Ignore:
Timestamp:
Sep 8, 2023, 12:46:55 AM (9 months ago)
Author:
Michael Brooks <mlbrooks@…>
Branches:
master
Children:
553f032f
Parents:
3ee8853
Message:

Fix cstring input length interpretation issue that had a buffer overflow case.

The cases added to the manipulatorsInput test are runnable against an old libcfa build. In this setup, the test fails with an illustration of the bug.

The testing in this commit drives the following inputs through a length-8 buffer.

  • 123456
  • 123456789

The obviously-missing cases, like 1234567, will be added later.
They will accompany fixes for further bugs not solved yet.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • tests/io/manipulatorsInput.cfa

    r3ee8853 r2fa0237  
    1515
    1616int main() {
     17        {
     18                // Upfront checks to ensure buffer safety.  Once these pass, the simpler `wdi(sizeof(s),s)`
     19                // usage, as in the scanf alignment cases below, is justified.
     20                struct {
     21                        char buf[8];
     22                        char canary;
     23                } data;
     24                static_assert( sizeof(data.buf) == 8 );
     25                static_assert( &data.buf[8] == &data.canary );  // canary comes right after buf
     26
     27                void rep(const char* casename) {
     28                        data.canary = 42;
     29                        bool caught = false;
     30                        try {
     31                                sin | wdi( sizeof(data.buf), data.buf );
     32                        } catch (cstring_length*) {
     33                                caught = true;
     34                        }
     35                        printf( "%s \"%s\"", casename, data.buf );
     36                        if ( caught ) {
     37                                printf(", exception occurred");
     38                        }
     39                        if ( data.canary == 42 ) {
     40                                printf(", canary ok");
     41                        } else {
     42                                printf(", canary overwritten to %d", data.canary);
     43                        }
     44                        printf("\n");
     45                }
     46
     47                rep("pre1");
     48                rep("pre2a");
     49                rep("pre2b");
     50                scanf("\n");  // next test does not start with %s so does not tolerate leading whitespace
     51        }
    1752        {
    1853                char s[] = "yyyyyyyyyyyyyyyyyyyy";
Note: See TracChangeset for help on using the changeset viewer.