Mercurial > pidgin
annotate libpurple/tests/test_xmlnode.c @ 31736:462c19eb31d8
Remove duplicate calls to msn_slpmsg_set_slplink. This function is
already called when a slpmsg is created, and calling it again will
place the slpmsg on the slplink list an extra time. If the slpmsg is
freed, then the first entry is removed, but the second remains, and
can cause crashes due to invalid memory accesses.
Fixes #14307.
| author | Elliott Sales de Andrade <qulogic@pidgin.im> |
|---|---|
| date | Thu, 14 Jul 2011 05:54:10 +0000 |
| parents | c8f91310bfbf |
| children | 114a98da1a5f 3828a61c44da |
| rev | line source |
|---|---|
|
31680
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
1 #include <string.h> |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
2 |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
3 #include "tests.h" |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
4 #include "../xmlnode.h" |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
5 |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
6 /* |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
7 * If we really wanted to test the billion laughs attack we would |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
8 * need to have more than just 4 ha's. But as long as this shorter |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
9 * document fails to parse, the longer one should also fail to parse. |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
10 */ |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
11 START_TEST(test_xmlnode_billion_laughs_attack) |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
12 { |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
13 const char *malicious_xml_doc = "<!DOCTYPE root [ <!ENTITY ha \"Ha !\"><!ENTITY ha2 \"&ha; &ha;\"><!ENTITY ha3 \"&ha2; &ha2;\"> ]><root>&ha3;</root>"; |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
14 |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
15 /* Uncomment this line if you want to see the error message given by |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
16 the parser for the above XML document */ |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
17 /* purple_debug_set_enabled(TRUE); */ |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
18 |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
19 fail_if(xmlnode_from_str(malicious_xml_doc, -1), |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
20 "xmlnode_from_str() returned an XML tree, but we didn't want it to"); |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
21 } |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
22 END_TEST |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
23 |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
24 Suite * |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
25 xmlnode_suite(void) |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
26 { |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
27 Suite *s = suite_create("Utility Functions"); |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
28 |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
29 TCase *tc = tcase_create("xmlnode"); |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
30 tcase_add_test(tc, test_xmlnode_billion_laughs_attack); |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
31 suite_add_tcase(s, tc); |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
32 |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
33 return s; |
|
c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
Mark Doliner <mark@kingant.net>
parents:
diff
changeset
|
34 } |