X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fheartbeat_test.c;h=a525d17f34065109b9e73d8110cbb424414e2f0d;hp=23ae0532d56862df01bf662cd58c5ac3fac255a8;hb=df24f29ae6d14a564c76fed10ac32701128c3f36;hpb=f5ad068b01a4adae1e1dd4103b5ce7e5e1442f6c diff --git a/ssl/heartbeat_test.c b/ssl/heartbeat_test.c index 23ae0532d5..a525d17f34 100644 --- a/ssl/heartbeat_test.c +++ b/ssl/heartbeat_test.c @@ -105,6 +105,12 @@ static HEARTBEAT_TEST_FIXTURE set_up(const char* const test_case_name, goto fail; } + /* Clear the memory for the return buffer, since this isn't automatically + * zeroed in opt mode and will cause spurious test failures that will change + * with each execution. + */ + memset(fixture.s->s3->wbuf.buf, 0, fixture.s->s3->wbuf.len); + fail: if (!setup_ok) { @@ -160,21 +166,21 @@ static HEARTBEAT_TEST_FIXTURE set_up_tls(const char* const test_case_name) static void tear_down(HEARTBEAT_TEST_FIXTURE fixture) { ERR_print_errors_fp(stderr); - memset(fixture.s, 0, sizeof(*fixture.s)); SSL_free(fixture.s); - memset(fixture.ctx, 0, sizeof(*fixture.ctx)); SSL_CTX_free(fixture.ctx); } static void print_payload(const char* const prefix, const unsigned char *payload, const int n) { - const int end = n < MAX_PRINTABLE_CHARACTERS ? n : MAX_PRINTABLE_CHARACTERS; + const int end = n < MAX_PRINTABLE_CHARACTERS ? n + : MAX_PRINTABLE_CHARACTERS; + int i = 0; + printf("%s %d character%s", prefix, n, n == 1 ? "" : "s"); if (end != n) printf(" (first %d shown)", end); printf("\n \""); - int i = 0; for (; i != end; ++i) { const unsigned char c = payload[i]; @@ -190,6 +196,9 @@ static int execute_heartbeat(HEARTBEAT_TEST_FIXTURE fixture) SSL* s = fixture.s; unsigned char *payload = fixture.payload; unsigned char sent_buf[MAX_PRINTABLE_CHARACTERS + 1]; + int return_value; + unsigned const char *p; + int actual_payload_len; s->s3->rrec.data = payload; s->s3->rrec.length = strlen((const char*)payload); @@ -200,7 +209,7 @@ static int execute_heartbeat(HEARTBEAT_TEST_FIXTURE fixture) * point */ memcpy((char *)sent_buf, (const char*)payload, sizeof(sent_buf)); - int return_value = fixture.process_heartbeat(s); + return_value = fixture.process_heartbeat(s); if (return_value != fixture.expected_return_value) { @@ -211,9 +220,9 @@ static int execute_heartbeat(HEARTBEAT_TEST_FIXTURE fixture) } /* If there is any byte alignment, it will be stored in wbuf.offset. */ - unsigned const char *p = &(s->s3->wbuf.buf[ + p = &(s->s3->wbuf.buf[ fixture.return_payload_offset + s->s3->wbuf.offset]); - int actual_payload_len = 0; + actual_payload_len = 0; n2s(p, actual_payload_len); if (actual_payload_len != fixture.expected_payload_len) @@ -227,7 +236,7 @@ static int execute_heartbeat(HEARTBEAT_TEST_FIXTURE fixture) } else { - char* actual_payload = strndup((const char*)p, actual_payload_len); + char* actual_payload = BUF_strndup((const char*)p, actual_payload_len); if (strcmp(actual_payload, fixture.expected_return_payload) != 0) { printf("%s failed:\n expected payload: \"%s\"\n received: \"%s\"\n", @@ -235,7 +244,7 @@ static int execute_heartbeat(HEARTBEAT_TEST_FIXTURE fixture) actual_payload); result = 1; } - free(actual_payload); + OPENSSL_free(actual_payload); } if (result != 0) @@ -278,13 +287,15 @@ static int test_dtls1_not_bleeding() static int test_dtls1_not_bleeding_empty_payload() { + int payload_buf_len; + SETUP_HEARTBEAT_TEST_FIXTURE(dtls); /* Three-byte pad at the beginning for type and payload length, plus a NUL * at the end */ unsigned char payload_buf[4 + MIN_PADDING_SIZE]; memset(payload_buf, ' ', sizeof(payload_buf)); payload_buf[sizeof(payload_buf) - 1] = '\0'; - const int payload_buf_len = honest_payload_size(payload_buf); + payload_buf_len = honest_payload_size(payload_buf); fixture.payload = &payload_buf[0]; fixture.sent_payload_len = payload_buf_len; @@ -360,13 +371,15 @@ static int test_tls1_not_bleeding() static int test_tls1_not_bleeding_empty_payload() { + int payload_buf_len; + SETUP_HEARTBEAT_TEST_FIXTURE(tls); /* Three-byte pad at the beginning for type and payload length, plus a NUL * at the end */ unsigned char payload_buf[4 + MIN_PADDING_SIZE]; memset(payload_buf, ' ', sizeof(payload_buf)); payload_buf[sizeof(payload_buf) - 1] = '\0'; - const int payload_buf_len = honest_payload_size(payload_buf); + payload_buf_len = honest_payload_size(payload_buf); fixture.payload = &payload_buf[0]; fixture.sent_payload_len = payload_buf_len; @@ -412,22 +425,24 @@ static int test_tls1_heartbleed_empty_payload() int main(int argc, char *argv[]) { + int num_failed; + SSL_library_init(); SSL_load_error_strings(); - const int num_failed = test_dtls1_not_bleeding() + - test_dtls1_not_bleeding_empty_payload() + - test_dtls1_heartbleed() + - test_dtls1_heartbleed_empty_payload() + - /* The following test causes an assertion failure at - * ssl/d1_pkt.c:dtls1_write_bytes() in versions prior to 1.0.1g: */ - (OPENSSL_VERSION_NUMBER >= 0x1000107fL ? - test_dtls1_heartbleed_excessive_plaintext_length() : 0) + - test_tls1_not_bleeding() + - test_tls1_not_bleeding_empty_payload() + - test_tls1_heartbleed() + - test_tls1_heartbleed_empty_payload() + - 0; + num_failed = test_dtls1_not_bleeding() + + test_dtls1_not_bleeding_empty_payload() + + test_dtls1_heartbleed() + + test_dtls1_heartbleed_empty_payload() + + /* The following test causes an assertion failure at + * ssl/d1_pkt.c:dtls1_write_bytes() in versions prior to 1.0.1g: */ + (OPENSSL_VERSION_NUMBER >= 0x1000107fL ? + test_dtls1_heartbleed_excessive_plaintext_length() : 0) + + test_tls1_not_bleeding() + + test_tls1_not_bleeding_empty_payload() + + test_tls1_heartbleed() + + test_tls1_heartbleed_empty_payload() + + 0; ERR_print_errors_fp(stderr);