[tor-commits] [tor/master] consdiff: Reject ranges with non-numeric chars

[nickm at torproject.org]

commit a16de7a7cff14e133e01f5605f4600c67de5d91f
Author: Sebastian Hahn <sebastian at torproject.org>
Date:   Tue Apr 18 13:43:55 2017 +0200

    consdiff: Reject ranges with non-numeric chars
    
    Fixes bug #21964
---
 src/or/consdiff.c        |  3 +++
 src/test/test_consdiff.c | 51 +++++++++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 53 insertions(+), 1 deletion(-)

diff --git a/src/or/consdiff.c b/src/or/consdiff.c
index d2a2af1..7e3d674 100644
--- a/src/or/consdiff.c
+++ b/src/or/consdiff.c
@@ -757,6 +757,9 @@ get_linenum(const char **s, int *num_out)
 {
   int ok;
   char *next;
+  if (!TOR_ISDIGIT(**s)) {
+    return -1;
+  }
   *num_out = (int) tor_parse_long(*s, 10, 0, INT32_MAX, &ok, &next);
   if (ok && next) {
     *s = next;
diff --git a/src/test/test_consdiff.c b/src/test/test_consdiff.c
index 1b4e2ad..829e8f8 100644
--- a/src/test/test_consdiff.c
+++ b/src/test/test_consdiff.c
@@ -746,6 +746,55 @@ test_consdiff_apply_ed_diff(void *arg)
 
   smartlist_clear(diff);
 
+  /* Ranges must be numeric only and cannot contain spaces. */
+  smartlist_add_linecpy(diff, area, "0, 4d");
+  mock_clean_saved_logs();
+  cons2 = apply_ed_diff(cons1, diff, 0);
+  tt_ptr_op(NULL, OP_EQ, cons2);
+  expect_single_log_msg_containing("an ed command was missing a range "
+                                   "end line number.");
+
+  smartlist_clear(diff);
+
+  /* '+' is not a number. */
+  smartlist_add_linecpy(diff, area, "+0,4d");
+  mock_clean_saved_logs();
+  cons2 = apply_ed_diff(cons1, diff, 0);
+  tt_ptr_op(NULL, OP_EQ, cons2);
+  expect_single_log_msg_containing("an ed command was missing a line number");
+
+  smartlist_clear(diff);
+
+  /* range duplication */
+  smartlist_add_linecpy(diff, area, "0,4d,5d");
+  mock_clean_saved_logs();
+  cons2 = apply_ed_diff(cons1, diff, 0);
+  tt_ptr_op(NULL, OP_EQ, cons2);
+  expect_single_log_msg_containing("an ed command longer than one char was "
+                                   "found");
+
+  smartlist_clear(diff);
+
+  /* space before command */
+  smartlist_add_linecpy(diff, area, "0,4 d");
+  mock_clean_saved_logs();
+  cons2 = apply_ed_diff(cons1, diff, 0);
+  tt_ptr_op(NULL, OP_EQ, cons2);
+  expect_single_log_msg_containing("an ed command longer than one char was "
+                                   "found");
+
+  smartlist_clear(diff);
+
+  /* space inside number */
+  smartlist_add_linecpy(diff, area, "0,4 5d");
+  mock_clean_saved_logs();
+  cons2 = apply_ed_diff(cons1, diff, 0);
+  tt_ptr_op(NULL, OP_EQ, cons2);
+  expect_single_log_msg_containing("an ed command longer than one char was "
+                                   "found");
+
+  smartlist_clear(diff);
+
   /* Test appending text, 'a'. */
   consensus_split_lines(diff, "3a\nU\nO\n.\n0a\nV\n.\n", area);
   cons2 = apply_ed_diff(cons1, diff, 0);
@@ -775,7 +824,7 @@ test_consdiff_apply_ed_diff(void *arg)
   smartlist_free(cons2);
 
   /* Test changing text, 'c'. */
-  consensus_split_lines(diff, "4c\nT\nX\n.\n1, 2c\nM\n.\n", area);
+  consensus_split_lines(diff, "4c\nT\nX\n.\n1,2c\nM\n.\n", area);
   cons2 = apply_ed_diff(cons1, diff, 0);
   tt_ptr_op(NULL, OP_NE, cons2);
   tt_int_op(5, OP_EQ, smartlist_len(cons2));