• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# test_zeroize.gdb
2#
3# Copyright The Mbed TLS Contributors
4# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
5#
6# This file is provided under the Apache License 2.0, or the
7# GNU General Public License v2.0 or later.
8#
9# **********
10# Apache License 2.0:
11#
12# Licensed under the Apache License, Version 2.0 (the "License"); you may
13# not use this file except in compliance with the License.
14# You may obtain a copy of the License at
15#
16# http://www.apache.org/licenses/LICENSE-2.0
17#
18# Unless required by applicable law or agreed to in writing, software
19# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
20# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21# See the License for the specific language governing permissions and
22# limitations under the License.
23#
24# **********
25#
26# **********
27# GNU General Public License v2.0 or later:
28#
29# This program is free software; you can redistribute it and/or modify
30# it under the terms of the GNU General Public License as published by
31# the Free Software Foundation; either version 2 of the License, or
32# (at your option) any later version.
33#
34# This program is distributed in the hope that it will be useful,
35# but WITHOUT ANY WARRANTY; without even the implied warranty of
36# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
37# GNU General Public License for more details.
38#
39# You should have received a copy of the GNU General Public License along
40# with this program; if not, write to the Free Software Foundation, Inc.,
41# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
42#
43# **********
44#
45# Purpose
46#
47# Run a test using the debugger to check that the mbedtls_platform_zeroize()
48# function in platform_util.h is not being optimized out by the compiler. To do
49# so, the script loads the test program at programs/test/zeroize.c and sets a
50# breakpoint at the last return statement in main(). When the breakpoint is
51# hit, the debugger manually checks the contents to be zeroized and checks that
52# it is actually cleared.
53#
54# The mbedtls_platform_zeroize() test is debugger driven because there does not
55# seem to be a mechanism to reliably check whether the zeroize calls are being
56# eliminated by compiler optimizations from within the compiled program. The
57# problem is that a compiler would typically remove what it considers to be
58# "unnecessary" assignments as part of redundant code elimination. To identify
59# such code, the compilar will create some form dependency graph between
60# reads and writes to variables (among other situations). It will then use this
61# data structure to remove redundant code that does not have an impact on the
62# program's observable behavior. In the case of mbedtls_platform_zeroize(), an
63# intelligent compiler could determine that this function clears a block of
64# memory that is not accessed later in the program, so removing the call to
65# mbedtls_platform_zeroize() does not have an observable behavior. However,
66# inserting a test after a call to mbedtls_platform_zeroize() to check whether
67# the block of memory was correctly zeroed would force the compiler to not
68# eliminate the mbedtls_platform_zeroize() call. If this does not occur, then
69# the compiler potentially has a bug.
70#
71# Note: This test requires that the test program is compiled with -g3.
72
73set confirm off
74
75file ./programs/test/zeroize
76
77search GDB_BREAK_HERE
78break $_
79
80set args ./programs/test/zeroize.c
81run
82
83set $i = 0
84set $len = sizeof(buf)
85set $buf = buf
86
87while $i < $len
88    if $buf[$i++] != 0
89        echo The buffer at was not zeroized\n
90        quit 1
91    end
92end
93
94echo The buffer was correctly zeroized\n
95
96continue
97
98if $_exitcode != 0
99    echo The program did not terminate correctly\n
100    quit 1
101end
102
103quit 0
104