Skip to content

Commit

Permalink
test rewrite add and supplement
Browse files Browse the repository at this point in the history
-fix attribute size bounds check
  • Loading branch information
Fabian Mauchle committed Feb 5, 2019
1 parent d6c3354 commit de19682
Show file tree
Hide file tree
Showing 2 changed files with 106 additions and 3 deletions.
4 changes: 2 additions & 2 deletions radmsg.c
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ struct radmsg *radmsg_init(uint8_t code, uint8_t id, uint8_t *auth) {
int radmsg_add(struct radmsg *msg, struct tlv *attr) {
if (!msg || !msg->attrs)
return 1;
if (!attr)
if (!attr || attr->l > RAD_Max_Attr_Value_Length)
return 0;
return list_push(msg->attrs, attr);
}
Expand Down Expand Up @@ -389,7 +389,7 @@ struct tlv *makevendortlv(uint32_t vendor, struct tlv *attr){
struct tlv *newtlv = NULL;
uint8_t l, *v;

if (!attr)
if (!attr || attr->l > (RAD_Max_Attr_Value_Length - 6))
return NULL;
l = attr->l + 2 + 4;
v = malloc(l);
Expand Down
105 changes: 104 additions & 1 deletion tests/t_rewrite.c
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ void _reset_rewrite(struct rewrite *rewrite) {
int
main (int argc, char *argv[])
{
int testcount = 6;
int testcount = 12;
struct list *origattrs, *expectedattrs;
struct rewrite rewrite;
char *username = "user@realm";
Expand Down Expand Up @@ -193,6 +193,109 @@ main (int argc, char *argv[])
_reset_rewrite(&rewrite);
}

/* test simple add */
{
char *value = "hello world";

list_push(rewrite.addattrs, maketlv(1, sizeof(value), value));
list_push(expectedattrs, maketlv(1,sizeof(value), value));

if (_check_rewrite(origattrs, &rewrite, expectedattrs, 0))
printf("not ");
printf("ok %d - addattribute simple\n", testcount++);

_list_clear(origattrs);
_list_clear(expectedattrs);
_reset_rewrite(&rewrite);
}

/* test add with existing attributes*/
{
char *value = "hello world";
uint8_t value2 = 42;

list_push(rewrite.addattrs, maketlv(1, sizeof(value), value));
list_push(origattrs, maketlv(2, sizeof(value), value));
list_push(origattrs, maketlv(1, 1, &value2));

list_push(expectedattrs, maketlv(2,sizeof(value), value));
list_push(expectedattrs, maketlv(1,1, &value2));
list_push(expectedattrs, maketlv(1,sizeof(value), value));

if (_check_rewrite(origattrs, &rewrite, expectedattrs, 0))
printf("not ");
printf("ok %d - addattribute with existing attributes\n", testcount++);

_list_clear(origattrs);
_list_clear(expectedattrs);
_reset_rewrite(&rewrite);
}

/* test add null*/
{
list_push(rewrite.addattrs, maketlv(1, 0, NULL));
list_push(expectedattrs, maketlv(1,0, NULL));

if (_check_rewrite(origattrs, &rewrite, expectedattrs, 0))
printf("not ");
printf("ok %d - addattribute null\n", testcount++);

_list_clear(origattrs);
_list_clear(expectedattrs);
_reset_rewrite(&rewrite);
}

/* test add too big*/
{
uint8_t *value = malloc(254);
memset(value, 0, 254);

list_push(rewrite.addattrs, maketlv(1, 254, value));

if (_check_rewrite(origattrs, &rewrite, expectedattrs, 1))
printf("not ");
printf("ok %d - addattribute too big\n", testcount++);

free(value);
_list_clear(origattrs);
_list_clear(expectedattrs);
_reset_rewrite(&rewrite);
}

/* test supplement non-existing*/
{
char *value = "hello world";

list_push(rewrite.supattrs, maketlv(1, sizeof(value), value));
list_push(expectedattrs, maketlv(1,sizeof(value), value));

if (_check_rewrite(origattrs, &rewrite, expectedattrs, 0))
printf("not ");
printf("ok %d - suppattrs non existing\n", testcount++);

_list_clear(origattrs);
_list_clear(expectedattrs);
_reset_rewrite(&rewrite);
}

/* test supplement existing*/
{
char *value = "hello world";
char *value2 = "hello radsec";

list_push(rewrite.supattrs, maketlv(1, sizeof(value2), value2));
list_push(origattrs, maketlv(1,sizeof(value), value));
list_push(expectedattrs, maketlv(1,sizeof(value), value));

if (_check_rewrite(origattrs, &rewrite, expectedattrs, 0))
printf("not ");
printf("ok %d - suppattrs existing\n", testcount++);

_list_clear(origattrs);
_list_clear(expectedattrs);
_reset_rewrite(&rewrite);
}




Expand Down

0 comments on commit de19682

Please sign in to comment.