diff options
| author | Sumit Bose <sbose@redhat.com> | 2010-12-06 21:18:50 +0100 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-01-11 12:17:53 -0500 |
| commit | f15683b4b100351e24e305d25bd4785c79ac8f55 (patch) | |
| tree | a131f7c73b3ea1248f51c2fab361f4baa13c54a3 /src/tests | |
| parent | e1522a568dac91499f5f2039ef978a0a4ceeb3b3 (diff) | |
| download | sssd-f15683b4b100351e24e305d25bd4785c79ac8f55.tar.gz sssd-f15683b4b100351e24e305d25bd4785c79ac8f55.tar.bz2 sssd-f15683b4b100351e24e305d25bd4785c79ac8f55.zip | |
Validate user supplied size of data items
Specially crafted packages might lead to an integer overflow and the
parsing of the input buffer might not continue as expected. This issue
was identified by Sebastian Krahmer <krahmer@suse.de>.
Diffstat (limited to 'src/tests')
| -rw-r--r-- | src/tests/util-tests.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/src/tests/util-tests.c b/src/tests/util-tests.c index cf96f0e3..a98b0c03 100644 --- a/src/tests/util-tests.c +++ b/src/tests/util-tests.c @@ -241,6 +241,19 @@ START_TEST(test_sss_filter_sanitize) } END_TEST +START_TEST(test_size_t_overflow) +{ + fail_unless(!SIZE_T_OVERFLOW(1, 1), "unexpected overflow"); + fail_unless(!SIZE_T_OVERFLOW(SIZE_T_MAX, 0), "unexpected overflow"); + fail_unless(!SIZE_T_OVERFLOW(SIZE_T_MAX-10, 10), "unexpected overflow"); + fail_unless(SIZE_T_OVERFLOW(SIZE_T_MAX, 1), "overflow not detected"); + fail_unless(SIZE_T_OVERFLOW(SIZE_T_MAX, SIZE_T_MAX), + "overflow not detected"); + fail_unless(SIZE_T_OVERFLOW(SIZE_T_MAX, ULLONG_MAX), + "overflow not detected"); + fail_unless(SIZE_T_OVERFLOW(SIZE_T_MAX, -10), "overflow not detected"); +} +END_TEST Suite *util_suite(void) { @@ -250,6 +263,7 @@ Suite *util_suite(void) tcase_add_test (tc_util, test_diff_string_lists); tcase_add_test (tc_util, test_sss_filter_sanitize); + tcase_add_test (tc_util, test_size_t_overflow); tcase_set_timeout(tc_util, 60); suite_add_tcase (s, tc_util); |