Update Unit tests and reference code

This patch adds a suite of tests for OEMCrypto that verifying buffer overflow and off-by-one errors. The reference code has also been updated to pass these tests. The ODK library and the OEMCrypto API have not changed since the release of version 16.4.
2021-01-25 19:51:10 -08:00
parent 7e3c282944
commit bb16924e69
45 changed files with 3119 additions and 489 deletions
--- a/util/src/string_conversions.cpp
+++ b/util/src/string_conversions.cpp
@@ -1,6 +1,6 @@
 // Copyright 2018 Google LLC. All Rights Reserved. This file and proprietary
-// source code may only be used and distributed under the Widevine Master
-// License Agreement.
+// source code may only be used and distributed under the Widevine License
+// Agreement.

 #include "string_conversions.h"

@@ -56,12 +56,12 @@ std::vector<uint8_t> a2b_hex(const std::string& byte) {
    return array;
  }

-  for (unsigned int i = 0; i < count / 2; ++i) {
+  for (size_t i = 0; i < count / 2; ++i) {
    unsigned char msb = 0;  // most significant 4 bits
    unsigned char lsb = 0;  // least significant 4 bits
    if (!DecodeHexChar(byte[i * 2], &msb) ||
        !DecodeHexChar(byte[i * 2 + 1], &lsb)) {
-      LOGE("Invalid hex value %c%c at index %d", byte[i * 2], byte[i * 2 + 1],
+      LOGE("Invalid hex value %c%c at index %zu", byte[i * 2], byte[i * 2 + 1],
           i);
      return array;
    }
@@ -254,6 +254,8 @@ std::vector<uint8_t> Base64SafeDecode(const std::string& b64_input) {
 std::string HexEncode(const uint8_t* in_buffer, unsigned int size) {
  static const char kHexChars[] = "0123456789ABCDEF";
  if (size == 0) return "";
+  constexpr unsigned int kMaxSafeSize = 2048;
+  if (size > kMaxSafeSize) size = kMaxSafeSize;
  // Each input byte creates two output hex characters.
  std::string out_buffer(size * 2, '\0');