From e8b56faa112ca68c00aa7ba60673eef014405fdf Mon Sep 17 00:00:00 2001 From: gitlost Date: Sun, 29 Mar 2020 12:34:56 +0100 Subject: [PATCH] #181 OSS-Fuzz DOTCODE test for correct encoding of HT/FS/GS/RS --- backend/tests/test_dotcode.c | 30 +++++++++++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) diff --git a/backend/tests/test_dotcode.c b/backend/tests/test_dotcode.c index 6120c1c5..7d3cceba 100644 --- a/backend/tests/test_dotcode.c +++ b/backend/tests/test_dotcode.c @@ -31,7 +31,7 @@ #include "testcommon.h" -// #181 Christian Hartlage OSS-Fuzz +// #181 Christian Hartlage / Nico Gunkel OSS-Fuzz static void test_fuzz(void) { testStart(""); @@ -39,11 +39,29 @@ static void test_fuzz(void) int ret; struct item { unsigned char* data; + int length; + int input_mode; int ret; }; // s/\/\*[ 0-9]*\*\//\=printf("\/*%3d*\/", line(".") - line("'<")) struct item data[] = { - /* 0*/ { "(\207'", 0 }, // 0x28,0x87,0x27 Note: should but doesn't trigger sanitize error if no length check, for some reason; TODO: determine why + /* 0*/ { "(\207'", -1, DATA_MODE, 0 }, // 0x28,0x87,0x27 Note: should but doesn't trigger sanitize error if no length check, for some reason; TODO: determine why + /* 1*/ { + "\133\061\106\133\061\106\070\161\116\133\116\116\067\040\116\016\000\116\125\111\125\125\316\125\125\116\116\116\116\117\116\125" + "\111\125\103\316\125\125\116\116\116\116\117\000\000\116\136\116\116\001\116\316\076\116\116\057\136\116\116\134\000\000\116\116" + "\116\230\116\116\116\116\125\125\125\257\257\257\000\001\116\130\212\212\212\212\212\212\212\377\377\210\212\212\177\000\212\212" + "\212\212\212\212\175\212\212\212\212\212\212\116\117\001\116\116\112\116\116\116\116\176\136\000\000\000\000\000\000\000\000\000" + "\000\000\000\000\000\000\000\000\005\377\377\005\125\125\125\325\001\116\116\116\266\116\020\000\200\000\116\116\177\000\000\377" + "\377\257\257\257\125\112\117\116\001\000\000\044\241\001\116\116\116\136\116\116\116\056\116\125\111\125\125\316\125\125\116\116" + "\116\116\057\000\000\116\136\116\116\001\116\116\076\342\116\057\136\116\116\134\000\000\116\116\116\241\116\116\116\116\125\125" + "\125\257\257\257\000\001\116\130\212\212\212\212\212\212\212\212\172\212\071\071\071\071\071\071\071\071\071\071\071\071\071\071" + "\071\071\071\071\071\110\071\071\051\071\065\071\071\071\071\071\071\071\071\071\071\071\071\071\071\071\071\071\071\071\071\071" + "\071\071\071\071\071\330\330\330\330\330\330\330\330\330\330\330\330\330\330\330\330\330\330\330\330\330\330\330\330\330\330\330" + "\330\330\071\071\071\071\071\071\071\071\071\071\071\071\071\071\071\071\065\071\071\071\071\071\071\071\071\071\071\071\071\071" + "\071\071\071\071\071\072\071\071\277\071\071\077\071\071\071\071\071\071\071\071\154\071\071\071\071\071\071\071\071\071\071\071" + "\071\071\071\011\071\071\071\071\071\071\071\071\071\071\071\071\071\071\105\105\105\105\105\105\105\105\105\105\105\105\105\071" + "\071\071\071\071\071", // Original OSS-Fuzz triggering data for index out of bounds (encoding of HT/FS/GS/RS when shifting to code set B) + 421, UNICODE_MODE, ZINT_WARN_USES_ECI }, }; int data_size = sizeof(data) / sizeof(struct item); @@ -53,7 +71,13 @@ static void test_fuzz(void) assert_nonnull(symbol, "Symbol not created\n"); symbol->symbology = BARCODE_DOTCODE; - int length = strlen(data[i].data); + int length = data[i].length; + if (length == -1) { + length = strlen(data[i].data); + } + if (data[i].input_mode != -1) { + symbol->input_mode = data[i].input_mode; + } ret = ZBarcode_Encode(symbol, data[i].data, length); assert_equal(ret, data[i].ret, "i:%d ZBarcode_Encode ret %d != %d (%s)\n", i, ret, data[i].ret, symbol->errtxt);