This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
Neels Hofmeyr gerrit-no-reply at lists.osmocom.orgReview at https://gerrit.osmocom.org/1866 auc_gen_vectors(): ensure sane arguments, test In auc_gen_vectors(), add various checks that the auth data arguments passed make sense, and add unit test to verify that they work. (Caught a segfault due to NULL dereference with this.) Change-Id: I775652b6a91d382707ce32176a3fe4ef547cbca7 --- M src/auc.c M tests/auc/auc_3g_test.c M tests/auc/auc_3g_test.err 3 files changed, 274 insertions(+), 3 deletions(-) git pull ssh://gerrit.osmocom.org:29418/osmo-hlr refs/changes/66/1866/1 diff --git a/src/auc.c b/src/auc.c index 3f3db34..a307931 100644 --- a/src/auc.c +++ b/src/auc.c @@ -36,13 +36,42 @@ uint8_t rand[16]; int rc; - if (aud2g->algo == OSMO_AUTH_ALG_NONE) + if (aud2g && (aud2g->algo == OSMO_AUTH_ALG_NONE + || aud2g->type == OSMO_AUTH_TYPE_NONE)) aud2g = NULL; - if (aud3g->algo == OSMO_AUTH_ALG_NONE) + if (aud3g && (aud3g->algo == OSMO_AUTH_ALG_NONE + || aud3g->type == OSMO_AUTH_TYPE_NONE)) aud3g = NULL; - if (!aud2g && !aud3g) + if (!aud2g && !aud3g) { + LOGP(DAUC, LOGL_ERROR, "auc_compute_vectors() called" + " with neither 2G nor 3G auth data available\n"); return -1; + } + + if (aud2g && aud2g->type != OSMO_AUTH_TYPE_GSM) { + LOGP(DAUC, LOGL_ERROR, "auc_compute_vectors() called" + " with non-2G auth data passed for aud2g arg\n"); + return -1; + } + + if (aud3g && aud3g->type != OSMO_AUTH_TYPE_UMTS) { + LOGP(DAUC, LOGL_ERROR, "auc_compute_vectors() called" + " with non-3G auth data passed for aud3g arg\n"); + return -1; + } + + if ((rand_auts != NULL) != (auts != NULL)) { + LOGP(DAUC, LOGL_ERROR, "auc_compute_vectors() with only one" + " of AUTS and AUTS_RAND given, need both or neither\n"); + return -1; + } + + if (auts && !aud3g) { + LOGP(DAUC, LOGL_ERROR, "auc_compute_vectors() with AUTS called" + " but no 3G auth data passed\n"); + return -1; + } /* compute quintuples */ for (i = 0; i < num_vec; i++) { diff --git a/tests/auc/auc_3g_test.c b/tests/auc/auc_3g_test.c index 88037a6..f1fa2c2 100644 --- a/tests/auc/auc_3g_test.c +++ b/tests/auc/auc_3g_test.c @@ -376,6 +376,103 @@ comment_end(); } +void test_gen_vectors_bad_args() +{ + struct osmo_auth_vector vec; + uint8_t auts[14]; + uint8_t rand_auts[16]; + int rc; + int i; + + struct osmo_sub_auth_data aud2g = { + .type = OSMO_AUTH_TYPE_GSM, + .algo = OSMO_AUTH_ALG_COMP128v1, + }; + + struct osmo_sub_auth_data aud3g = { + .type = OSMO_AUTH_TYPE_UMTS, + .algo = OSMO_AUTH_ALG_MILENAGE, + }; + + struct osmo_sub_auth_data aud2g_noalg = { + .type = OSMO_AUTH_TYPE_GSM, + .algo = OSMO_AUTH_ALG_NONE, + }; + + struct osmo_sub_auth_data aud3g_noalg = { + .type = OSMO_AUTH_TYPE_UMTS, + .algo = OSMO_AUTH_ALG_NONE, + }; + + struct osmo_sub_auth_data aud_notype = { + .type = OSMO_AUTH_TYPE_NONE, + .algo = OSMO_AUTH_ALG_MILENAGE, + }; + + struct osmo_sub_auth_data no_aud = { + .type = OSMO_AUTH_TYPE_NONE, + .algo = OSMO_AUTH_ALG_NONE, + }; + + struct { + struct osmo_sub_auth_data *aud2g; + struct osmo_sub_auth_data *aud3g; + uint8_t *rand_auts; + uint8_t *auts; + const char *label; + } tests[] = { + { NULL, NULL, NULL, NULL, "no auth data (a)"}, + { NULL, &aud3g_noalg, NULL, NULL, "no auth data (b)"}, + { NULL, &aud_notype, NULL, NULL, "no auth data (c)"}, + { NULL, &no_aud, NULL, NULL, "no auth data (d)"}, + { &aud2g_noalg, NULL, NULL, NULL, "no auth data (e)"}, + { &aud2g_noalg, &aud3g_noalg, NULL, NULL, "no