Skip to content

Commit 0eaf49c

Browse files
gilles-peskine-armgilles-peskine-arm
authored
Merge pull request #304 from gilles-peskine-arm/asan-test-fail-crypto
Make sure Asan failures are detected in 'make test'
2 parents b1c7197 + 54d1937 commit 0eaf49c

File tree

3 files changed

+13
-9
lines changed

3 files changed

+13
-9
lines changed

tests/scripts/all.sh

Lines changed: 9 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -128,6 +128,9 @@ pre_initialize_variables () {
128128
# Include more verbose output for failing tests run by CMake
129129
export CTEST_OUTPUT_ON_FAILURE=1
130130

131+
# CFLAGS and LDFLAGS for Asan builds that don't use CMake
132+
ASAN_CFLAGS='-Werror -Wall -Wextra -fsanitize=address,undefined -fno-sanitize-recover=all'
133+
131134
# Gather the list of available components. These are the functions
132135
# defined in this script whose name starts with "component_".
133136
# Parse the script with sed, because in sh there is no way to list
@@ -826,7 +829,7 @@ component_test_malloc_0_null () {
826829
msg "build: malloc(0) returns NULL (ASan+UBSan build)"
827830
scripts/config.pl full
828831
scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
829-
make CC=gcc CFLAGS="'-DMBEDTLS_CONFIG_FILE=\"$PWD/tests/configs/config-wrapper-malloc-0-null.h\"' -O -Werror -Wall -Wextra -fsanitize=address,undefined" LDFLAGS='-fsanitize=address,undefined'
832+
make CC=gcc CFLAGS="'-DMBEDTLS_CONFIG_FILE=\"$PWD/tests/configs/config-wrapper-malloc-0-null.h\"' $ASAN_CFLAGS -O" LDFLAGS="$ASAN_CFLAGS"
830833

831834
msg "test: malloc(0) returns NULL (ASan+UBSan build)"
832835
make test
@@ -868,7 +871,7 @@ component_test_aes_fewer_tables_and_rom_tables () {
868871
component_test_se_default () {
869872
msg "build: default config + MBEDTLS_PSA_CRYPTO_SE_C"
870873
scripts/config.pl set MBEDTLS_PSA_CRYPTO_SE_C
871-
make CC=clang CFLAGS='-Werror -Wall -Wextra -Wno-unused-function -Os -fsanitize=address' LDFLAGS='-fsanitize=address'
874+
make CC=clang CFLAGS="$ASAN_CFLAGS -Os" LDFLAGS="$ASAN_CFLAGS"
872875

873876
msg "test: default config + MBEDTLS_PSA_CRYPTO_SE_C"
874877
make test
@@ -877,7 +880,7 @@ component_test_se_default () {
877880
component_test_se_full () {
878881
msg "build: full config + MBEDTLS_PSA_CRYPTO_SE_C"
879882
scripts/config.pl set MBEDTLS_PSA_CRYPTO_SE_C
880-
make CC=gcc CFLAGS='-Werror -Wall -Wextra -O2 -fsanitize=address' LDFLAGS='-fsanitize=address'
883+
make CC=gcc CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS"
881884

882885
msg "test: full config + MBEDTLS_PSA_CRYPTO_SE_C"
883886
make test
@@ -912,7 +915,7 @@ component_test_m32_o0 () {
912915
# Build once with -O0, to compile out the i386 specific inline assembly
913916
msg "build: i386, make, gcc -O0 (ASan build)" # ~ 30s
914917
scripts/config.pl full
915-
make CC=gcc CFLAGS='-O0 -Werror -Wall -Wextra -m32 -fsanitize=address' LDFLAGS='-m32 -fsanitize=address'
918+
make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O0" LDFLAGS="-m32 $ASAN_CFLAGS"
916919

917920
msg "test: i386, make, gcc -O0 (ASan build)"
918921
make test
@@ -931,7 +934,7 @@ component_test_m32_o1 () {
931934
scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE
932935
scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
933936
scripts/config.pl unset MBEDTLS_MEMORY_DEBUG
934-
make CC=gcc CFLAGS='-O1 -Werror -Wall -Wextra -m32 -fsanitize=address' LDFLAGS='-m32 -fsanitize=address'
937+
make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O1" LDFLAGS="-m32 $ASAN_CFLAGS"
935938

936939
msg "test: i386, make, gcc -O1 (ASan build)"
937940
make test
@@ -944,7 +947,7 @@ component_test_m32_everest () {
944947
msg "build: i386, Everest ECDH context (ASan build)" # ~ 6 min
945948
scripts/config.pl unset MBEDTLS_ECDH_LEGACY_CONTEXT
946949
scripts/config.pl set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
947-
make CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -m32 -fsanitize=address'
950+
make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
948951

949952
msg "test: i386, Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s
950953
make test

tests/scripts/run-test-suites.pl

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -93,7 +93,7 @@ sub pad_print_center {
9393
$suite_cases_failed = () = $result =~ /.. FAILED/g;
9494
$suite_cases_skipped = () = $result =~ /.. ----/g;
9595

96-
if( $result =~ /PASSED/ ) {
96+
if( $? == 0 ) {
9797
print "PASS\n";
9898
if( $verbose > 2 ) {
9999
pad_print_center( 72, '-', "Begin $suite" );

tests/suites/test_suite_psa_crypto_se_driver_hal.function

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -565,16 +565,17 @@ static int check_persistent_data( psa_key_lifetime_t lifetime,
565565
psa_storage_uid_t uid = file_uid_for_lifetime( lifetime );
566566
struct psa_storage_info_t info;
567567
uint8_t *loaded = NULL;
568+
int ok = 0;
568569

569570
PSA_ASSERT( psa_its_get_info( uid, &info ) );
570571
ASSERT_ALLOC( loaded, info.size );
571572
PSA_ASSERT( psa_its_get( uid, 0, info.size, loaded, NULL ) );
572573
ASSERT_COMPARE( expected_data, size, loaded, info.size );
573-
return( 1 );
574+
ok = 1;
574575

575576
exit:
576577
mbedtls_free( loaded );
577-
return( 0 );
578+
return( ok );
578579
}
579580

580581
/* Check that a function's return status is "smoke-free", i.e. that

0 commit comments

Comments
 (0)