Project

General

Profile

Actions

Bug #4962

closed

ndncert-client: insufficient input validation

Added by Davide Pesavento over 5 years ago. Updated about 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Start date:
Due date:
% Done:

100%

Estimated time:

Description

I can crash ndncert-client interactive procedure with a large variety of inputs. This is not very user friendly.

Some inputs I found so far (note that the crash reasons are all different from each other)

***************************************
Index: 0
CA prefix:/ndn/edu/ucla-ndncert
Introduction: NDN Testbed CA
***************************************
Step 0: Please type in the CA INDEX that you want to apply or type in NONE if your expected CA is not in the list
1
Segmentation fault (core dumped)
***************************************
Index: 0
CA prefix:/ndn/edu/ucla-ndncert
Introduction: NDN Testbed CA
***************************************
Step 0: Please type in the CA INDEX that you want to apply or type in NONE if your expected CA is not in the list
-1
terminate called after throwing an instance of 'std::length_error'
  what():  basic_string::_M_create
Aborted (core dumped)
***************************************
Index: 0
CA prefix:/ndn/edu/ucla-ndncert
Introduction: NDN Testbed CA
***************************************
Step 0: Please type in the CA INDEX that you want to apply or type in NONE if your expected CA is not in the list
foo
terminate called after throwing an instance of 'std::invalid_argument'
  what():  stoi
Aborted (core dumped)
***************************************
Index: 0
CA prefix:/ndn/edu/ucla-ndncert
Introduction: NDN Testbed CA
***************************************
Step 0: Please type in the CA INDEX that you want to apply or type in NONE if your expected CA is not in the list
NONE
Step 1: Please type in the CA Name
Got NACK
***************************************
Index: 0
CA prefix:/ndn/edu/ucla-ndncert
Introduction: NDN Testbed CA
***************************************
Step 0: Please type in the CA INDEX that you want to apply or type in NONE if your expected CA is not in the list
0
Step 1: Please provide information for name assignment
Please provide the argument: email : 
foo@bar.com
Got it. This is what you've provided:
email : foo@bar.com
If everything is right, please type in OK; otherwise, type in REDO
foo
Got NACK

(I'm not sure about the last two, could be a different bug)

Actions

Also available in: Atom PDF