From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <tarantool-patches-bounce@freelists.org>
Received: from localhost (localhost [127.0.0.1])
	by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id 97520283DE
	for <tarantool-patches@freelists.org>; Fri, 22 Feb 2019 14:26:09 -0500 (EST)
Received: from turing.freelists.org ([127.0.0.1])
	by localhost (turing.freelists.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id GdTM7w3WZ0nR for <tarantool-patches@freelists.org>;
	Fri, 22 Feb 2019 14:26:09 -0500 (EST)
Received: from smtpng2.m.smailru.net (smtpng2.m.smailru.net [94.100.179.3])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTPS id EE8592760F
	for <tarantool-patches@freelists.org>; Fri, 22 Feb 2019 14:26:08 -0500 (EST)
From: Roman Khabibov <roman.habibov@tarantool.org>
Subject: [tarantool-patches] [PATCH] socket: throw error when size is negative in read()/sysread()
Date: Fri, 22 Feb 2019 22:26:06 +0300
Message-Id: <20190222192606.60193-1-roman.habibov@tarantool.org>
Sender: tarantool-patches-bounce@freelists.org
Errors-to: tarantool-patches-bounce@freelists.org
Reply-To: tarantool-patches@freelists.org
List-help: <mailto:ecartis@freelists.org?Subject=help>
List-unsubscribe: <tarantool-patches-request@freelists.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: tarantool-patches <tarantool-patches.freelists.org>
List-subscribe: <tarantool-patches-request@freelists.org?Subject=subscribe>
List-owner: <mailto:>
List-post: <mailto:tarantool-patches@freelists.org>
List-archive: <http://www.freelists.org/archives/tarantool-patches>
To: tarantool-patches@freelists.org
Cc: alexander.turenko@tarantool.org

Replace assert in socket:read() and add a check in socket:sysread()
when the size is negative.

Closes #3979
---

Branch: https://github.com/tarantool/tarantool/tree/romanhabibov/gh-3979-sock-read
Issue: https://github.com/tarantool/tarantool/issues/3979

 src/lua/socket.lua       | 10 +++++++++-
 test/app/socket.result   | 17 +++++++++++++++++
 test/app/socket.test.lua |  7 +++++++
 3 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/src/lua/socket.lua b/src/lua/socket.lua
index 7f9b40fb1..2a3ed355b 100644
--- a/src/lua/socket.lua
+++ b/src/lua/socket.lua
@@ -287,6 +287,11 @@ local function socket_sysread(self, arg1, arg2)
 
     local buf = buffer.IBUF_SHARED
     buf:reset()
+
+    if size < 0 then
+        error('socket:sysread(): size can not be negative')
+    end
+
     local p = buf:alloc(size)
 
     local res = sysread(self, p, size)
@@ -655,7 +660,10 @@ local function check_delimiter(self, limit, eols)
 end
 
 local function read(self, limit, timeout, check, ...)
-    assert(limit >= 0)
+    if limit < 0 then
+        error('socket:read(): limit can not be negative')
+    end
+
     limit = math.min(limit, LIMIT_INFINITY)
     local rbuf = self.rbuf
     if rbuf == nil then
diff --git a/test/app/socket.result b/test/app/socket.result
index 1209ec218..4c92f157e 100644
--- a/test/app/socket.result
+++ b/test/app/socket.result
@@ -517,6 +517,23 @@ sc:writable()
 ---
 - true
 ...
+-- gh-3979 Check for errors when argument is negative.
+sc:read(-1)
+---
+- error: 'builtin/socket.lua: socket:read(): limit can not be negative'
+...
+sc:sysread(-1)
+---
+- error: 'builtin/socket.lua: socket:sysread(): size can not be negative'
+...
+sc:read(-100)
+---
+- error: 'builtin/socket.lua: socket:read(): limit can not be negative'
+...
+sc:sysread(-100)
+---
+- error: 'builtin/socket.lua: socket:sysread(): size can not be negative'
+...
 sc:send('abc')
 ---
 - 3
diff --git a/test/app/socket.test.lua b/test/app/socket.test.lua
index 9901352b1..462eacf4b 100644
--- a/test/app/socket.test.lua
+++ b/test/app/socket.test.lua
@@ -159,6 +159,13 @@ type(sa:read(0))
 sa:read(1, .01)
 sc:writable()
 
+-- gh-3979 Check for errors when argument is negative.
+
+sc:read(-1)
+sc:sysread(-1)
+sc:read(-100)
+sc:sysread(-100)
+
 sc:send('abc')
 sa:read(3)
 
-- 
2.17.2 (Apple Git-113)