File expat-CVE-2023-52425-fix-tests.patch of Package expat.35320
From: Simon Lees <sflees@suse.de>
Date: Fri, Mar 1 10:42:13
Subject: CVE-2023-52425 Tests and Test suite fixes
This adds the Tests for CVE-2023-52425 to the testsuite and addresses
other changes required for the other tests to pass with the other
internal changes.
---
Index: expat-2.4.4/tests/runtests.c
===================================================================
--- expat-2.4.4.orig/tests/runtests.c
+++ expat-2.4.4/tests/runtests.c
@@ -52,8 +52,42 @@
# endif /* XML_UNICODE */
#endif /* XML_UNICODE_WCHAR_T */
+struct handler_record_entry {
+ const char *name;
+ int arg;
+};
+struct handler_record_list {
+ int count;
+ struct handler_record_entry entries[50]; // arbitrary big-enough max count
+};
+
+extern const struct handler_record_entry *
+_handler_record_get(const struct handler_record_list *storage, int index,
+ const char *file, int line);
+
+# define handler_record_get(storage, index) \
+ _handler_record_get((storage), (index), __FILE__, __LINE__)
+
+# define assert_record_handler_called(storage, index, expected_name, \
+ expected_arg) \
+ do { \
+ const struct handler_record_entry *e \
+ = handler_record_get(storage, index); \
+ assert_true(strcmp(e->name, expected_name) == 0); \
+ assert_true(e->arg == (expected_arg)); \
+ } while (0)
+
+const struct handler_record_entry *
+_handler_record_get(const struct handler_record_list *storage, int index,
+ const char *file, int line) {
+ if (storage->count <= index) {
+ _fail(file, line, "too few handler calls");
+ }
+ return &storage->entries[index];
+}
static XML_Parser parser;
+static int g_chunkSize = 1;
static void
tcase_add_test__ifdef_xml_dtd(TCase *tc, tcase_test_function test) {
@@ -100,6 +134,27 @@ _xml_failure(XML_Parser parser, const ch
file, line);
_fail_unless(0, file, line, buffer);
}
+
+static enum XML_Status
+_XML_Parse_SINGLE_BYTES(XML_Parser parser, const char *s, int len,
+ int isFinal) {
+ // This ensures that tests have to run pathological parse cases
+ // (e.g. when `s` is NULL) against plain XML_Parse rather than
+ // chunking _XML_Parse_SINGLE_BYTES.
+ assert((parser != NULL) && (s != NULL) && (len >= 0));
+ const int chunksize = g_chunkSize;
+ if (chunksize > 0) {
+ // parse in chunks of `chunksize` bytes as long as not exhausting
+ for (; len > chunksize; len -= chunksize, s += chunksize) {
+ enum XML_Status res = XML_Parse(parser, s, chunksize, XML_FALSE);
+ if (res != XML_STATUS_OK) {
+ return res;
+ }
+ }
+ }
+ // parse the final chunk, the size of which will be <= chunksize
+ return XML_Parse(parser, s, len, isFinal);
+}
#define xml_failure(parser) _xml_failure((parser), __FILE__, __LINE__)
@@ -551,7 +606,8 @@ START_TEST(test_line_number_after_parse)
"\n</tag>";
XML_Size lineno;
- if (XML_Parse(parser, text, strlen(text), XML_FALSE) == XML_STATUS_ERROR)
+ if (_XML_Parse_SINGLE_BYTES(parser, text, (int)strlen(text), XML_TRUE)
+ == XML_STATUS_ERROR)
xml_failure(parser);
lineno = XML_GetCurrentLineNumber(parser);
if (lineno != 4) {
@@ -569,7 +625,8 @@ START_TEST(test_column_number_after_pars
char *text = "<tag></tag>";
XML_Size colno;
- if (XML_Parse(parser, text, strlen(text), XML_FALSE) == XML_STATUS_ERROR)
+ if (_XML_Parse_SINGLE_BYTES(parser, text, (int)strlen(text), XML_TRUE)
+ == XML_STATUS_ERROR)
xml_failure(parser);
colno = XML_GetCurrentColumnNumber(parser);
if (colno != 11) {
@@ -654,7 +711,8 @@ START_TEST(test_line_number_after_error)
" <b>\n"
" </a>"; /* missing </b> */
XML_Size lineno;
- if (XML_Parse(parser, text, strlen(text), XML_FALSE) != XML_STATUS_ERROR)
+ if (_XML_Parse_SINGLE_BYTES(parser, text, (int)strlen(text), XML_TRUE)
+ != XML_STATUS_ERROR)
fail("Expected a parse error");
lineno = XML_GetCurrentLineNumber(parser);
@@ -674,7 +732,8 @@ START_TEST(test_column_number_after_erro
" <b>\n"
" </a>"; /* missing </b> */
XML_Size colno;
- if (XML_Parse(parser, text, strlen(text), XML_FALSE) != XML_STATUS_ERROR)
+ if (_XML_Parse_SINGLE_BYTES(parser, text, (int)strlen(text), XML_TRUE)
+ != XML_STATUS_ERROR)
fail("Expected a parse error");
colno = XML_GetCurrentColumnNumber(parser);
