Skip to content

Commit

Permalink
Add XML parser bit_bound bounds check (#3975)
Browse files Browse the repository at this point in the history
* Refs #19354: Add XML parser bit_bound bounds check

Signed-off-by: JesusPoderoso <[email protected]>

* Refs #19354: Add regression test

Signed-off-by: JesusPoderoso <[email protected]>

* Refs #19354: Check empty name

Signed-off-by: JesusPoderoso <[email protected]>

* Refs #19354: Apply rev suggestion

Signed-off-by: JesusPoderoso <[email protected]>

---------

Signed-off-by: JesusPoderoso <[email protected]>
(cherry picked from commit e318c5b)
  • Loading branch information
JesusPoderoso authored and mergify[bot] committed Nov 3, 2023
1 parent 3c0d443 commit 82dc45c
Show file tree
Hide file tree
Showing 4 changed files with 11 additions and 2 deletions.
9 changes: 7 additions & 2 deletions src/cpp/rtps/xmlparser/XMLDynamicParser.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -615,11 +615,16 @@ XMLP_ret XMLParser::parseXMLBitmaskDynamicType(
const char* anno_bit_bound = p_root->Attribute(BIT_BOUND);
if (anno_bit_bound != nullptr)
{
bit_bound = static_cast<uint16_t>(std::atoi(anno_bit_bound));
auto input_bit_bound = std::atoi(anno_bit_bound);
if (input_bit_bound < 1 || input_bit_bound > 64)
{
return XMLP_ret::XML_ERROR;
}
bit_bound = static_cast<uint16_t>(input_bit_bound);
}

const char* name = p_root->Attribute(NAME);
if (nullptr == name)
if (nullptr == name || name[0] == '\0')
{
return XMLP_ret::XML_ERROR;
}
Expand Down
2 changes: 2 additions & 0 deletions test/unittest/xmlparser/XMLParserTests.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,8 @@ TEST_F(XMLParserTests, regressions)
EXPECT_EQ(XMLP_ret::XML_ERROR, XMLParser::loadXML("regressions/14456_profile_bin.xml", root));
EXPECT_EQ(XMLP_ret::XML_ERROR, XMLParser::loadXML("regressions/15344_profile_bin.xml", root));
EXPECT_EQ(XMLP_ret::XML_ERROR, XMLParser::loadXML("regressions/18395_profile_bin.xml", root));
EXPECT_EQ(XMLP_ret::XML_ERROR, XMLParser::loadXML("regressions/19354_profile_bin.xml", root));
EXPECT_EQ(XMLP_ret::XML_ERROR, XMLParser::loadXML("regressions/19354_2_profile_bin.xml", root));
EXPECT_EQ(XMLP_ret::XML_ERROR, XMLParser::loadXML("regressions/simple_participant_profiles_nok.xml", root));
EXPECT_EQ(XMLP_ret::XML_OK, XMLParser::loadXML("regressions/simple_participant_profiles_ok.xml", root));
}
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
<types><type><bitmask bit_bound="2" name=""/></type></types>
1 change: 1 addition & 0 deletions test/unittest/xmlparser/regressions/19354_profile_bin.xml
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
<types><type><bitmask bit_bound="-2" name=""/></type></types>

0 comments on commit 82dc45c

Please sign in to comment.