mirror/openvpn3
0
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn3.git synced 2024-09-20 04:02:15 +02:00
Code

Add missing length check in parsing ACC messages, add more related tests

Browse Source 
Signed-off-by: Arne Schwabe <arne@openvpn.net>
This commit is contained in:
Arne Schwabe 2024-01-02 14:40:43 +01:00
parent 8bfdc2809b
commit 8ad83b5ae8
2 changed files with 53 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
openvpn/ssl/customcontrolchannel.hpp
View File

@ -32,6 +32,7 @@
#include <openvpn/common/unicode.hpp> #include <openvpn/common/unicode.hpp>
#include <openvpn/common/base64.hpp> #include <openvpn/common/base64.hpp>
#include <openvpn/buffer/bufstr.hpp> #include <openvpn/buffer/bufstr.hpp>
#include <openvpn/common/number.hpp>
namespace openvpn { namespace openvpn {
@ -177,8 +178,9 @@ class AppControlMessageReceiver
throw parse_acc_message{"Discarding malformed custom app control message"}; throw parse_acc_message{"Discarding malformed custom app control message"};
} }
auto protocol = std::move(parts[1]); auto protocol = std::move(parts[1]);
auto length = std::move(parts[2]); auto length_str = std::move(parts[2]);
auto flags = std::move(parts[3]); auto flags = std::move(parts[3]);
auto message = std::move(parts[4]); auto message = std::move(parts[4]);
@ -186,6 +188,12 @@ class AppControlMessageReceiver
bool textEncoding = false; bool textEncoding = false;
bool fragment = false; bool fragment = false;
size_t length = 0;
if (!parse_number(length_str, length) || length != message.length())
{
throw parse_acc_message{"Discarding malformed custom app control message"};
}
for (char const &c : flags) for (char const &c : flags)
{ {
switch (c) switch (c)

44
test/unittests/test_acc.cpp
View File

@ -169,3 +169,47 @@ TEST(customcontrolchannel, send_with_nul)
EXPECT_EQ(cmsgs.size(), 1); EXPECT_EQ(cmsgs.size(), 1);
EXPECT_EQ(cmsgs[0], expected_control_msg); EXPECT_EQ(cmsgs[0], expected_control_msg);
} }
TEST(customcontrolchannel, test_incorrect_len)
{
std::string control_msg{"ACC,fortune,62,6,InsgIm1lIjogImZyb2ciLCAAeGZm/SJtc2ciOiAiSSBhbSAAS2VybWl0IiB9Ig=="};
AppControlMessageReceiver accrecv{};
EXPECT_THROW(
accrecv.receive_message(control_msg),
parse_acc_message);
}
TEST(customcontrolchannel, test_wrong_header)
{
std::string control_msg{"ABC,fortune,64,6,InsgIm1lIjogImZyb2ciLCAAeGZm/SJtc2ciOiAiSSBhbSAAS2VybWl0IiB9Ig=="};
AppControlMessageReceiver accrecv{};
EXPECT_THROW(
accrecv.receive_message(control_msg),
parse_acc_message);
}
TEST(customcontrolchannel, test_unsupported_encoding)
{
std::string control_msg{"ACC,fortune,64,Q,InsgIm1lIjogImZyb2ciLCAAeGZm/SJtc2ciOiAiSSBhbSAAS2VybWl0IiB9Ig=="};
AppControlMessageReceiver accrecv{};
EXPECT_THROW(
accrecv.receive_message(control_msg),
parse_acc_message);
}
TEST(customcontrolchannel, test_missing_message)
{
std::string control_msg{"ABC,fortune,64,6"};
AppControlMessageReceiver accrecv{};
EXPECT_THROW(
accrecv.receive_message(control_msg),
parse_acc_message);
}