diff options
| author | Sumit Bose <sbose@redhat.com> | 2010-12-06 21:18:50 +0100 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-01-11 12:17:53 -0500 |
| commit | f15683b4b100351e24e305d25bd4785c79ac8f55 (patch) | |
| tree | a131f7c73b3ea1248f51c2fab361f4baa13c54a3 /src/tests | |
| parent | e1522a568dac91499f5f2039ef978a0a4ceeb3b3 (diff) | |
| download | sssd-f15683b4b100351e24e305d25bd4785c79ac8f55.tar.gz sssd-f15683b4b100351e24e305d25bd4785c79ac8f55.tar.xz sssd-f15683b4b100351e24e305d25bd4785c79ac8f55.zip | |
Validate user supplied size of data items
Specially crafted packages might lead to an integer overflow and the
parsing of the input buffer might not continue as expected. This issue
was identified by Sebastian Krahmer <krahmer@suse.de>.
Diffstat (limited to 'src/tests')
| -rw-r--r-- | src/tests/util-tests.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/src/tests/util-tests.c b/src/tests/util-tests.c index cf96f0e35..a98b0c03c 100644 --- a/src/tests/util-tests.c +++ b/src/tests/util-tests.c @@ -241,6 +241,19 @@ START_TEST(test_sss_filter_sanitize) } END_TEST +START_TEST(test_size_t_overflow) +{ + fail_unless(!SIZE_T_OVERFLOW(1, 1), "unexpected overflow"); + fail_unless(!SIZE_T_OVERFLOW(SIZE_T_MAX, 0), "unexpected overflow"); + fail_unless(!SIZE_T_OVERFLOW(SIZE_T_MAX-10, 10), "unexpected overflow"); + fail_unless(SIZE_T_OVERFLOW(SIZE_T_MAX, 1), "overflow not detected"); + fail_unless(SIZE_T_OVERFLOW(SIZE_T_MAX, SIZE_T_MAX), + "overflow not detected"); + fail_unless(SIZE_T_OVERFLOW(SIZE_T_MAX, ULLONG_MAX), + "overflow not detected"); + fail_unless(SIZE_T_OVERFLOW(SIZE_T_MAX, -10), "overflow not detected"); +} +END_TEST Suite *util_suite(void) { @@ -250,6 +263,7 @@ Suite *util_suite(void) tcase_add_test (tc_util, test_diff_string_lists); tcase_add_test (tc_util, test_sss_filter_sanitize); + tcase_add_test (tc_util, test_size_t_overflow); tcase_set_timeout(tc_util, 60); suite_add_tcase (s, tc_util); |