mirror of
https://github.com/rustdesk/rustdesk.git
synced 2026-07-05 23:04:59 +03:00
add invariant tests for file contents request/response hardening
Cover the zeroed optional request fields, stream ID filtering, oversized/NULL response rejection and the zero-byte EOF path. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
@@ -56,6 +56,101 @@ START_TEST(test_descriptor_size_rejects_extreme_count)
|
|||||||
}
|
}
|
||||||
END_TEST
|
END_TEST
|
||||||
|
|
||||||
|
static UINT test_client_file_contents_request(
|
||||||
|
CliprdrClientContext *context,
|
||||||
|
const CLIPRDR_FILE_CONTENTS_REQUEST *request)
|
||||||
|
{
|
||||||
|
CLIPRDR_FILE_CONTENTS_RESPONSE response = { 0 };
|
||||||
|
|
||||||
|
ck_assert_int_eq(request->haveClipDataId, FALSE);
|
||||||
|
ck_assert_int_eq(request->clipDataId, 0);
|
||||||
|
response.msgFlags = CB_RESPONSE_OK;
|
||||||
|
response.streamId = request->streamId;
|
||||||
|
return wf_cliprdr_server_file_contents_response(context, &response);
|
||||||
|
}
|
||||||
|
|
||||||
|
START_TEST(test_file_contents_request_initializes_optional_fields)
|
||||||
|
{
|
||||||
|
wfClipboard clipboard = { 0 };
|
||||||
|
CliprdrClientContext context = { 0 };
|
||||||
|
UINT rc;
|
||||||
|
|
||||||
|
clipboard.context = &context;
|
||||||
|
clipboard.req_f_mutex = CreateMutex(NULL, FALSE, NULL);
|
||||||
|
clipboard.req_fevent = CreateEvent(NULL, TRUE, FALSE, NULL);
|
||||||
|
context.Custom = &clipboard;
|
||||||
|
context.ResponseWaitTimeoutSecs = 1;
|
||||||
|
context.ClientFileContentsRequest = test_client_file_contents_request;
|
||||||
|
|
||||||
|
ck_assert_ptr_nonnull(clipboard.req_f_mutex);
|
||||||
|
ck_assert_ptr_nonnull(clipboard.req_fevent);
|
||||||
|
rc = cliprdr_send_request_filecontents(&clipboard, 1, (const void *)(ULONG_PTR)7,
|
||||||
|
0, FILECONTENTS_SIZE, 0, 0, 0);
|
||||||
|
ck_assert_int_eq(rc, CHANNEL_RC_OK);
|
||||||
|
ck_assert_int_eq(clipboard.req_f_stream_id_expected, 7);
|
||||||
|
|
||||||
|
CloseHandle(clipboard.req_fevent);
|
||||||
|
CloseHandle(clipboard.req_f_mutex);
|
||||||
|
}
|
||||||
|
END_TEST
|
||||||
|
|
||||||
|
START_TEST(test_file_contents_response_validates_data)
|
||||||
|
{
|
||||||
|
wfClipboard clipboard = { 0 };
|
||||||
|
CliprdrClientContext context = { 0 };
|
||||||
|
CLIPRDR_FILE_CONTENTS_RESPONSE response = { 0 };
|
||||||
|
UINT rc;
|
||||||
|
|
||||||
|
clipboard.context = &context;
|
||||||
|
clipboard.req_f_mutex = CreateMutex(NULL, FALSE, NULL);
|
||||||
|
clipboard.req_fevent = CreateEvent(NULL, TRUE, FALSE, NULL);
|
||||||
|
context.Custom = &clipboard;
|
||||||
|
context.ResponseWaitTimeoutSecs = 1;
|
||||||
|
response.msgFlags = CB_RESPONSE_OK;
|
||||||
|
response.cbRequested = 0;
|
||||||
|
clipboard.req_f_stream_id_expected = 7;
|
||||||
|
|
||||||
|
ck_assert_ptr_nonnull(clipboard.req_f_mutex);
|
||||||
|
