Skip to content
Permalink
Browse files Browse the repository at this point in the history
Merge pull request #15945 from nmeum/pr/clif_get_attr_bounds
clif: After incrementing pos, make sure it is still in bounds
  • Loading branch information
leandrolanzieri committed Feb 10, 2021
2 parents 1db4800 + 767e700 commit 609c9ad
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 2 deletions.
5 changes: 4 additions & 1 deletion sys/clif/clif.c
Expand Up @@ -278,7 +278,10 @@ ssize_t clif_get_attr(const char *input, size_t input_len, clif_attr_t *attr)
attr->key_len = pos - attr->key;
/* check if the value is quoted and prepare pointer for value scan */
pos++;
if (*pos == '"') {
if (pos == end) {
break;
}
else if (*pos == '"') {
quoted = true;
pos++;
}
Expand Down
14 changes: 13 additions & 1 deletion tests/unittests/tests-clif/tests-clif.c
Expand Up @@ -274,11 +274,23 @@ static void test_clif_decode_links(void)
TEST_ASSERT_EQUAL_INT(exp_attrs_numof, attrs_numof);
}

static void test_clif_get_attr_missing_value(void)
{
clif_attr_t attr;
char *input = ";ct=";

/* Used to result in a spatial memory safety violation.
* See: https://github.com/RIOT-OS/RIOT/pull/15945 */
int r = clif_get_attr(input, strlen(input), &attr);
TEST_ASSERT_EQUAL_INT(strlen(input), r);
}

Test *tests_clif_tests(void)
{
EMB_UNIT_TESTFIXTURES(fixtures) {
new_TestFixture(test_clif_encode_links),
new_TestFixture(test_clif_decode_links)
new_TestFixture(test_clif_decode_links),
new_TestFixture(test_clif_get_attr_missing_value),
};

EMB_UNIT_TESTCALLER(clif_tests, NULL, NULL, fixtures);
Expand Down

0 comments on commit 609c9ad

Please sign in to comment.