search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
libtommath: Fix possible integer overflow CVE-2023-36328
[heimdal.git] / lib / krb5 / test_store.c
blob163022c561bedf587d590838162706e1a6883444
1 /*
2 * Copyright (c) 2006 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of KTH nor the names of its contributors may be
18 * used to endorse or promote products derived from this software without
19 * specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
22 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
24 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
25 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
28 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
29 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
30 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
31 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
32
33 #include "krb5_locl.h"
34 #include <getarg.h>
35
36 static void
37 test_int8(krb5_context context, krb5_storage *sp)
38 {
39 krb5_error_code ret;
40 int i;
41 int8_t val[] = {
42 0, 1, -1, 128, -127
43 }, v;
44
45 krb5_storage_truncate(sp, 0);
46
47 for (i = 0; i < sizeof(val)/sizeof(val[0]); i++) {
48
49 ret = krb5_store_int8(sp, val[i]);
50 if (ret)
51 krb5_err(context, 1, ret, "krb5_store_int8");
52 krb5_storage_seek(sp, i, SEEK_SET);
53 ret = krb5_ret_int8(sp, &v);
54 if (ret)
55 krb5_err(context, 1, ret, "krb5_ret_int8");
56 if (v != val[i])
57 krb5_errx(context, 1, "store and ret mismatch");
58 }
59 }
60
61 static void
62 test_int16(krb5_context context, krb5_storage *sp)
63 {
64 krb5_error_code ret;
65 int i;
66 int16_t val[] = {
67 0, 1, -1, 32767, -32768
68 }, v;
69
70 krb5_storage_truncate(sp, 0);
71
72 for (i = 0; i < sizeof(val)/sizeof(val[0]); i++) {
73
74 ret = krb5_store_int16(sp, val[i]);
75 if (ret)
76 krb5_err(context, 1, ret, "krb5_store_int16");
77 krb5_storage_seek(sp, i * sizeof (v), SEEK_SET);
78 ret = krb5_ret_int16(sp, &v);
79 if (ret)
80 krb5_err(context, 1, ret, "krb5_ret_int16");
81 if (v != val[i])
82 krb5_errx(context, 1, "store and ret mismatch");
83 }
84 }
85
86 static void
87 test_int32(krb5_context context, krb5_storage *sp)
88 {
89 krb5_error_code ret;
90 int i;
91 int32_t val[] = {
92 0, 1, -1, 2147483647, -2147483646
93 }, v;
94
95 krb5_storage_truncate(sp, 0);
96
97 for (i = 0; i < sizeof(val)/sizeof(val[0]); i++) {
98
99 ret = krb5_store_int32(sp, val[i]);
100 if (ret)
101 krb5_err(context, 1, ret, "krb5_store_int32");
102 krb5_storage_seek(sp, i * sizeof (v), SEEK_SET);
103 ret = krb5_ret_int32(sp, &v);
104 if (ret)
105 krb5_err(context, 1, ret, "krb5_ret_int32");
106 if (v != val[i])
107 krb5_errx(context, 1, "store and ret mismatch");
108 }
109 }
110
111 static void
112 test_uint8(krb5_context context, krb5_storage *sp)
113 {
114 krb5_error_code ret;
115 int i;
116 uint8_t val[] = {
117 0, 1, 255
118 }, v;
119
120 krb5_storage_truncate(sp, 0);
121
122 for (i = 0; i < sizeof(val)/sizeof(val[0]); i++) {
123
124 ret = krb5_store_uint8(sp, val[i]);
125 if (ret)
126 krb5_err(context, 1, ret, "krb5_store_uint8");
127 krb5_storage_seek(sp, i * sizeof (v), SEEK_SET);
128 ret = krb5_ret_uint8(sp, &v);
129 if (ret)
130 krb5_err(context, 1, ret, "krb5_ret_uint8");
131 if (v != val[i])
132 krb5_errx(context, 1, "store and ret mismatch");
133 }
134 }
135
136 static void
137 test_uint16(krb5_context context, krb5_storage *sp)
138 {
139 krb5_error_code ret;
140 int i;
141 uint16_t val[] = {
142 0, 1, 65535
143 }, v;
144
145 krb5_storage_truncate(sp, 0);
146
147 for (i = 0; i < sizeof(val)/sizeof(val[0]); i++) {
148
149 ret = krb5_store_uint16(sp, val[i]);
150 if (ret)
151 krb5_err(context, 1, ret, "krb5_store_uint16");
152 krb5_storage_seek(sp, i * sizeof (v), SEEK_SET);
153 ret = krb5_ret_uint16(sp, &v);
154 if (ret)
155 krb5_err(context, 1, ret, "krb5_ret_uint16");
156 if (v != val[i])
157 krb5_errx(context, 1, "store and ret mismatch");
158 }
159 }
160
161 static void
162 test_uint32(krb5_context context, krb5_storage *sp)
163 {
164 krb5_error_code ret;
165 int i;
166 uint32_t val[] = {
167 0, 1, 4294967295UL
168 }, v;
169
170 krb5_storage_truncate(sp, 0);
171
172 for (i = 0; i < sizeof(val)/sizeof(val[0]); i++) {
173
174 ret = krb5_store_uint32(sp, val[i]);
175 if (ret)
176 krb5_err(context, 1, ret, "krb5_store_uint32");
177 krb5_storage_seek(sp, i * sizeof (v), SEEK_SET);
178 ret = krb5_ret_uint32(sp, &v);
