diff options
author | teor <teor2345@gmail.com> | 2017-02-19 22:46:42 +1100 |
---|---|---|
committer | teor <teor2345@gmail.com> | 2017-02-19 22:46:42 +1100 |
commit | 6d0b1a89971e1ee104ab758cb6aabeab70a7ffd9 (patch) | |
tree | 3e184629a62fe331d8c42957090914a3cf53948b /src/test/test_dir.c | |
parent | b3e139581ba7918668bd32bd7ef64a16eff2b9d2 (diff) | |
download | tor-6d0b1a89971e1ee104ab758cb6aabeab70a7ffd9.tar.gz tor-6d0b1a89971e1ee104ab758cb6aabeab70a7ffd9.zip |
Add unit tests that ensure out of range versions are rejected
Unit tests for #21278.
Part of #21470.
Diffstat (limited to 'src/test/test_dir.c')
-rw-r--r-- | src/test/test_dir.c | 43 |
1 files changed, 42 insertions, 1 deletions
diff --git a/src/test/test_dir.c b/src/test/test_dir.c index d72977df60..d3ec9beaa8 100644 --- a/src/test/test_dir.c +++ b/src/test/test_dir.c @@ -1119,6 +1119,10 @@ test_dir_versions(void *arg) tt_str_op("", OP_EQ, ver1.status_tag); tt_int_op(-1, OP_EQ, tor_version_parse("0.2147483648.0", &ver1)); tt_int_op(-1, OP_EQ, tor_version_parse("0.4294967295.0", &ver1)); + /* In #21278, we reject negative version components */ + tt_int_op(-1, OP_EQ, tor_version_parse("0.-1.0", &ver1)); + tt_int_op(-1, OP_EQ, tor_version_parse("0.-2147483648.0", &ver1)); + tt_int_op(-1, OP_EQ, tor_version_parse("0.-4294967295.0", &ver1)); #define tt_versionstatus_op(vs1, op, vs2) \ tt_assert_test_type(vs1,vs2,#vs1" "#op" "#vs2,version_status_t, \ @@ -1204,6 +1208,43 @@ test_dir_versions(void *arg) tt_int_op(0,OP_EQ, tor_version_as_new_as( "Tor 0.2.9.9 (git-00)", "Tor 0.2.9.9 (git-01)")); + /* In #21278, we comapre without integer overflows. + * But since #21450 limits version components to [0, INT32_MAX], it is no + * longer possible to cause an integer overflow in tor_version_compare() */ + tt_int_op(0,OP_EQ, tor_version_as_new_as( + "Tor 0.0.0.0", + "Tor 2147483647.0.0.0")); + tt_int_op(1,OP_EQ, tor_version_as_new_as( + "Tor 2147483647.0.0.0", + "Tor 0.0.0.0")); + /* These versions used to cause an overflow, now they don't parse + * (and authorities reject their descriptors), and log a BUG message */ + setup_full_capture_of_logs(LOG_WARN); + tt_int_op(0,OP_EQ, tor_version_as_new_as( + "Tor 0.0.0.0", + "Tor 0.-2147483648.0.0")); + expect_single_log_msg_containing("unparseable"); + mock_clean_saved_logs(); + tt_int_op(0,OP_EQ, tor_version_as_new_as( + "Tor 0.2147483647.0.0", + "Tor 0.-1.0.0")); + expect_single_log_msg_containing("unparseable"); + mock_clean_saved_logs(); + tt_int_op(0,OP_EQ, tor_version_as_new_as( + "Tor 0.2147483647.0.0", + "Tor 0.-2147483648.0.0")); + expect_single_log_msg_containing("unparseable"); + mock_clean_saved_logs(); + tt_int_op(1,OP_EQ, tor_version_as_new_as( + "Tor 4294967295.0.0.0", + "Tor 0.0.0.0")); + expect_no_log_entry(); + tt_int_op(0,OP_EQ, tor_version_as_new_as( + "Tor 0.4294967295.0.0", + "Tor 0.-4294967295.0.0")); + expect_single_log_msg_containing("unparseable"); + mock_clean_saved_logs(); + teardown_capture_of_logs(); /* Now try git revisions */ tt_int_op(0,OP_EQ, tor_version_parse("0.5.6.7 (git-ff00ff)", &ver1)); @@ -1230,7 +1271,7 @@ test_dir_versions(void *arg) "0.5.6.7 (git-000102030405060708090a0b0c0d0e0f1011121314)", &ver1)); done: - ; + teardown_capture_of_logs(); } /** Run unit tests for directory fp_pair functions. */ |