Fix CID 509089 - Fix OOB read and write

capstone-engine · Sep 3, 2024 · c391a24 · c391a24
1 parent 9c993a2
commit c391a24
Show file tree

Hide file tree

Showing 5 changed files with 87 additions and 22 deletions.
diff --git a/tests/unit/CMakeLists.txt b/tests/unit/CMakeLists.txt
@@ -1,14 +1,12 @@
 cmake_minimum_required(VERSION 3.15)
 
-# Old integration tests.
-if (CAPSTONE_BUILD_LEGACY_TESTS)
-  enable_testing()
-  set(UNIT_TEST_SOURCES sstream.c)
+enable_testing()
+set(UNIT_TEST_SOURCES sstream.c utils.c)
+include_directories(include)
 
-  foreach(TSRC ${UNIT_TEST_SOURCES})
-      string(REGEX REPLACE ".c$" "" TBIN ${TSRC})
-      add_executable(${TBIN} "${TESTS_UNIT_DIR}/${TSRC}")
-      target_link_libraries(${TBIN} PRIVATE capstone)
-      add_test(NAME "unit_${TBIN}" COMMAND ${TBIN})
-  endforeach()
-endif()
+foreach(TSRC ${UNIT_TEST_SOURCES})
+    string(REGEX REPLACE ".c$" "" TBIN ${TSRC})
+    add_executable(${TBIN} "${TESTS_UNIT_DIR}/${TSRC}")
+    target_link_libraries(${TBIN} PRIVATE capstone)
+    add_test(NAME "unit_${TBIN}" COMMAND ${TBIN})
+endforeach()
diff --git a/tests/unit/include/unit_test.h b/tests/unit/include/unit_test.h
@@ -0,0 +1,28 @@
+// Copyright © 2024 Rot127 <[email protected]>
+// SPDX-License-Identifier: BSD-3
+
+#define CHECK_EQUAL_RET_FALSE(OS, str) \
+	do { \
+		if (strcmp(OS.buffer, str) != 0) { \
+			printf("OS.buffer != str\n"); \
+			printf("OS.buffer: %s\n", OS.buffer); \
+			printf("str      : %s\n", str); \
+			return false; \
+		} \
+	} while (0);
+
+#define CHECK_STR_EQUAL_RET_FALSE(a, b) \
+	do { \
+		if (strcmp(a, b) != 0) { \
+			printf("%s != %s\n", a, b); \
+			return false; \
+		} \
+	} while (0);
+
+#define CHECK_NULL_RET_FALSE(ptr) \
+	do { \
+		if (ptr != NULL) { \
+			printf(#ptr " is not NULL\n"); \
+			return false; \
+		} \
+	} while (0);
diff --git a/tests/unit/sstream.c b/tests/unit/sstream.c
@@ -1,21 +1,12 @@
 // Copyright © 2024 Rot127 <[email protected]>
 // SPDX-License-Identifier: BSD-3
 
+#include "unit_test.h"
 #include "../SStream.h"
 #include "../utils.h"
 #include <stdio.h>
 #include <string.h>
 
-#define CHECK_EQUAL_RET_FALSE(OS, str) \
-	do { \
-		if (strcmp(OS.buffer, str) != 0) { \
-			printf("OS.buffer != str\n"); \
-			printf("OS.buffer: %s\n", OS.buffer); \
-			printf("str      : %s\n", str); \
-			return false; \
-		} \
-	} while (0);
-
 static void overflow_SStream_concat0(SStream *OS, bool *returned_in_time)
 {
 	char buf[SSTREAM_BUF_LEN + 1] = { 0 };

diff --git a/tests/unit/utils.c b/tests/unit/utils.c
@@ -0,0 +1,48 @@
+// Copyright © 2024 Rot127 <[email protected]>
+// SPDX-License-Identifier: BSD-3
+
+#include "unit_test.h"
+#include "../utils.h"
+#include <stdio.h>
+#include <string.h>
+
+static bool test_str_append()
+{
+	printf("Test test_str_append\n");
+	char *str_a = NULL;
+	char *str_b = NULL;
+	CHECK_NULL_RET_FALSE(str_append(str_a, str_b));
+
+	str_a = calloc(5, sizeof(char));
+	memcpy(str_a, "AAAA", 5);
+	CHECK_NULL_RET_FALSE(str_append(str_a, str_b));
+
+	str_b = calloc(5, sizeof(char));
+	char *result = str_append(str_a, str_b);
+	CHECK_STR_EQUAL_RET_FALSE(result, "AAAA");
+
+	memcpy(str_b, "BBBB", 5);
+	result = str_append(str_a, str_b);
+	CHECK_STR_EQUAL_RET_FALSE(result, "AAAABBBB");
+
+	memset(str_a, 0, 5);
+	result = str_append(str_a, str_b);
+	CHECK_STR_EQUAL_RET_FALSE(result, "BBBB");
+	free(str_a);
+	free(str_b);
+
+	return true;
+}
+
+int main()
+{
+	bool result = true;
+	result &= test_str_append();
+
+	if (result) {
+		printf("All tests passed.\n");
+	} else {
+		printf("Some tests failed.\n");
+	}
+	return result ? 0 : -1;
+}
diff --git a/utils.c b/utils.c
@@ -210,7 +210,7 @@ char *str_append(char *str_a, const char *str_b) {
 	assert(str_a && str_b);
 	size_t asize = strlen(str_a) + strlen(str_b) + 1;
 	str_a = realloc(str_a, asize);
-	strncat(str_a, str_b, asize);
+	strncat(str_a, str_b, strlen(str_b));
 	return str_a;
 }