diff options
author | Edwin Mons <edwin.mons@isode.com> | 2018-10-24 13:37:33 (GMT) |
---|---|---|
committer | Edwin Mons <edwin.mons@isode.com> | 2018-10-24 16:15:21 (GMT) |
commit | 1c71c5a77e037038c581a68774c96fad9a79030b (patch) | |
tree | 3ee82bd0d84aa1d4c33d69948ca10952bda9cd35 /Swiften/IDN/SConscript | |
parent | 0f4a77303fedfaa57977d6ca528799305eac9367 (diff) | |
download | swift-1c71c5a77e037038c581a68774c96fad9a79030b.zip swift-1c71c5a77e037038c581a68774c96fad9a79030b.tar.bz2 |
Fix buffer overrun in LibIDNConverter
When Swift::LibIDNConverter::getStringPrepared was called with an input
of 1024 or more characters, stringprep would be called on a memory
region that wasn't NUL-terminated. It also blindly trimmed the input to
1024 bytes, even though there may be input longer than that that still
results in a valid 1023 byte prepped string.
IDNConverterTest has been converted to gtest, as cppunit cannot deal
with testing for std::exceptions being thrown on at least macOS
Test-Information:
Unit tests pass on macOS 10.13 and Debian 9
Before fix, the newly added unit tests triggered an ASan abort due to a
buffer overrun.
After fix, all unit tests pass, even with ASan enabled.
Change-Id: Ia3e51a39f5db1de32b8f8bb388f81ca041136df7
Diffstat (limited to 'Swiften/IDN/SConscript')
-rw-r--r-- | Swiften/IDN/SConscript | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/Swiften/IDN/SConscript b/Swiften/IDN/SConscript index 28596f7..0afad0e 100644 --- a/Swiften/IDN/SConscript +++ b/Swiften/IDN/SConscript @@ -23,6 +23,7 @@ swiften_env.Append(SWIFTEN_OBJECTS = [objects]) if env["TEST"] : test_env = myenv.Clone() test_env.UseFlags(swiften_env["CPPUNIT_FLAGS"]) + test_env.UseFlags(myenv.get("GOOGLETEST_FLAGS", "")) env.Append(UNITTEST_OBJECTS = test_env.SwiftenObject([ File("UnitTest/IDNConverterTest.cpp"), File("UnitTest/UTF8ValidatorTest.cpp") |