Base Security: fix-up overflow tests

base/security_unittest.cc

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <fcntl.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <sys/stat.h>
 #include <sys/types.h>
@@ skipping 16 matching lines @@
 using std::numeric_limits;
 
 namespace {
 
 // This function acts as a compiler optimization barrier. We use it to
 // prevent the compiler from making an expression a compile-time constant.
 // We also use it so that the compiler doesn't discard certain return values
 // as something we don't need (see the comment with calloc below).
 template <typename Type>
 Type HideValueFromCompiler(volatile Type value) {
+#if defined(__GNUC__)
+  // In a GCC compatible compiler (GCC or Clang), make this compiler barrier
+  // more robust than merely using "volatile".
+  __asm__ volatile ("" : "+r" (value));
+#endif  // __GNUC__
   return value;
 }
 
 // - NO_TCMALLOC (should be defined if we compile with linux_use_tcmalloc=0)
 // - ADDRESS_SANITIZER because it has its own memory allocator
 // - IOS does not use tcmalloc
 // - OS_MACOSX does not use tcmalloc
 #if !defined(NO_TCMALLOC) && !defined(ADDRESS_SANITIZER) && \
     !defined(OS_IOS) && !defined(OS_MACOSX)
   #define TCMALLOC_TEST(function) function
@@ skipping 85 matching lines @@
 TEST(SecurityTest, TCMALLOC_TEST(MemoryAllocationRestrictionsNewArray)) {
   if (!IsTcMallocBypassed()) {
     scoped_ptr<char[]> ptr(
         HideValueFromCompiler(new (nothrow) char[kTooBigAllocSize]));
     ASSERT_TRUE(!ptr);
   }
 }
 
 // The tests bellow check for overflows in new[] and calloc().
 
-#if defined(OS_IOS) || defined(OS_WIN)
-  #define DISABLE_ON_IOS_AND_WIN(function) DISABLED_##function
+#if defined(OS_IOS)
+  #define DISABLE_ON_IOS(function) DISABLED_##function
 #else
-  #define DISABLE_ON_IOS_AND_WIN(function) function
+  #define DISABLE_ON_IOS(function) function
 #endif
 
 #if defined(ADDRESS_SANITIZER)
   #define DISABLE_ON_ASAN(function) DISABLED_##function
 #else
   #define DISABLE_ON_ASAN(function) function
 #endif
 
 // There are platforms where these tests are known to fail. We would like to
 // be able to easily check the status on the bots, but marking tests as
 // FAILS_ is too clunky.
 void OverflowTestsSoftExpectTrue(bool overflow_detected) {
   if (!overflow_detected) {
 #if defined(OS_LINUX) || defined(OS_ANDROID) || defined(OS_MACOSX)
     // Sadly, on Linux, Android, and OSX we don't have a good story yet. Don't
     // fail the test, but report.
     printf("Platform has overflow: %s\n",
            !overflow_detected ? "yes." : "no.");
 #else
     // Otherwise, fail the test. (Note: EXPECT are ok in subfunctions, ASSERT
     // aren't).
     EXPECT_TRUE(overflow_detected);
 #endif
   }
 }
 
-// TODO(jln): crbug.com/174947 This can't even compile on Win64.
-#if !(defined(OS_WIN) && defined(ARCH_CPU_X86_64))
-
 // Test array[TooBig][X] and array[X][TooBig] allocations for int overflows.
 // IOS doesn't honor nothrow, so disable the test there.
-// Disable on Windows, we suspect some are failing because of it.
-TEST(SecurityTest, DISABLE_ON_IOS_AND_WIN(NewOverflow)) {
+TEST(SecurityTest, DISABLE_ON_IOS(NewOverflow)) {
   const size_t kArraySize = 4096;
   // We want something "dynamic" here, so that the compiler doesn't
   // immediately reject crazy arrays.
   const size_t kDynamicArraySize = HideValueFromCompiler(kArraySize);
   // numeric_limits are still not constexpr until we switch to C++11, so we
   // use an ugly cast.
   const size_t kMaxSizeT = ~static_cast<size_t>(0);
   ASSERT_EQ(numeric_limits<size_t>::max(), kMaxSizeT);
   const size_t kArraySize2 = kMaxSizeT / kArraySize + 10;
   const size_t kDynamicArraySize2 = HideValueFromCompiler(kArraySize2);
   {
     scoped_ptr<char[][kArraySize]> array_pointer(new (nothrow)
         char[kDynamicArraySize2][kArraySize]);
     OverflowTestsSoftExpectTrue(!array_pointer);
   }
+  // On windows, the compiler prevents static array sizes of more than
+  // 0x7fffffff (error C2148).
+#if !defined(OS_WIN) || !defined(ARCH_CPU_64_BITS)
   {
     scoped_ptr<char[][kArraySize2]> array_pointer(new (nothrow)
         char[kDynamicArraySize][kArraySize2]);
     OverflowTestsSoftExpectTrue(!array_pointer);
   }
+#endif  // !defined(OS_WIN) || !defined(ARCH_CPU_64_BITS)
 }
-#endif
 
 // Call calloc(), eventually free the memory and return whether or not
 // calloc() did succeed.
 bool CallocReturnsNull(size_t nmemb, size_t size) {
   scoped_ptr<char, base::FreeDeleter> array_pointer(
       static_cast<char*>(calloc(nmemb, size)));
   // We need the call to HideValueFromCompiler(): we have seen LLVM
   // optimize away the call to calloc() entirely and assume
   // the pointer to not be NULL.
   return HideValueFromCompiler(array_pointer.get()) == NULL;
@@ skipping 82 matching lines @@
   // kRandomMask, so we use it as an additional detection mechanism.
   const uintptr_t kRandomMask = 0x3fffffffffffULL;
   bool impossible_random_address =
       reinterpret_cast<uintptr_t>(ptr.get()) & ~kRandomMask;
   EXPECT_FALSE(impossible_random_address);
 }
 
 #endif  // (defined(OS_LINUX) || defined(OS_CHROMEOS)) && defined(__x86_64__)
 
 }  // namespace