OLD | NEW |
1 /* | 1 /* |
2 * Copyright 2011 The WebRTC project authors. All Rights Reserved. | 2 * Copyright 2011 The WebRTC project authors. All Rights Reserved. |
3 * | 3 * |
4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
9 */ | 9 */ |
10 | 10 |
(...skipping 3293 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3304 } | 3304 } |
3305 | 3305 |
3306 TEST_F(WebRtcSdpTest, SerializeUnifiedPlanSessionDescription) { | 3306 TEST_F(WebRtcSdpTest, SerializeUnifiedPlanSessionDescription) { |
3307 MakeUnifiedPlanDescription(); | 3307 MakeUnifiedPlanDescription(); |
3308 TestSerialize(jdesc_, true); | 3308 TestSerialize(jdesc_, true); |
3309 } | 3309 } |
3310 | 3310 |
3311 // Regression test for heap overflow bug: | 3311 // Regression test for heap overflow bug: |
3312 // https://bugs.chromium.org/p/chromium/issues/detail?id=647916 | 3312 // https://bugs.chromium.org/p/chromium/issues/detail?id=647916 |
3313 TEST_F(WebRtcSdpTest, DeserializeSctpPortInVideoDescription) { | 3313 TEST_F(WebRtcSdpTest, DeserializeSctpPortInVideoDescription) { |
3314 JsepSessionDescription jdesc_output(kDummyString); | |
3315 | |
3316 // The issue occurs when the sctp-port attribute is found in a video | 3314 // The issue occurs when the sctp-port attribute is found in a video |
3317 // description. The actual heap overflow occurs when parsing the fmtp line. | 3315 // description. The actual heap overflow occurs when parsing the fmtp line. |
3318 const char kSdpWithSctpPortInVideoDescription[] = | 3316 static const char kSdpWithSctpPortInVideoDescription[] = |
3319 "v=0\r\n" | 3317 "v=0\r\n" |
3320 "o=- 18446744069414584320 18446462598732840960 IN IP4 127.0.0.1\r\n" | 3318 "o=- 18446744069414584320 18446462598732840960 IN IP4 127.0.0.1\r\n" |
3321 "s=-\r\n" | 3319 "s=-\r\n" |
3322 "t=0 0\r\n" | 3320 "t=0 0\r\n" |
3323 "m=video 9 UDP/DTLS/SCTP 120\r\n" | 3321 "m=video 9 UDP/DTLS/SCTP 120\r\n" |
3324 "a=sctp-port 5000\r\n" | 3322 "a=sctp-port 5000\r\n" |
3325 "a=fmtp:108 foo=10\r\n"; | 3323 "a=fmtp:108 foo=10\r\n"; |
3326 | 3324 |
3327 ExpectParseFailure(std::string(kSdpWithSctpPortInVideoDescription), | 3325 ExpectParseFailure(std::string(kSdpWithSctpPortInVideoDescription), |
3328 "sctp-port"); | 3326 "sctp-port"); |
3329 } | 3327 } |
3330 | 3328 |
3331 // Regression test for integer overflow bug: | 3329 // Regression test for integer overflow bug: |
3332 // https://bugs.chromium.org/p/chromium/issues/detail?id=648071 | 3330 // https://bugs.chromium.org/p/chromium/issues/detail?id=648071 |
3333 TEST_F(WebRtcSdpTest, DeserializeLargeBandwidthLimit) { | 3331 TEST_F(WebRtcSdpTest, DeserializeLargeBandwidthLimit) { |
3334 JsepSessionDescription jdesc_output(kDummyString); | |
3335 | |
3336 // Bandwidth attribute is the max signed 32-bit int, which will get | 3332 // Bandwidth attribute is the max signed 32-bit int, which will get |
3337 // multiplied by 1000 and cause int overflow if not careful. | 3333 // multiplied by 1000 and cause int overflow if not careful. |
3338 const char kSdpWithLargeBandwidth[] = | 3334 static const char kSdpWithLargeBandwidth[] = |
3339 "v=0\r\n" | 3335 "v=0\r\n" |
3340 "o=- 18446744069414584320 18446462598732840960 IN IP4 127.0.0.1\r\n" | 3336 "o=- 18446744069414584320 18446462598732840960 IN IP4 127.0.0.1\r\n" |
3341 "s=-\r\n" | 3337 "s=-\r\n" |
3342 "t=0 0\r\n" | 3338 "t=0 0\r\n" |
3343 "m=video 3457 RTP/SAVPF 120\r\n" | 3339 "m=video 3457 RTP/SAVPF 120\r\n" |
3344 "b=AS:2147483647\r\n" | 3340 "b=AS:2147483647\r\n" |
3345 "foo=fail\r\n"; | 3341 "foo=fail\r\n"; |
3346 | 3342 |
3347 ExpectParseFailure(std::string(kSdpWithLargeBandwidth), "foo=fail"); | 3343 ExpectParseFailure(std::string(kSdpWithLargeBandwidth), "foo=fail"); |
3348 } | 3344 } |
| 3345 |
| 3346 // Test that "ufrag"/"pwd" in the candidate line itself are ignored, and only |
| 3347 // the "a=ice-ufrag"/"a=ice-pwd" attributes are used. |
| 3348 // Regression test for: |
| 3349 // https://bugs.chromium.org/p/chromium/issues/detail?id=681286 |
| 3350 TEST_F(WebRtcSdpTest, IceCredentialsInCandidateStringIgnored) { |
| 3351 // Important piece is "ufrag foo pwd bar". |
| 3352 static const char kSdpWithIceCredentialsInCandidateString[] = |
| 3353 "v=0\r\n" |
| 3354 "o=- 18446744069414584320 18446462598732840960 IN IP4 127.0.0.1\r\n" |
| 3355 "s=-\r\n" |
| 3356 "t=0 0\r\n" |
| 3357 "m=audio 9 RTP/SAVPF 111\r\n" |
| 3358 "c=IN IP4 0.0.0.0\r\n" |
| 3359 "a=rtcp:9 IN IP4 0.0.0.0\r\n" |
| 3360 "a=ice-ufrag:ufrag_voice\r\na=ice-pwd:pwd_voice\r\n" |
| 3361 "a=rtpmap:111 opus/48000/2\r\n" |
| 3362 "a=candidate:a0+B/1 1 udp 2130706432 192.168.1.5 1234 typ host " |
| 3363 "generation 2 ufrag foo pwd bar\r\n"; |
| 3364 |
| 3365 JsepSessionDescription jdesc_output(kDummyString); |
| 3366 EXPECT_TRUE( |
| 3367 SdpDeserialize(kSdpWithIceCredentialsInCandidateString, &jdesc_output)); |
| 3368 const IceCandidateCollection* candidates = jdesc_output.candidates(0); |
| 3369 ASSERT_NE(nullptr, candidates); |
| 3370 ASSERT_EQ(1, candidates->count()); |
| 3371 cricket::Candidate c = candidates->at(0)->candidate(); |
| 3372 EXPECT_EQ("ufrag_voice", c.username()); |
| 3373 EXPECT_EQ("pwd_voice", c.password()); |
| 3374 } |
OLD | NEW |