Commit Graph

241 Commits

Author SHA1 Message Date
Lasse Collin cd88423e76 Tests: test_index: Replace if-statements with tuktest assertions 2024-04-27 14:59:55 +03:00
Lasse Collin 7f865577a6 Tests: test_index: Make it clear that my_alloc() has no integer overflows
liblzma guarantees that the product of the allocation size arguments
will fit in size_t.

Putting the pre-increment in the if-statement was clearly wrong
although in practice it didn't matter here as the function is
called only a couple of times.
2024-04-27 14:56:16 +03:00
Lasse Collin 12313a3b65 Tests: test_index: Verify also iter.block.number_in_stream 2024-04-27 14:51:52 +03:00
Lasse Collin ad2654010d Tests: test_index: Check cases that aren't a multiple of 4 bytes 2024-04-27 14:51:06 +03:00
Lasse Collin 2524fcf2b6 Tests: test_index: Edit comments and white space 2024-04-27 14:40:25 +03:00
Lasse Collin 3ac8a9bb4c Tests: test_filter_str: Add a few assertions 2024-04-23 16:35:33 +03:00
Lasse Collin 26c69be805 Tests: test_filter_str: Move one assertion and add a comment 2024-04-23 16:35:08 +03:00
Lasse Collin 4f6af853bc Tests: test_filter_str: Tweak comments and white space 2024-04-23 16:26:06 +03:00
Lasse Collin c92663aa1b Tests: test_filter_str: Add missing RISC-V case
Fixes: 89ea1a22f4
2024-04-23 16:25:22 +03:00
Lasse Collin b0366df1d7 Tests: test_filter_str: Test *error_pos more thoroughly 2024-04-22 23:01:53 +03:00
Lasse Collin 2f06920f20 Tests: test_filter_flags: Edit comments and style 2024-04-22 18:35:19 +03:00
Lasse Collin b101e1d1db Tests: Fix C99/C11 compatibility when features are disabled
The array could become empty and then the initializer would be
simply {} which is allowed only in GNU-C and C23.
2024-04-22 16:39:44 +03:00
Lasse Collin 86fc4ee859 Tests: test_lzip_decoder: Tweak coding style and comments 2024-04-19 20:53:24 +03:00
Lasse Collin 38be573a27 Tests: test_lzip_decoder: Remove redundant initializations 2024-04-19 20:51:36 +03:00
Lasse Collin d7e4bc53ea Tests: test_lzip_decoder: Remove unneeded tuktest_malloc() calls 2024-04-19 20:47:24 +03:00
Lasse Collin fcbd0d1999 Tests: test_microlzma: Add a "FIXME?" about LZMA_FINISH handling 2024-04-13 22:39:10 +03:00
Lasse Collin 0fe2dfa683 Tests: test_microlzma: Tweak comments, coding style, and minor details
A few lines were reordered, a few ARRAY_SIZE were changed to sizeof,
and a few uint32_t were changed to size_t. No real functional changes
were intended.
2024-04-13 21:01:10 +03:00
Lasse Collin 6b4c859059 tests/files/README: Update the main heading. 2024-04-09 18:22:27 +03:00
Lasse Collin 2a851e06b8 tests/files/README: Explain how to recreate the ARM64 test files. 2024-04-09 18:22:27 +03:00
Lasse Collin 408b6adb2a tests/ossfuzz: Tiny fix to a comment. 2024-04-09 18:22:27 +03:00
Lasse Collin e93e13c8b3 Remove the backdoor found in 5.6.0 and 5.6.1 (CVE-2024-3094).
While the backdoor was inactive (and thus harmless) without inserting
a small trigger code into the build system when the source package was
created, it's good to remove this anyway:

  - The executable payloads were embedded as binary blobs in
    the test files. This was a blatant violation of the
    Debian Free Software Guidelines.

  - On machines that see lots bots poking at the SSH port, the backdoor
    noticeably increased CPU load, resulting in degraded user experience
    and thus overwhelmingly negative user feedback.

