thodg/libgit2/tests/core/strtol.c

• Show log

  Commit

• Hash : 50d09407
  Author :
  Date : 2018-10-29T18:05:27
  

  strntol: fix detection and skipping of base prefixes
  
  The `git__strntol` family of functions has the ability to auto-detect
  a number's base if the string has either the common '0x' prefix for
  hexadecimal numbers or '0' prefix for octal numbers. The detection of
  such prefixes and following handling has two major issues though that are
  being fixed in one go now.
  
  - We do not do any bounds checking previous to verifying the '0x' base.
    While we do verify that there is at least one digit available
    previously, we fail to verify that there are two digits available and
    thus may do an out-of-bounds read when parsing this
    two-character-prefix.
  
  - When skipping the prefix of such numbers, we only update the pointer
    length without also updating the number of remaining bytes. Thus if we
    try to parse a number '0x1' of total length 3, we will first skip the
    first two bytes and then try to read 3 bytes starting at '1'.
  
  Fix both issues by disentangling the logic. Instead of doing the
  detection and skipping of such prefixes in one go, we will now first try
  to detect the base while also honoring how many bytes are left. Only if
  we have a valid base that is either 8 or 16 and have one of the known
  prefixes, we will now advance the pointer and update the remaining bytes
  in one step.
  
  Add some tests that verify that no out-of-bounds parsing happens and
  that autodetection works as advertised.
  

Download

• tests/core/strtol.c

• #include "clar_libgit2.h"
  
  static void assert_l32_parses(const char *string, int32_t expected, int base)
  {
  	int32_t i;
  	cl_git_pass(git__strntol32(&i, string, strlen(string), NULL, base));
  	cl_assert_equal_i(i, expected);
  }
  
  static void assert_l32_fails(const char *string, int base)
  {
  	int32_t i;
  	cl_git_fail(git__strntol32(&i, string, strlen(string), NULL, base));
  }
  
  static void assert_l64_parses(const char *string, int64_t expected, int base)
  {
  	int64_t i;
  	cl_git_pass(git__strntol64(&i, string, strlen(string), NULL, base));
  	cl_assert_equal_i(i, expected);
  }
  
  static void assert_l64_fails(const char *string, int base)
  {
  	int64_t i;
  	cl_git_fail(git__strntol64(&i, string, strlen(string), NULL, base));
  }
  
  void test_core_strtol__int32(void)
  {
  	assert_l32_parses("123", 123, 10);
  	assert_l32_parses("  +123 ", 123, 10);
  	assert_l32_parses("  +2147483647 ", 2147483647, 10);
  	assert_l32_parses("  -2147483648 ", -2147483648LL, 10);
  	assert_l32_parses("A", 10, 16);
  	assert_l32_parses("1x1", 1, 10);
  
  	assert_l32_fails("", 10);
  	assert_l32_fails("a", 10);
  	assert_l32_fails("x10x", 10);
  	assert_l32_fails("  2147483657 ", 10);
  	assert_l32_fails("  -2147483657 ", 10);
  }
  
  void test_core_strtol__int64(void)
  {
  	assert_l64_parses("123", 123, 10);
  	assert_l64_parses("  +123 ", 123, 10);
  	assert_l64_parses("  +2147483647 ", 2147483647, 10);
  	assert_l64_parses("  -2147483648 ", -2147483648LL, 10);
  	assert_l64_parses("  2147483657 ", 2147483657LL, 10);
  	assert_l64_parses("  -2147483657 ", -2147483657LL, 10);
  	assert_l64_parses(" 9223372036854775807  ", INT64_MAX, 10);
  	assert_l64_parses("   -9223372036854775808  ", INT64_MIN, 10);
  	assert_l64_parses("   0x7fffffffffffffff  ", INT64_MAX, 16);
  	assert_l64_parses("   -0x8000000000000000   ", INT64_MIN, 16);
  	assert_l64_parses("1a", 26, 16);
  	assert_l64_parses("1A", 26, 16);
  
  	assert_l64_fails("", 10);
  	assert_l64_fails("a", 10);
  	assert_l64_fails("x10x", 10);
  	assert_l64_fails("0x8000000000000000", 16);
  	assert_l64_fails("-0x8000000000000001", 16);
  }
  
  void test_core_strtol__base_autodetection(void)
  {
  	assert_l64_parses("0", 0, 0);
  	assert_l64_parses("00", 0, 0);
  	assert_l64_parses("0x", 0, 0);
  	assert_l64_parses("0foobar", 0, 0);
  	assert_l64_parses("07", 7, 0);
  	assert_l64_parses("017", 15, 0);
  	assert_l64_parses("0x8", 8, 0);
  	assert_l64_parses("0x18", 24, 0);
  }
  
  void test_core_strtol__buffer_length_with_autodetection_truncates(void)
  {
  	int64_t i64;
  
  	cl_git_pass(git__strntol64(&i64, "011", 2, NULL, 0));
  	cl_assert_equal_i(i64, 1);
  	cl_git_pass(git__strntol64(&i64, "0x11", 3, NULL, 0));
  	cl_assert_equal_i(i64, 1);
  }
  
  void test_core_strtol__buffer_length_truncates(void)
  {
  	int32_t i32;
  	int64_t i64;
  
  	cl_git_pass(git__strntol32(&i32, "11", 1, NULL, 10));
  	cl_assert_equal_i(i32, 1);
  
  	cl_git_pass(git__strntol64(&i64, "11", 1, NULL, 10));
  	cl_assert_equal_i(i64, 1);
  }
  
  void test_core_strtol__buffer_length_with_leading_ws_truncates(void)
  {
  	int64_t i64;
  
  	cl_git_fail(git__strntol64(&i64, " 1", 1, NULL, 10));
  
  	cl_git_pass(git__strntol64(&i64, " 11", 2, NULL, 10));
  	cl_assert_equal_i(i64, 1);
  }
  
  void test_core_strtol__error_message_cuts_off(void)
  {
  	assert_l32_fails("2147483657foobar", 10);
  	cl_assert(strstr(giterr_last()->message, "2147483657") != NULL);
  	cl_assert(strstr(giterr_last()->message, "foobar") == NULL);
  }
  

Download