Add test for keyslot area overflow during validation.

2025-12-10 18:30:00 +01:00 · 2022-06-16 13:59:10 +02:00
parent dfd96d8a39
commit 279490b622
2 changed files with 41 additions and 0 deletions
--- a/tests/generators/generate-luks2-keyslot-invalid-area-size.img.sh
+++ b/tests/generators/generate-luks2-keyslot-invalid-area-size.img.sh
@@ -0,0 +1,40 @@
+#!/bin/bash
+
+. lib.sh
+
+#
+# *** Description ***
+#
+# generate header with well-formed json format
+# where keyslot area object size is UINT64_MAX and will overflow with added length
+#
+
+# $1 full target dir
+# $2 full source luks2 image
+
+function generate()
+{
+	json_str=$(jq -c '.keyslots."0"."area".size = "18446744073709551615"' $TMPDIR/json0)
+	test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2
+
+	write_luks2_json "$json_str" $TMPDIR/json0
+	write_luks2_json "$json_str" $TMPDIR/json1
+
+	lib_mangle_json_hdr0
+	lib_mangle_json_hdr1
+}
+
+function check()
+{
+	lib_hdr0_checksum || exit 2
+	lib_hdr1_checksum || exit 2
+
+	read_luks2_json0 $TGT_IMG $TMPDIR/json_res0
+	jq -c 'if (.keyslots."0"."area".size != "18446744073709551615")
+	       then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5
+}
+
+lib_prepare $@
+generate
+check
+lib_cleanup
--- a/tests/luks2-validation-test
+++ b/tests/luks2-validation-test
@@ -240,6 +240,7 @@ echo "[7] Test invalid metadata object property"
 RUN luks2-invalid-tokens.img				"F" "Invalid tokens objects not rejected"
 RUN luks2-invalid-top-objects.img			"F" "Invalid top-level objects not rejected"
 RUN luks2-keyslot-invalid-area.img			"F" "Invalid keyslot area object not rejected"
+RUN luks2-keyslot-invalid-area-size.img			"F" "Invalid keyslot area size that can overflow not rejected"
 RUN luks2-keyslot-invalid-objects.img			"F" "Invalid keyslot objects not rejected"
 RUN luks2-keyslot-invalid-af.img			"F" "Invalid keyslot objects types not rejected"