From 20fda2f8a6b53b19a92694721b1ff488af4e9b4f Mon Sep 17 00:00:00 2001 From: Facundo Lerena Date: Thu, 30 Nov 2023 17:08:10 -0300 Subject: [PATCH] Added unsafe-block test case --- .../remediated-example/Cargo.toml | 30 +++++++++++++ .../remediated-example/src/lib.rs | 35 ++++++++++++++++ .../vulnerable-example/Cargo.toml | 30 +++++++++++++ .../vulnerable-example/src/lib.rs | 42 +++++++++++++++++++ 4 files changed, 137 insertions(+) create mode 100644 test-cases/unsafe-block/unsafe-block-1/remediated-example/Cargo.toml create mode 100644 test-cases/unsafe-block/unsafe-block-1/remediated-example/src/lib.rs create mode 100644 test-cases/unsafe-block/unsafe-block-1/vulnerable-example/Cargo.toml create mode 100644 test-cases/unsafe-block/unsafe-block-1/vulnerable-example/src/lib.rs diff --git a/test-cases/unsafe-block/unsafe-block-1/remediated-example/Cargo.toml b/test-cases/unsafe-block/unsafe-block-1/remediated-example/Cargo.toml new file mode 100644 index 00000000..bb179332 --- /dev/null +++ b/test-cases/unsafe-block/unsafe-block-1/remediated-example/Cargo.toml @@ -0,0 +1,30 @@ +[package] +name = "unsafe-block-1-remediated" +version = "0.1.0" +edition = "2021" + +[lib] +crate-type = ["cdylib"] + +[dependencies] +soroban-sdk = { version = "20.0.0-rc2" } + +[dev_dependencies] +soroban-sdk = { version = "20.0.0-rc2", features = ["testutils"] } + +[features] +testutils = ["soroban-sdk/testutils"] + +[profile.release] +opt-level = "z" +overflow-checks = true +debug = 0 +strip = "symbols" +debug-assertions = false +panic = "abort" +codegen-units = 1 +lto = true + +[profile.release-with-logs] +inherits = "release" +debug-assertions = true diff --git a/test-cases/unsafe-block/unsafe-block-1/remediated-example/src/lib.rs b/test-cases/unsafe-block/unsafe-block-1/remediated-example/src/lib.rs new file mode 100644 index 00000000..318b3bee --- /dev/null +++ b/test-cases/unsafe-block/unsafe-block-1/remediated-example/src/lib.rs @@ -0,0 +1,35 @@ +#![no_std] +use soroban_sdk::{contract, contractimpl}; +#[contract] +pub struct UnsafeBlock; +#[contractimpl] +impl UnsafeBlock { + pub fn unsafe_function(n: u64) -> u64 { + let mut i = n as f64; + let mut y = i.to_bits(); + y = 0x5fe6ec85e7de30da - (y >> 1); + i = f64::from_bits(y); + i *= 1.5 - 0.5 * n as f64 * i * i; + i *= 1.5 - 0.5 * n as f64 * i * i; + i.to_bits() + } +} +#[cfg(test)] +mod tests { + use crate::UnsafeBlock; + #[test] + fn test_unsafe_block() { + let test_value = 8; + let result = UnsafeBlock::unsafe_function(test_value); + let inverse = inverse_square_root_without_unsafe(test_value); + + assert_eq!((inverse - result) / inverse, 0); + assert_eq!((inverse - result) / result, 0); + + } + + fn inverse_square_root_without_unsafe(n: u64) -> u64 { + (1.0 / (n as f64).sqrt()).to_bits() + + } +} diff --git a/test-cases/unsafe-block/unsafe-block-1/vulnerable-example/Cargo.toml b/test-cases/unsafe-block/unsafe-block-1/vulnerable-example/Cargo.toml new file mode 100644 index 00000000..ea66134e --- /dev/null +++ b/test-cases/unsafe-block/unsafe-block-1/vulnerable-example/Cargo.toml @@ -0,0 +1,30 @@ +[package] +name = "unsafe-block-1-vulnerable" +version = "0.1.0" +edition = "2021" + +[lib] +crate-type = ["cdylib"] + +[dependencies] +soroban-sdk = { version = "20.0.0-rc2" } + +[dev_dependencies] +soroban-sdk = { version = "20.0.0-rc2", features = ["testutils"] } + +[features] +testutils = ["soroban-sdk/testutils"] + +[profile.release] +opt-level = "z" +overflow-checks = true +debug = 0 +strip = "symbols" +debug-assertions = false +panic = "abort" +codegen-units = 1 +lto = true + +[profile.release-with-logs] +inherits = "release" +debug-assertions = true diff --git a/test-cases/unsafe-block/unsafe-block-1/vulnerable-example/src/lib.rs b/test-cases/unsafe-block/unsafe-block-1/vulnerable-example/src/lib.rs new file mode 100644 index 00000000..6e580f33 --- /dev/null +++ b/test-cases/unsafe-block/unsafe-block-1/vulnerable-example/src/lib.rs @@ -0,0 +1,42 @@ +#![no_std] +use soroban_sdk::{contract, contractimpl}; +#[contract] +pub struct UnsafeBlock; +#[contractimpl] +impl UnsafeBlock { + pub fn unsafe_function(n: u64) -> u64 { + unsafe { + let mut i = n as f64; + let mut y = i.to_bits(); + y = 0x5fe6ec85e7de30da - (y >> 1); + i = f64::from_bits(y); + i *= 1.5 - 0.5 * n as f64 * i * i; + i *= 1.5 - 0.5 * n as f64 * i * i; + + let result_ptr: *mut f64 = &mut i; + let result = *result_ptr; + + result.to_bits() + } + } + +} +#[cfg(test)] +mod tests { + use crate::UnsafeBlock; + #[test] + fn test_unsafe_block() { + let test_value = 8; + let result = UnsafeBlock::unsafe_function(test_value); + let inverse = inverse_square_root_without_unsafe(test_value); + + assert_eq!((inverse - result) / inverse, 0); + assert_eq!((inverse - result) / result, 0); + + } + + fn inverse_square_root_without_unsafe(n: u64) -> u64 { + (1.0 / (n as f64).sqrt()).to_bits() + + } +}