void test_stack_in_code(void) {
int rc = nacl_exception_set_handler(bad_stack_exception_handler);
assert(rc == 0);
rc = nacl_exception_set_stack(stack_in_code, stack_in_code_size);
assert(rc == 0);
fprintf(stderr, "** intended_exit_status=unwritable_exception_stack\n");
/* Cause crash. */
*(volatile int *) 0 = 0;
}
/*
* This test case does not crash. It successfully runs
* bad_stack_exception_handler() in order to check that it works, so
* that we can be sure that other tests do not crash (and hence pass)
* accidentally.
*/
void test_stack_in_rwdata(void) {
int rc = nacl_exception_set_handler(bad_stack_exception_handler);
assert(rc == 0);
rc = nacl_exception_set_stack((void *) stack_in_rwdata,
sizeof(stack_in_rwdata));
assert(rc == 0);
fprintf(stderr, "** intended_exit_status=1\n");
/* Cause crash. */
*(volatile int *) 0 = 0;
}
void test_bad_handler(void) {
/*
* Use an address that we know contains no valid code, yet is within
* the code segment range and is well-aligned. The bottom 64k of
* address space is never mapped.
*/
nacl_exception_handler_t handler = (nacl_exception_handler_t) 0x1000;
int rc = nacl_exception_set_handler(handler);
assert(rc == 0);
fprintf(stderr, "** intended_exit_status=untrusted_segfault\n");
/* Cause crash. */
*(volatile int *) 0 = 0;
}
/*
* This checks that crashes in trusted code (such as inside NaCl
* syscalls) do not cause the untrusted exception handler to run.
*/
void test_crash_in_syscall(void) {
int rc = nacl_exception_set_handler(bad_stack_exception_handler);
assert(rc == 0);
rc = nacl_exception_set_stack((void *) stack_in_rwdata,
sizeof(stack_in_rwdata));
assert(rc == 0);
fprintf(stderr, "** intended_exit_status=trusted_segfault\n");
/*
* Cause a crash inside a NaCl syscall.
*/
NACL_SYSCALL(test_crash)(NACL_TEST_CRASH_MEMORY);
/* Should not reach here. */
_exit(1);
}
/*
* This checks that the process terminates safely if the system
* attempts to write a stack frame at the current stack pointer when
* the stack pointer points outside of the sandbox's address space.
*
* This only applies to x86-32, because the stack pointer register
* cannot be set to point outside of the sandbox's address space on
* x86-64 and ARM.
*/
void test_stack_outside_sandbox(void) {
#if defined(__i386__)
int rc = nacl_exception_set_handler(bad_stack_exception_handler);
assert(rc == 0);
fprintf(stderr, "** intended_exit_status=untrusted_segfault\n");
__asm__(
/*
* Set the stack pointer to an address that is definitely
* outside the sandbox's address space.
*/
"movl $0xffffffff, %esp\n"
/* Cause crash. */
"movl $0, 0\n");
#else
fprintf(stderr, "test_bad_stack does not apply on this platform\n");
fprintf(stderr, "** intended_exit_status=0\n");
exit(0);
#endif
}
void SetupCrashHandler() {
nacl_exception_set_handler(CrashHandler);
}
static void register_exception_handler(void) {
int rc = nacl_exception_set_handler(exception_handler);
assert(rc == 0);
rc = nacl_exception_set_stack(g_stack, sizeof(g_stack));
assert(rc == 0);
}
