Yesterday I was asking myself a question.
Does it is possible to programmatically "brute force" all the calls to a specific function into a program, and test if the error cases of this call is always properly handled ?
Example:
int main(void)
{
char *mallocforfun = NULL;
char **matrix = NULL;
if ((matrix = (char **)malloc(sizeof(char*) * 42)))
{
for (int i = 0; i < 42; i++)
{
matrix[i] = (char *)malloc(sizeof(char) * 42);
bzero(matrix[i], 42);
}
matrix[i] = NULL;
}
mallocforfun = (char*)malloc(sizeof(char) * 42);
...
// do some stuff and free everything
return (0);
}
So in this example, if we would test malloc function, the tester will put three breakpoint:
int main(void)
{
char *mallocforfun = NULL;
char **matrix = NULL;
1st: if ((matrix = (char **)malloc(sizeof(char*) * 42)))
{
for (int i = 0; i < 42; i++)
{
2nd: matrix[i] = (char *)malloc(sizeof(char) * 42);
bzero(matrix[i], 42);
}
matrix[i] = NULL;
}
3rd: mallocforfun = (char*)malloc(sizeof(char) * 42);
...
// do some stuff and free everything
return (0);
}
Run the program, change malloc function return into an error value, see if it crash, delete last tested breakpoint, rerun, and so on.
I want to verify that I have handled all error returns by running the program repeatedly in an environment where malloc fails once at each call site in turn on subsequent runs of the program. (Thank's to @Mic for the explicit formulation)
I think it's possible to do something like this with non-stripped binary with gdb script. I searched by myself but can't find anything looking like that.
So I feel like I have a "keyword" missing. Do you know if this kind of test have a specific name, or a tool doing something like that ?
assert()
.