commit 8c4332a53d8fee66f0cfd8680f9254e02fcb6053
author Kasun Athukorala <kasunath@google.com> Tue Jul 15 06:17:01 2025 +0000
committer Kasun Athukorala <kasunath@google.com> Tue Jul 15 17:22:23 2025 +0000
tree 4d6173568ceda0a724191be6386dda1911e49c54
parent 7c1be8ddd11a0ae7936cd5afc2c58c11735f88f3

Verify dictionary property name length

This change verifies the dictionary property name length.

Tested:
Unit tested

Signed-off-by: Kasun Athukorala <kasunath@google.com>
Change-Id: I65f19d5bb1b8c9f838e427fd6d8ba17e2886bf9a

test/bej_dictionary_test.cpp

diff --git a/test/bej_dictionary_test.cpp b/test/bej_dictionary_test.cpp
index 60b2d03..b54cab8 100644
--- a/test/bej_dictionary_test.cpp
+++ b/test/bej_dictionary_test.cpp
@@ -104,4 +104,31 @@
                 bejErrorInvalidPropertyOffset);
 }
 
+TEST(BejDictionaryTest, InvalidPropertyNameLength)
+{
+    // Make a copy of the dummySimpleDict.
+    std::vector<uint8_t> modifiedDictionary = {dummySimpleDict.begin(),
+                                               dummySimpleDict.end()};
+
+    // Find a property and modify its nameLength to be out of bounds.
+    struct BejDictionaryHeader* header =
+        (struct BejDictionaryHeader*)modifiedDictionary.data();
+
+    ASSERT_GE(header->entryCount, 1);
+    struct BejDictionaryProperty* property =
+        (struct BejDictionaryProperty*)(modifiedDictionary.data() +
+                                        sizeof(BejDictionaryHeader));
+
+    // Increase the nameLength to go beyond the dictionary size.
+    property->nameLength = 255;
+
+    // Now try to get this property by sequence number; it should fail due to
+    // the invalid name length.
+    const struct BejDictionaryProperty* retrievedProperty = nullptr;
+    EXPECT_EQ(bejDictGetProperty(modifiedDictionary.data(),
+                                 bejDictGetPropertyHeadOffset(),
+                                 property->sequenceNumber, &retrievedProperty),
+              bejErrorInvalidSize);
+}
+
 } // namespace libbej