Compare commits

...

3 Commits

Author SHA1 Message Date
BodgeMaster 5272636cb8 test/nbt_read_write_helpers: fix unit tests for readString() 2022-08-15 13:30:53 +02:00
BodgeMaster 91d16ea451 test/javacompat: add test for mismatched size 2022-08-15 12:24:03 +02:00
BodgeMaster a1fc0ce4b4 lib/nbt: Fix a possible buffer overflow in readString() 2022-08-15 12:02:58 +02:00
3 changed files with 17 additions and 4 deletions

View File

@ -154,6 +154,9 @@ namespace NBT {
if (stringSize.isError) { if (stringSize.isError) {
return ErrorOr<tiny_utf8::string>(true, stringSize.errorCode); return ErrorOr<tiny_utf8::string>(true, stringSize.errorCode);
} }
if (currentPosition + (uint64_t) stringSize.value + 2 > dataSize) {
return ErrorOr<tiny_utf8::string>(true, ErrorCodes::OVERRUN);
}
ErrorOr<tiny_utf8::string> output = JavaCompat::importJavaString(data+currentPosition, stringSize.value); ErrorOr<tiny_utf8::string> output = JavaCompat::importJavaString(data+currentPosition, stringSize.value);
if(output.isError){ if(output.isError){

View File

@ -75,7 +75,16 @@ int main(){
tiny_utf8::string normalString = tiny_utf8::string(normalStdString); tiny_utf8::string normalString = tiny_utf8::string(normalStdString);
// check for normal operation
ASSERT(normalString == importedString); ASSERT(normalString == importedString);
// check for mismatched size error
std::string javaStdStringCopy = javaStdString;
javaStdStringCopy[0]='b';
ErrorOr<tiny_utf8::string> errorString = JavaCompat::importJavaString(reinterpret_cast<uint8_t*>(javaStdStringCopy.data()), 0x75);
ASSERT(errorString.isError);
ASSERT(errorString.errorCode == ErrorCodes::MISMATCHEDSIZE);
std::cout << "Passed Import Java string test." << std::endl; std::cout << "Passed Import Java string test." << std::endl;
//using normalString from when we read the file earlier //using normalString from when we read the file earlier

View File

@ -490,9 +490,10 @@ int main(){
tiny_utf8::string normalString = tiny_utf8::string(normalStdString); tiny_utf8::string normalString = tiny_utf8::string(normalStdString);
ASSERT(normalString == NBT::helper::readString(reinterpret_cast<uint8_t*>(javaStdString.data()), 0x75, 0).value) ASSERT(normalString == NBT::helper::readString(reinterpret_cast<uint8_t*>(javaStdString.data()), javaStdString.size(), 0).value)
ASSERT(NBT::helper::readString(reinterpret_cast<uint8_t*>(javaStdString.data()), 0xFFFFF, 0).errorCode == ErrorCodes::OVERRUN);
ASSERT(NBT::helper::readString(reinterpret_cast<uint8_t*>(javaStdString.data()), 0xF, 0).errorCode == ErrorCodes::MISMATCHEDSIZE); javaStdString[0] = '1';
ASSERT(NBT::helper::readString(reinterpret_cast<uint8_t*>(javaStdString.data()), javaStdString.size(), 0).errorCode == ErrorCodes::OVERRUN);
std::cout << "Passed readString NBT helper test." << std::endl; std::cout << "Passed readString NBT helper test." << std::endl;
delete nextChar; delete nextChar;