From 9d8aaf3aba0ff7ce376da849a37368bfbda5a83b Mon Sep 17 00:00:00 2001 From: Miguel Company Date: Wed, 3 Feb 2021 15:43:42 +0100 Subject: [PATCH 1/2] Added tampered buffer deserialization tests Signed-off-by: Miguel Company --- .../test/test_serialize_deserialize.cpp | 53 +++++++++++++++++++ 1 file changed, 53 insertions(+) diff --git a/test_rmw_implementation/test/test_serialize_deserialize.cpp b/test_rmw_implementation/test/test_serialize_deserialize.cpp index 89febc9b..32be08ce 100644 --- a/test_rmw_implementation/test/test_serialize_deserialize.cpp +++ b/test_rmw_implementation/test/test_serialize_deserialize.cpp @@ -23,6 +23,8 @@ #include "test_msgs/msg/basic_types.h" #include "test_msgs/msg/basic_types.hpp" +#include "test_msgs/msg/unbounded_sequences.h" +#include "test_msgs/msg/unbounded_sequences.hpp" #include "./allocator_testing_utils.h" @@ -141,6 +143,57 @@ TEST_F(CLASSNAME(TestSerializeDeserialize, RMW_IMPLEMENTATION), clean_round_trip rmw_get_error_string().str; } +TEST_F(CLASSNAME(TestSerializeDeserialize, RMW_IMPLEMENTATION), tampered_buffer_for_c_message) { + const rosidl_message_type_support_t * ts{ + ROSIDL_GET_MSG_TYPE_SUPPORT(test_msgs, msg, UnboundedSequences)}; + test_msgs__msg__UnboundedSequences message{}; + ASSERT_TRUE(test_msgs__msg__UnboundedSequences__init(&message)); + rcutils_allocator_t default_allocator = rcutils_get_default_allocator(); + rmw_serialized_message_t serialized_message = rmw_get_zero_initialized_serialized_message(); + ASSERT_EQ( + RMW_RET_OK, rmw_serialized_message_init( + &serialized_message, 0lu, &default_allocator)) << rmw_get_error_string().str; + + rmw_ret_t ret = rmw_serialize(&message, ts, &serialized_message); + EXPECT_EQ(RMW_RET_OK, ret) << rmw_get_error_string().str; + EXPECT_NE(nullptr, serialized_message.buffer); + EXPECT_GT(serialized_message.buffer_length, 0lu); + + // Tamper the serialized message to force deserialization failure + memset(serialized_message.buffer, 0xFF, serialized_message.buffer_length); + + ret = rmw_deserialize(&serialized_message, ts, &message); + EXPECT_NE(RMW_RET_OK, ret) << rmw_get_error_string().str; + + EXPECT_EQ(RMW_RET_OK, rmw_serialized_message_fini(&serialized_message)) << + rmw_get_error_string().str; +} + +TEST_F(CLASSNAME(TestSerializeDeserialize, RMW_IMPLEMENTATION), tampered_buffer_for_cpp_message) { + const rosidl_message_type_support_t * ts = + rosidl_typesupport_cpp::get_message_type_support_handle(); + test_msgs::msg::UnboundedSequences message{}; + rcutils_allocator_t default_allocator = rcutils_get_default_allocator(); + rmw_serialized_message_t serialized_message = rmw_get_zero_initialized_serialized_message(); + ASSERT_EQ( + RMW_RET_OK, rmw_serialized_message_init( + &serialized_message, 0lu, &default_allocator)) << rmw_get_error_string().str; + + rmw_ret_t ret = rmw_serialize(&message, ts, &serialized_message); + EXPECT_EQ(RMW_RET_OK, ret) << rmw_get_error_string().str; + EXPECT_NE(nullptr, serialized_message.buffer); + EXPECT_GT(serialized_message.buffer_length, 0lu); + + // Tamper the serialized message to force deserialization failure + memset(serialized_message.buffer, 0xFF, serialized_message.buffer_length); + + ret = rmw_deserialize(&serialized_message, ts, &message); + EXPECT_NE(RMW_RET_OK, ret) << rmw_get_error_string().str; + + EXPECT_EQ(RMW_RET_OK, rmw_serialized_message_fini(&serialized_message)) << + rmw_get_error_string().str; +} + TEST_F(CLASSNAME(TestSerializeDeserialize, RMW_IMPLEMENTATION), rmw_get_serialized_message_size) { if (rmw_get_serialized_message_size(nullptr, nullptr, nullptr) != RMW_RET_UNSUPPORTED) { From a22059126090d544afb82f06749a68f56243205d Mon Sep 17 00:00:00 2001 From: Miguel Company Date: Wed, 3 Feb 2021 16:15:22 +0100 Subject: [PATCH 2/2] Keep linters happy. Signed-off-by: Miguel Company --- test_rmw_implementation/test/test_serialize_deserialize.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test_rmw_implementation/test/test_serialize_deserialize.cpp b/test_rmw_implementation/test/test_serialize_deserialize.cpp index 32be08ce..661344cb 100644 --- a/test_rmw_implementation/test/test_serialize_deserialize.cpp +++ b/test_rmw_implementation/test/test_serialize_deserialize.cpp @@ -158,7 +158,7 @@ TEST_F(CLASSNAME(TestSerializeDeserialize, RMW_IMPLEMENTATION), tampered_buffer_ EXPECT_EQ(RMW_RET_OK, ret) << rmw_get_error_string().str; EXPECT_NE(nullptr, serialized_message.buffer); EXPECT_GT(serialized_message.buffer_length, 0lu); - + // Tamper the serialized message to force deserialization failure memset(serialized_message.buffer, 0xFF, serialized_message.buffer_length); @@ -183,7 +183,7 @@ TEST_F(CLASSNAME(TestSerializeDeserialize, RMW_IMPLEMENTATION), tampered_buffer_ EXPECT_EQ(RMW_RET_OK, ret) << rmw_get_error_string().str; EXPECT_NE(nullptr, serialized_message.buffer); EXPECT_GT(serialized_message.buffer_length, 0lu); - + // Tamper the serialized message to force deserialization failure memset(serialized_message.buffer, 0xFF, serialized_message.buffer_length);