2019-10-31 13:31:07 -05:00
|
|
|
#!/usr/bin/env python3
|
vppinfra: c11 safe string functions
Add memcmp_s, strcmp_s, strncmp_s, strcpy_s, strncpy_s, strcat_s, strncat_s,
strtok_s, strnlen_s, and strstr_s C11 safe string API. For migrating extant
unsafe API, add also the corresponding macro version of each safe API,
clib_memcmp, clib_strcmp, etc.
In general, the benefits of the safe string APIs are to provide null pointer
checks, add additional argument to specify the string length of the passed
string rather than relying on the null terminated character, and src/dest
overlap checking for the the string copy operations.
The macro version of the API takes the same number of arguments as the unsafe
API to provide easy migration. However, it does not usually provide the full
aformentioned benefits. In some cases, it is necessary to move to the safe
API rather than using the macro in order to avoid some unpredictable problems
such as accessing memory beyond what it is intended due to the lack of the
passed string length.
dbarach: add a "make test" vector, and a doxygen file header cookie.
Change-Id: I5cd79b8928dcf76a79bf3f0b8cbc1a8f24942f4c
Signed-off-by: Steven <sluong@cisco.com>
Signed-off-by: Dave Barach <dave@barachs.net>
2018-10-24 21:15:45 -07:00
|
|
|
|
|
|
|
|
import unittest
|
|
|
|
|
|
|
|
|
|
from framework import VppTestCase, VppTestRunner
|
|
|
|
|
from vpp_ip_route import VppIpTable, VppIpRoute, VppRoutePath
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class TestString(VppTestCase):
|
|
|
|
|
""" String Test Cases """
|
|
|
|
|
|
|
|
|
|
@classmethod
|
|
|
|
|
def setUpClass(cls):
|
|
|
|
|
super(TestString, cls).setUpClass()
|
2019-03-12 19:23:27 -07:00
|
|
|
|
|
|
|
|
@classmethod
|
|
|
|
|
def tearDownClass(cls):
|
|
|
|
|
super(TestString, cls).tearDownClass()
|
vppinfra: c11 safe string functions
Add memcmp_s, strcmp_s, strncmp_s, strcpy_s, strncpy_s, strcat_s, strncat_s,
strtok_s, strnlen_s, and strstr_s C11 safe string API. For migrating extant
unsafe API, add also the corresponding macro version of each safe API,
clib_memcmp, clib_strcmp, etc.
In general, the benefits of the safe string APIs are to provide null pointer
checks, add additional argument to specify the string length of the passed
string rather than relying on the null terminated character, and src/dest
overlap checking for the the string copy operations.
The macro version of the API takes the same number of arguments as the unsafe
API to provide easy migration. However, it does not usually provide the full
aformentioned benefits. In some cases, it is necessary to move to the safe
API rather than using the macro in order to avoid some unpredictable problems
such as accessing memory beyond what it is intended due to the lack of the
passed string length.
dbarach: add a "make test" vector, and a doxygen file header cookie.
Change-Id: I5cd79b8928dcf76a79bf3f0b8cbc1a8f24942f4c
Signed-off-by: Steven <sluong@cisco.com>
Signed-off-by: Dave Barach <dave@barachs.net>
2018-10-24 21:15:45 -07:00
|
|
|
|
|
|
|
|
def setUp(self):
|
|
|
|
|
super(TestString, self).setUp()
|
|
|
|
|
|
|
|
|
|
def tearDown(self):
|
|
|
|
|
super(TestString, self).tearDown()
|
|
|
|
|
|
|
|
|
|
def test_string_unittest(self):
|
|
|
|
|
""" String unit tests """
|
|
|
|
|
names = ["memcpy_s",
|
|
|
|
|
"clib_memcmp", "clib_memcpy", "clib_memset",
|
unittest: gcc-11 errors for clib_strcpy, clib_strstr, clib_strcat, and clib_strncat
There are 3 versions of the string functions. For example, for strcpy,
they are
1. strcpy(dst, src) -- the legacy unsafe version
2. strcpy_s(dst, dmax, src) -- C11 safeC version which has an addition argument
named dmax.
