diff options
| author | Denis Kenzior <denkenz@gmail.com> | 2017-09-29 15:44:15 -0500 |
|---|---|---|
| committer | Denis Kenzior <denkenz@gmail.com> | 2017-10-05 11:08:38 -0500 |
| commit | 5f6a0147ba73855bc9d990e19a2e234f12acc9a7 (patch) | |
| tree | 5c65cb98f4888998f0b0ce2a9a05f499aca5dec4 | |
| parent | 0ce051f8905874dad2d151091fdf02be57586768 (diff) | |
| download | ofono-5f6a0147ba73855bc9d990e19a2e234f12acc9a7.tar.gz | |
unit: Add phonebook read build test
| -rw-r--r-- | drivers/mbimmodem/mbim-message.c | 35 | ||||
| -rw-r--r-- | unit/test-mbim.c | 20 |
2 files changed, 50 insertions, 5 deletions
diff --git a/drivers/mbimmodem/mbim-message.c b/drivers/mbimmodem/mbim-message.c index fd8c5f08..25cb45b6 100644 --- a/drivers/mbimmodem/mbim-message.c +++ b/drivers/mbimmodem/mbim-message.c @@ -31,6 +31,7 @@ #include "mbim-message.h" #include "mbim-private.h" +#define MAX_NESTING 2 /* a(uss) */ #define HEADER_SIZE (sizeof(struct mbim_message_header) + \ sizeof(struct mbim_fragment_header)) @@ -410,7 +411,7 @@ static bool message_iter_next_entry_valist(struct mbim_message_iter *orig, const char *end; uint32_t *out_n_elem; struct mbim_message_iter *sub_iter; - struct mbim_message_iter stack[2]; + struct mbim_message_iter stack[MAX_NESTING]; unsigned int indent = 0; void *arg; @@ -459,6 +460,9 @@ static bool message_iter_next_entry_valist(struct mbim_message_iter *orig, signature += 1; indent += 1; + if (unlikely(indent > MAX_NESTING)) + return false; + if (!_iter_enter_struct(iter, &stack[indent - 1])) return false; @@ -466,6 +470,9 @@ static bool message_iter_next_entry_valist(struct mbim_message_iter *orig, break; case ')': + if (unlikely(indent == 0)) + return false; + signature += 1; indent -= 1; @@ -719,7 +726,7 @@ struct container { size_t obuf_size; size_t obuf_pos; char container_type; - char signature[256]; + char signature[64]; uint8_t sigindex; uint32_t base_offset; uint32_t array_start; @@ -748,7 +755,7 @@ static void container_update_offsets(struct container *container) struct mbim_message_builder { struct mbim_message *message; - struct container stack[3]; + struct container stack[MAX_NESTING + 1]; uint32_t index; }; @@ -945,6 +952,9 @@ bool mbim_message_builder_enter_struct(struct mbim_message_builder *builder, { struct container *container; + if (strlen(signature) > sizeof(((struct container *) 0)->signature) - 1) + return false; + if (builder->index == L_ARRAY_SIZE(builder->stack) - 1) return false; @@ -1015,6 +1025,9 @@ bool mbim_message_builder_enter_array(struct mbim_message_builder *builder, struct container *parent; struct container *container; + if (strlen(signature) > sizeof(((struct container *) 0)->signature) - 1) + return false; + if (builder->index == L_ARRAY_SIZE(builder->stack) - 1) return false; @@ -1116,16 +1129,19 @@ static bool append_arguments(struct mbim_message *message, const char *signature, va_list args) { struct mbim_message_builder *builder; - char subsig[256]; + char subsig[64]; const char *sigend; struct { char type; const char *sig_start; const char *sig_end; unsigned int n_items; - } stack[4]; + } stack[MAX_NESTING + 1]; unsigned int stack_index = 0; + if (strlen(signature) > sizeof(subsig) - 1) + return false; + builder = mbim_message_builder_new(message); stack[stack_index].type = CONTAINER_TYPE_STRUCT; @@ -1146,6 +1162,9 @@ static bool append_arguments(struct mbim_message *message, stack[stack_index].sig_end) { bool r = false; + if (stack_index == 0) + goto error; + if (stack[stack_index].type == CONTAINER_TYPE_ARRAY) r = mbim_message_builder_leave_array(builder); if (stack[stack_index].type == CONTAINER_TYPE_STRUCT) @@ -1201,6 +1220,9 @@ static bool append_arguments(struct mbim_message *message, break; } case '(': + if (stack_index == MAX_NESTING) + goto error; + sigend = _signature_end(s); memcpy(subsig, s + 1, sigend - s - 1); subsig[sigend - s - 1] = '\0'; @@ -1220,6 +1242,9 @@ static bool append_arguments(struct mbim_message *message, break; case 'a': + if (stack_index == MAX_NESTING) + goto error; + sigend = _signature_end(s + 1) + 1; memcpy(subsig, s + 1, sigend - s - 1); subsig[sigend - s - 1] = '\0'; diff --git a/unit/test-mbim.c b/unit/test-mbim.c index 5f681fe8..cb5be3b0 100644 --- a/unit/test-mbim.c +++ b/unit/test-mbim.c @@ -368,6 +368,24 @@ static void parse_phonebook_read(const void *data) mbim_message_unref(msg); } +static void build_phonebook_read(const void *data) +{ + const struct message_data *msg_data = data; + bool r; + struct mbim_message *message; + + message = _mbim_message_new_command_done(mbim_uuid_phonebook, 2, 0); + assert(message); + + r = mbim_message_set_arguments(message, "a(uss)", 1, + 3, "921123456", "TS"); + assert(r); + + _mbim_message_set_tid(message, msg_data->tid); + assert(check_message(message, msg_data)); + mbim_message_unref(message); +} + int main(int argc, char *argv[]) { l_test_init(&argc, &argv); @@ -386,6 +404,8 @@ int main(int argc, char *argv[]) l_test_add("Phonebook Read (parse)", parse_phonebook_read, &message_data_phonebook_read); + l_test_add("Phonebook Read (build)", build_phonebook_read, + &message_data_phonebook_read); return l_test_run(); } |