File: test_copy_invalid_slot.cc

package info (click to toggle)
libsigc%2B%2B-2.0 2.12.1-4
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 1,432 kB
  • sloc: cpp: 4,132; xml: 339; python: 196; makefile: 192; sh: 5
file content (65 lines) | stat: -rw-r--r-- 2,057 bytes parent folder | download | duplicates (6) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
 
#include "testutilities.h"
#include <sstream>
#include <cstdlib>
#include <sigc++/sigc++.h>
#include <stdlib.h>
#include <string.h>

namespace
{
std::ostringstream result_stream;

void Foo(sigc::trackable&)
{
  result_stream << "Foo(x)";
}

} // end anonymous namespace

int main(int argc, char* argv[])
{
  auto util = TestUtilities::get_instance();

  if (!util->check_command_args(argc, argv))
    return util->get_result_and_delete_instance() ? EXIT_SUCCESS : EXIT_FAILURE;

  std::ostringstream pointer_stream;
  auto t = new sigc::trackable();
  pointer_stream << t;
  result_stream << "sigc::trackable instance at " << pointer_stream.str();
  util->check_result(result_stream, "sigc::trackable instance at " + pointer_stream.str());
  pointer_stream.str("");

  sigc::slot<void> foo = sigc::bind(sigc::ptr_fun(Foo), std::ref(*t));
  foo();
  util->check_result(result_stream, "Foo(x)");

  // This invalidates foo.
  delete t;

  // Try to crash if the invalid slot parameter is used by libsigc++,
  // and get a debugger backtrace at the point that it happens.
  //
  // Comment this out to get a meaningful backtrace from valgrind.
  //
  // Try to pollute the memory previously occupied by the sigc::trackable
  // instance. The hope is that with a regular memory allocator (i.e. not
  // valgrind), we end up with buffer == (void *)t.
  void* buffer = malloc(sizeof(sigc::trackable));
  memset(buffer, 0xFF, sizeof(sigc::trackable));
  pointer_stream << buffer;
  result_stream << "         Polluted buffer at " << pointer_stream.str();
  util->check_result(result_stream, "         Polluted buffer at " + pointer_stream.str());
  pointer_stream.str("");

  // Now copy foo: up to libsigc++ version 2.0.11, the copy constructor fails
  // because the pointer value it dereferences does not point to a
  // sigc::trackable anymore, it now points to a polluted buffer.
  sigc::slot<void> bar = foo;
  bar();
  util->check_result(result_stream, "");

  free(buffer);

  return util->get_result_and_delete_instance() ? EXIT_SUCCESS : EXIT_FAILURE;
}