quickjs-tart

quickjs-based runtime for wallet-core logic
Log | Files | Refs | README | LICENSE

test_zeroize.gdb (2440B)

      1 # test_zeroize.gdb
      2 #
      3 # Copyright The Mbed TLS Contributors
      4 # SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
      5 #
      6 # Purpose
      7 #
      8 # Run a test using the debugger to check that the mbedtls_platform_zeroize()
      9 # function in platform_util.h is not being optimized out by the compiler. To do
     10 # so, the script loads the test program at programs/test/zeroize and sets a
     11 # breakpoint at the last return statement in main(). When the breakpoint is
     12 # hit, the debugger manually checks the contents to be zeroized and checks that
     13 # it is actually cleared.
     14 #
     15 # The mbedtls_platform_zeroize() test is debugger driven because there does not
     16 # seem to be a mechanism to reliably check whether the zeroize calls are being
     17 # eliminated by compiler optimizations from within the compiled program. The
     18 # problem is that a compiler would typically remove what it considers to be
     19 # "unnecessary" assignments as part of redundant code elimination. To identify
     20 # such code, the compilar will create some form dependency graph between
     21 # reads and writes to variables (among other situations). It will then use this
     22 # data structure to remove redundant code that does not have an impact on the
     23 # program's observable behavior. In the case of mbedtls_platform_zeroize(), an
     24 # intelligent compiler could determine that this function clears a block of
     25 # memory that is not accessed later in the program, so removing the call to
     26 # mbedtls_platform_zeroize() does not have an observable behavior. However,
     27 # inserting a test after a call to mbedtls_platform_zeroize() to check whether
     28 # the block of memory was correctly zeroed would force the compiler to not
     29 # eliminate the mbedtls_platform_zeroize() call. If this does not occur, then
     30 # the compiler potentially has a bug.
     31 #
     32 # Note: This test requires that the test program is compiled with -g3.
     33 
     34 set confirm off
     35 
     36 # TF-PSA-Crypto uses a different name for the executable and also a build out
     37 # of tree.
     38 if $_isvoid($is_tf_psa_crypto)
     39     file ./programs/test/zeroize
     40 else
     41     file ./programs/test/tf_psa_crypto_zeroize
     42 end
     43 
     44 set args ./framework/tests/programs/zeroize.c
     45 
     46 search GDB_BREAK_HERE
     47 break $_
     48 
     49 run
     50 
     51 set $i = 0
     52 set $len = sizeof(buf)
     53 set $buf = buf
     54 
     55 while $i < $len
     56     if $buf[$i++] != 0
     57         echo The buffer at was not zeroized\n
     58         quit 1
     59     end
     60 end
     61 
     62 echo The buffer was correctly zeroized\n
     63 
     64 continue
     65 
     66 if $_exitcode != 0
     67     echo The program did not terminate correctly\n
     68     quit 1
     69 end
     70 
     71 quit 0