selftests/nolibc: Check that snprintf() doesn't write beyond the buffer end

Fill buf[] with known data and check the vsnprintf() doesn't write
beyond the specified buffer length.

Would have picked up the bug in field padding.

Signed-off-by: David Laight <david.laight.linux@gmail.com>
Acked-by: Willy Tarreau <w@1wt.eu>
Link: https://patch.msgid.link/20260302101815.3043-7-david.laight.linux@gmail.com
Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>

diff --git a/tools/testing/selftests/nolibc/nolibc-test.c b/tools/testing/selftests/nolibc/nolibc-test.c
index 154cc5711a4c97fdb93b718aa591240bcad99e65..5dc0edfe8d9aaa5164605d6f08582154666261e6 100644 (file)
--- a/tools/testing/selftests/nolibc/nolibc-test.c
+++ b/tools/testing/selftests/nolibc/nolibc-test.c
@@ -1679,6 +1679,10 @@ static int expect_vfprintf(int llen, const char *expected, const char *fmt, ...)
        va_list args;
        ssize_t w, expected_len;
 
+       /* Fill and terminate buf[] to check for overlong/absent writes */
+       memset(buf, 0xa5, sizeof(buf) - 1);
+       buf[sizeof(buf) - 1] = 0;
+
        va_start(args, fmt);
        /* Limit buffer length to test truncation */
        w = vsnprintf(buf, VFPRINTF_LEN + 1, fmt, args);
@@ -1710,6 +1714,15 @@ static int expect_vfprintf(int llen, const char *expected, const char *fmt, ...)
                return 1;
        }
 
+       /* Check for any overwrites after the actual data. */
+       while (++cmp_len < sizeof(buf) - 1) {
+               if ((unsigned char)buf[cmp_len] != 0xa5) {
+                       llen += printf(" overwrote buf[%d] with 0x%x", cmp_len, buf[cmp_len]);
+                       result(llen, FAIL);
+                       return 1;
+               }
+       }
+
        result(llen, OK);
        return 0;
 }