From d6b42fd9ec2b9386fb45f6b2ff19b54197dd16fb Mon Sep 17 00:00:00 2001
From: Roman Khabibov <roman.habibov@tarantool.org>
Date: Thu, 21 Feb 2019 15:13:36 +0300
Subject: [PATCH] socket: throw error when size is negative in read()/sysread()

Replace assert in socket:read() and add a check in socket:sysread()
when the size is negative.

Closes #3979
---
 src/lua/socket.lua       |  8 +++++++-
 test/app/socket.result   | 17 +++++++++++++++++
 test/app/socket.test.lua |  7 +++++++
 3 files changed, 31 insertions(+), 1 deletion(-)

diff --git a/src/lua/socket.lua b/src/lua/socket.lua
index 7f9b40fb11..b2700e0c0e 100644
--- a/src/lua/socket.lua
+++ b/src/lua/socket.lua
@@ -284,6 +284,9 @@ local function socket_sysread(self, arg1, arg2)
     end
 
     local size = arg1 or buffer.READAHEAD
+    if size < 0 then
+        error('socket:sysread(): size can not be negative')
+    end
 
     local buf = buffer.IBUF_SHARED
     buf:reset()
@@ -655,7 +658,10 @@ local function check_delimiter(self, limit, eols)
 end
 
 local function read(self, limit, timeout, check, ...)
-    assert(limit >= 0)
+    if limit < 0 then
+        error('socket:read(): limit can not be negative')
+    end
+
     limit = math.min(limit, LIMIT_INFINITY)
     local rbuf = self.rbuf
     if rbuf == nil then
diff --git a/test/app/socket.result b/test/app/socket.result
index 1209ec2181..4c92f157ef 100644
--- a/test/app/socket.result
+++ b/test/app/socket.result
@@ -517,6 +517,23 @@ sc:writable()
 ---
 - true
 ...
+-- gh-3979 Check for errors when argument is negative.
+sc:read(-1)
+---
+- error: 'builtin/socket.lua: socket:read(): limit can not be negative'
+...
+sc:sysread(-1)
+---
+- error: 'builtin/socket.lua: socket:sysread(): size can not be negative'
+...
+sc:read(-100)
+---
+- error: 'builtin/socket.lua: socket:read(): limit can not be negative'
+...
+sc:sysread(-100)
+---
+- error: 'builtin/socket.lua: socket:sysread(): size can not be negative'
+...
 sc:send('abc')
 ---
 - 3
diff --git a/test/app/socket.test.lua b/test/app/socket.test.lua
index 9901352b18..462eacf4bf 100644
--- a/test/app/socket.test.lua
+++ b/test/app/socket.test.lua
@@ -159,6 +159,13 @@ type(sa:read(0))
 sa:read(1, .01)
 sc:writable()
 
+-- gh-3979 Check for errors when argument is negative.
+
+sc:read(-1)
+sc:sysread(-1)
+sc:read(-100)
+sc:sysread(-100)
+
 sc:send('abc')
 sa:read(3)
 
-- 
GitLab