179 if (ret)
180 krb5_err(context, 1, ret, "krb5_ret_uint32");
181 if (v != val[i])
182 krb5_errx(context, 1, "store and ret mismatch");
183 }
184 }
185
186
187 static void
188 test_storage(krb5_context context, krb5_storage *sp)
189 {
190 test_int8(context, sp);
191 test_int16(context, sp);
192 test_int32(context, sp);
193 test_uint8(context, sp);
194 test_uint16(context, sp);
195 test_uint32(context, sp);
196 }
197
198
199 static void
200 test_truncate(krb5_context context, krb5_storage *sp, int fd)
201 {
202 struct stat sb;
203
204 krb5_storage_truncate(sp, 0);
205 krb5_store_string(sp, "hej");
206 krb5_storage_truncate(sp, 2);
207
208 if (fstat(fd, &sb) != 0)
209 krb5_err(context, 1, errno, "fstat");
210 if (sb.st_size != 2)
211 krb5_errx(context, 1, "length not 2");
212
213 krb5_storage_truncate(sp, 1024);
214
215 if (fstat(fd, &sb) != 0)
216 krb5_err(context, 1, errno, "fstat");
217 if (sb.st_size != 1024)
218 krb5_errx(context, 1, "length not 1024");
219 }
220
221 static void
222 test_buffer_issues(krb5_context context, krb5_storage *sp)
223 {
224 krb5_error_code ret;
225 size_t i;
226 uint32_t v;
227
228 krb5_storage_set_eof_code(sp, -1);
229 krb5_storage_truncate(sp, 0);
230 for (i=0; i < 4096; i++) {
231 krb5_store_uint32(sp, i);
232 }
233
234 krb5_storage_truncate(sp, 1024);
235 ret = krb5_ret_uint32(sp, &v);
236 if (ret != -1)
237 krb5_errx(context, 1, "Should have received EOF");
238
239 krb5_storage_seek(sp, 8, SEEK_SET);
240 ret = krb5_ret_uint32(sp, &v);
241 if (ret == -1)
242 krb5_errx(context, 1, "Should not have received EOF");
243 if (v != 2)
244 krb5_errx(context, 1, "uint32 should have been 2");
245 }
246
247 static void
248 check_too_large(krb5_context context, krb5_storage *sp)
249 {
250 uint32_t too_big_sizes[] = { UINT_MAX, UINT_MAX / 2, UINT_MAX / 4, UINT_MAX / 8 + 1};
251 krb5_error_code ret;
252 krb5_data data;
253 size_t n;
254
255 for (n = 0; n < sizeof(too_big_sizes) / sizeof(too_big_sizes[0]); n++) {
256 krb5_storage_truncate(sp, 0);
257 krb5_store_uint32(sp, too_big_sizes[n]);
258 krb5_storage_seek(sp, 0, SEEK_SET);
259 ret = krb5_ret_data(sp, &data);
260 if (ret != HEIM_ERR_TOO_BIG)
261 errx(1, "not too big: %lu", (unsigned long)n);
262 }
263 }
264
265 /*
266 *
267 */
268
269 static int version_flag = 0;
270 static int help_flag = 0;
271
272 static struct getargs args[] = {
273 {"version", 0, arg_flag, &version_flag,
274 "print version", NULL },
275 {"help", 0, arg_flag, &help_flag,
276 NULL, NULL }
277 };
278
279 static void
280 usage (int ret)
281 {
282 arg_printusage (args,
283 sizeof(args)/sizeof(*args),
284 NULL,
285 "");
286 exit (ret);
287 }
288
289 int
290 main(int argc, char **argv)
291 {
292 krb5_context context;
293 krb5_error_code ret;
294 int fd, optidx = 0;
295 krb5_storage *sp;
296 const char *fn = "test-store-data";
297
298 setprogname(argv[0]);
299
300 if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx))
301 usage(1);
302
303 if (help_flag)
304 usage (0);
305
306 if(version_flag){
307 print_version(NULL);
308 exit(0);
309 }
310
311 argc -= optidx;
312 argv += optidx;
313
314 ret = krb5_init_context (&context);
315 if (ret)
316 errx (1, "krb5_init_context failed: %d", ret);
317
318 /*
319 * Test encoding/decoding of primotive types on diffrent backends
320 */
321
322 sp = krb5_storage_emem();
323 if (sp == NULL)
324 krb5_errx(context, 1, "krb5_storage_emem: no mem");
325
326 test_storage(context, sp);
327 check_too_large(context, sp);
328 krb5_storage_free(sp);
329
330
331 fd = open(fn, O_RDWR|O_CREAT|O_TRUNC, 0600);
332 if (fd < 0)
333 krb5_err(context, 1, errno, "open(%s)", fn);
334
335 sp = krb5_storage_from_fd(fd);
336 if (sp == NULL)
337 krb5_errx(context, 1, "krb5_storage_from_fd: %s no mem", fn);
338
339 test_storage(context, sp);
340 test_truncate(context, sp, fd);
341 test_buffer_issues(context, sp);
342 krb5_storage_free(sp);
343 close(fd);
344 unlink(fn);
345
346 fd = open(fn, O_RDWR|O_CREAT|O_TRUNC, 0600);
347 if (fd < 0)
348 krb5_err(context, 1, errno, "open(%s)", fn);
349
350 sp = krb5_storage_stdio_from_fd(fd, "r+");
351 if (sp == NULL)
352 krb5_errx(context, 1, "krb5_storage_stdio_from_fd: %s no mem", fn);
353
354 test_storage(context, sp);
355 test_truncate(context, sp, fd);
356 test_buffer_issues(context, sp);
357 krb5_storage_free(sp);
358 close(fd);
359 unlink(fn);
360
361 krb5_free_context(context);
362
363 return 0;
364 }
Heimdal