diff options
author | Anders Svensson <[email protected]> | 2015-03-24 13:20:36 +0100 |
---|---|---|
committer | Anders Svensson <[email protected]> | 2015-03-27 07:21:27 +0100 |
commit | f3e95a4d4278fda5a0648943020bdf0026219f7c (patch) | |
tree | 356dd6f2f5373c4f9417bec0d4ff9b598169af9b /lib/diameter/test/diameter_codec_test.erl | |
parent | 545ff7783cebddc2ca5b2af67a6f13b1a01a4d03 (diff) | |
download | otp-f3e95a4d4278fda5a0648943020bdf0026219f7c.tar.gz otp-f3e95a4d4278fda5a0648943020bdf0026219f7c.tar.bz2 otp-f3e95a4d4278fda5a0648943020bdf0026219f7c.zip |
Limit DiameterURI ports to 0-65535 digits on decode
A port number is a 16-bit integer, but the regexp used to parse it in
commit 1590920 slavishly followed the RFC 6733 grammar in matching an
arbitrary number of digits. Make decode fail if it's anything more than
5, to avoid doing erlang:list_to_integer/1 on arbitrarily large lists.
Also make it fail if the resulting integer is outside of the expected
range.
Diffstat (limited to 'lib/diameter/test/diameter_codec_test.erl')
-rw-r--r-- | lib/diameter/test/diameter_codec_test.erl | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/lib/diameter/test/diameter_codec_test.erl b/lib/diameter/test/diameter_codec_test.erl index 854b71ba93..11fa82cfa1 100644 --- a/lib/diameter/test/diameter_codec_test.erl +++ b/lib/diameter/test/diameter_codec_test.erl @@ -352,14 +352,16 @@ values('DiameterURI') -> {[], ["aaa" ++ S ++ "://diameter.se" ++ P ++ Tr ++ Pr || S <- ["", "s"], - P <- ["", ":1234"], + P <- ["", ":1234", ":0", ":65535"], Tr <- ["" | [";transport=" ++ X || X <- ["tcp", "sctp", "udp"]]], Pr <- ["" | [";protocol=" ++ X || X <- ["diameter","radius","tacacs+"]]], Tr /= ";transport=udp" orelse (Pr /= ";protocol=diameter" andalso Pr /= "")], - ["aaa://diameter.se;transport=udp;protocol=diameter", + ["aaa://diameter.se:65536", + "aaa://diameter.se:-1", + "aaa://diameter.se;transport=udp;protocol=diameter", "aaa://diameter.se;transport=udp", "aaa://:3868", "aaax://diameter.se", |