*** empty log message ***
git-svn-id: https://asn1c.svn.sourceforge.net/svnroot/asn1c/trunk@1114 59561ff5-6e30-0410-9f3c-9617f08c8826
diff --git a/skeletons/tests/check-OIDs.c b/skeletons/tests/check-OIDs.c
index 58902c3..a28cd00 100644
--- a/skeletons/tests/check-OIDs.c
+++ b/skeletons/tests/check-OIDs.c
@@ -121,11 +121,13 @@
int ret;
int i;
- fprintf(stderr, "Encoding (R) {");
- for(i = 0; i < acount; i++) {
- fprintf(stderr, " %u", arcs[i]);
+ if(0) {
+ fprintf(stderr, "Encoding (R) {");
+ for(i = 0; i < acount; i++) {
+ fprintf(stderr, " %u", arcs[i]);
+ }
+ fprintf(stderr, " }\n");
}
- fprintf(stderr, " }\n");
ret = RELATIVE_OID_set_arcs(&oid, arcs, sizeof(arcs[0]), acount);
assert(ret == 0);
@@ -137,12 +139,15 @@
assert(alen <= tmp_alen);
assert(alen == acount);
- fprintf(stderr, "Encoded (R) { ");
- for(i = 0; i < alen; i++) {
- fprintf(stderr, "%lu ", tmp_arcs[i]); fflush(stdout);
- assert(arcs[i] == (int)tmp_arcs[i]);
+ if(0) {
+ fprintf(stderr, "Encoded (R) { ");
+ for(i = 0; i < alen; i++) {
+ fprintf(stderr, "%lu ", tmp_arcs[i]); fflush(stdout);
+ assert(arcs[i] == (int)tmp_arcs[i]);
+ }
+ fprintf(stderr, "}\n");
}
- fprintf(stderr, "}\n");
+
}
/*
@@ -158,11 +163,13 @@
int ret;
int i;
- fprintf(stderr, "Encoding (O) {");
- for(i = 0; i < acount; i++) {
- fprintf(stderr, " %u", arcs[i]);
+ if(0) {
+ fprintf(stderr, "Encoding (O) {");
+ for(i = 0; i < acount; i++) {
+ fprintf(stderr, " %u", arcs[i]);
+ }
+ fprintf(stderr, " }\n");
}
- fprintf(stderr, " }\n");
ret = OBJECT_IDENTIFIER_set_arcs(&oid, arcs, sizeof(arcs[0]), acount);
assert(ret == 0);
@@ -174,14 +181,15 @@
assert(alen <= tmp_alen);
assert(alen == acount);
- fprintf(stderr, "Encoded (O) { ");
- for(i = 0; i < alen; i++) {
- fprintf(stderr, "%lu ", tmp_arcs[i]); fflush(stdout);
- assert(arcs[i] == (int)tmp_arcs[i]);
+ if(0) {
+ fprintf(stderr, "Encoded (O) { ");
+ for(i = 0; i < alen; i++) {
+ fprintf(stderr, "%lu ", tmp_arcs[i]); fflush(stdout);
+ assert(arcs[i] == (int)tmp_arcs[i]);
+ }
+ fprintf(stderr, "}\n");
}
- fprintf(stderr, "}\n");
}
-
static int
check_speed() {
uint8_t buf[] = { 0x80 | 7, 0x80 | 2, 0x80 | 3, 0x80 | 4, 13 };
diff --git a/skeletons/tests/check-length.c b/skeletons/tests/check-length.c
index cf10405..6dfc7ae 100644
--- a/skeletons/tests/check-length.c
+++ b/skeletons/tests/check-length.c
@@ -101,18 +101,25 @@
ret = ber_fetch_length(0, buf1, sizeof(buf1), &tlv_len);
printf("ret=%ld, len=%ld\n", (long)ret, (long)tlv_len);
assert(ret == sizeof(buf1));
+ assert(tlv_len == 0x01020304);
ret = ber_fetch_length(0, buf2, sizeof(buf2), &tlv_len);
printf("ret=%ld, len=%ld\n", (long)ret, (long)tlv_len);
assert(ret == sizeof(buf2));
+ assert(tlv_len == 0x7fff0304);
- if(sizeof(tlv_len) == 4) {
+ /*
+ * Here although tlv_len is not greater than 2^31,
+ * we ought to hit an embedded length exploitation preventive check.
+ */
+ if(sizeof(tlv_len) <= 4) {
ret = ber_fetch_length(0, buf3, sizeof(buf3), &tlv_len);
printf("ret=%ld\n", (long)ret);
assert(ret == -1);
- } else if(sizeof(tlv_len) == 8) {
+ }
+ if(sizeof(tlv_len) <= 8) {
ret = ber_fetch_length(0, buf4, sizeof(buf4), &tlv_len);
- printf("ret=%ld\n", (long)ret);
+ printf("ret=%lld\n", (long long)ret);
assert(ret == -1);
}