From b4bf06dcb61dbd735b328f47d8a36afb856d5d16 Mon Sep 17 00:00:00 2001 From: William Ahern Date: Wed, 14 Dec 2016 14:25:47 -0800 Subject: [PATCH] add regression tests after refactoring bignum unary and binary operations closes issue #82 --- regress/82-bn_prepops-null-deref.lua | 63 ++++++++++++++++++++++++++++ regress/regress.lua | 1 + 2 files changed, 64 insertions(+) create mode 100755 regress/82-bn_prepops-null-deref.lua diff --git a/regress/82-bn_prepops-null-deref.lua b/regress/82-bn_prepops-null-deref.lua new file mode 100755 index 0000000..6a1d617 --- /dev/null +++ b/regress/82-bn_prepops-null-deref.lua @@ -0,0 +1,63 @@ +#!/usr/bin/env lua +-- +-- The following code could trigger a NULL dereference. +-- +-- bn_prepops(lua_State *L, BIGNUM **r, BIGNUM **a, BIGNUM **b, _Bool commute) { +-- ... +-- *b = checkbig(L, 2, &lvalue); +-- ... +-- } +-- +-- bn_sqr(lua_State *L) { +-- BIGNUM *r, *a; +-- +-- bn_prepops(L, &r, &a, NULL, 1); +-- ... +-- } +-- +-- Caught by clang static analyzer. This was introduced with a patch adding +-- the :sqr method. This should have been caught sooner as the :sqr method +-- couldn't have possibly ever worked--a missing or non-numeric second +-- operand would have thrown a Lua error, and a numeric second operand +-- triggers the NULL dereference. +-- +require"regress".export".*" + +local function N(i) return bignum.new(i) end + +-- passing a second numeric operand triggered a NULL dereference +local r = N(4):sqr(0) + + +-- check minimal functionality of all our operators +local tests = { + { op = "add", a = 1, b = 1, r = 2 }, + { op = "sub", a = 2, b = 1, r = 1 }, + { op = "mul", a = 2, b = 2, r = 4 }, + { op = "idiv", a = 4, b = 2, r = 2 }, + { op = "mod", a = 4, b = 2, r = 0 }, + { op = "exp", a = 2, b = 2, r = 4 }, + { op = "sqr", a = 4, b = nil, r = 16 }, + { op = "gcd", a = 47, b = 3, r = 1 }, +} + +local function tdescr(t) + return string.format("%s(%s, %s)", t.op, tostring(t.a), tostring(t.b)) +end + +for i,t in ipairs(tests) do + local a = N(t.a) + local op = a[t.op] + local ok, r + + if t.b then + ok, r = pcall(op, a, t.b) + else + ok, r = pcall(op, a) + end + + check(ok, "failed test #%d (%s) (%s)", i, tdescr(t), r) + check(N(r) == N(t.r), "failed test #%d (%s) (expected %s, got %s)", i, tdescr(t), tostring(t.r), tostring(r)) +end + +say"OK" diff --git a/regress/regress.lua b/regress/regress.lua index 8d955ea..4377db5 100644 --- a/regress/regress.lua +++ b/regress/regress.lua @@ -1,5 +1,6 @@ local regress = { openssl = require"openssl", + bignum = require"openssl.bignum", pkey = require"openssl.pkey", x509 = require"openssl.x509", name = require"openssl.x509.name",