auth data (f)"}, + { &aud2g_noalg, &aud_notype, NULL, NULL, "no auth data (g)"}, + { &aud2g_noalg, &no_aud, NULL, NULL, "no auth data (h)"}, + { &aud_notype, NULL, NULL, NULL, "no auth data (i)"}, + { &aud_notype, &aud3g_noalg, NULL, NULL, "no auth data (j)"}, + { &aud_notype, &aud_notype, NULL, NULL, "no auth data (k)"}, + { &aud_notype, &no_aud, NULL, NULL, "no auth data (l)"}, + { &no_aud, NULL, NULL, NULL, "no auth data (m)"}, + { &no_aud, &aud3g_noalg, NULL, NULL, "no auth data (n)"}, + { &no_aud, &aud_notype, NULL, NULL, "no auth data (o)"}, + { &no_aud, &no_aud, NULL, NULL, "no auth data (p)"}, + { &aud3g, NULL, NULL, NULL, "wrong auth data type (a)"}, + { &aud3g, &aud3g_noalg, NULL, NULL, "wrong auth data type (b)"}, + { &aud3g, &aud_notype, NULL, NULL, "wrong auth data type (c)"}, + { &aud3g, &no_aud, NULL, NULL, "wrong auth data type (d)"}, + { NULL, &aud2g, NULL, NULL, "wrong auth data type (e)"}, + { &aud3g_noalg, &aud2g, NULL, NULL, "wrong auth data type (f)"}, + { &aud_notype, &aud2g, NULL, NULL, "wrong auth data type (g)"}, + { &no_aud, &aud2g, NULL, NULL, "wrong auth data type (h)"}, + { &aud3g, &aud2g, NULL, NULL, "wrong auth data type (i)"}, + { &aud3g, &aud3g, NULL, NULL, "wrong auth data type (j)"}, + { &aud2g, &aud2g, NULL, NULL, "wrong auth data type (k)"}, + { &aud2g, NULL, rand_auts, auts, "AUTS for 2G-only (a)"}, + { &aud2g, &aud3g_noalg, rand_auts, auts, "AUTS for 2G-only (b)"}, + { &aud2g, &aud_notype, rand_auts, auts, "AUTS for 2G-only (c)"}, + { &aud2g, &no_aud, rand_auts, auts, "AUTS for 2G-only (d)"}, + { NULL, &aud3g, NULL, auts, "incomplete AUTS (a)"}, + { NULL, &aud3g, rand_auts, NULL, "incomplete AUTS (b)"}, + { &aud2g, &aud3g, NULL, auts, "incomplete AUTS (c)"}, + { &aud2g, &aud3g, rand_auts, NULL, "incomplete AUTS (d)"}, + }; + + comment_start(); + + for (i = 0; i < ARRAY_SIZE(tests); i++) { + fprintf(stderr, "\n- %s\n", tests[i].label); + rc = auc_compute_vectors(&vec, 1, + tests[i].aud2g, + tests[i].aud3g, + tests[i].rand_auts, + tests[i].auts); + VERBOSE_ASSERT(rc, < 0, "%d"); + } + + comment_end(); +} + int main() { printf("auc_3g_test.c\n"); @@ -388,6 +485,7 @@ test_gen_vectors_2g_only(); test_gen_vectors_2g_plus_3g(); test_gen_vectors_3g_only(); + test_gen_vectors_bad_args(); printf("Done\n"); return 0; diff --git a/tests/auc/auc_3g_test.err b/tests/auc/auc_3g_test.err index a444f8b..5c3dd14 100644 --- a/tests/auc/auc_3g_test.err +++ b/tests/auc/auc_3g_test.err @@ -121,3 +121,147 @@ ===== test_gen_vectors_3g_only: SUCCESS + +===== test_gen_vectors_bad_args + +- no auth data (a) +DAUC auc_compute_vectors() called with neither 2G nor 3G auth data available +rc == -1 + +- no auth data (b) +DAUC auc_compute_vectors() called with neither 2G nor 3G auth data available +rc == -1 + +- no auth data (c) +DAUC auc_compute_vectors() called with neither 2G nor 3G auth data available +rc == -1 + +- no auth data (d) +DAUC auc_compute_vectors() called with neither 2G nor 3G auth data available +rc == -1 + +- no auth data (e) +DAUC auc_compute_vectors() called with neither 2G nor 3G auth data available +rc == -1 + +- no auth data (f) +DAUC auc_compute_vectors() called with neither 2G nor 3G auth data available +rc == -1 + +- no auth data (g) +DAUC auc_compute_vectors() called with neither 2G nor 3G auth data available +rc == -1 + +- no auth data (h) +DAUC auc_compute_vectors() called with neither 2G nor 3G auth data available +rc == -1 + +- no auth data (i) +DAUC auc_compute_vectors() called with neither 2G nor 3G auth data available +rc == -1 + +- no auth data (j) +DAUC auc_compute_vectors() called with neither 2G nor 3G auth data available +rc == -1 + +- no auth data (k) +DAUC auc_compute_vectors() called with neither 2G nor 3G auth data available +rc == -1 + +- no auth data (l) +DAUC auc_compute_vectors() called with neither 2G nor 3G auth data available +rc == -1 + +- no auth data (m) +DAUC auc_compute_vectors() called with neither 2G nor 3G auth data available +rc == -1 + +- no auth data (n) +DAUC auc_compute_vectors() called with neither 2G nor 3G auth data available +rc == -1 + +- no auth data (o) +DAUC auc_compute_vectors() called with neither 2G nor 3G auth data available +rc == -1 + +- no auth data (p) +DAUC auc_compute_vectors() called with neither 2G nor 3G auth data available +rc == -1 + +- wrong auth data type (a) +DAUC auc_compute_vectors() called with non-2G auth data passed for aud2g arg +rc == -1 + +- wrong auth data type (b) +DAUC auc_compute_vectors() called with non-2G auth data passed for aud2g arg +rc == -1 + +- wrong auth data type (c) +DAUC auc_compute_vectors() called with non-2G auth data passed for aud2g arg +rc == -1 + +- wrong auth data type (d) +DAUC auc_compute_vectors() called with non-2G auth data passed for aud2g arg +rc == -1 + +- wrong auth data type (e) +DAUC auc_compute_vectors() called with non-3G auth data passed for aud3g arg +rc == -1 + +- wrong auth data type (f) +DAUC auc_compute_vectors() called with non-3G auth data passed for aud3g arg +rc == -1 + +- wrong auth data type (g) +DAUC auc_compute_vectors() called with non-3G auth data passed for aud3g arg +rc == -1 + +- wrong auth data type (h) +DAUC auc_compute_vectors() called with non-3G auth data passed for aud3g arg +rc == -1 + +- wrong auth data type (i) +DAUC auc_compute_vectors() called with non-2G auth data passed for aud2g arg +rc == -1 + +- wrong auth data type (j) +DAUC auc_compute_vectors() called with non-2G auth data passed for aud2g arg +rc == -1 + +- wrong auth data type (k) +DAUC auc_compute_vectors() called with non-3G auth data passed for aud3g arg +rc == -1 + +- AUTS for 2G-only (a) +DAUC auc_compute_vectors() with AUTS called but no 3G auth data passed +rc == -1 + +- AUTS for 2G-only (b) +DAUC auc_compute_vectors() with AUTS called but no 3G auth data passed +rc == -1 + +- AUTS for 2G-only (c) +DAUC auc_compute_vectors() with AUTS called but no 3G auth data passed +rc == -1 + +- AUTS for 2G-only (d) +DAUC auc_compute_vectors() with AUTS called but no 3G auth data passed +rc == -1 + +- incomplete AUTS (a) +DAUC auc_compute_vectors() with only one of AUTS and AUTS_RAND given, need both or neither +rc == -1 + +- incomplete AUTS (b) +DAUC auc_compute_vectors() with only one of AUTS and AUTS_RAND given, need both or neither +rc == -1 + +- incomplete AUTS (c) +DAUC auc_compute_vectors() with only one of AUTS and AUTS_RAND given, need both or neither +rc == -1 + +- incomplete AUTS (d) +DAUC auc_compute_vectors() with only one of AUTS and AUTS_RAND given, need both or neither +rc == -1 +===== test_gen_vectors_bad_args: SUCCESS + -- To view, visit https://gerrit.osmocom.org/1866 To unsubscribe, visit https://gerrit.osmocom.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I775652b6a91d382707ce32176a3fe4ef547cbca7 Gerrit-PatchSet: 1 Gerrit-Project: osmo-hlr Gerrit-Branch: master Gerrit-Owner: Neels Hofmeyr <nhofmeyr at sysmocom.de>