From f15683b4b100351e24e305d25bd4785c79ac8f55 Mon Sep 17 00:00:00 2001 From: Sumit Bose Date: Mon, 6 Dec 2010 21:18:50 +0100 Subject: Validate user supplied size of data items Specially crafted packages might lead to an integer overflow and the parsing of the input buffer might not continue as expected. This issue was identified by Sebastian Krahmer . --- src/tests/util-tests.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'src/tests') diff --git a/src/tests/util-tests.c b/src/tests/util-tests.c index cf96f0e35..a98b0c03c 100644 --- a/src/tests/util-tests.c +++ b/src/tests/util-tests.c @@ -241,6 +241,19 @@ START_TEST(test_sss_filter_sanitize) } END_TEST +START_TEST(test_size_t_overflow) +{ + fail_unless(!SIZE_T_OVERFLOW(1, 1), "unexpected overflow"); + fail_unless(!SIZE_T_OVERFLOW(SIZE_T_MAX, 0), "unexpected overflow"); + fail_unless(!SIZE_T_OVERFLOW(SIZE_T_MAX-10, 10), "unexpected overflow"); + fail_unless(SIZE_T_OVERFLOW(SIZE_T_MAX, 1), "overflow not detected"); + fail_unless(SIZE_T_OVERFLOW(SIZE_T_MAX, SIZE_T_MAX), + "overflow not detected"); + fail_unless(SIZE_T_OVERFLOW(SIZE_T_MAX, ULLONG_MAX), + "overflow not detected"); + fail_unless(SIZE_T_OVERFLOW(SIZE_T_MAX, -10), "overflow not detected"); +} +END_TEST Suite *util_suite(void) { @@ -250,6 +263,7 @@ Suite *util_suite(void) tcase_add_test (tc_util, test_diff_string_lists); tcase_add_test (tc_util, test_sss_filter_sanitize); + tcase_add_test (tc_util, test_size_t_overflow); tcase_set_timeout(tc_util, 60); suite_add_tcase (s, tc_util); -- cgit