diff --git a/tests/binaries/heap_find_fake_fast.c b/tests/binaries/heap_find_fake_fast.c index 5d1af4ec8..d6f7f3cb7 100644 --- a/tests/binaries/heap_find_fake_fast.c +++ b/tests/binaries/heap_find_fake_fast.c @@ -71,7 +71,7 @@ int main(void) { setup_mem(0x80, 0x78); break_here(); - // A valid unaligned fastbin chunk just in range of the target address + /* // A valid unaligned fastbin chunk just in range of the target address */ /* setup_mem(0x80, 0x7F); */ /* break_here(); */ diff --git a/tests/heap/test_find_fake_fast.py b/tests/heap/test_find_fake_fast.py index 1e5f1c630..a78705b63 100644 --- a/tests/heap/test_find_fake_fast.py +++ b/tests/heap/test_find_fake_fast.py @@ -61,39 +61,60 @@ def test_find_fake_fast_command(start_binary): # setup_mem(0x20, 0x8) result = gdb.execute("find_fake_fast &target_address", to_string=True) check_result(result, 0x20) + + result = gdb.execute("find_fake_fast --align &target_address", to_string=True) + check_result(result, 0x20) gdb.execute("continue") # setup_mem(0x2F, 0x8) result = gdb.execute("find_fake_fast &target_address", to_string=True) check_result(result, 0x2F) + + result = gdb.execute("find_fake_fast --align &target_address", to_string=True) + check_result(result, 0x2F) gdb.execute("continue") # setup_mem(0x20, 0x9) result = gdb.execute("find_fake_fast &target_address", to_string=True) check_result(result, 0x20) + + result = gdb.execute("find_fake_fast --align &target_address", to_string=True) + check_no_results(result) gdb.execute("continue") # setup_mem(0x20, 0x0) result = gdb.execute("find_fake_fast &target_address", to_string=True) check_no_results(result) + + result = gdb.execute("find_fake_fast --align &target_address", to_string=True) + check_no_results(result) gdb.execute("continue") # setup_mem(0x20, 0x7) result = gdb.execute("find_fake_fast &target_address", to_string=True) check_no_results(result) + + result = gdb.execute("find_fake_fast --align &target_address", to_string=True) + check_no_results(result) gdb.execute("continue") # setup_mem(0x1F, 0x8) result = gdb.execute("find_fake_fast &target_address", to_string=True) check_no_results(result) + + result = gdb.execute("find_fake_fast --align &target_address", to_string=True) + check_no_results(result) gdb.execute("continue") # setup_mem(0x80, 0x78) result = gdb.execute("find_fake_fast &target_address", to_string=True) check_result(result, 0x80) + + result = gdb.execute("find_fake_fast --align &target_address", to_string=True) + check_result(result, 0x80) gdb.execute("continue") - # setup_mem(0x80, 0x7F) + # # setup_mem(0x80, 0x7F) # result = gdb.execute("find_fake_fast &target_address", to_string=True) # check_result(result, 0x80) # gdb.execute("continue") @@ -101,17 +122,31 @@ def test_find_fake_fast_command(start_binary): # setup_mem(0x80, 0x80) result = gdb.execute("find_fake_fast &target_address", to_string=True) check_no_results(result) + + result = gdb.execute("find_fake_fast --align &target_address", to_string=True) + check_no_results(result) gdb.execute("continue") # setup_mem(0x100, 0x10) result = gdb.execute("find_fake_fast &target_address", to_string=True) check_no_results(result) + + result = gdb.execute("find_fake_fast &target_address 0x100", to_string=True) + check_result(result, 0x100) gdb.execute("continue") # setup_mem(0x100, 0x90) result = gdb.execute("find_fake_fast &target_address", to_string=True) check_no_results(result) + result = gdb.execute("find_fake_fast &target_address 0x100", to_string=True) + check_result(result, 0x100) + gdb.execute("continue") + # setup_mem(0x100, 0x100) result = gdb.execute("find_fake_fast &target_address", to_string=True) check_no_results(result) + + result = gdb.execute("find_fake_fast &target_address 0x100", to_string=True) + check_no_results(result) + gdb.execute("continue")