Reject trailing bytes in protocol packets
ci / test (push) Waiting to run
ci / fuzz-smoke (push) Waiting to run
ci / windows-client (push) Waiting to run
ci / package-release (linux-x86_64, ubuntu-latest) (push) Waiting to run
ci / package-release (macos-aarch64, macos-14) (push) Waiting to run
ci / package-release (macos-x86_64, macos-13) (push) Waiting to run
ci / package-release (windows-x86_64, windows-latest) (push) Waiting to run
ci / publish-gitea-release (push) Blocked by required conditions
ci / remote-bench (push) Waiting to run
ci / test (push) Waiting to run
ci / fuzz-smoke (push) Waiting to run
ci / windows-client (push) Waiting to run
ci / package-release (linux-x86_64, ubuntu-latest) (push) Waiting to run
ci / package-release (macos-aarch64, macos-14) (push) Waiting to run
ci / package-release (macos-x86_64, macos-13) (push) Waiting to run
ci / package-release (windows-x86_64, windows-latest) (push) Waiting to run
ci / publish-gitea-release (push) Blocked by required conditions
ci / remote-bench (push) Waiting to run
This commit is contained in:
@@ -58,6 +58,21 @@ fn encrypted_packet_round_trips() {
|
||||
assert_eq!(plain, b"hello");
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn packet_decode_rejects_truncated_or_trailing_datagrams() {
|
||||
let packet =
|
||||
protocol::encode_plain(PacketKind::Ping, crypto::random_16(), 1, 0, b"hello").unwrap();
|
||||
|
||||
let truncated = &packet[..packet.len() - 1];
|
||||
let err = protocol::decode(truncated).unwrap_err();
|
||||
assert!(err.to_string().contains("truncated packet body"));
|
||||
|
||||
let mut trailing = packet.clone();
|
||||
trailing.extend_from_slice(b"junk");
|
||||
let err = protocol::decode(&trailing).unwrap_err();
|
||||
assert!(err.to_string().contains("trailing packet bytes"));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn plaintext_packet_never_decrypts_as_authenticated_body() {
|
||||
let key = crypto::random_32();
|
||||
|
||||
Reference in New Issue
Block a user