  - The maintainer who added the backdoor has disappeared.

  - Backdoors are bad for security.

This reverts the following without making any other changes:

6e636819 Tests: Update two test files.
a3a29bbd Tests: Test --single-stream can decompress bad-3-corrupt_lzma2.xz.
0b4ccc91 Tests: Update RISC-V test files.
8c9b8b20 liblzma: Fix typos in crc32_fast.c and crc64_fast.c.
82ecc538 liblzma: Fix false Valgrind error report with GCC.
cf44e4b7 Tests: Add a few test files.
3060e107 Tests: Use smaller dictionary size in RISC-V test files.
e2870db5 Tests: Add two RISC-V Filter test files.

The RISC-V test files also have real content that tests the filter
but the real content would fit into much smaller files. A generator
program would need to be available as well.

Thanks to Andres Freund for finding and reporting it and making
it public quickly so others could act without a delay.
See: https://www.openwall.com/lists/oss-security/2024/03/29/4
2024-04-09 17:57:39 +03:00
Jia Tan 6e636819e8 Tests: Update two test files.
The original files were generated with random local to my machine.
To better reproduce these files in the future, a constant seed was used
to recreate these files.
2024-03-09 10:18:29 +08:00
Jia Tan a3a29bbd5d Tests: Test --single-stream can decompress bad-3-corrupt_lzma2.xz.
The first stream in this file is valid, so this tests that xz properly
stops after decompressing it.
2024-03-09 10:08:32 +08:00
Jia Tan 0b4ccc9145 Tests: Update RISC-V test files.
This increases code coverage and tests for possible shifting bugs.
2024-03-09 10:05:32 +08:00
Jia Tan b93a8d7631 Tests: Replace HAVE_MICROLZMA usage in CMake and Autotools builds.
This reverts commit adaacafde6.
2024-03-09 09:49:55 +08:00
Jia Tan 9eed1b9a3a Tests: Correct license header in test_microlzma.c. 2024-02-26 19:56:25 +08:00
Jia Tan cf44e4b7f5 Tests: Add a few test files. 2024-02-23 23:09:59 +08:00
Jia Tan 39f4a1a86a Tests: Add MicroLZMA test. 2024-02-23 20:58:36 +08:00
Lasse Collin 74e8bc7417 CMake: Add test_scripts.sh to the tests.
In contrast to Automake, skipping of this test when decoders
are disabled is handled at CMake side instead of test_scripts.sh
because CMake-build doesn't create config.h.
2024-02-19 12:21:37 +02:00
Lasse Collin 5394a1665b Tests: tuktest.h: Treat Clang separately from GCC.
Don't assume that Clang defines __GNUC__ as the extensions
are available in clang-cl as well (and possibly in some other
Clang variants?).
2024-02-14 21:12:58 +02:00
Lasse Collin cce7330b9f Tests: tuktest.h: Add a missing word to a comment. 2024-02-14 21:11:03 +02:00
Lasse Collin 5dd8fc9452 Tests: tuktest.h: Fix the comment about STest. 2024-02-14 21:10:10 +02:00
Lasse Collin 22af94128b Add SPDX license identifier into 0BSD source code files. 2024-02-14 18:31:16 +02:00
Lasse Collin 689e0228ba Change most public domain parts to 0BSD.
Translations and doc/xz-file-format.txt and doc/lzma-file-format.txt
were not touched.

