torture: talloc_string_sub tests for utf-8 brevity

If we allow overly long UTF-8 sequences (in the tests, encoding '\0'
as 2, 3, or 4 bytes), it might be possible for bad strings to slip
through.

We fail. But wait for the next commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14684

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra@samba.org>

diff --git a/lib/util/tests/str.c b/lib/util/tests/str.c
index 93bf809f385e85d27c53e81536aed5caf0c75ef5..41a28366cf46e3a4bba8ac553ab49567c79312fb 100644 (file)
--- a/lib/util/tests/str.c
+++ b/lib/util/tests/str.c
@@ -91,6 +91,52 @@ static bool test_talloc_string_sub_multiple(struct torture_context *tctx)
        return true;
 }
 
+/*
+ * with these next three tests, the failure is that the pattern looks like
+ * "+++" because the \x.. bytes encode a zero byte in UTF-8. If we are not
+ * careful with these strings we will see crashes instead of failures.
+ */
+
+static bool test_talloc_string_sub_tricky_utf8_4(struct torture_context *tctx)
+{
+       const char string[] =  "++++--\xD8\xBB";
+       const char pattern[] = "+++\xF0\x80\x80\x80++";
+       const char replace[] = "...";
+
+       char *t = talloc_string_sub(tctx, string, pattern, replace);
+       torture_assert_str_equal(tctx, t, string,
+                                "should reject 4 byte NUL char");
+       talloc_free(t);
+       return true;
+}
+
+static bool test_talloc_string_sub_tricky_utf8_3(struct torture_context *tctx)
+{
+       const char string[] =  "++++--\xD8\xBB";
+       const char pattern[] = "+++\xE0\x80\x80++";
+       const char replace[] = "...";
+
+       char *t = talloc_string_sub(tctx, string, pattern, replace);
+       torture_assert_str_equal(tctx, t, string,
+                                "should reject 3 byte NUL char");
+       talloc_free(t);
+       return true;
+}
+
+static bool test_talloc_string_sub_tricky_utf8_2(struct torture_context *tctx)
+{
+       const char string[] =  "++++--\xD8\xBB";
+       const char pattern[] = "+++\xC0\x80++";
+       const char replace[] = "...";
+
+       char *t = talloc_string_sub(tctx, string, pattern, replace);
+       torture_assert_str_equal(tctx, t, string,
+                                "should reject 2 byte NUL char");
+       talloc_free(t);
+       return true;
+}
+
+
 
 
 struct torture_suite *torture_local_util_str(TALLOC_CTX *mem_ctx)
@@ -118,5 +164,17 @@ struct torture_suite *torture_local_util_str(TALLOC_CTX *mem_ctx)
        torture_suite_add_simple_test(suite, "string_sub_talloc_multiple", 
                                      test_talloc_string_sub_multiple);
 
+       torture_suite_add_simple_test(suite,
+                                     "test_talloc_string_sub_tricky_utf8_4",
+                                     test_talloc_string_sub_tricky_utf8_4);
+
+       torture_suite_add_simple_test(suite,
+                                     "test_talloc_string_sub_tricky_utf8_3",
+                                     test_talloc_string_sub_tricky_utf8_3);
+
+       torture_suite_add_simple_test(suite,
+                                     "test_talloc_string_sub_tricky_utf8_2",
+                                     test_talloc_string_sub_tricky_utf8_2);
+
        return suite;
 }

diff --git a/selftest/knownfail.d/str-utf8 b/selftest/knownfail.d/str-utf8
new file mode 100644 (file)
index 0000000..b003ea8
--- /dev/null
+++ b/selftest/knownfail.d/str-utf8
@@ -0,0 +1 @@
+^samba4.local.str.+utf8_[234]