apple/swift-nio-extras
1
0
Fork 0
mirror of https://github.com/apple/swift-nio-extras.git synced 2025-05-18 11:19:41 +08:00
Code Issues Packages Projects Releases Wiki Activity
7a7deecb80
swift-nio-extras/Tests/NIOExtrasTests/LengthFieldBasedFrameDecoderTest+XCTest.swift
David Nadoba de1c80ad1f
fix crash in LengthFieldBasedFrameDecoder for malicious length values () 
* fix crash in LengthFieldBasedFrameDecoder for malicious length values

Motivation:

LengthFieldBasedFrameDecoder will cause a fatal error if the length value does not fit into an `Int`.
This can happen if `lengthFieldLength` is set to `.eight` and we are on a 64 bit platform or if `lengthFieldLength` is set to `.four` and we are on a 32-bit platform.
If we then receive a length field value which is greater than `Int.max` the conversion from `UInt` to `Int` will cause a fatal error.
This could be abused to crash a server by only sending 4 or 8 bytes.

Modifications:

safely convert UInt64 & UInt32 to Int and throw an error if they can't be represented as an Int

Result:

- LengthFieldBasedFrameDecoder with lengthFieldLength set to `.eight` can no longer crash the server on a 64-bit platform
- LengthFieldBasedFrameDecoder with lengthFieldLength set to `.four` can no longer crash the server on a 32-bit platform

* use early exit instead of XCTSkipIf

* add support for `.eight` on 32-bit platforms

* limit frame length to `Int32.max`

* change test names

* throw correct error

* fix compilation for Swift 5.0 and add NIO prefix to error enum

* add test for maximum allowed length and one above the maximum allowed length

Signed-off-by: David Nadoba <dnadoba@gmail.com>

* run XCTest script

Signed-off-by: David Nadoba <dnadoba@gmail.com>

Co-authored-by: Johannes Weiss <johannesweiss@apple.com>
2021-02-18 12:37:41 +00:00

56 lines
3.1 KiB
Swift
Raw Blame History

//===----------------------------------------------------------------------===//
//
// This source file is part of the SwiftNIO open source project
//
// Copyright (c) 2017-2018 Apple Inc. and the SwiftNIO project authors
// Licensed under Apache License v2.0
//
// See LICENSE.txt for license information
// See CONTRIBUTORS.txt for the list of SwiftNIO project authors
//
// SPDX-License-Identifier: Apache-2.0
//
//===----------------------------------------------------------------------===//
//
// LengthFieldBasedFrameDecoderTest+XCTest.swift
//
import XCTest
///
/// NOTE: This file was generated by generate_linux_tests.rb
///
/// Do NOT edit this file directly as it will be regenerated automatically when needed.
///
extension LengthFieldBasedFrameDecoderTest {
static var allTests : [(String, (LengthFieldBasedFrameDecoderTest) -> () throws -> Void)] {
return [
("testReadUInt32From3Bytes", testReadUInt32From3Bytes),
("testReadAndWriteUInt32From3BytesBasicVerification", testReadAndWriteUInt32From3BytesBasicVerification),
("testDecodeWithUInt8HeaderWithData", testDecodeWithUInt8HeaderWithData),
("testDecodeWithUInt16HeaderWithString", testDecodeWithUInt16HeaderWithString),
("testDecodeWithUInt24HeaderWithString", testDecodeWithUInt24HeaderWithString),
("testDecodeWithUInt32HeaderWithString", testDecodeWithUInt32HeaderWithString),
("testDecodeWithUInt64HeaderWithString", testDecodeWithUInt64HeaderWithString),
("testDecodeWithInt64HeaderWithString", testDecodeWithInt64HeaderWithString),
("testDecodeWithInt64HeaderStringBigEndian", testDecodeWithInt64HeaderStringBigEndian),
("testDecodeWithInt64HeaderStringDefaultingToBigEndian", testDecodeWithInt64HeaderStringDefaultingToBigEndian),
("testDecodeWithUInt8HeaderTwoFrames", testDecodeWithUInt8HeaderTwoFrames),
("testDecodeWithUInt8HeaderFrameSplitIncomingData", testDecodeWithUInt8HeaderFrameSplitIncomingData),
("testEmptyBuffer", testEmptyBuffer),
("testDecodeWithUInt16HeaderWithPartialHeader", testDecodeWithUInt16HeaderWithPartialHeader),
("testDecodeWithUInt16HeaderWithPartialBody", testDecodeWithUInt16HeaderWithPartialBody),
("testRemoveHandlerWhenBufferIsEmpty", testRemoveHandlerWhenBufferIsEmpty),
("testRemoveHandlerWhenBufferIsNotEmpty", testRemoveHandlerWhenBufferIsNotEmpty),
("testCloseInChannelRead", testCloseInChannelRead),
("testBasicVerification", testBasicVerification),
("testMaximumAllowedLengthWith32BitFieldLength", testMaximumAllowedLengthWith32BitFieldLength),
("testMaliciousLengthWith32BitFieldLength", testMaliciousLengthWith32BitFieldLength),
("testMaximumAllowedLengthWith64BitFieldLength", testMaximumAllowedLengthWith64BitFieldLength),
("testMaliciousLengthWith64BitFieldLength", testMaliciousLengthWith64BitFieldLength),
]
}
}
Reference in New Issue View Git Blame Copy Permalink