sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-01 04:58:35 +03:00
Code

torture: talloc_string_sub tests for utf-8 brevity

Browse Source 
If we allow overly long UTF-8 sequences (in the tests, encoding '\0'
as 2, 3, or 4 bytes), it might be possible for bad strings to slip
through.

We fail. But wait for the next commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14684

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra@samba.org>
This commit is contained in:
Douglas Bagnall 2021-06-16 17:35:19 +12:00 committed by Jeremy Allison
parent 1c3821c9f9
commit 50047588c0
2 changed files with 59 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
lib/util/tests/str.c
View File

@ -91,6 +91,52 @@ static bool test_talloc_string_sub_multiple(struct torture_context *tctx)
return true;
}
/*
* with these next three tests, the failure is that the pattern looks like
* "+++" because the \x.. bytes encode a zero byte in UTF-8. If we are not
* careful with these strings we will see crashes instead of failures.
*/
static bool test_talloc_string_sub_tricky_utf8_4(struct torture_context *tctx)
{
const char string[] = "++++--\xD8\xBB";
const char pattern[] = "+++\xF0\x80\x80\x80++";
const char replace[] = "...";
char *t = talloc_string_sub(tctx, string, pattern, replace);
torture_assert_str_equal(tctx, t, string,
"should reject 4 byte NUL char");
talloc_free(t);
return true;
}
static bool test_talloc_string_sub_tricky_utf8_3(struct torture_context *tctx)
{
const char string[] = "++++--\xD8\xBB";
const char pattern[] = "+++\xE0\x80\x80++";
const char replace[] = "...";
char *t = talloc_string_sub(tctx, string, pattern, replace);
torture_assert_str_equal(tctx, t, string,
"should reject 3 byte NUL char");
talloc_free(t);
return true;
}
static bool test_talloc_string_sub_tricky_utf8_2(struct torture_context *tctx)
{
const char string[] = "++++--\xD8\xBB";
const char pattern[] = "+++\xC0\x80++";
const char replace[] = "...";
char *t = talloc_string_sub(tctx, string, pattern, replace);
torture_assert_str_equal(tctx, t, string,
"should reject 2 byte NUL char");
talloc_free(t);
return true;
}
struct torture_suite *torture_local_util_str(TALLOC_CTX *mem_ctx)
@ -118,5 +164,17 @@ struct torture_suite *torture_local_util_str(TALLOC_CTX *mem_ctx)
torture_suite_add_simple_test(suite, "string_sub_talloc_multiple",
test_talloc_string_sub_multiple);
torture_suite_add_simple_test(suite,
"test_talloc_string_sub_tricky_utf8_4",
test_talloc_string_sub_tricky_utf8_4);
torture_suite_add_simple_test(suite,
"test_talloc_string_sub_tricky_utf8_3",
test_talloc_string_sub_tricky_utf8_3);
torture_suite_add_simple_test(suite,
"test_talloc_string_sub_tricky_utf8_2",
test_talloc_string_sub_tricky_utf8_2);
return suite;
}

1
selftest/knownfail.d/str-utf8 Normal file
View File

@ -0,0 +1 @@
^samba4.local.str.+utf8_[234]