Fully fix the input overflow bug and add a test case for it.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@861 185d5e19-27fe-0310-9dcf-9bff6b9f3609
This commit is contained in:
parent
bf92462945
commit
653950434c
|
@ -63,7 +63,6 @@ oath_uri_decode(const char *in, size_t ilen, char *out, size_t olen)
|
||||||
if (out != NULL && opos < olen - 1)
|
if (out != NULL && opos < olen - 1)
|
||||||
out[opos] = unhex(in[ipos + 1]) * 16 +
|
out[opos] = unhex(in[ipos + 1]) * 16 +
|
||||||
unhex(in[ipos + 2]);
|
unhex(in[ipos + 2]);
|
||||||
ilen += 2;
|
|
||||||
ipos += 2;
|
ipos += 2;
|
||||||
} else {
|
} else {
|
||||||
if (out != NULL && opos < olen - 1)
|
if (out != NULL && opos < olen - 1)
|
||||||
|
|
|
@ -54,16 +54,26 @@ struct t_case {
|
||||||
};
|
};
|
||||||
|
|
||||||
/* basic encoding / decoding */
|
/* basic encoding / decoding */
|
||||||
#define T_ENCODE4(d, i, il, o, ol) \
|
#define T_ENCODE6(d, i, il, o, ol) \
|
||||||
{ .func = oath_uri_encode, .desc = d, \
|
{ .func = oath_uri_encode, .desc = d, \
|
||||||
.in = i, .ilen = il, .out = o, .olen = ol }
|
.in = i, .ilen = il, .out = o, .olen = ol }
|
||||||
|
#define T_ENCODE5(d, i, il, o, ol) \
|
||||||
|
T_ENCODE6(d, i, il, o, ol)
|
||||||
|
#define T_ENCODE4(d, i, il, o) \
|
||||||
|
T_ENCODE5(d, i, il, o, sizeof o)
|
||||||
#define T_ENCODE(d, i, o) \
|
#define T_ENCODE(d, i, o) \
|
||||||
T_ENCODE4(d, i, sizeof(i) - 1, o, sizeof(o))
|
T_ENCODE4(d, i, sizeof i - 1, o)
|
||||||
#define T_DECODE4(d, i, il, o, ol) \
|
|
||||||
|
#define T_DECODE6(d, i, il, o, ol) \
|
||||||
{ .func = oath_uri_decode, .desc = d, \
|
{ .func = oath_uri_decode, .desc = d, \
|
||||||
.in = i, .ilen = il, .out = o, .olen = ol }
|
.in = i, .ilen = il, .out = o, .olen = ol }
|
||||||
|
#define T_DECODE5(d, i, il, o, ol) \
|
||||||
|
T_DECODE6(d, i, il, o, ol)
|
||||||
|
#define T_DECODE4(d, i, il, o) \
|
||||||
|
T_DECODE5(d, i, il, o, sizeof o)
|
||||||
#define T_DECODE(d, i, o) \
|
#define T_DECODE(d, i, o) \
|
||||||
T_DECODE4(d, i, sizeof(i) - 1, o, sizeof(o))
|
T_DECODE4(d, i, sizeof i - 1, o)
|
||||||
|
|
||||||
#define T_ENCDEC(d, i, o) \
|
#define T_ENCDEC(d, i, o) \
|
||||||
T_ENCODE(d " enc", i, o), T_DECODE(d " dec", o, i)
|
T_ENCODE(d " enc", i, o), T_DECODE(d " dec", o, i)
|
||||||
|
|
||||||
|
@ -77,6 +87,9 @@ static struct t_case t_cases[] = {
|
||||||
T_DECODE("suffix", "%20x", " x"),
|
T_DECODE("suffix", "%20x", " x"),
|
||||||
T_DECODE("surrounded", "x%20x", "x x"),
|
T_DECODE("surrounded", "x%20x", "x x"),
|
||||||
|
|
||||||
|
/* input overflow */
|
||||||
|
T_DECODE4("short", "%20xy", 4, " x"),
|
||||||
|
|
||||||
/* partials */
|
/* partials */
|
||||||
T_DECODE("partial, one", "%", "%"),
|
T_DECODE("partial, one", "%", "%"),
|
||||||
T_DECODE("partial, two", "%2", "%2"),
|
T_DECODE("partial, two", "%2", "%2"),
|
||||||
|
|
Loading…
Reference in New Issue