ck_assert_ptr_nonnull(clipboard.req_fevent);
|
||||||
|
|
||||||
|
response.streamId = 8;
|
||||||
|
ck_assert_int_eq(wf_cliprdr_server_file_contents_response(&context, &response),
|
||||||
|
CHANNEL_RC_OK);
|
||||||
|
ck_assert_int_eq(WaitForSingleObject(clipboard.req_fevent, 0), WAIT_TIMEOUT);
|
||||||
|
ck_assert_ptr_null(clipboard.req_fdata);
|
||||||
|
ck_assert_int_eq(clipboard.req_fsize, 0);
|
||||||
|
ck_assert_int_eq(clipboard.req_f_response_ok, FALSE);
|
||||||
|
|
||||||
|
response.streamId = 7;
|
||||||
|
ck_assert_int_eq(wf_cliprdr_server_file_contents_response(&context, &response),
|
||||||
|
CHANNEL_RC_OK);
|
||||||
|
ck_assert_ptr_null(clipboard.req_fdata);
|
||||||
|
ck_assert_int_eq(clipboard.req_fsize, 0);
|
||||||
|
ck_assert_int_eq(clipboard.req_f_response_ok, TRUE);
|
||||||
|
|
||||||
|
rc = wait_response_event(0, &clipboard, clipboard.req_fevent,
|
||||||
|
&clipboard.req_f_received, (void **)&clipboard.req_fdata,
|
||||||
|
&clipboard.req_f_response_ok);
|
||||||
|
ck_assert_int_eq(rc, CHANNEL_RC_OK);
|
||||||
|
|
||||||
|
response.cbRequested = 1;
|
||||||
|
clipboard.req_f_size_requested = 1;
|
||||||
|
ck_assert_int_eq(wf_cliprdr_server_file_contents_response(&context, &response),
|
||||||
|
ERROR_INTERNAL_ERROR);
|
||||||
|
ck_assert_ptr_null(clipboard.req_fdata);
|
||||||
|
ck_assert_int_eq(clipboard.req_fsize, 0);
|
||||||
|
ck_assert_int_eq(clipboard.req_f_response_ok, FALSE);
|
||||||
|
|
||||||
|
rc = wait_response_event(0, &clipboard, clipboard.req_fevent,
|
||||||
|
&clipboard.req_f_received, (void **)&clipboard.req_fdata,
|
||||||
|
&clipboard.req_f_response_ok);
|
||||||
|
ck_assert_int_eq(rc, ERROR_INTERNAL_ERROR);
|
||||||
|
|
||||||
|
CloseHandle(clipboard.req_fevent);
|
||||||
|
CloseHandle(clipboard.req_f_mutex);
|
||||||
|
}
|
||||||
|
END_TEST
|
||||||
|
|
||||||
Suite *wf_cliprdr_invariant_suite(void)
|
Suite *wf_cliprdr_invariant_suite(void)
|
||||||
{
|
{
|
||||||
Suite *s;
|
Suite *s;
|
||||||
@@ -70,6 +165,8 @@ Suite *wf_cliprdr_invariant_suite(void)
|
|||||||
tcase_add_test(tc_core, test_descriptor_size_rejects_stream_count_above_limit);
|
tcase_add_test(tc_core, test_descriptor_size_rejects_stream_count_above_limit);
|
||||||
tcase_add_test(tc_core, test_descriptor_size_rejects_truncated_descriptor_array);
|
tcase_add_test(tc_core, test_descriptor_size_rejects_truncated_descriptor_array);
|
||||||
tcase_add_test(tc_core, test_descriptor_size_rejects_extreme_count);
|
tcase_add_test(tc_core, test_descriptor_size_rejects_extreme_count);
|
||||||
|
tcase_add_test(tc_core, test_file_contents_request_initializes_optional_fields);
|
||||||
|
tcase_add_test(tc_core, test_file_contents_response_validates_data);
|
||||||
|
|
||||||
suite_add_tcase(s, tc_core);
|
suite_add_tcase(s, tc_core);
|
||||||
return s;
|
return s;
|
||||||
|
|||||||
Reference in New Issue
Block a user