Add a test for a possible overflow in *printf.
It turns out we don't have any bugs here, but glibc does. Found while
chasing down a toybox failure I saw on the host, but we may as well
add the test in case we ever screw up here in future.
Change-Id: Ib8dd227ed3b742dc4dab8c09dc08e6ea9a35c807
diff --git a/tests/stdio_test.cpp b/tests/stdio_test.cpp
index 79a86ad..7e82612 100644
--- a/tests/stdio_test.cpp
+++ b/tests/stdio_test.cpp
@@ -553,6 +553,21 @@
ASSERT_EQ(0, pthread_join(t, nullptr));
}
+TEST(STDIO_TEST, snprintf_asterisk_overflow) {
+ char buf[128];
+ ASSERT_EQ(5, snprintf(buf, sizeof(buf), "%.*s%c", 4, "hello world", '!'));
+ ASSERT_EQ(12, snprintf(buf, sizeof(buf), "%.*s%c", INT_MAX/2, "hello world", '!'));
+ ASSERT_EQ(12, snprintf(buf, sizeof(buf), "%.*s%c", INT_MAX-1, "hello world", '!'));
+ ASSERT_EQ(12, snprintf(buf, sizeof(buf), "%.*s%c", INT_MAX, "hello world", '!'));
+ ASSERT_EQ(12, snprintf(buf, sizeof(buf), "%.*s%c", -1, "hello world", '!'));
+
+ // INT_MAX-1, INT_MAX, INT_MAX+1.
+ ASSERT_EQ(12, snprintf(buf, sizeof(buf), "%.2147483646s%c", "hello world", '!'));
+ ASSERT_EQ(12, snprintf(buf, sizeof(buf), "%.2147483647s%c", "hello world", '!'));
+ ASSERT_EQ(-1, snprintf(buf, sizeof(buf), "%.2147483648s%c", "hello world", '!'));
+ ASSERT_EQ(ENOMEM, errno);
+}
+
TEST(STDIO_TEST, fprintf_failures_7229520) {
// http://b/7229520
FILE* fp;
