diff options
author | Lorenzo Colitti <lorenzo@google.com> | 2016-01-22 18:44:10 +0000 |
---|---|---|
committer | android-build-merger <android-build-merger@google.com> | 2016-01-22 18:44:10 +0000 |
commit | 0d77c5522ff18e70585347d2fab7719b95d8a9af (patch) | |
tree | 70c0b6219e870746ffbda7632f174e5a871f7365 /tests | |
parent | 322453f269ac0b736f20e4619b900be155a65d2e (diff) | |
parent | b5dfec665a8bb3d995c4e3285649b2f6a236441d (diff) | |
download | extras-0d77c5522ff18e70585347d2fab7719b95d8a9af.tar.gz |
Merge changes I2e3eb0b3,I2f7bd13e am: cb698c387c
am: b5dfec665a
* commit 'b5dfec665a8bb3d995c4e3285649b2f6a236441d':
Delete FixupDiagMsg and cite the commit that makes it unnecessary.
Add a test for a port comparison bytecode validation bug.
Diffstat (limited to 'tests')
-rwxr-xr-x | tests/net_test/sock_diag.py | 9 | ||||
-rwxr-xr-x | tests/net_test/sock_diag_test.py | 46 |
2 files changed, 20 insertions, 35 deletions
diff --git a/tests/net_test/sock_diag.py b/tests/net_test/sock_diag.py index 58a1781a..6979877f 100755 --- a/tests/net_test/sock_diag.py +++ b/tests/net_test/sock_diag.py @@ -286,15 +286,6 @@ class SockDiag(netlink.NetlinkSocket): padded += "\x00" * (16 - len(padded)) return padded - # For IPv4 addresses, the kernel seems only to fill in the first 4 bytes of - # src and dst, leaving the others unspecified. This seems like a bug because - # it might leak kernel memory contents, but regardless, work around it. - @staticmethod - def FixupDiagMsg(d): - if d.family == AF_INET: - d.id.src = d.id.src[:4] + "\x00" * 12 - d.id.dst = d.id.dst[:4] + "\x00" * 12 - @staticmethod def DiagReqFromSocket(s): """Creates an InetDiagReqV2 that matches the specified socket.""" diff --git a/tests/net_test/sock_diag_test.py b/tests/net_test/sock_diag_test.py index d4a721ea..35301a72 100755 --- a/tests/net_test/sock_diag_test.py +++ b/tests/net_test/sock_diag_test.py @@ -73,36 +73,10 @@ class SockDiagTest(SockDiagBaseTest): [s.close() for socketpair in self.socketpairs.values() for s in socketpair] super(SockDiagTest, self).tearDown() - def testFixupDiagMsg(self): - src = "0a00fa02303030312030312038302031" - dst = "0808080841414141414141416f0a3230" - cookie = "4078678100000000" - sockid = sock_diag.InetDiagSockId((47436, 32069, - src.decode("hex"), dst.decode("hex"), 0, - cookie.decode("hex"))) - msg4 = sock_diag.InetDiagMsg((AF_INET, IPPROTO_TCP, 0, - sock_diag.TCP_SYN_RECV, sockid, - 980, 123, 456, 789, 5555)) - # Make a copy, cstructs are mutable. - msg6 = sock_diag.InetDiagMsg(msg4.Pack()) - msg6.family = AF_INET6 - - fixed6 = sock_diag.InetDiagMsg(msg6.Pack()) - self.sock_diag.FixupDiagMsg(fixed6) - self.assertEquals(msg6.Pack(), fixed6.Pack()) - - fixed4 = sock_diag.InetDiagMsg(msg4.Pack()) - self.sock_diag.FixupDiagMsg(fixed4) - msg4.id.src = src.decode("hex")[:4] + 12 * "\x00" - msg4.id.dst = dst.decode("hex")[:4] + 12 * "\x00" - self.assertEquals(msg4.Pack(), fixed4.Pack()) - def assertSockDiagMatchesSocket(self, s, diag_msg): family = s.getsockopt(net_test.SOL_SOCKET, net_test.SO_DOMAIN) self.assertEqual(diag_msg.family, family) - self.sock_diag.FixupDiagMsg(diag_msg) - src, sport = s.getsockname()[0:2] self.assertEqual(diag_msg.id.src, self.sock_diag.PaddedAddress(src)) self.assertEqual(diag_msg.id.sport, sport) @@ -115,6 +89,14 @@ class SockDiagTest(SockDiagBaseTest): assertRaisesErrno(ENOTCONN, s.getpeername) def testFindsAllMySockets(self): + """Tests that basic socket dumping works. + + Relevant commits: + android-3.4: + ab4a727 net: inet_diag: zero out uninitialized idiag_{src,dst} fields + android-3.10 + 3eb409b net: inet_diag: zero out uninitialized idiag_{src,dst} fields + """ self.socketpairs = self._CreateLotsOfSockets() sockets = self.sock_diag.DumpAllInetSockets(IPPROTO_TCP, NO_BYTECODE) self.assertGreaterEqual(len(sockets), NUM_SOCKETS) @@ -238,6 +220,18 @@ class SockDiagTest(SockDiagBaseTest): self.assertTrue(all(d in v4sockets for d in diag_msgs)) self.assertTrue(all(d in v6sockets for d in diag_msgs)) + def testPortComparisonValidation(self): + """Checks for a bug in validating port comparison bytecode. + + Relevant kernel commits: + android-3.4: + 5e1f542 inet_diag: validate port comparison byte code to prevent unsafe reads + """ + bytecode = sock_diag.InetDiagBcOp((sock_diag.INET_DIAG_BC_D_GE, 4, 8)) + self.assertRaisesErrno( + EINVAL, + self.sock_diag.DumpAllInetSockets, IPPROTO_TCP, bytecode.Pack()) + @unittest.skipUnless(HAVE_SOCK_DESTROY, "SOCK_DESTROY not supported") def testClosesSockets(self): self.socketpairs = self._CreateLotsOfSockets() |