Ticket28755 v2: K=V parsing with fuzzer #577
Closed
Conversation
Closes ticket 28755
encoding and decoding. There are bunches of places where we don't want to invest in a full fuzzer, but we would like to make sure that some string operation can handle all its possible inputs. This fuzzer uses the first byte of its input to decide what to do with the rest of the input. Right now, all the possibilities are decoding a string, and seeing whether it is decodeable. If it is, we try to re-encode it and do the whole thing again, to make sure we get the same result. This turned up a lot of bugs in the key-value parser, and I think it will help in other cases too. Closes ticket 28808.
Pull Request Test Coverage Report for Build 3275
|
dgoulet-tor
reviewed
Dec 11, 2018
src/lib/encoding/kvline.c
Outdated
| #include <stddef.h> | ||
| #include <string.h> | ||
|
|
||
| #include <stdio.h>//XXXX |
rm that :)
src/lib/encoding/kvline.c
Outdated
| v = line->value; | ||
| } | ||
|
|
||
| //printf(" <%s!%s!%s>::\n", k,eq,v);//XXXX |
Leftovers
src/lib/encoding/kvline.c
Outdated
|
|
||
| char *result = smartlist_join_strings(elements, " ", 0, NULL); | ||
|
|
||
| //printf("::%s::\n", result);//XXXX |
Leftovers
| * allocated list of pairs on success, or NULL on failure. | ||
| * | ||
| * If KV_QUOTED is set in <b>flags</b>, then quoted values are | ||
| * allowed. Otherwise, such values are not allowed. |
The single quote is not parsed so KV_QUOTED implies double quotes. Is the term "Quoted" usually implies only double quotes?
That's right; I've added a clarifying comment
|
|
||
| lines = kvline_parse("A\"B=C CDE=\"F\" \"GHI\" ", KV_QUOTED|KV_OMIT_KEYS); | ||
| tt_assert(! lines); | ||
|
|
So I've tried this and the first one works but the second one fails where I indicated. I'm guessing "AB=" should be allowed meaning an empty value?
lines = kvline_parse("AB=", KV_QUOTED);
tt_assert(lines);
tt_str_op(lines->key, OP_EQ, "AB");
tt_str_op(lines->value, OP_EQ, "");
lines = kvline_parse("AB=", 0);
tt_assert(lines); <--- FAILURE IS HERE
tt_str_op(lines->key, OP_EQ, "AB");
tt_str_op(lines->value, OP_EQ, "");
src/lib/encoding/kvline.h
Outdated
| #ifndef TOR_KVLINE_H | ||
| #define TOR_KVLINE_H | ||
|
|
||
| struct smartlist_t; |
Don't think this is needed in the header.
Clarify KV_QUOTED
Remove unneeded smartlist_t
Allow empty values when a key is present, but not otherwise. With test from dgoulet.
Remove debugging printfs and stdio include
Fix memory leak in new unit test.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
No description provided.
The text was updated successfully, but these errors were encountered: