Add test for heap buffer overflow

author orri <orri@systemb.is>

Tue, 30 Apr 2024 09:46:17 +0000 (09:46 +0000)

committer Alan Wang <wp_scut@163.com>

Mon, 6 May 2024 03:33:33 +0000 (11:33 +0800)
author orri <orri@systemb.is>
Tue, 30 Apr 2024 09:46:17 +0000 (09:46 +0000)
committer Alan Wang <wp_scut@163.com>
Mon, 6 May 2024 03:33:33 +0000 (11:33 +0800)
diff --git a/tests/parse_examples.c b/tests/parse_examples.c

index 95a095903876b6d07c775b4b428d602c75b27f61..d35d6cfb123a23c333e59e6853d581520880d9e1 100644 (file)
--- a/tests/parse_examples.c
+++ b/tests/parse_examples.c
@@ -250,6 +250,33 @@ static void test14_should_not_be_parsed(void)
      }
  }
  
+/* Address Sanitizer */
+static void test15_should_not_heap_buffer_overflow(void)
+{
+    const char *strings[] = {
+        "{\"1\":1,",
+        "{\"1\":1, ",
+    };
+
+    size_t i;
+
+    for (i = 0; i < sizeof(strings) / sizeof(strings[0]); i+=1)
+    {
+        const char *json_string = strings[i];
+        size_t len = strlen(json_string);
+        cJSON *json = NULL;
+
+        char *exact_size_heap = (char*)malloc(len);
+        TEST_ASSERT_NOT_NULL(exact_size_heap);
+
+        memcpy(exact_size_heap, json_string, len);
+        json = cJSON_ParseWithLength(exact_size_heap, len);
+
+        cJSON_Delete(json);
+        free(exact_size_heap);
+    }
+}
+
  int CJSON_CDECL main(void)
  {
      UNITY_BEGIN();
@@ -267,5 +294,6 @@ int CJSON_CDECL main(void)
      RUN_TEST(test12_should_not_be_parsed);
      RUN_TEST(test13_should_be_parsed_without_null_termination);
      RUN_TEST(test14_should_not_be_parsed);
+    RUN_TEST(test15_should_not_heap_buffer_overflow);
      return UNITY_END();
  }
author	orri <orri@systemb.is>
	Tue, 30 Apr 2024 09:46:17 +0000 (09:46 +0000)
committer	Alan Wang <wp_scut@163.com>
	Mon, 6 May 2024 03:33:33 +0000 (11:33 +0800)