diff options
| author | Petteri Aimonen <jpa@git.mail.kapsi.fi> | 2016-06-06 21:00:59 +0300 |
|---|---|---|
| committer | Petteri Aimonen <jpa@git.mail.kapsi.fi> | 2016-06-14 18:48:08 +0300 |
| commit | 7c49b65845861529f8f93253432e8d50b00ad734 (patch) | |
| tree | e7639ddf2b20d6cd3ceeb19eac7c2667b5dcc42a | |
| parent | eb66254b79a3505e9b0442f0668631d696d63a1d (diff) | |
Add testcase for issue #205
| -rw-r--r-- | tests/fuzztest/fuzztest.c | 1 | ||||
| -rw-r--r-- | tests/regression/issue_205/SConscript | 13 | ||||
| -rw-r--r-- | tests/regression/issue_205/size_corruption.c | 12 | ||||
| -rw-r--r-- | tests/regression/issue_205/size_corruption.proto | 11 |
4 files changed, 37 insertions, 0 deletions
diff --git a/tests/fuzztest/fuzztest.c b/tests/fuzztest/fuzztest.c index d370172..ee851ec 100644 --- a/tests/fuzztest/fuzztest.c +++ b/tests/fuzztest/fuzztest.c @@ -192,6 +192,7 @@ static bool do_static_encode(uint8_t *buffer, size_t *msglen) assert(stream.bytes_written <= alltypes_static_AllTypes_size); *msglen = stream.bytes_written; + pb_release(alltypes_static_AllTypes_fields, msg); free_with_check(msg); return status; diff --git a/tests/regression/issue_205/SConscript b/tests/regression/issue_205/SConscript new file mode 100644 index 0000000..1699429 --- /dev/null +++ b/tests/regression/issue_205/SConscript @@ -0,0 +1,13 @@ +# Check that pb_release() correctly handles corrupted size fields of +# static arrays. + +Import('env', 'malloc_env') + +env.NanopbProto('size_corruption') + +p = malloc_env.Program(["size_corruption.c", + "size_corruption.pb.c", + "$COMMON/pb_decode_with_malloc.o", + "$COMMON/malloc_wrappers.o"]) +env.RunTest(p) + diff --git a/tests/regression/issue_205/size_corruption.c b/tests/regression/issue_205/size_corruption.c new file mode 100644 index 0000000..08cef45 --- /dev/null +++ b/tests/regression/issue_205/size_corruption.c @@ -0,0 +1,12 @@ +#include "size_corruption.pb.h" +#include <pb_decode.h> + +int main() +{ + MainMessage msg = MainMessage_init_zero; + msg.bar_count = (pb_size_t)-1; + pb_release(MainMessage_fields, &msg); + + return 0; +} + diff --git a/tests/regression/issue_205/size_corruption.proto b/tests/regression/issue_205/size_corruption.proto new file mode 100644 index 0000000..6c9c245 --- /dev/null +++ b/tests/regression/issue_205/size_corruption.proto @@ -0,0 +1,11 @@ +syntax = "proto2"; +import 'nanopb.proto'; + +message SubMessage { + repeated int32 foo = 1 [(nanopb).type = FT_POINTER]; +} + +message MainMessage { + repeated SubMessage bar = 1 [(nanopb).max_count = 5]; +} + |