Xhiv - testing Handling Invalid Values in X libraries

Alan Coopersmith alan.coopersmith at oracle.com
Sat May 25 10:15:11 PDT 2013


So recently I was stuck trying to figure out how you would test what an
X client library would do if it received a response no X server should
ever send.   Most of our existing tests, like XTS, modify the client side
to send requests to unmodified X servers to see how they respond, but skip
testing how they handle invalid values returned from the X server.

I started considering making an X server extension to allow overriding the
normal responses, or modifying an X server to allow scripting responses to
send back, but those both seemed like larger and more complex solutions than
I wanted to tackle.  While I started feeling a bit stabby, I figured out it
wasn't that hard to just fork a process that fed X protocol responses back
to a client, improvising with the materials at hand to shove harmful contraband
into the protocol steam.   And thus was born "Xhiv", a quick and dirty test
suite for Handling Invalid Values:

http://cgit.freedesktop.org/~alanc/xhiv/
git://people.freedesktop.org/~alanc/xhiv

(I tend to pronounce it like "shiv" in my head, but don't talk to others about
  it much to hear how it sounds out loud.)

I don't have a lot of time to run with this, so don't know if this will have a
long term life or just be a temporary solution to a point-in-time problem, but
I figured sharing it would let others decide if it's useful to them as well.
It tests only a small subset of the X library calls at the moment, but it's
probably not to hard to guess why that subset was chosen.

Some of the tests require you to be able to allocate 2gb or so of memory in
the test, since with modern Xlib built on top of xcb, instead of the old fixed
size reply buffer that gets filled as data is requested/read in, libxcb
allocates a new buffer for each reply, with the full size of that reply,
which it reads into the buffer before returning to Xlib, so if you're testing
what happens when a response claims to be MAX_INT large, you have to be able
to load a MAX_INT buffer into libxcb all at once before it gets passed back
up to Xlib.

-- 

	-Alan Coopersmith-              alan.coopersmith at oracle.com
	 Oracle Solaris Engineering - http://blogs.oracle.com/alanc


More information about the xorg-devel mailing list