kc3-lang/angle/src/libANGLE/BinaryStream_unittest.cpp

• Show log

  Commit

• Hash : 61fea139
  Author :
  Date : 2015-12-07T14:20:02
  

  Protect against overflow in BinaryInputStream.
  
  BUG=angleproject:1112
  
  Change-Id: I6d58d9e0db97ec6c67661abd92b57f61f357d6b5
  Reviewed-on: https://chromium-review.googlesource.com/316640
  Reviewed-by: Geoff Lang <geofflang@chromium.org>
  Tested-by: Geoff Lang <geofflang@chromium.org>
  

Download

• src/libANGLE/BinaryStream_unittest.cpp

• //
  // Copyright (c) 2015 The ANGLE Project Authors. All rights reserved.
  // Use of this source code is governed by a BSD-style license that can be
  // found in the LICENSE file.
  //
  
  // BinaryStream_unittest.cpp: Unit tests of the binary stream classes.
  
  #include <gtest/gtest.h>
  
  #include "libANGLE/BinaryStream.h"
  
  namespace angle
  {
  
  // Test that errors are properly generated for overflows.
  TEST(BinaryInputStream, Overflow)
  {
      const uint8_t goodValue = 2;
      const uint8_t badValue = 255;
  
      const size_t dataSize = 1024;
      const size_t slopSize = 1024;
  
      std::vector<uint8_t> data(dataSize + slopSize);
      std::fill(data.begin(), data.begin() + dataSize, goodValue);
      std::fill(data.begin() + dataSize, data.end(), badValue);
  
      std::vector<uint8_t> outputData(dataSize);
  
      auto checkDataIsSafe = [=](uint8_t item)
      {
          return item == goodValue;
      };
  
      {
          // One large read
          gl::BinaryInputStream stream(data.data(), dataSize);
          stream.readBytes(outputData.data(), dataSize);
          ASSERT_FALSE(stream.error());
          ASSERT_TRUE(std::all_of(outputData.begin(), outputData.end(), checkDataIsSafe));
          ASSERT_TRUE(stream.endOfStream());
      }
  
      {
          // Two half-sized reads
          gl::BinaryInputStream stream(data.data(), dataSize);
          stream.readBytes(outputData.data(), dataSize / 2);
          ASSERT_FALSE(stream.error());
          stream.readBytes(outputData.data() + dataSize / 2, dataSize / 2);
          ASSERT_FALSE(stream.error());
          ASSERT_TRUE(std::all_of(outputData.begin(), outputData.end(), checkDataIsSafe));
          ASSERT_TRUE(stream.endOfStream());
      }
  
      {
          // One large read that is too big
          gl::BinaryInputStream stream(data.data(), dataSize);
          stream.readBytes(outputData.data(), dataSize + 1);
          ASSERT_TRUE(stream.error());
      }
  
      {
          // Two reads, one that overflows the offset
          gl::BinaryInputStream stream(data.data(), dataSize);
          stream.readBytes(outputData.data(), dataSize - 1);
          ASSERT_FALSE(stream.error());
          stream.readBytes(outputData.data(), std::numeric_limits<size_t>::max() - dataSize - 2);
      }
  }
  }
  

Download