COPYING.0BSD was added.
2024-02-14 18:31:12 +02:00
Jia Tan 89ea1a22f4 Tests: Add RISC-V filter support in a few places. 2024-02-13 23:33:27 +08:00
Jia Tan 3060e1070b Tests: Use smaller dictionary size in RISC-V test files. 2024-01-23 23:55:44 +08:00
Jia Tan 44ff2fa5c9 Tests: Skip RISC-V test files if decoder was not built. 2024-01-23 23:55:39 +08:00
Jia Tan e2870db5be Tests: Add two RISC-V Filter test files.
These test files achieve 100% code coverage in
src/liblzma/simple/riscv.c. They contain all of the instructions that
should be filtered and a few cases that should not.
2024-01-23 23:05:47 +08:00
Jia Tan ac3691ccca Tests: Add RISC-V Filter test in test_compress.sh. 2024-01-23 23:05:47 +08:00
Jia Tan d0b24efe6c Tests: Silence -Wsign-conversion warning on GCC version < 10.
Since GCC version 10, GCC no longer complains about simple implicit
integer conversions with Arithmetic operators.

For instance:

    uint8_t a = 5;
    uint32_t b = a + 5;

Give a warning on GCC 9 and earlier but this:

    uint8_t a = 5;
    uint32_t b = (a + 5) * 2;

Gives a warning with GCC 10+.
2023-12-07 21:48:07 +08:00
Jia Tan ee2f483500 Tests: Minor cleanups to OSS-Fuzz files.
Most of these fixes are small typos and tweaks. A few were caused by bad
advice from me. Here is the summary of what is changed:

- Author line edits

- Small comment changes/additions

- Using the return value in the error messages in the fuzz targets'
  coder initialization code

- Removed fuzz_encode_stream.options. This set a max length, which may
  prevent some worthwhile code paths from being properly exercised.

- Removed the max_len option from fuzz_decode_stream.options for the
  same reason as fuzz_encode_stream. The alone decoder fuzz target still
  has this restriction.

- Altered the dictionary contents for fuzz_lzma.dict. Instead of keeping
  the properties static and varying the dictionary size, the properties
  are varied and the dictionary size is kept small. The dictionary size
  doesn't have much impact on the code paths but the properties do.

Closes: https://github.com/tukaani-project/xz/pull/73
2023-12-07 20:06:57 +08:00
Maksym Vatsyk 483bb90eec Tests: Add fuzz_encode_stream ossfuzz target.
This fuzz target handles .xz stream encoding. The first byte of input
is used to dynamically set the preset level in order to increase the
fuzz coverage of complex critical code paths.
2023-12-07 20:06:57 +08:00
Maksym Vatsyk 7ca8c9869d Tests: Add fuzz_decode_alone OSS-Fuzz target
This fuzz target that handles LZMA alone decoding. A new fuzz
dictionary .dict was also created with common LZMA header values to
help speed up the discovery of valid headers.
2023-12-07 20:06:57 +08:00
Maksym Vatsyk 37581a77ad Tests: Update OSS-Fuzz Makefile.
All .c files can be built as separate fuzz targets. This simplifies
the Makefile by allowing us to use wildcards instead of having a
Makefile target for each fuzz target.
2023-12-07 20:06:54 +08:00
Maksym Vatsyk 28ce6a1c2a Tests: Move common OSS-Fuzz target code to .h file. 2023-12-07 20:06:54 +08:00
Maksym Vatsyk bf0521ea15 Tests: Rename OSS-Fuzz files. 2023-12-07 20:06:51 +08:00
Kian-Meng Ang 3b3023e00b Tests: Fix typos 2023-11-30 23:08:05 +08:00
Jia Tan ca278eb2b7 Tests: Create test_suffix.sh.
This tests some complicated interactions with the --suffix= option.
The suffix option must be used with --format=raw, but can optionally
be used to override the default .xz suffix.

This test also verifies some recent bugs have been correctly solved
and to hopefully avoid further regressions in the future.
2023-11-18 01:56:05 +08:00
Jia Tan 299920bab9 Tests: Fix typo in a comment. 2023-11-17 20:04:58 +08:00
Jia Tan bbb42412da Build: Remove Gnulib dependency from tests.
The tests do not use any Gnulib replacements so they do not need to link
libgnu.a or have /lib in the include path.
2023-09-26 00:47:26 +08:00