From c245a11da2d11cba2866709e951ce8b3fc2d4789 Mon Sep 17 00:00:00 2001 From: gitlost Date: Wed, 25 Mar 2020 15:40:13 +0000 Subject: [PATCH] #181 auspost fix, check input immediately; test for EANX double + fix --- backend/auspost.c | 13 +++--- backend/tests/CMakeLists.txt | 1 + backend/tests/test_auspost.c | 84 ++++++++++++++++++++++++++++++++++++ backend/tests/test_upcean.c | 39 +++++++++++++++++ 4 files changed, 130 insertions(+), 7 deletions(-) create mode 100644 backend/tests/test_auspost.c diff --git a/backend/auspost.c b/backend/auspost.c index 23af30ae..39d34147 100644 --- a/backend/auspost.c +++ b/backend/auspost.c @@ -110,7 +110,12 @@ INTERNAL int australia_post(struct zint_symbol *symbol, unsigned char source[], char fcc[3] = {0, 0, 0}, dpid[10]; char localstr[30]; - error_number = 0; + /* Check input immediately to catch nuls */ + error_number = is_sane(GDSET, source, length); + if (error_number == ZINT_ERROR_INVALID_DATA) { + strcpy(symbol->errtxt, "404: Invalid characters in data"); + return error_number; + } strcpy(localstr, ""); /* Do all of the length checking first to avoid stack smashing */ @@ -165,12 +170,6 @@ INTERNAL int australia_post(struct zint_symbol *symbol, unsigned char source[], strcat(localstr, (char*) source); h = strlen(localstr); - error_number = is_sane(GDSET, (unsigned char *) localstr, h); - if (error_number == ZINT_ERROR_INVALID_DATA) { - strcpy(symbol->errtxt, "404: Invalid characters in data"); - return error_number; - } - /* Verifiy that the first 8 characters are numbers */ memcpy(dpid, localstr, 8); dpid[8] = '\0'; diff --git a/backend/tests/CMakeLists.txt b/backend/tests/CMakeLists.txt index 3c5932a4..33b8980f 100644 --- a/backend/tests/CMakeLists.txt +++ b/backend/tests/CMakeLists.txt @@ -50,6 +50,7 @@ macro(zint_add_test test_name test_command) add_test(${test_name} ${test_command}) endmacro(zint_add_test) +zint_add_test(auspost, test_auspost) zint_add_test(channel, test_channel) zint_add_test(common, test_common) zint_add_test(composite, test_composite) diff --git a/backend/tests/test_auspost.c b/backend/tests/test_auspost.c new file mode 100644 index 00000000..1b9f4008 --- /dev/null +++ b/backend/tests/test_auspost.c @@ -0,0 +1,84 @@ +/* + libzint - the open source barcode library + Copyright (C) 2008-2020 Robin Stuart + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. Neither the name of the project nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE + FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + SUCH DAMAGE. + */ +/* vim: set ts=4 sw=4 et : */ + +#include "testcommon.h" + +// #181 Christian Hartlage OSS-Fuzz +static void test_australia_post_fuzz(void) +{ + testStart(""); + + int ret; + struct item { + int symbology; + unsigned char* data; + int length; + int ret; + }; + // s/\/\*[ 0-9]*\*\//\=printf("\/*%2d*\/", line(".") - line("'<")) + struct item data[] = { + /* 0*/ { BARCODE_AUSROUTE, "A\000\000\000", 4, ZINT_ERROR_INVALID_DATA }, + /* 1*/ { BARCODE_AUSROUTE, "1\000\000\000", 4, ZINT_ERROR_INVALID_DATA }, + /* 2*/ { BARCODE_AUSREPLY, "A\000\000\000", 4, ZINT_ERROR_INVALID_DATA }, + /* 3*/ { BARCODE_AUSREPLY, "1\000\000\000", 4, ZINT_ERROR_INVALID_DATA }, + /* 4*/ { BARCODE_AUSREDIRECT, "A\000\000\000", 4, ZINT_ERROR_INVALID_DATA }, + /* 5*/ { BARCODE_AUSREDIRECT, "1\000\000\000", 4, ZINT_ERROR_INVALID_DATA }, + }; + int data_size = sizeof(data) / sizeof(struct item); + + for (int i = 0; i < data_size; i++) { + + struct zint_symbol* symbol = ZBarcode_Create(); + assert_nonnull(symbol, "Symbol not created\n"); + + symbol->symbology = data[i].symbology; + int length = data[i].length; + if (length == -1) { + length = strlen(data[i].data); + } + + ret = ZBarcode_Encode(symbol, data[i].data, length); + assert_equal(ret, data[i].ret, "i:%d ZBarcode_Encode ret %d != %d (%s)\n", i, ret, data[i].ret, symbol->errtxt); + + ZBarcode_Delete(symbol); + } + + testFinish(); +} + +int main() +{ + test_australia_post_fuzz(); + + testReport(); + + return 0; +} diff --git a/backend/tests/test_upcean.c b/backend/tests/test_upcean.c index a3bb734e..0999076f 100644 --- a/backend/tests/test_upcean.c +++ b/backend/tests/test_upcean.c @@ -252,12 +252,51 @@ static void test_vector_same(void) testFinish(); } +// #181 Christian Hartlage OSS-Fuzz +static void test_eanx_fuzz(void) +{ + testStart(""); + + int ret; + struct item { + int symbology; + unsigned char* data; + int length; + int ret; + }; + // s/\/\*[ 0-9]*\*\//\=printf("\/*%2d*\/", line(".") - line("'<")) + struct item data[] = { + /* 0*/ { BARCODE_EANX, "55++15", -1, ZINT_ERROR_INVALID_DATA }, + }; + int data_size = sizeof(data) / sizeof(struct item); + + for (int i = 0; i < data_size; i++) { + + struct zint_symbol* symbol = ZBarcode_Create(); + assert_nonnull(symbol, "Symbol not created\n"); + + symbol->symbology = data[i].symbology; + int length = data[i].length; + if (length == -1) { + length = strlen(data[i].data); + } + + ret = ZBarcode_Encode(symbol, data[i].data, length); + assert_equal(ret, data[i].ret, "i:%d ret %d != %d (%s)\n", i, ret, data[i].ret, symbol->errtxt); + + ZBarcode_Delete(symbol); + } + + testFinish(); +} + int main() { test_upce_length(); test_upca_print(); test_isbn(); test_vector_same(); + test_eanx_fuzz(); testReport();