Commit 826cd6f

sbvoxelAlanscut

authored and

committed

Add test for heap buffer overflow

1 parent 98f9eb0 commit 826cd6fCopy full SHA for 826cd6f

File tree

+28

-0

lines changed

+28

-0

lines changed

Lines changed: 28 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -250,6 +250,33 @@ static void test14_should_not_be_parsed(void)`
`250`	`250`	`}`
`251`	`251`	`}`
`252`	`252`
	`253`	`+/* Address Sanitizer */`
	`254`	`+static void test15_should_not_heap_buffer_overflow(void)`
	`255`	`+{`
	`256`	`+ const char *strings[] = {`
	`257`	`+ "{\"1\":1,",`
	`258`	`+ "{\"1\":1, ",`
	`259`	`+ };`
	`260`	`+`
	`261`	`+ size_t i;`
	`262`	`+`
	`263`	`+ for (i = 0; i < sizeof(strings) / sizeof(strings[0]); i+=1)`
	`264`	`+ {`
	`265`	`+ const char *json_string = strings[i];`
	`266`	`+ size_t len = strlen(json_string);`
	`267`	`+ cJSON *json = NULL;`
	`268`	`+`
	`269`	`+ char exact_size_heap = (char)malloc(len);`
	`270`	`+ TEST_ASSERT_NOT_NULL(exact_size_heap);`
	`271`	`+`
	`272`	`+ memcpy(exact_size_heap, json_string, len);`
	`273`	`+ json = cJSON_ParseWithLength(exact_size_heap, len);`
	`274`	`+`
	`275`	`+ cJSON_Delete(json);`
	`276`	`+ free(exact_size_heap);`
	`277`	`+ }`
	`278`	`+}`
	`279`	`+`
`253`	`280`	`int CJSON_CDECL main(void)`
`254`	`281`	`{`
`255`	`282`	`UNITY_BEGIN();`
`@@ -267,5 +294,6 @@ int CJSON_CDECL main(void)`
`267`	`294`	`RUN_TEST(test12_should_not_be_parsed);`
`268`	`295`	`RUN_TEST(test13_should_be_parsed_without_null_termination);`
`269`	`296`	`RUN_TEST(test14_should_not_be_parsed);`
	`297`	`+ RUN_TEST(test15_should_not_heap_buffer_overflow);`
`270`	`298`	`return UNITY_END();`
`271`	`299`	`}`

Comments

(0)