From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id 97520283DE for ; Fri, 22 Feb 2019 14:26:09 -0500 (EST) Received: from turing.freelists.org ([127.0.0.1]) by localhost (turing.freelists.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GdTM7w3WZ0nR for ; Fri, 22 Feb 2019 14:26:09 -0500 (EST) Received: from smtpng2.m.smailru.net (smtpng2.m.smailru.net [94.100.179.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTPS id EE8592760F for ; Fri, 22 Feb 2019 14:26:08 -0500 (EST) From: Roman Khabibov Subject: [tarantool-patches] [PATCH] socket: throw error when size is negative in read()/sysread() Date: Fri, 22 Feb 2019 22:26:06 +0300 Message-Id: <20190222192606.60193-1-roman.habibov@tarantool.org> Sender: tarantool-patches-bounce@freelists.org Errors-to: tarantool-patches-bounce@freelists.org Reply-To: tarantool-patches@freelists.org List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: tarantool-patches List-subscribe: List-owner: List-post: List-archive: To: tarantool-patches@freelists.org Cc: alexander.turenko@tarantool.org Replace assert in socket:read() and add a check in socket:sysread() when the size is negative. Closes #3979 --- Branch: https://github.com/tarantool/tarantool/tree/romanhabibov/gh-3979-sock-read Issue: https://github.com/tarantool/tarantool/issues/3979 src/lua/socket.lua | 10 +++++++++- test/app/socket.result | 17 +++++++++++++++++ test/app/socket.test.lua | 7 +++++++ 3 files changed, 33 insertions(+), 1 deletion(-) diff --git a/src/lua/socket.lua b/src/lua/socket.lua index 7f9b40fb1..2a3ed355b 100644 --- a/src/lua/socket.lua +++ b/src/lua/socket.lua @@ -287,6 +287,11 @@ local function socket_sysread(self, arg1, arg2) local buf = buffer.IBUF_SHARED buf:reset() + + if size < 0 then + error('socket:sysread(): size can not be negative') + end + local p = buf:alloc(size) local res = sysread(self, p, size) @@ -655,7 +660,10 @@ local function check_delimiter(self, limit, eols) end local function read(self, limit, timeout, check, ...) - assert(limit >= 0) + if limit < 0 then + error('socket:read(): limit can not be negative') + end + limit = math.min(limit, LIMIT_INFINITY) local rbuf = self.rbuf if rbuf == nil then diff --git a/test/app/socket.result b/test/app/socket.result index 1209ec218..4c92f157e 100644 --- a/test/app/socket.result +++ b/test/app/socket.result @@ -517,6 +517,23 @@ sc:writable() --- - true ... +-- gh-3979 Check for errors when argument is negative. +sc:read(-1) +--- +- error: 'builtin/socket.lua: socket:read(): limit can not be negative' +... +sc:sysread(-1) +--- +- error: 'builtin/socket.lua: socket:sysread(): size can not be negative' +... +sc:read(-100) +--- +- error: 'builtin/socket.lua: socket:read(): limit can not be negative' +... +sc:sysread(-100) +--- +- error: 'builtin/socket.lua: socket:sysread(): size can not be negative' +... sc:send('abc') --- - 3 diff --git a/test/app/socket.test.lua b/test/app/socket.test.lua index 9901352b1..462eacf4b 100644 --- a/test/app/socket.test.lua +++ b/test/app/socket.test.lua @@ -159,6 +159,13 @@ type(sa:read(0)) sa:read(1, .01) sc:writable() +-- gh-3979 Check for errors when argument is negative. + +sc:read(-1) +sc:sysread(-1) +sc:read(-100) +sc:sysread(-100) + sc:send('abc') sa:read(3) -- 2.17.2 (Apple Git-113)