Merge pull request #7278

187b4d7 Restrict duplicate keys in epee binary format (Lee Clagett)
This commit is contained in:
luigi1111 2021-01-06 21:10:30 -05:00
commit e3acd3e6ba
No known key found for this signature in database
GPG Key ID: F4ACA0183641E010
3 changed files with 59 additions and 1 deletions

View File

@ -29,6 +29,7 @@
#pragma once
#include "misc_language.h"
#include "misc_log_ex.h"
#include "portable_storage_base.h"
#include "portable_storage_bin_utils.h"
@ -306,7 +307,9 @@ namespace epee
//read section name string
std::string sec_name;
read_sec_name(sec_name);
sec.m_entries.emplace(std::move(sec_name), load_storage_entry());
const auto insert_loc = sec.m_entries.lower_bound(sec_name);
CHECK_AND_ASSERT_THROW_MES(insert_loc == sec.m_entries.end() || insert_loc->first != sec_name, "duplicate key: " << sec_name);
sec.m_entries.emplace_hint(insert_loc, std::move(sec_name), load_storage_entry());
}
}
inline

View File

@ -47,6 +47,7 @@ set(unit_tests_sources
dns_resolver.cpp
epee_boosted_tcp_server.cpp
epee_levin_protocol_handler_async.cpp
epee_serialization.cpp
epee_utils.cpp
expect.cpp
fee.cpp

View File

@ -0,0 +1,54 @@
// Copyright (c) 2020, The Monero Project
//
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without modification, are
// permitted provided that the following conditions are met:
//
// 1. Redistributions of source code must retain the above copyright notice, this list of
// conditions and the following disclaimer.
//
// 2. Redistributions in binary form must reproduce the above copyright notice, this list
// of conditions and the following disclaimer in the documentation and/or other
// materials provided with the distribution.
//
// 3. Neither the name of the copyright holder nor the names of its contributors may be
// used to endorse or promote products derived from this software without specific
// prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include <cstdint>
#include <gtest/gtest.h>
#include "storages/portable_storage.h"
TEST(epee_binary, two_keys)
{
static constexpr const std::uint8_t data[] = {
0x01, 0x11, 0x01, 0x1, 0x01, 0x01, 0x02, 0x1, 0x1, 0x08, 0x01, 'a',
0x0B, 0x00, 0x01, 'b', 0x0B, 0x00
};
epee::serialization::portable_storage storage{};
EXPECT_TRUE(storage.load_from_binary(data));
}
TEST(epee_binary, duplicate_key)
{
static constexpr const std::uint8_t data[] = {
0x01, 0x11, 0x01, 0x1, 0x01, 0x01, 0x02, 0x1, 0x1, 0x08, 0x01, 'a',
0x0B, 0x00, 0x01, 'a', 0x0B, 0x00
};
epee::serialization::portable_storage storage{};
EXPECT_FALSE(storage.load_from_binary(data));
}