87 lines
3.0 KiB
Diff
87 lines
3.0 KiB
Diff
From a1c0c15892c89c69d64ca8e5d0322d3f37b08307 Mon Sep 17 00:00:00 2001
|
|
From: caixiaomeng 00662745 <caixiaomeng2@huawei.com>
|
|
Date: Thu, 21 Mar 2024 20:29:49 +0800
|
|
Subject: [PATCH] tests-Cover-amplification-tracking-for-isolated-exte
|
|
|
|
---
|
|
tests/runtests.c | 55 ++++++++++++++++++++++++++++++++++++++++++++++++
|
|
1 file changed, 55 insertions(+)
|
|
|
|
diff --git a/tests/runtests.c b/tests/runtests.c
|
|
index 915fa52..1d83237 100644
|
|
--- a/tests/runtests.c
|
|
+++ b/tests/runtests.c
|
|
@@ -12094,6 +12094,59 @@ START_TEST(test_helper_unsigned_char_to_printable) {
|
|
END_TEST
|
|
#endif // defined(XML_DTD)
|
|
|
|
+START_TEST(test_amplification_isolated_external_parser) {
|
|
+ // NOTE: Length 44 is precisely twice the length of "<!ENTITY a SYSTEM 'b'>"
|
|
+ // (22) that is used in function accountingGetCurrentAmplification in
|
|
+ // xmlparse.c.
|
|
+ // 1.........1.........1.........1.........1..4 => 44
|
|
+ const char doc[] = "<!ENTITY % p1 '123456789_123456789_1234567'>";
|
|
+ const int docLen = (int)sizeof(doc) - 1;
|
|
+ const float maximumToleratedAmplification = 2.0f;
|
|
+
|
|
+ struct TestCase {
|
|
+ int offsetOfThreshold;
|
|
+ enum XML_Status expectedStatus;
|
|
+ };
|
|
+
|
|
+ struct TestCase cases[] = {
|
|
+ {-2, XML_STATUS_ERROR}, {-1, XML_STATUS_ERROR}, {0, XML_STATUS_ERROR},
|
|
+ {+1, XML_STATUS_OK}, {+2, XML_STATUS_OK},
|
|
+ };
|
|
+
|
|
+ for (size_t i = 0; i < sizeof(cases) / sizeof(cases[0]); i++) {
|
|
+ const int offsetOfThreshold = cases[i].offsetOfThreshold;
|
|
+ const enum XML_Status expectedStatus = cases[i].expectedStatus;
|
|
+ const unsigned long long activationThresholdBytes
|
|
+ = docLen + offsetOfThreshold;
|
|
+
|
|
+ XML_Parser parser = XML_ParserCreate(NULL);
|
|
+ assert(parser != NULL);
|
|
+
|
|
+ assert(XML_SetBillionLaughsAttackProtectionMaximumAmplification(
|
|
+ parser, maximumToleratedAmplification)
|
|
+ == XML_TRUE);
|
|
+ assert(XML_SetBillionLaughsAttackProtectionActivationThreshold(
|
|
+ parser, activationThresholdBytes)
|
|
+ == XML_TRUE);
|
|
+
|
|
+ XML_Parser ext_parser = XML_ExternalEntityParserCreate(parser, NULL, NULL);
|
|
+ assert(ext_parser != NULL);
|
|
+
|
|
+ const enum XML_Status actualStatus
|
|
+ = _XML_Parse_SINGLE_BYTES(ext_parser, doc, docLen, XML_TRUE);
|
|
+
|
|
+ assert(actualStatus == expectedStatus);
|
|
+ if (actualStatus != XML_STATUS_OK) {
|
|
+ assert(XML_GetErrorCode(ext_parser)
|
|
+ == XML_ERROR_AMPLIFICATION_LIMIT_BREACH);
|
|
+ }
|
|
+
|
|
+ XML_ParserFree(ext_parser);
|
|
+ XML_ParserFree(parser);
|
|
+ }
|
|
+}
|
|
+END_TEST
|
|
+
|
|
static Suite *
|
|
make_suite(void) {
|
|
Suite *s = suite_create("basic");
|
|
@@ -12334,6 +12387,8 @@ make_suite(void) {
|
|
tcase_add_test(tc_basic, test_bad_notation);
|
|
tcase_add_test(tc_basic, test_default_doctype_handler);
|
|
tcase_add_test(tc_basic, test_empty_element_abort);
|
|
+ tcase_add_test__ifdef_xml_dtd(tc_basic,
|
|
+ test_amplification_isolated_external_parser);
|
|
tcase_add_test__ifdef_xml_dtd(tc_basic,
|
|
test_pool_integrity_with_unfinished_attr);
|
|
tcase_add_test(tc_basic, test_nested_entity_suspend);
|
|
--
|
|
2.33.0
|
|
|
|
|