fix test_strn_ne handling of differing lengths#29390
fix test_strn_ne handling of differing lengths#29390TharakaUJ wants to merge 1 commit intoopenssl:masterfrom
Conversation
|
I would expect some test case(s) in test/test.c showing expected behaviour. |
|
The fix is more complicated. The strings could be short and still equal as per A better fix is: if ((s1 == NULL) ^ (s2 == NULL))
return 1;
if (s1 == NULL) {
test_fail_string_message(NULL, file, line, "string", st1, st2, "!=", NULL, 0, NULL, 0);
return 0;
}
if (strncmp(s1, s2, n1 > n2 ? n2 : n1) == 0) {
test_fail_string_message(NULL, file, line, "string", st1, st2, "!=",
s1, OPENSSL_strnlen(s1, n1),
s2, OPENSSL_strnlen(s2, n2));
return 0;
}
return 1;Still, I think that this test is broken. Two lengths just doesn't make any sense. There should only be one length passed in being the length to be passed to The My suggestion would be to make both functions only take one length argument and to fix the one caller. |
|
I’ve added some test cases to cover the edge scenarios discussed. I didn’t change I also realized that I also noticed that Also thank you for the support! |
github-actions
bot
added
the
severity: fips change
Update test_strn_ne() to compare strings only up to the shorter length when the provided length parameters differ. The test now correctly fails when the strings differ within that range. Tests covering edge cases are added. CLA: trivial
| @@ -320,7 +320,7 @@ int test_strn_ne(const char *file, int line, const char *st1, const char *st2, | |||
| { | |||
| if ((s1 == NULL) ^ (s2 == NULL)) | |||
| return 1; | |||
| if (n1 != n2 || s1 == NULL || strncmp(s1, s2, n1) == 0) { | |||
| if (s1 == NULL || strncmp(s1, s2, n1 > n2 ? n2 : n1) == 0) { | |||
There was a problem hiding this comment.
I'm still not convinced this is a useful change. When the two lengths are not equal, then the strings are not equal. Do you have a specific use case for this?
There was a problem hiding this comment.
For strncmp(3) this isn't necessarily true. IMO, this was a poorly chosen API. It should either have had a single length parameter or three (one each for the buffer sizes and a third for the comparison length).
I suggest that, instead of trying to fix this, the API be redesigned with more reasonable arguments. The two length comparisons are only used in two places and then on the _eq falvour is called. I.e. drop TEST_strn2_ne since it's unused. This solves the problematic case complete. We could also drop TEST_strn_ne which is also unused and then remove this function entirely. If we don't drop TEST_strn_ne, we should change this function to only accept a single length argument.
There was a problem hiding this comment.
I meant it for the n1 != n2 but yes, I agree
|
I've done an alternative in #29627 that solves this problem by dropping the second length argument. |
|
Given that the alternative PR has the required approvals, I'm going to close this one. |
4 participants
test_strn_ne() incorrectly reported equality when the comparison lengths differed. Treat differing n values as not equal, matching the intended semantics.
CLA: trivial
Fixes #23386