Elizabeth Figura <zfigura@xxxxxxxxxxxxxxx> writes:
> +TEST(test_wait_any)
> +{
> + struct ntsync_mutex_args mutex_args = {0};
> + struct ntsync_wait_args wait_args = {0};
> + struct ntsync_sem_args sem_args = {0};
> + __u32 owner, index, count;
> + struct timespec timeout;
> + int objs[2], fd, ret;
> +
> + clock_gettime(CLOCK_MONOTONIC, &timeout);
> +
> + fd = open("/dev/ntsync", O_CLOEXEC | O_RDONLY);
> + ASSERT_LE(0, fd);
> +
> + sem_args.count = 2;
> + sem_args.max = 3;
> + sem_args.sem = 0xdeadbeef;
> + ret = ioctl(fd, NTSYNC_IOC_CREATE_SEM, &sem_args);
> + EXPECT_EQ(0, ret);
> + EXPECT_NE(0xdeadbeef, sem_args.sem);
> +
> + mutex_args.owner = 0;
> + mutex_args.count = 0;
> + mutex_args.mutex = 0xdeadbeef;
> + ret = ioctl(fd, NTSYNC_IOC_CREATE_MUTEX, &mutex_args);
> + EXPECT_EQ(0, ret);
> + EXPECT_NE(0xdeadbeef, mutex_args.mutex);
It seems your tests are missing test cases for exceeding any limits,
especially overflow/underflow cases. Since these are the most likely
for any security problems it would be good to have extra coverage here.
The fuzzers will hopefully hit it too.
Also some stress testing with multiple threads would be useful.
-Andi
