aboutsummaryrefslogtreecommitdiff
path: root/tests/unit/unit1655.c
diff options
context:
space:
mode:
Diffstat (limited to 'tests/unit/unit1655.c')
-rw-r--r--tests/unit/unit1655.c107
1 files changed, 55 insertions, 52 deletions
diff --git a/tests/unit/unit1655.c b/tests/unit/unit1655.c
index 60f43d7d6..7fea134d5 100644
--- a/tests/unit/unit1655.c
+++ b/tests/unit/unit1655.c
@@ -40,71 +40,74 @@ UNITTEST_START
* so we can prove this test would detect it and that it is properly fixed
*/
do {
-const char *bad = "this.is.a.hostname.where.each.individual.part.is.within."
- "the.sixtythree.character.limit.but.still.long.enough.to."
- "trigger.the.the.buffer.overflow......it.is.chosen.to.be."
- "of.a.length.such.that.it.causes.a.two.byte.buffer......."
- "overwrite.....making.it.longer.causes.doh.encode.to....."
- ".return.early.so.dont.change.its.length.xxxx.xxxxxxxxxxx"
- "..xxxxxx.....xx..........xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
- "xxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxxx..x......xxxx"
- "xxxx..xxxxxxxxxxxxxxxxxxx.x...xxxx.x.x.x...xxxxx";
+ const char *bad = "this.is.a.hostname.where.each.individual.part.is.within."
+ "the.sixtythree.character.limit.but.still.long.enough.to."
+ "trigger.the.the.buffer.overflow......it.is.chosen.to.be."
+ "of.a.length.such.that.it.causes.a.two.byte.buffer......."
+ "overwrite.....making.it.longer.causes.doh.encode.to....."
+ ".return.early.so.dont.change.its.length.xxxx.xxxxxxxxxxx"
+ "..xxxxxx.....xx..........xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
+ "xxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxxx..x......xxxx"
+ "xxxx..xxxxxxxxxxxxxxxxxxx.x...xxxx.x.x.x...xxxxx";
-/* plays the role of struct dnsprobe in urldata.h */
-struct demo {
+ /* plays the role of struct dnsprobe in urldata.h */
+ struct demo {
unsigned char dohbuffer[512];
unsigned char canary1;
unsigned char canary2;
unsigned char canary3;
-};
+ };
-size_t olen = 100000;
-struct demo victim;
-victim.canary1 = 87; /* magic numbers, arbritrarily picked */
-victim.canary2 = 35;
-victim.canary3 = 41;
-DOHcode d = doh_encode(bad, DNS_TYPE_A, victim.dohbuffer,
- sizeof(victim.dohbuffer), &olen);
-fail_unless(victim.canary1 == 87, "one byte buffer overwrite has happened");
-fail_unless(victim.canary2 == 35, "two byte buffer overwrite has happened");
-fail_unless(victim.canary3 == 41, "three byte buffer overwrite has happened");
-if(d == DOH_OK)
-{
- fail_unless(olen <= sizeof(victim.dohbuffer), "wrote outside bounds");
- fail_unless(olen > strlen(bad), "unrealistic low size");
-}
+ size_t olen = 100000;
+ struct demo victim;
+ DOHcode d;
+ victim.canary1 = 87; /* magic numbers, arbritrarily picked */
+ victim.canary2 = 35;
+ victim.canary3 = 41;
+ d = doh_encode(bad, DNS_TYPE_A, victim.dohbuffer,
+ sizeof(victim.dohbuffer), &olen);
+ fail_unless(victim.canary1 == 87, "one byte buffer overwrite has happened");
+ fail_unless(victim.canary2 == 35, "two byte buffer overwrite has happened");
+ fail_unless(victim.canary3 == 41,
+ "three byte buffer overwrite has happened");
+ if(d == DOH_OK) {
+ fail_unless(olen <= sizeof(victim.dohbuffer), "wrote outside bounds");
+ fail_unless(olen > strlen(bad), "unrealistic low size");
+ }
} while(0);
/* run normal cases and try to trigger buffer length related errors */
do {
-DNStype dnstype = DNS_TYPE_A;
-unsigned char buffer[128];
-const size_t buflen = sizeof(buffer);
-const size_t magic1 = 9765;
-size_t olen1 = magic1;
-const char *sunshine1 = "a.com";
-const char *sunshine2 = "aa.com";
+ DNStype dnstype = DNS_TYPE_A;
+ unsigned char buffer[128];
+ const size_t buflen = sizeof(buffer);
+ const size_t magic1 = 9765;
+ size_t olen1 = magic1;
+ const char *sunshine1 = "a.com";
+ const char *sunshine2 = "aa.com";
+ size_t olen2;
+ DOHcode ret2;
+ size_t olen;
-DOHcode ret = doh_encode(sunshine1, dnstype, buffer, buflen, &olen1);
-fail_unless(ret == DOH_OK, "sunshine case 1 should pass fine");
-fail_if(olen1 == magic1, "olen has not been assigned properly");
-fail_unless(olen1 > strlen(sunshine1), "bad out length");
+ DOHcode ret = doh_encode(sunshine1, dnstype, buffer, buflen, &olen1);
+ fail_unless(ret == DOH_OK, "sunshine case 1 should pass fine");
+ fail_if(olen1 == magic1, "olen has not been assigned properly");
+ fail_unless(olen1 > strlen(sunshine1), "bad out length");
-/* add one letter, the response should be one longer */
-size_t olen2 = magic1;
-DOHcode ret2 = doh_encode(sunshine2, dnstype, buffer, buflen, &olen2);
-fail_unless(ret2 == DOH_OK, "sunshine case 2 should pass fine");
-fail_if(olen2 == magic1, "olen has not been assigned properly");
-fail_unless(olen1 + 1 == olen2, "olen should grow with the hostname");
+ /* add one letter, the response should be one longer */
+ olen2 = magic1;
+ ret2 = doh_encode(sunshine2, dnstype, buffer, buflen, &olen2);
+ fail_unless(ret2 == DOH_OK, "sunshine case 2 should pass fine");
+ fail_if(olen2 == magic1, "olen has not been assigned properly");
+ fail_unless(olen1 + 1 == olen2, "olen should grow with the hostname");
-/* pass a short buffer, should fail */
-size_t olen;
-ret = doh_encode(sunshine1, dnstype, buffer, olen1 - 1, &olen);
-fail_if(ret == DOH_OK, "short buffer should have been noticed");
+ /* pass a short buffer, should fail */
+ ret = doh_encode(sunshine1, dnstype, buffer, olen1 - 1, &olen);
+ fail_if(ret == DOH_OK, "short buffer should have been noticed");
-/* pass a minimum buffer, should succeed */
-ret = doh_encode(sunshine1, dnstype, buffer, olen1, &olen);
-fail_unless(ret == DOH_OK, "minimal length buffer should be long enough");
-fail_unless(olen == olen1, "bad buffer length");
+ /* pass a minimum buffer, should succeed */
+ ret = doh_encode(sunshine1, dnstype, buffer, olen1, &olen);
+ fail_unless(ret == DOH_OK, "minimal length buffer should be long enough");
+ fail_unless(olen == olen1, "bad buffer length");
} while(0);
UNITTEST_STOP