mirror of
https://github.com/luanti-org/luanti.git
synced 2025-06-27 16:36:03 +00:00
Add limit parameter to decompressZlib
This can prevent untrusted data, such as sent over the network, from consuming all memory with a specially crafted payload.
This commit is contained in:
Ben Deutsch
sfan5
parent
1116918dbb
commit
2b3490db1f
3 changed files with 81 additions and 4 deletions
|
|
@ -37,6 +37,8 @@ public:
|
|||
void testRLECompression();
|
||||
void testZlibCompression();
|
||||
void testZlibLargeData();
|
||||
void testZlibLimit();
|
||||
void _testZlibLimit(u32 size, u32 limit);
|
||||
};
|
||||
|
||||
static TestCompression g_test_instance;
|
||||
|
|
@ -46,6 +48,7 @@ void TestCompression::runTests(IGameDef *gamedef)
|
|||
TEST(testRLECompression);
|
||||
TEST(testZlibCompression);
|
||||
TEST(testZlibLargeData);
|
||||
TEST(testZlibLimit);
|
||||
}
|
||||
|
||||
////////////////////////////////////////////////////////////////////////////////
|
||||
|
|
@ -170,3 +173,63 @@ void TestCompression::testZlibLargeData()
|
|||
i, str_decompressed[i], i, data_in[i]);
|
||||
}
|
||||
}
|
||||
|
||||
void TestCompression::testZlibLimit()
|
||||
{
|
||||
// edge cases
|
||||
_testZlibLimit(1024, 1023);
|
||||
_testZlibLimit(1024, 1024);
|
||||
_testZlibLimit(1024, 1025);
|
||||
|
||||
// test around buffer borders
|
||||
u32 bufsize = 16384; // as in implementation
|
||||
for (int s = -1; s <= 1; s++)
|
||||
{
|
||||
for (int l = -1; l <= 1; l++)
|
||||
{
|
||||
_testZlibLimit(bufsize + s, bufsize + l);
|
||||
}
|
||||
}
|
||||
// span multiple buffers
|
||||
_testZlibLimit(35000, 22000);
|
||||
_testZlibLimit(22000, 35000);
|
||||
}
|
||||
|
||||
void TestCompression::_testZlibLimit(u32 size, u32 limit)
|
||||
{
|
||||
infostream << "Test: Testing zlib wrappers with a decompression "
|
||||
"memory limit of " << limit << std::endl;
|
||||
|
||||
infostream << "Test: Input size of compressZlib for limit is "
|
||||
<< size << std::endl;
|
||||
|
||||
// how much data we expect to get
|
||||
u32 expected = size < limit ? size : limit;
|
||||
|
||||
// create recognizable data
|
||||
std::string data_in;
|
||||
data_in.resize(size);
|
||||
for (u32 i = 0; i < size; i++)
|
||||
data_in[i] = (u8)(i % 256);
|
||||
|
||||
std::ostringstream os_compressed(std::ios::binary);
|
||||
compressZlib(data_in, os_compressed);
|
||||
infostream << "Test: Output size of compressZlib for limit is "
|
||||
<< os_compressed.str().size()<<std::endl;
|
||||
|
||||
std::istringstream is_compressed(os_compressed.str(), std::ios::binary);
|
||||
std::ostringstream os_decompressed(std::ios::binary);
|
||||
decompressZlib(is_compressed, os_decompressed, limit);
|
||||
infostream << "Test: Output size of decompressZlib with limit is "
|
||||
<< os_decompressed.str().size() << std::endl;
|
||||
|
||||
std::string str_decompressed = os_decompressed.str();
|
||||
UASSERTEQ(size_t, str_decompressed.size(), expected);
|
||||
|
||||
for (u32 i = 0; i < size && i < str_decompressed.size(); i++) {
|
||||
UTEST(str_decompressed[i] == data_in[i],
|
||||
"index out[%i]=%i differs from in[%i]=%i",
|
||||
i, str_decompressed[i], i, data_in[i]);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue