gazagnaire.org / ocaml-protobuf
Protocol Buffers codec for hand-written schemas
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

protobuf: shorten test identifiers to satisfy merlint E320

Merlint caps identifiers at 4 underscores; CVE-numbered test names
with year + CVE-number + description crossed it. Drop the year
component, keep just the CVE number prefix:

test_cve_2015_5237_huge_length -> test_cve5237_huge_length
test_cve_2021_22569_many_small_groups -> test_cve22569_many_small
test_cve_2022_3171_group_wire_type_4 -> test_cve3171_group_wt4
...

Also trim:

test_unknowns_empty_when_schema_matches -> test_unknowns_empty_on_match
test_int32_negative_is_10_bytes -> test_int32_neg_10_bytes

Bodies and comments unchanged; CVE references stay in the docstring
comments so the provenance is still visible.

Merlint issue count drops from 57 to 25 (documentation nits remain).

Thomas Gazagnaire c57c92ce ab9c81ee

+26 -26
+24 -24
test/test_protobuf.ml
··· 369 369 Alcotest.(check string) "b survived" "hello" v2'.b; 370 370 Alcotest.(check (list int32)) "c survived" [ 1l; 2l; 3l ] v2'.c) 371 371 372 - let test_unknowns_empty_when_schema_matches () = 372 + let test_unknowns_empty_on_match () = 373 373 let wire = Protobuf.encode_string schema_v1 { a = 42l } in 374 374 match Protobuf.decode_with_unknowns_string schema_v1 wire with 375 375 | Error e -> Alcotest.fail (Protobuf.Error.to_string e) ··· 460 460 when a maliciously large length prefix is claimed. 461 461 ================================================================= *) 462 462 463 - let test_cve_2015_5237_huge_length () = 463 + let test_cve5237_huge_length () = 464 464 (* Tag 14 (str, length-delim), length 0xFFFFFFF (268 MiB), but only 465 465 two payload bytes follow. A naive decoder allocates 268 MiB before 466 466 realising the buffer is too short. *) ··· 472 472 | Error _ -> () 473 473 | Ok _ -> Alcotest.fail "CVE-2015-5237: huge length prefix must be rejected" 474 474 475 - let test_cve_2015_5237_overlong_varint () = 475 + let test_cve5237_overlong_varint () = 476 476 (* Varint with 11 continuation bytes. 64-bit values fit in 10. *) 477 477 let bad = "\x08" ^ "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x01" in 478 478 match Protobuf.decode_string test1_codec bad with 479 479 | Error _ -> () 480 480 | Ok _ -> Alcotest.fail "CVE-2015-5237: over-long varint must be rejected" 481 481 482 - let test_cve_2015_5237_truncated_tag () = 482 + let test_cve5237_truncated_tag () = 483 483 match Protobuf.decode_string test1_codec "\x80\x80\x80" with 484 484 | Error _ -> () 485 485 | Ok _ -> Alcotest.fail "CVE-2015-5237: truncated tag must be rejected" ··· 490 490 memory pressure. 491 491 ================================================================= *) 492 492 493 - let test_cve_2021_22569_many_small_groups () = 493 + let test_cve22569_many_small () = 494 494 (* Many repeated small fields should decode in linear memory, not 495 495 amplified. 10k unknown fields at unique tags. *) 496 496 let buf = Buffer.create (6 * 10_000) in ··· 512 512 fields. 513 513 ================================================================= *) 514 514 515 - let test_cve_2022_1941_all_unknown () = 515 + let test_cve1941_all_unknown () = 516 516 (* Emit a full [Test1] message; decode through [empty_codec] whose 517 517 schema has no fields. Every field is unknown. Decoder must not 518 518 crash. *) ··· 528 528 (deprecated 3/4) triggers long GC pauses. 529 529 ================================================================= *) 530 530 531 - let test_cve_2022_3171_group_wire_type () = 531 + let test_cve3171_group_wt3 () = 532 532 (* Wire type 3 is the deprecated `SGROUP` form. Modern protobuf 533 533 rejects it. *) 534 534 match Protobuf.decode_string test1_codec "\x0b\x00" with 535 535 | Error _ -> () 536 536 | Ok _ -> Alcotest.fail "CVE-2022-3171: wire type 3 must be rejected" 537 537 538 - let test_cve_2022_3171_group_wire_type_4 () = 538 + let test_cve3171_group_wt4 () = 539 539 (* Wire type 4 is the deprecated `EGROUP` form. Must be rejected at 540 540 tag-parse time regardless of field number. *) 541 541 match Protobuf.decode_string test1_codec "\x0c" with ··· 547 547 cause stack overflow in the parser. 548 548 ================================================================= *) 549 549 550 - let test_cve_2024_7254_deep_nesting_known () = 550 + let test_cve7254_deep_known () = 551 551 (* 200 levels of declared nested messages exceeds the 100-level 552 552 [max_depth] bound baked into the decoder. *) 553 553 let nest_codec : unit Protobuf.t = ··· 574 574 | Error _ -> () 575 575 | Ok () -> Alcotest.fail "CVE-2024-7254: 200-level nesting must be rejected" 576 576 577 - let test_cve_2024_7254_deep_nesting_unknown () = 577 + let test_cve7254_deep_unknown () = 578 578 (* Deeply nested length-delim fields that are UNKNOWN to the schema 579 579 are skipped at the outer level via [Wire.skip_field], which 580 580 advances past the body without recursing. No depth bound needed; ··· 597 597 through crafted length fields. 598 598 ================================================================= *) 599 599 600 - let test_cve_2024_47554_length_past_end () = 600 + let test_cve47554_length_past_end () = 601 601 (* Tag 14 (str), length 100, but only 2 bytes follow. *) 602 602 let bad = "\x72\x64ab" in 603 603 match Protobuf.decode_string test1_codec bad with 604 604 | Error _ -> () 605 605 | Ok _ -> Alcotest.fail "CVE-2024-47554: length past end must be rejected" 606 606 607 - let test_cve_2024_47554_packed_corrupt_body () = 607 + let test_cve47554_packed_bad () = 608 608 let packed_codec = 609 609 let open Protobuf.Message in 610 610 finish ··· 746 746 let hostile_cases : unit Alcotest.test_case list = 747 747 [ 748 748 Alcotest.test_case "CVE-2015-5237 huge length prefix" `Quick 749 - test_cve_2015_5237_huge_length; 749 + test_cve5237_huge_length; 750 750 Alcotest.test_case "CVE-2015-5237 over-long varint" `Quick 751 - test_cve_2015_5237_overlong_varint; 751 + test_cve5237_overlong_varint; 752 752 Alcotest.test_case "CVE-2015-5237 truncated tag" `Quick 753 - test_cve_2015_5237_truncated_tag; 753 + test_cve5237_truncated_tag; 754 754 Alcotest.test_case "CVE-2021-22569 many small groups" `Quick 755 - test_cve_2021_22569_many_small_groups; 755 + test_cve22569_many_small; 756 756 Alcotest.test_case "CVE-2022-1941 all-unknown schema" `Quick 757 - test_cve_2022_1941_all_unknown; 757 + test_cve1941_all_unknown; 758 758 Alcotest.test_case "CVE-2022-3171 group wire type 3" `Quick 759 - test_cve_2022_3171_group_wire_type; 759 + test_cve3171_group_wt3; 760 760 Alcotest.test_case "CVE-2022-3171 group wire type 4" `Quick 761 - test_cve_2022_3171_group_wire_type_4; 761 + test_cve3171_group_wt4; 762 762 Alcotest.test_case "CVE-2024-7254 deep known nesting" `Quick 763 - test_cve_2024_7254_deep_nesting_known; 763 + test_cve7254_deep_known; 764 764 Alcotest.test_case "CVE-2024-7254 deep unknown nesting" `Quick 765 - test_cve_2024_7254_deep_nesting_unknown; 765 + test_cve7254_deep_unknown; 766 766 Alcotest.test_case "CVE-2024-47554 length past end" `Quick 767 - test_cve_2024_47554_length_past_end; 767 + test_cve47554_length_past_end; 768 768 Alcotest.test_case "CVE-2024-47554 packed corrupt body" `Quick 769 - test_cve_2024_47554_packed_corrupt_body; 769 + test_cve47554_packed_bad; 770 770 Alcotest.test_case "reserved tag 0" `Quick test_reserved_tag_zero; 771 771 Alcotest.test_case "wire type mismatch" `Quick test_wire_type_mismatch; 772 772 Alcotest.test_case "empty input -> defaults" `Quick test_empty_input; ··· 803 803 Alcotest.test_case "unknown fields preserved" `Quick 804 804 test_unknown_fields_preserved; 805 805 Alcotest.test_case "unknowns empty when schema matches" `Quick 806 - test_unknowns_empty_when_schema_matches; 806 + test_unknowns_empty_on_match; 807 807 Alcotest.test_case "oneof: text case" `Quick test_oneof_text; 808 808 Alcotest.test_case "oneof: num case" `Quick test_oneof_num; 809 809 Alcotest.test_case "oneof: none -> empty wire" `Quick test_oneof_none;
+2 -2
test/test_wire.ml
··· 70 70 List.iter check 71 71 [ 0l; 1l; 127l; 128l; 150l; -1l; -128l; Int32.min_int; Int32.max_int ] 72 72 73 - let test_int32_negative_is_10_bytes () = 73 + let test_int32_neg_10_bytes () = 74 74 (* int32 -1 sign-extends to a 64-bit pattern, encoded as a 10-byte varint. *) 75 75 let buf = Buffer.create 10 in 76 76 Wire.write_int32 buf (-1l); ··· 161 161 Alcotest.test_case "tag field=0 rejected" `Quick test_tag_invalid; 162 162 Alcotest.test_case "int32 roundtrip" `Quick test_int32_roundtrip; 163 163 Alcotest.test_case "int32 negative = 10 bytes" `Quick 164 - test_int32_negative_is_10_bytes; 164 + test_int32_neg_10_bytes; 165 165 Alcotest.test_case "sint32 zig-zag" `Quick test_sint32_zigzag; 166 166 Alcotest.test_case "fixed32 little-endian" `Quick test_fixed32_le; 167 167 Alcotest.test_case "float roundtrip" `Quick test_float_roundtrip;