3. clib_strcpy(dst,src) -- clib version to enable legacy code that uses strcpy
to make use of strcpy_s without adding the additional argument, dmax, which is
required by the C11 safeC version.
The implementation for the clib version is to artificially provide dmax to
strcpy_s. In this case, it uses 4096 which assumes that if the legacy code
works without blowing up, it is likely to work with the clib version without
problem.
gcc-11 is getting smarter by checking if dmax is within the object's boundary.
When the object is declared as static array, it will flag a warning/error
if dmax is out of bound for the object since the real size of dst can be
determined at compile time.
There is no way to find the real size of dst if the object is dynamically
allocated at compile time. For this reason, we simply can't provide support
for the clib version of the function anymore. If any code is using the clib
version, the choice is to migrate to the safeC version.
Type: fix
Fixes: b0598497afde60146fe8480331c9f96e7a79475a
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I99fa59c878331f995b734588cca3906a1d4782f5
2021-11-03 15:33:21 -07:00
|
|
|
"clib_strcmp", "clib_strncmp", "clib_strncpy",
|
|
|
|
|
"clib_strnlen", "clib_strtok",
|
vppinfra: c11 safe string functions
Add memcmp_s, strcmp_s, strncmp_s, strcpy_s, strncpy_s, strcat_s, strncat_s,
strtok_s, strnlen_s, and strstr_s C11 safe string API. For migrating extant
unsafe API, add also the corresponding macro version of each safe API,
clib_memcmp, clib_strcmp, etc.
In general, the benefits of the safe string APIs are to provide null pointer
checks, add additional argument to specify the string length of the passed
string rather than relying on the null terminated character, and src/dest
overlap checking for the the string copy operations.
The macro version of the API takes the same number of arguments as the unsafe
API to provide easy migration. However, it does not usually provide the full
aformentioned benefits. In some cases, it is necessary to move to the safe
API rather than using the macro in order to avoid some unpredictable problems
such as accessing memory beyond what it is intended due to the lack of the
passed string length.
dbarach: add a "make test" vector, and a doxygen file header cookie.
Change-Id: I5cd79b8928dcf76a79bf3f0b8cbc1a8f24942f4c
Signed-off-by: Steven <sluong@cisco.com>
Signed-off-by: Dave Barach <dave@barachs.net>
2018-10-24 21:15:45 -07:00
|
|
|
"memcmp_s", "memcpy_s", "memset_s ",
|
|
|
|
|
"strcat_s", "strcmp_s", "strcpy_s",
|
|
|
|
|
"strncat_s", "strncmp_s", "strncpy_s",
|
2021-11-06 13:11:37 +01:00
|
|
|
"strnlen_s", "strstr_s", "strtok_s"]
|
vppinfra: c11 safe string functions
Add memcmp_s, strcmp_s, strncmp_s, strcpy_s, strncpy_s, strcat_s, strncat_s,
strtok_s, strnlen_s, and strstr_s C11 safe string API. For migrating extant
unsafe API, add also the corresponding macro version of each safe API,
clib_memcmp, clib_strcmp, etc.
In general, the benefits of the safe string APIs are to provide null pointer
checks, add additional argument to specify the string length of the passed
string rather than relying on the null terminated character, and src/dest
overlap checking for the the string copy operations.
The macro version of the API takes the same number of arguments as the unsafe
API to provide easy migration. However, it does not usually provide the full
aformentioned benefits. In some cases, it is necessary to move to the safe
API rather than using the macro in order to avoid some unpredictable problems
such as accessing memory beyond what it is intended due to the lack of the
passed string length.
dbarach: add a "make test" vector, and a doxygen file header cookie.
