rather than inspecting $? afterwards.
* tests/dd/skip-seek-past-dev.sh: Guard against large device sizes.
* tests/id/setgid.sh: Protect: Guard against large group IDs.
* tests/misc/cut-huge-range.sh: Tweak comment to avoid syntax check.
It's tempting to simplify to just skip the test if expr fails,
but SIZE_MAX > INTMAX_MAX is the common case.
---

diff --git a/cfg.mk b/cfg.mk
index 6ef09dd042..c917c874fa 100644
--- a/cfg.mk
+++ b/cfg.mk
@@ -568,6 +568,14 @@ sc_prohibit_test_empty:
 	halt='use `compare /dev/null ...`, not `test -s ...` in tests/'	\
 	  $(_sc_search_regexp)
 
+# Ensure that expr doesn't work directly on various unsigned int types,
+# as that's not generally supported without GMP.
+sc_prohibit_expr_unsigned:
+	@prohibit='expr .*(UINT|ULONG|[^S]SIZE|[UGP]ID|UINTMAX)'	\
+	halt='avoid passing unsigned limits to `expr` (without GMP)'	\
+	in_vc_files='^tests/'						\
+	  $(_sc_search_regexp)
+
 # Programs like sort, ls, expr use PROG_FAILURE in place of EXIT_FAILURE.
 # Others, use the EXIT_CANCELED, EXIT_ENOENT, etc. macros defined in system.h.
 # In those programs, ensure that EXIT_FAILURE is not used by mistake.
diff --git a/tests/dd/skip-seek-past-dev.sh b/tests/dd/skip-seek-past-dev.sh
index c24bbb79c5..2174985a75 100755
--- a/tests/dd/skip-seek-past-dev.sh
+++ b/tests/dd/skip-seek-past-dev.sh
@@ -39,7 +39,8 @@ dev_size=$(get_device_size "$device") ||
   skip_ "failed to determine size of $device"
 
 # Don't use shell arithmetic as older versions of dash use longs
-DEV_OFLOW=$(expr $dev_size + 1)
+DEV_OFLOW=$(expr $dev_size + 1) ||
+  skip_ "failed to adjust device size $dev_size"
 
 timeout 10 dd bs=1 skip=$DEV_OFLOW count=0 status=noxfer < "$device" 2> err
 test "$?" = "1" || fail=1
diff --git a/tests/id/setgid.sh b/tests/id/setgid.sh
index ea0db85b5e..f2beeed656 100755
--- a/tests/id/setgid.sh
+++ b/tests/id/setgid.sh
@@ -21,7 +21,9 @@ print_ver_ id
 require_root_
 
 # Construct a different group number
-gp1=$(expr $NON_ROOT_GID + 1)
+gp1=$NON_ROOT_GID
+gp1=$(expr $gp1 + 1) ||
+  skip_ "failed to adjust GID $NON_ROOT_GID"
 
 echo $gp1 > exp || framework_failure_
 
diff --git a/tests/misc/cut-huge-range.sh b/tests/misc/cut-huge-range.sh
index 92b62a97be..2b8b703879 100755
--- a/tests/misc/cut-huge-range.sh
+++ b/tests/misc/cut-huge-range.sh
@@ -46,7 +46,8 @@ subtract_one='
 # Ensure we can cut up to our sentinel value.
 # This is currently SIZE_MAX, but could be raised to UINTMAX_MAX
 # if we didn't allocate memory for each line as a unit.
-# Don't use expr to subtract one, since SIZE_MAX may exceed its maximum value.
+# Don't use expr to subtract one,
+# since SIZE_MAX may exceed its maximum value.
 CUT_MAX=$(echo $SIZE_MAX | sed "$subtract_one")
 
 # From coreutils-8.10 through 8.20, this would make cut try to allocate
diff --git a/tests/misc/timeout-parameters.sh b/tests/misc/timeout-parameters.sh
index 881e60d66a..14c9b669bc 100755
--- a/tests/misc/timeout-parameters.sh
+++ b/tests/misc/timeout-parameters.sh
@@ -38,29 +38,22 @@ test $? = 125 || fail=1
 # It was seen on 32 bit Linux/HPPA that a kernel time_t overflowed,
 # thus causing the timer to fire immediately.
 # So verify that doesn't happen before checking large timeouts
-KERNEL_OVERFLOW_LIMIT=$(expr $TIME_T_MAX - $(date +%s) + 100)
+KERNEL_OVERFLOW_LIMIT=$(expr $TIME_T_MAX - $(date +%s) + 100) ||
+  skip_ "failed to adjust TIME_T_MAX $TIME_T_MAX"
 timeout $KERNEL_OVERFLOW_LIMIT sleep 0
 if test $? != 124; then
   # timeout overflow
-  timeout $UINT_OFLOW sleep 0
-  test $? = 0 || fail=1
+  timeout $UINT_OFLOW sleep 0 || fail=1
 
   # timeout overflow
-  timeout $(expr $UINT_MAX / 86400 + 1)d sleep 0
-  test $? = 0 || fail=1
-
-  # timeout overflow
-  timeout 999999999999999999999999999999999999999999999999999999999999d sleep 0
-  test $? = 0 || fail=1
+  timeout ${TIME_T_OFLOW}d sleep 0 || fail=1
 
   # floating point notation
-  timeout 2.34e+5d sleep 0
-  test $? = 0 || fail=1
+  timeout 2.34e+5d sleep 0 || fail=1
 fi
 
 # floating point notation
-timeout 2.34 sleep 0
-test $? = 0 || fail=1
+timeout 2.34 sleep 0 || fail=1
 
 # nanoseconds potentially supported
 timeout .999999999 sleep 0 || fail=1