[tor-commits] [tor/master] test: Fix shared random buffer overrun

nickm at torproject.org nickm at torproject.org
Tue Jul 5 16:14:28 UTC 2016


commit 7d04638a608a150b80442198df401b8be5ea8a3a
Author: David Goulet <dgoulet at torproject.org>
Date:   Mon Jul 4 11:40:06 2016 -0400

    test: Fix shared random buffer overrun
    
    Encoded commit has an extra byte at the end for the NUL terminated byte and
    the test was overrunning the payload buffer by one byte.
    
    Found by Coverity issue 1362984.
    
    Fixes #19567
    
    Signed-off-by: David Goulet <dgoulet at torproject.org>
---
 src/test/test_shared_random.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/test/test_shared_random.c b/src/test/test_shared_random.c
index d001785..2bdce7d 100644
--- a/src/test/test_shared_random.c
+++ b/src/test/test_shared_random.c
@@ -932,13 +932,14 @@ test_utils(void *arg)
   /* Testing commitments_are_the_same(). Currently, the check is to test the
    * value of the encoded commit so let's make sure that actually works. */
   {
-    /* Payload of 55 bytes that is the length of
-     * sr_commit_t->encoded_commit. */
+    /* Payload of 57 bytes that is the length of sr_commit_t->encoded_commit.
+     * 56 bytes of payload and a NUL terminated byte at the end ('\x00')
+     * which comes down to SR_COMMIT_BASE64_LEN + 1. */
     const char *payload =
       "\x5d\xb9\x60\xb6\xcc\x51\x68\x52\x31\xd9\x88\x88\x71\x71\xe0\x30"
       "\x59\x55\x7f\xcd\x61\xc0\x4b\x05\xb8\xcd\xc1\x48\xe9\xcd\x16\x1f"
       "\x70\x15\x0c\xfc\xd3\x1a\x75\xd0\x93\x6c\xc4\xe0\x5c\xbe\xe2\x18"
-      "\xc7\xaf\x72\xb6\x7c\x9b\x52";
+      "\xc7\xaf\x72\xb6\x7c\x9b\x52\x00";
     sr_commit_t commit1, commit2;
     memcpy(commit1.encoded_commit, payload, sizeof(commit1.encoded_commit));
     memcpy(commit2.encoded_commit, payload, sizeof(commit2.encoded_commit));





More information about the tor-commits mailing list