mirror of
https://github.com/OpenVPN/openvpn3.git
synced 2024-09-19 19:52:15 +02:00
Add missing length check in parsing ACC messages, add more related tests
Signed-off-by: Arne Schwabe <arne@openvpn.net>
This commit is contained in:
parent
8bfdc2809b
commit
8ad83b5ae8
@ -32,6 +32,7 @@
|
||||
#include <openvpn/common/unicode.hpp>
|
||||
#include <openvpn/common/base64.hpp>
|
||||
#include <openvpn/buffer/bufstr.hpp>
|
||||
#include <openvpn/common/number.hpp>
|
||||
|
||||
namespace openvpn {
|
||||
|
||||
@ -177,8 +178,9 @@ class AppControlMessageReceiver
|
||||
throw parse_acc_message{"Discarding malformed custom app control message"};
|
||||
}
|
||||
|
||||
|
||||
auto protocol = std::move(parts[1]);
|
||||
auto length = std::move(parts[2]);
|
||||
auto length_str = std::move(parts[2]);
|
||||
auto flags = std::move(parts[3]);
|
||||
auto message = std::move(parts[4]);
|
||||
|
||||
@ -186,6 +188,12 @@ class AppControlMessageReceiver
|
||||
bool textEncoding = false;
|
||||
bool fragment = false;
|
||||
|
||||
size_t length = 0;
|
||||
if (!parse_number(length_str, length) || length != message.length())
|
||||
{
|
||||
throw parse_acc_message{"Discarding malformed custom app control message"};
|
||||
}
|
||||
|
||||
for (char const &c : flags)
|
||||
{
|
||||
switch (c)
|
||||
|
@ -168,4 +168,48 @@ TEST(customcontrolchannel, send_with_nul)
|
||||
|
||||
EXPECT_EQ(cmsgs.size(), 1);
|
||||
EXPECT_EQ(cmsgs[0], expected_control_msg);
|
||||
}
|
||||
|
||||
TEST(customcontrolchannel, test_incorrect_len)
|
||||
{
|
||||
std::string control_msg{"ACC,fortune,62,6,InsgIm1lIjogImZyb2ciLCAAeGZm/SJtc2ciOiAiSSBhbSAAS2VybWl0IiB9Ig=="};
|
||||
|
||||
AppControlMessageReceiver accrecv{};
|
||||
|
||||
EXPECT_THROW(
|
||||
accrecv.receive_message(control_msg),
|
||||
parse_acc_message);
|
||||
}
|
||||
|
||||
TEST(customcontrolchannel, test_wrong_header)
|
||||
{
|
||||
std::string control_msg{"ABC,fortune,64,6,InsgIm1lIjogImZyb2ciLCAAeGZm/SJtc2ciOiAiSSBhbSAAS2VybWl0IiB9Ig=="};
|
||||
|
||||
AppControlMessageReceiver accrecv{};
|
||||
|
||||
EXPECT_THROW(
|
||||
accrecv.receive_message(control_msg),
|
||||
parse_acc_message);
|
||||
}
|
||||
|
||||
TEST(customcontrolchannel, test_unsupported_encoding)
|
||||
{
|
||||
std::string control_msg{"ACC,fortune,64,Q,InsgIm1lIjogImZyb2ciLCAAeGZm/SJtc2ciOiAiSSBhbSAAS2VybWl0IiB9Ig=="};
|
||||
|
||||
AppControlMessageReceiver accrecv{};
|
||||
|
||||
EXPECT_THROW(
|
||||
accrecv.receive_message(control_msg),
|
||||
parse_acc_message);
|
||||
}
|
||||
|
||||
TEST(customcontrolchannel, test_missing_message)
|
||||
{
|
||||
std::string control_msg{"ABC,fortune,64,6"};
|
||||
|
||||
AppControlMessageReceiver accrecv{};
|
||||
|
||||
EXPECT_THROW(
|
||||
accrecv.receive_message(control_msg),
|
||||
parse_acc_message);
|
||||
}
|
Loading…
Reference in New Issue
Block a user