Change-Id: I5cd79b8928dcf76a79bf3f0b8cbc1a8f24942f4c
Signed-off-by: Steven <sluong@cisco.com>
Signed-off-by: Dave Barach <dave@barachs.net>
2018-10-24 21:15:45 -07:00
|
|
|
|
|
|
|
|
for name in names:
|
|
|
|
|
error = self.vapi.cli("test string " + name)
|
|
|
|
|
if error.find("failed") != -1:
|
|
|
|
|
self.logger.critical("FAILURE in the " + name + " test")
|
2019-03-06 15:11:28 -08:00
|
|
|
self.assertNotIn("failed", error)
|
vppinfra: c11 safe string functions
Add memcmp_s, strcmp_s, strncmp_s, strcpy_s, strncpy_s, strcat_s, strncat_s,
strtok_s, strnlen_s, and strstr_s C11 safe string API. For migrating extant
unsafe API, add also the corresponding macro version of each safe API,
clib_memcmp, clib_strcmp, etc.
In general, the benefits of the safe string APIs are to provide null pointer
checks, add additional argument to specify the string length of the passed
string rather than relying on the null terminated character, and src/dest
overlap checking for the the string copy operations.
The macro version of the API takes the same number of arguments as the unsafe
API to provide easy migration. However, it does not usually provide the full
aformentioned benefits. In some cases, it is necessary to move to the safe
API rather than using the macro in order to avoid some unpredictable problems
such as accessing memory beyond what it is intended due to the lack of the
passed string length.
dbarach: add a "make test" vector, and a doxygen file header cookie.
Change-Id: I5cd79b8928dcf76a79bf3f0b8cbc1a8f24942f4c
Signed-off-by: Steven <sluong@cisco.com>
Signed-off-by: Dave Barach <dave@barachs.net>
2018-10-24 21:15:45 -07:00
|
|
|
|
unittest: gcc-11 errors for clib_strcpy, clib_strstr, clib_strcat, and clib_strncat
There are 3 versions of the string functions. For example, for strcpy,
they are
1. strcpy(dst, src) -- the legacy unsafe version
2. strcpy_s(dst, dmax, src) -- C11 safeC version which has an addition argument
named dmax.
3. clib_strcpy(dst,src) -- clib version to enable legacy code that uses strcpy
to make use of strcpy_s without adding the additional argument, dmax, which is
required by the C11 safeC version.
The implementation for the clib version is to artificially provide dmax to
strcpy_s. In this case, it uses 4096 which assumes that if the legacy code
works without blowing up, it is likely to work with the clib version without
problem.
gcc-11 is getting smarter by checking if dmax is within the object's boundary.
When the object is declared as static array, it will flag a warning/error
if dmax is out of bound for the object since the real size of dst can be
determined at compile time.
There is no way to find the real size of dst if the object is dynamically
allocated at compile time. For this reason, we simply can't provide support
for the clib version of the function anymore. If any code is using the clib
version, the choice is to migrate to the safeC version.
Type: fix
Fixes: b0598497afde60146fe8480331c9f96e7a79475a
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I99fa59c878331f995b734588cca3906a1d4782f5
2021-11-03 15:33:21 -07:00
|
|
|
|
vppinfra: c11 safe string functions
Add memcmp_s, strcmp_s, strncmp_s, strcpy_s, strncpy_s, strcat_s, strncat_s,
strtok_s, strnlen_s, and strstr_s C11 safe string API. For migrating extant
unsafe API, add also the corresponding macro version of each safe API,
clib_memcmp, clib_strcmp, etc.
In general, the benefits of the safe string APIs are to provide null pointer
checks, add additional argument to specify the string length of the passed
string rather than relying on the null terminated character, and src/dest
overlap checking for the the string copy operations.
The macro version of the API takes the same number of arguments as the unsafe
API to provide easy migration. However, it does not usually provide the full
aformentioned benefits. In some cases, it is necessary to move to the safe
API rather than using the macro in order to avoid some unpredictable problems
such as accessing memory beyond what it is intended due to the lack of the
passed string length.
dbarach: add a "make test" vector, and a doxygen file header cookie.
Change-Id: I5cd79b8928dcf76a79bf3f0b8cbc1a8f24942f4c
Signed-off-by: Steven <sluong@cisco.com>
Signed-off-by: Dave Barach <dave@barachs.net>
2018-10-24 21:15:45 -07:00
|
|
|
if __name__ == '__main__':
|
|
|
|
|
unittest.main(testRunner=VppTestRunner)
|