Status: New
Owner: liuj...@google.com
Labels: Type-Defect Priority-Medium
New issue 684 by edgar....@gmail.com: integer overflow
https://code.google.com/p/protobuf/issues/detail?id=684
What steps will reproduce the problem?
svn diff stringprintf_unittest.cc
Index: stringprintf_unittest.cc
===================================================================
--- stringprintf_unittest.cc (revision 608)
+++ stringprintf_unittest.cc (working copy)
@@ -147,6 +147,16 @@
delete[] buf;
}
+TEST(StringPrintfTest, HugeBuf) {
+ // Check that the a corner case buffer is handled correctly.
+ int n = std::numeric_limits<int>::max() ;
+ char* buf = (char *) malloc(n);
+ memset(buf, 0x41, n);
+ string value = StringPrintf("%s", buf);
+ EXPECT_EQ(value, "");
+ free(buf);
+}
+
} // anonymous namespace
} // namespace protobuf
} // namespace google
What is the expected output? What do you see instead?
make check
Relevant part of src/test-suite.log:
[ RUN ] StringPrintfTest.HugeBuf
unknown file: Failure
C++ exception with description "std::bad_alloc" thrown in the test body.
[ FAILED ] StringPrintfTest.HugeBuf (8632 ms)
What version of the product are you using? On what operating system?
2.6.0 on Ubuntu 14.04
Please provide any additional information below.
I believe this bug can lead to DoS attacks.
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
--
You received this message because you are subscribed to the Google Groups "Protocol
Buffers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to protobuf+unsubscr...@googlegroups.com.
To post to this group, send email to protobuf@googlegroups.com.
Visit this group at http://groups.google.com/group/protobuf.
For more options, visit https://groups.google.com/d/optout.
