Commit Graph

240 Commits

Author SHA1 Message Date
Lasse Collin 91e3ea8735 Tests: test_index: Make it clear that my_alloc() has no integer overflows
liblzma guarantees that the product of the allocation size arguments
will fit in size_t.

Putting the pre-increment in the if-statement was clearly wrong
although in practice it didn't matter here as the function is
called only a couple of times.

(cherry picked from commit 7f865577a6)
2024-05-22 14:32:36 +03:00
Lasse Collin df1659a6c8 Tests: test_index: Verify also iter.block.number_in_stream
(cherry picked from commit 12313a3b65)
2024-05-22 14:32:36 +03:00
Lasse Collin e083e95dbf Tests: test_index: Check cases that aren't a multiple of 4 bytes
(cherry picked from commit ad2654010d)
2024-05-22 14:32:36 +03:00
Lasse Collin b0d3b86ecf Tests: test_index: Edit comments and white space
(cherry picked from commit 2524fcf2b6)
2024-05-22 14:32:36 +03:00
Lasse Collin 94a462850b Tests: test_filter_str: Add a few assertions
(cherry picked from commit 3ac8a9bb4c)
2024-05-22 14:32:36 +03:00
Lasse Collin 72058ca22a Tests: test_filter_str: Move one assertion and add a comment
(cherry picked from commit 26c69be805)
2024-05-22 14:32:36 +03:00
Lasse Collin c59ebbe1c6 Tests: test_filter_str: Tweak comments and white space
(cherry picked from commit 4f6af853bc)
2024-05-22 14:32:36 +03:00
Lasse Collin ceda860934 Tests: test_filter_str: Add missing RISC-V case
Fixes: 89ea1a22f4
(cherry picked from commit c92663aa1b)
2024-05-22 14:32:36 +03:00
Lasse Collin 2234b7cc47 Tests: test_filter_str: Test *error_pos more thoroughly
(cherry picked from commit b0366df1d7)
2024-05-22 14:32:36 +03:00
Lasse Collin ba0b5bfe7c Tests: test_filter_flags: Edit comments and style
(cherry picked from commit 2f06920f20)
2024-05-22 14:32:36 +03:00
Lasse Collin d2ed675959 Tests: Fix C99/C11 compatibility when features are disabled
The array could become empty and then the initializer would be
simply {} which is allowed only in GNU-C and C23.

(cherry picked from commit b101e1d1db)
2024-05-22 14:32:36 +03:00
Lasse Collin 09a0311a1e Tests: test_lzip_decoder: Tweak coding style and comments
(cherry picked from commit 86fc4ee859)
2024-05-22 14:32:36 +03:00
Lasse Collin 3117336a02 Tests: test_lzip_decoder: Remove redundant initializations
(cherry picked from commit 38be573a27)
2024-05-22 14:32:36 +03:00
Lasse Collin f78081eb12 Tests: test_lzip_decoder: Remove unneeded tuktest_malloc() calls
(cherry picked from commit d7e4bc53ea)
2024-05-22 14:32:36 +03:00
Lasse Collin 50fb269c7a Tests: test_microlzma: Add a "FIXME?" about LZMA_FINISH handling
(cherry picked from commit fcbd0d1999)
2024-05-22 14:32:36 +03:00
Lasse Collin 3e2ff2d38c Tests: test_microlzma: Tweak comments, coding style, and minor details
A few lines were reordered, a few ARRAY_SIZE were changed to sizeof,
and a few uint32_t were changed to size_t. No real functional changes
were intended.

(cherry picked from commit 0fe2dfa683)
2024-05-22 14:32:36 +03:00
Lasse Collin a594b39685 tests/files/README: Update the main heading.
(cherry picked from commit 6b4c859059)
2024-05-22 14:12:43 +03:00
Lasse Collin fa76e3ef59 tests/files/README: Explain how to recreate the ARM64 test files.
(cherry picked from commit 2a851e06b8)
2024-05-22 14:12:43 +03:00
Lasse Collin ebe9d6d8cb tests/ossfuzz: Tiny fix to a comment.
(cherry picked from commit 408b6adb2a)
2024-05-22 14:12:13 +03:00
Lasse Collin 1107712e37 Remove the backdoor found in 5.6.0 and 5.6.1 (CVE-2024-3094).
While the backdoor was inactive (and thus harmless) without inserting
a small trigger code into the build system when the source package was
created, it's good to remove this anyway:

  - The executable payloads were embedded as binary blobs in
    the test files. This was a blatant violation of the
    Debian Free Software Guidelines.

