summaryrefslogtreecommitdiffstats
path: root/base/pickle_unittest.cc
diff options
context:
space:
mode:
authorglider@chromium.org <glider@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2011-01-26 13:02:27 +0000
committerglider@chromium.org <glider@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2011-01-26 13:02:27 +0000
commit137d237f941001695681ed5628a20dec84cd3b86 (patch)
tree70559e184761db404b76e7c45114a7f18355ad5c /base/pickle_unittest.cc
parent088a29610c15b4a2fcb5f504f36c1f397cd3f42c (diff)
downloadchromium_src-137d237f941001695681ed5628a20dec84cd3b86.zip
chromium_src-137d237f941001695681ed5628a20dec84cd3b86.tar.gz
chromium_src-137d237f941001695681ed5628a20dec84cd3b86.tar.bz2
Check that we've got a complete header before accessing its fields.
This patch was prepared by Evgeniy Stepanov (eugenis@chromium.org) and reviewed at http://codereview.chromium.org/6353010/ BUG=70376 TEST=none TBR=darin,willchan Review URL: http://codereview.chromium.org/6347013 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@72634 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'base/pickle_unittest.cc')
-rw-r--r--base/pickle_unittest.cc11
1 files changed, 11 insertions, 0 deletions
diff --git a/base/pickle_unittest.cc b/base/pickle_unittest.cc
index fdc0664..39eaa1b 100644
--- a/base/pickle_unittest.cc
+++ b/base/pickle_unittest.cc
@@ -171,6 +171,17 @@ TEST(PickleTest, FindNext) {
EXPECT_TRUE(end == Pickle::FindNext(pickle.header_size_, start, end + 1));
}
+TEST(PickleTest, FindNextWithIncompleteHeader) {
+ size_t header_size = sizeof(Pickle::Header);
+ scoped_array<char> buffer(new char[header_size - 1]);
+ memset(buffer.get(), 0x1, header_size - 1);
+
+ const char* start = buffer.get();
+ const char* end = start + header_size - 1;
+
+ EXPECT_TRUE(NULL == Pickle::FindNext(header_size, start, end));
+}
+
TEST(PickleTest, IteratorHasRoom) {
Pickle pickle;
EXPECT_TRUE(pickle.WriteInt(1));
generated by cgit v1.1 at 2024-09-13 09:42:48 +0000