diff options
| author | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2024-09-05 07:57:15 +0000 |
|---|---|---|
| committer | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2024-09-05 07:57:15 +0000 |
| commit | 33fd740c84666b40156b421e59eb519c652aa296 (patch) | |
| tree | 1f1e16449271e4a2727eefd3141163384e4ec5a2 /lib/libexpat/tests | |
| parent | 3c49e885361c92856e0c7d6cbf9fd5015b19b37c (diff) | |
Update libexpat to version 2.6.3.
Relevant for OpenBSD are security fixes #887 #890 #888 #891 #889
#892, other changes #886 #885, infrastructure #880. No library
bump necessary. CVE-2024-45490 CVE-2024-45491 CVE-2024-45492
OK tb@ deraadt@
Diffstat (limited to 'lib/libexpat/tests')
| -rw-r--r-- | lib/libexpat/tests/basic_tests.c | 57 | ||||
| -rw-r--r-- | lib/libexpat/tests/misc_tests.c | 2 |
2 files changed, 58 insertions, 1 deletions
diff --git a/lib/libexpat/tests/basic_tests.c b/lib/libexpat/tests/basic_tests.c index 372089a9dbb..5dba5ed594f 100644 --- a/lib/libexpat/tests/basic_tests.c +++ b/lib/libexpat/tests/basic_tests.c @@ -2804,6 +2804,61 @@ START_TEST(test_empty_parse) { } END_TEST +/* Test XML_Parse for len < 0 */ +START_TEST(test_negative_len_parse) { + const char *const doc = "<root/>"; + for (int isFinal = 0; isFinal < 2; isFinal++) { + set_subtest("isFinal=%d", isFinal); + + XML_Parser parser = XML_ParserCreate(NULL); + + if (XML_GetErrorCode(parser) != XML_ERROR_NONE) + fail("There was not supposed to be any initial parse error."); + + const enum XML_Status status = XML_Parse(parser, doc, -1, isFinal); + + if (status != XML_STATUS_ERROR) + fail("Negative len was expected to fail the parse but did not."); + + if (XML_GetErrorCode(parser) != XML_ERROR_INVALID_ARGUMENT) + fail("Parse error does not match XML_ERROR_INVALID_ARGUMENT."); + + XML_ParserFree(parser); + } +} +END_TEST + +/* Test XML_ParseBuffer for len < 0 */ +START_TEST(test_negative_len_parse_buffer) { + const char *const doc = "<root/>"; + for (int isFinal = 0; isFinal < 2; isFinal++) { + set_subtest("isFinal=%d", isFinal); + + XML_Parser parser = XML_ParserCreate(NULL); + + if (XML_GetErrorCode(parser) != XML_ERROR_NONE) + fail("There was not supposed to be any initial parse error."); + + void *const buffer = XML_GetBuffer(parser, (int)strlen(doc)); + + if (buffer == NULL) + fail("XML_GetBuffer failed."); + + memcpy(buffer, doc, strlen(doc)); + + const enum XML_Status status = XML_ParseBuffer(parser, -1, isFinal); + + if (status != XML_STATUS_ERROR) + fail("Negative len was expected to fail the parse but did not."); + + if (XML_GetErrorCode(parser) != XML_ERROR_INVALID_ARGUMENT) + fail("Parse error does not match XML_ERROR_INVALID_ARGUMENT."); + + XML_ParserFree(parser); + } +} +END_TEST + /* Test odd corners of the XML_GetBuffer interface */ static enum XML_Status get_feature(enum XML_FeatureEnum feature_id, long *presult) { @@ -5959,6 +6014,8 @@ make_basic_test_case(Suite *s) { tcase_add_test__ifdef_xml_dtd(tc_basic, test_user_parameters); tcase_add_test__ifdef_xml_dtd(tc_basic, test_ext_entity_ref_parameter); tcase_add_test(tc_basic, test_empty_parse); + tcase_add_test(tc_basic, test_negative_len_parse); + tcase_add_test(tc_basic, test_negative_len_parse_buffer); tcase_add_test(tc_basic, test_get_buffer_1); tcase_add_test(tc_basic, test_get_buffer_2); #if XML_CONTEXT_BYTES > 0 diff --git a/lib/libexpat/tests/misc_tests.c b/lib/libexpat/tests/misc_tests.c index ffde056310e..2ee9320b139 100644 --- a/lib/libexpat/tests/misc_tests.c +++ b/lib/libexpat/tests/misc_tests.c @@ -208,7 +208,7 @@ START_TEST(test_misc_version) { if (! versions_equal(&read_version, &parsed_version)) fail("Version mismatch"); - if (xcstrcmp(version_text, XCS("expat_2.6.2"))) /* needs bump on releases */ + if (xcstrcmp(version_text, XCS("expat_2.6.3"))) /* needs bump on releases */ fail("XML_*_VERSION in expat.h out of sync?\n"); } END_TEST |