  - On machines that see lots bots poking at the SSH port, the backdoor
    noticeably increased CPU load, resulting in degraded user experience
    and thus overwhelmingly negative user feedback.

  - The maintainer who added the backdoor has disappeared.

  - Backdoors are bad for security.

This reverts the following without making any other changes:

6e636819 Tests: Update two test files.
a3a29bbd Tests: Test --single-stream can decompress bad-3-corrupt_lzma2.xz.
0b4ccc91 Tests: Update RISC-V test files.
8c9b8b20 liblzma: Fix typos in crc32_fast.c and crc64_fast.c.
82ecc538 liblzma: Fix false Valgrind error report with GCC.
cf44e4b7 Tests: Add a few test files.
3060e107 Tests: Use smaller dictionary size in RISC-V test files.
e2870db5 Tests: Add two RISC-V Filter test files.

The RISC-V test files also have real content that tests the filter
but the real content would fit into much smaller files. A generator
program would need to be available as well.

Thanks to Andres Freund for finding and reporting it and making
it public quickly so others could act without a delay.
See: https://www.openwall.com/lists/oss-security/2024/03/29/4
2024-04-09 18:38:37 +03:00
Jia Tan 74b138d2a6 Tests: Update two test files.
The original files were generated with random local to my machine.
To better reproduce these files in the future, a constant seed was used
to recreate these files.
2024-03-09 10:18:29 +08:00
Jia Tan 3ec6dfd656 Tests: Test --single-stream can decompress bad-3-corrupt_lzma2.xz.
The first stream in this file is valid, so this tests that xz properly
stops after decompressing it.
2024-03-09 10:08:32 +08:00
Jia Tan a67dcce610 Tests: Update RISC-V test files.
This increases code coverage and tests for possible shifting bugs.
2024-03-09 10:05:32 +08:00
Jia Tan cd5de9c1bb Tests: Replace HAVE_MICROLZMA usage in CMake and Autotools builds.
This reverts commit adaacafde6.
2024-03-09 09:49:55 +08:00
Jia Tan 42ee425673 Tests: Correct license header in test_microlzma.c. 2024-02-28 18:31:04 +02:00
Jia Tan cf44e4b7f5 Tests: Add a few test files. 2024-02-23 23:09:59 +08:00
Jia Tan 39f4a1a86a Tests: Add MicroLZMA test. 2024-02-23 20:58:36 +08:00
Lasse Collin 74e8bc7417 CMake: Add test_scripts.sh to the tests.
In contrast to Automake, skipping of this test when decoders
are disabled is handled at CMake side instead of test_scripts.sh
because CMake-build doesn't create config.h.
2024-02-19 12:21:37 +02:00
Lasse Collin 5394a1665b Tests: tuktest.h: Treat Clang separately from GCC.
Don't assume that Clang defines __GNUC__ as the extensions
are available in clang-cl as well (and possibly in some other
Clang variants?).
2024-02-14 21:12:58 +02:00
Lasse Collin cce7330b9f Tests: tuktest.h: Add a missing word to a comment. 2024-02-14 21:11:03 +02:00
Lasse Collin 5dd8fc9452 Tests: tuktest.h: Fix the comment about STest. 2024-02-14 21:10:10 +02:00
Lasse Collin 22af94128b Add SPDX license identifier into 0BSD source code files. 2024-02-14 18:31:16 +02:00
Lasse Collin 689e0228ba Change most public domain parts to 0BSD.
Translations and doc/xz-file-format.txt and doc/lzma-file-format.txt
were not touched.

