LBRYCommunity/lbrycrd
1
0
Fork 0
Code Issues 29 Pull requests 1 Projects Releases 32 Packages Wiki Activity

add a test demonstrating an overflow in a deserialization edge case

Browse source 
Also add a test that the highest legal index is accepted.

Github-Pull: #14685
Rebased-From: 051faf7e9d
This commit is contained in:
Kaz Wesley 2018-11-07 12:36:23 -08:00 committed by MarcoFalke
parent 85aacc41ba
commit 94065024c7
1 changed files with 45 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
src/test/blockencodings_tests.cpp
View file

@ -344,4 +344,49 @@ BOOST_AUTO_TEST_CASE(TransactionsRequestSerializationTest) {
BOOST_CHECK_EQUAL(req1.indexes[3], req2.indexes[3]);
}
BOOST_AUTO_TEST_CASE(TransactionsRequestDeserializationMaxTest) {
// Check that the highest legal index is decoded correctly
BlockTransactionsRequest req0;
req0.blockhash = InsecureRand256();
req0.indexes.resize(1);
req0.indexes[0] = 0xffff;
CDataStream stream(SER_NETWORK, PROTOCOL_VERSION);
stream << req0;
BlockTransactionsRequest req1;
stream >> req1;
BOOST_CHECK_EQUAL(req0.indexes.size(), req1.indexes.size());
BOOST_CHECK_EQUAL(req0.indexes[0], req1.indexes[0]);
}
BOOST_AUTO_TEST_CASE(TransactionsRequestDeserializationOverflowTest) {
// Any set of index deltas that starts with N values that sum to (0x10000 - N)
// causes the edge-case overflow that was originally not checked for. Such
// a request cannot be created by serializing a real BlockTransactionsRequest
// due to the overflow, so here we'll serialize from raw deltas.
BlockTransactionsRequest req0;
req0.blockhash = InsecureRand256();
req0.indexes.resize(3);
req0.indexes[0] = 0x7000;
req0.indexes[1] = 0x10000 - 0x7000 - 2;
req0.indexes[2] = 0;
CDataStream stream(SER_NETWORK, PROTOCOL_VERSION);
stream << req0.blockhash;
WriteCompactSize(stream, req0.indexes.size());
WriteCompactSize(stream, req0.indexes[0]);
WriteCompactSize(stream, req0.indexes[1]);
WriteCompactSize(stream, req0.indexes[2]);
BlockTransactionsRequest req1;
try {
stream >> req1;
// before patch: deserialize above succeeds and this check fails, demonstrating the overflow
BOOST_CHECK(req1.indexes[1] < req1.indexes[2]);
// this shouldn't be reachable before or after patch
BOOST_CHECK(0);
} catch(std::ios_base::failure &) {
// deserialize should fail
}
}
BOOST_AUTO_TEST_SUITE_END()