X-Git-Url: https://gerrit.simantics.org/r/gitweb?a=blobdiff_plain;f=bundles%2Forg.simantics.databoard%2Ftestcases%2Forg%2Fsimantics%2Fdataboard%2Ftests%2FTestMaliciousData.java;fp=bundles%2Forg.simantics.databoard%2Ftestcases%2Forg%2Fsimantics%2Fdataboard%2Ftests%2FTestMaliciousData.java;h=f1bd1dcacdbf52a9ec224050526966fa972fca01;hb=969bd23cab98a79ca9101af33334000879fb60c5;hp=0000000000000000000000000000000000000000;hpb=866dba5cd5a3929bbeae85991796acb212338a08;p=simantics%2Fplatform.git diff --git a/bundles/org.simantics.databoard/testcases/org/simantics/databoard/tests/TestMaliciousData.java b/bundles/org.simantics.databoard/testcases/org/simantics/databoard/tests/TestMaliciousData.java new file mode 100644 index 000000000..f1bd1dcac --- /dev/null +++ b/bundles/org.simantics.databoard/testcases/org/simantics/databoard/tests/TestMaliciousData.java @@ -0,0 +1,123 @@ +package org.simantics.databoard.tests; + +import java.io.IOException; +import java.util.List; +import java.util.Map; + +import junit.framework.Assert; + +import org.junit.Test; +import org.simantics.databoard.Bindings; +import org.simantics.databoard.binding.Binding; +import org.simantics.databoard.serialization.Serializer; + +/** + * + * @author Toni Kalajainen + */ +public class TestMaliciousData { + + public @Test void testArray() throws Exception { + + + Binding b = Bindings.getBinding(List.class, Integer.class); + Serializer s = Bindings.getSerializer(b); + + // negative array length + try { + byte[] data = new byte[] {-1, -1, -1, -1, 0, 1, 2, 3, 4}; + s.deserialize(data); + Assert.fail("Deserialization did not fail expectedly on negative length array"); + } catch (IOException e) { + // Expected exception + } + + // too big array + try { + byte[] data = new byte[] {10, 10, 10, 10, 0, 1, 2, 3, 4}; + s.deserialize(data); + Assert.fail("Deserialization did not fail expectedly on too long array"); + } catch (IOException e) { + // Expected exception + } + + // OK Data + try { + byte[] data = new byte[] {0, 0, 0, 1, 0, 1, 2, 3}; + s.deserialize(data); + } catch (IOException e) { + Assert.fail("Deserialization did not work"); + } + + } + + public @Test void testBooleanArray() throws Exception { + + + Binding b = Bindings.BOOLEAN_ARRAY; + Serializer s = Bindings.getSerializer(b); + + // negative array length + try { + byte[] data = new byte[] {-1, -1, -1, -1, 0, 1, 2, 3, 4}; + s.deserialize(data); + Assert.fail("Deserialization did not fail expectedly on negative length array"); + } catch (IOException e) { + // Expected exception + } + + // too big array + try { + byte[] data = new byte[] {10, 10, 10, 10, 0, 1, 2, 3, 4}; + s.deserialize(data); + Assert.fail("Deserialization did not fail expectedly on too long array"); + } catch (IOException e) { + // Expected exception + } + + // OK Data + try { + byte[] data = new byte[] {0, 0, 0, 1, 1}; + s.deserialize(data); + } catch (IOException e) { + Assert.fail("Deserialization did not work"); + } + + } + + public @Test void testMap() throws Exception { + + + Binding b = Bindings.getBinding(Map.class, Integer.class, Integer.class); + Serializer s = Bindings.getSerializer(b); + + // negative array length + try { + byte[] data = new byte[] {-1, -1, -1, -1, 0, 1, 2, 3, 4, 5, 6, 7}; + s.deserialize(data); + Assert.fail("Deserialization did not fail expectedly on negative length array"); + } catch (IOException e) { + // Expected exception + } + + // too big array + try { + byte[] data = new byte[] {10, 10, 10, 10, 0, 1, 2, 3, 4}; + s.deserialize(data); + Assert.fail("Deserialization did not fail expectedly on too long array"); + } catch (IOException e) { + // Expected exception + } + + // OK Data + try { + byte[] data = new byte[] {0, 0, 0, 1, 1, 0, 0, 0, 1, 0, 0, 0}; + s.deserialize(data); + } catch (IOException e) { + Assert.fail("Deserialization did not work"); + } + + } + + +}