COPYING.0BSD was added.
2024-02-14 18:31:12 +02:00
Jia Tan 89ea1a22f4 Tests: Add RISC-V filter support in a few places. 2024-02-13 23:33:27 +08:00
Jia Tan 3060e1070b Tests: Use smaller dictionary size in RISC-V test files. 2024-01-23 23:55:44 +08:00
Jia Tan 44ff2fa5c9 Tests: Skip RISC-V test files if decoder was not built. 2024-01-23 23:55:39 +08:00
Jia Tan e2870db5be Tests: Add two RISC-V Filter test files.
These test files achieve 100% code coverage in
src/liblzma/simple/riscv.c. They contain all of the instructions that
should be filtered and a few cases that should not.
2024-01-23 23:05:47 +08:00
Jia Tan ac3691ccca Tests: Add RISC-V Filter test in test_compress.sh. 2024-01-23 23:05:47 +08:00
Jia Tan d0b24efe6c Tests: Silence -Wsign-conversion warning on GCC version < 10.
Since GCC version 10, GCC no longer complains about simple implicit
integer conversions with Arithmetic operators.

For instance:

    uint8_t a = 5;
    uint32_t b = a + 5;

Give a warning on GCC 9 and earlier but this:

    uint8_t a = 5;
    uint32_t b = (a + 5) * 2;

Gives a warning with GCC 10+.
2023-12-07 21:48:07 +08:00
Jia Tan ee2f483500 Tests: Minor cleanups to OSS-Fuzz files.
Most of these fixes are small typos and tweaks. A few were caused by bad
advice from me. Here is the summary of what is changed:

- Author line edits

- Small comment changes/additions

- Using the return value in the error messages in the fuzz targets'
  coder initialization code

- Removed fuzz_encode_stream.options. This set a max length, which may
  prevent some worthwhile code paths from being properly exercised.

- Removed the max_len option from fuzz_decode_stream.options for the
  same reason as fuzz_encode_stream. The alone decoder fuzz target still
  has this restriction.

- Altered the dictionary contents for fuzz_lzma.dict. Instead of keeping
  the properties static and varying the dictionary size, the properties
  are varied and the dictionary size is kept small. The dictionary size
  doesn't have much impact on the code paths but the properties do.

Closes: https://github.com/tukaani-project/xz/pull/73
2023-12-07 20:06:57 +08:00
Maksym Vatsyk 483bb90eec Tests: Add fuzz_encode_stream ossfuzz target.
This fuzz target handles .xz stream encoding. The first byte of input
is used to dynamically set the preset level in order to increase the
fuzz coverage of complex critical code paths.
2023-12-07 20:06:57 +08:00
Maksym Vatsyk 7ca8c9869d Tests: Add fuzz_decode_alone OSS-Fuzz target
This fuzz target that handles LZMA alone decoding. A new fuzz
dictionary .dict was also created with common LZMA header values to
help speed up the discovery of valid headers.
2023-12-07 20:06:57 +08:00
Maksym Vatsyk 37581a77ad Tests: Update OSS-Fuzz Makefile.
All .c files can be built as separate fuzz targets. This simplifies
the Makefile by allowing us to use wildcards instead of having a
Makefile target for each fuzz target.
2023-12-07 20:06:54 +08:00
Maksym Vatsyk 28ce6a1c2a Tests: Move common OSS-Fuzz target code to .h file. 2023-12-07 20:06:54 +08:00
Maksym Vatsyk bf0521ea15 Tests: Rename OSS-Fuzz files. 2023-12-07 20:06:51 +08:00
Kian-Meng Ang 3b3023e00b Tests: Fix typos 2023-11-30 23:08:05 +08:00
Jia Tan ca278eb2b7 Tests: Create test_suffix.sh.
This tests some complicated interactions with the --suffix= option.
The suffix option must be used with --format=raw, but can optionally
be used to override the default .xz suffix.

This test also verifies some recent bugs have been correctly solved
and to hopefully avoid further regressions in the future.
2023-11-18 01:56:05 +08:00
Jia Tan 299920bab9 Tests: Fix typo in a comment. 2023-11-17 20:04:58 +08:00
Jia Tan bbb42412da Build: Remove Gnulib dependency from tests.
The tests do not use any Gnulib replacements so they do not need to link
libgnu.a or have /lib in the include path.
2023-09-26 00:47:26 +08:00
Jia Tan 74c3449d8b Tests: Improve invalid unpadded size check in test_lzma_index_append().
This check was extended to test the code added to fix a failing assert
in ae5c07b22a.
2023-08-28 23:14:45 +08:00