summaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAgeFilesLines
...
* Fix possible stack overflow in date parsing routineMichael Budde2019-01-261-0/+9
| | | | | | | | | | | | | | | It is possible to create a stack overflow by giving a date that is longer than the buffer that is used during date parsing because the length of the input string is not checked. The `VERIFY` macro is only enabled when debug-mode is enabled and the `--verify-memory` argument is used. Prevent the issue by always checking the input string length and discarding dates that does not fit in the buffer as invalid. This issue has been assigned CVE-2017-12482. Fixes #1224
* Merge pull request #1743 from scfc/move-garbage-dat-to-test-using-itJohn Wiegley2019-01-252-30/+30
|\ | | | | Move garbage-input.dat to test case using it
| * Move garbage-input.dat to test case using itTim Landscheidt2019-01-222-30/+30
| |
* | Merge pull request #1744 from scfc/do-not-set-dependencies-for-target-checkJohn Wiegley2019-01-252-7/+0
|\ \ | | | | | | Do not set dependencies for target check
| * | Do not set dependencies for target checkTim Landscheidt2019-01-222-7/+0
| |/ | | | | | | | | | | The set_target_properties() commands themselves do not cause the tests to run if the target check is made, and as the target check executes ctest, all tests will be run anyway.
* / Ignore null deferred postingsMichael Budde2019-01-231-0/+5
|/ | | | | | | | | | | | | | | | | | All-null transactions (i.e. a transaction where all postings have a null amount) are discarded during parsing and the `xact` object is free'd. But if the transaction contains a deferred posting this results in a use-after-free vulnerability because a reference to the deferred posting is stored in the account object which is later read when deferred postings are applied after parsing is finished. Ignore null deferred postings to prevent this – they should not have any effect any way. Thanks to Cory Duplantis for reporting this issue and providing an initial analysis. Ref TALOS-2017-0304, CVE-2017-2808 Fixes #1723
* Fix parsing issue involving effective datesMartin Michlmayr2019-01-151-0/+12
| | | | | | | | | | | | | | | | | Cory Duplantis reported that "A specially crafted journal file can cause [an] integer underflow resulting in code execution". Cory provided this test case: Expenses:Food:Groceries $ 37.50 ; ] [=2004/01/01] Note the ] that comes before [ after the ;. This issue was reported and described in great detail by Cory Duplantis of Cisco Talos. This issue is known as TALOS-2017-0303 and has been assigned CVE-2017-2807. Cory's description can be found at https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0303 Fixes #1722
* Add test case for issue #1703Martin Michlmayr2019-01-121-0/+11
| | | | | Add a test case for issue #1703 which John Wiegley fixed in commit 56025cde ("Don't attempt to invert a value if it's already zero").
* Merge remote-tracking branch 'origin/master' into nextJohn Wiegley2018-07-191-0/+18
|\
| * Add parse error testManuel Amador (Rudd-O)2016-02-081-0/+18
| |
* | Add the test to make sure it works in the future.Pascal Fleury2018-07-181-0/+36
| |
* | Remove TOK_A_YEAR tokenChristoph Dittmann2018-06-103-2/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes #1626. The tokenizer eagerly classifies 4-digit integers as TOK_A_YEAR tokens. In some contexts such as "every 1000 years", this causes errors. I think the tokenizer does not have enough information available to distinguish between integers and years. After this patch, the tokenizer will always classify integers as TOK_INT tokens. The "has 4 digits" heuristic to determine if an integer is a year is moved to the place where it's actually needed (and it can be slightly more generic there, too).
* | Make automated transactions work with assertionsChristoph Dittmann2018-06-091-0/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes issue #1127. In my understanding, PR #552 was meant to fix this, but was incomplete. Without this patch, automated transactions are invisible to assertions. This patch fixes this by adding a flag to the account to tell it that there is a new posting, analogous to the behavior of finalize(). I dug up issue #1127 too late to find that this is the same solution proposed by @tbm. Although I wrote this independently, credit goes to Martin Michlmayr (@tbm).
* | budget_posts: Keep pending items until the last day they applysmr8942018-04-041-0/+79
| |
* | Merge pull request #519 from mbudde/accounts-prepend-formatJohn Wiegley2018-01-272-0/+10
|\ \ | | | | | | Add support for --prepend-format in accounts command
| * | Add support for --prepend-format in accounts commandMichael Budde2018-01-252-0/+10
| | | | | | | | | | | | | | | Add support for the `--prepend-format` and `--prepend-width` options in the `accounts` command.
* | | Merge pull request #521 from mbudde/fix-trimAlexis Hildebrandt2018-01-271-0/+33
|\ \ \ | | | | | | | | Fix handling of edge cases in trim function
| * | | Fix handling of edge cases in trim functionMichael Budde2018-01-251-0/+33
| |/ / | | | | | | | | | Fixes #520
* / / [misc] Update year in copyright notice to 2017Alexis Hildebrandt2018-01-271-1/+1
|/ / | | | | | | [ci skip]
* | Fix segfault when using --market with --group-byMichael Budde2018-01-041-0/+26
| | | | | | | | | | | | | | | | | | | | | | `changed_value_posts::create_accounts()` reuses the `<Revalued>` account from `display_filter`, but when clearing `changed_value_posts` `create_accounts()` would be called before the account had been recreated by `display_filter_posts`. This results in a segfault when using the --group-by option. I'm not sure if `display_filter_posts` has the same problem but I reordered the calls there too for good measure.
* | Merge pull request #494 from jjlee/fix-totalJohn Wiegley2017-10-262-0/+58
|\ \ | | | | | | Fix bug where .total used in value exprs breaks totals
| * | Fix bug where .total used in value exprs breaks totalsJohn Lee2017-10-262-0/+58
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Re-initialize (to VOID) totals for the account and its ancestors on adding postings. Otherwise the cache intended for use by recursive calls of C++ function total() in computing family (i.e. account hierarchy) totals is incorrectly retained from one top-level call to the next, causing inconsistent and broken behaviour. * Re-initialize (to false) calculated and gathered. Otherwise we won't e.g. recalculate stale totals for ancestor accounts (e.g. won't recalculate Assets:Savings total if Assets:Savings changes via a posting). Although the value expression total function is used by ledger itself in computing totals, this bug would only appear on use of .total in user-supplied value expressions computed *during parsing* of ledger files, rather than after parsing (I believe ledger only ever calls it for internal purposes after parsing is complete). It is possible this bug also affected other functions than total (perhaps even in circumstances other than analagous to that described in the preceding paragraph). I have not checked that.
* | | Merge pull request #484 from mk12/bug-1182-ptrJohn Wiegley2017-10-262-0/+29
|\ \ \ | |/ / |/| | Fix Bug 1182: Error message for parse failure after '='
| * | Print error message if parsing predicate after '='Mitchell Kember2016-12-202-0/+29
| | |
* | | typo in docsAlexander Pletnev2017-01-271-1/+1
| | | | | | | | | | | | fix test
* | | Merge pull request #477 from thdox/bug-584-550thdox2017-01-161-0/+18
|\ \ \ | | | | | | | | Add regress test for bugs 550 and 584
| * | | Add regress test for bugs 550 and 584thdox2017-01-051-0/+18
| | | |
* | | | Merge pull request #476 from thdox/bug-1055thdox2017-01-161-0/+26
|\ \ \ \ | | | | | | | | | | Add regress test for bug 1055
| * | | | Add regress test for bug 1055thdox2017-01-051-0/+26
| |/ / /
* / / / Add regress test for bug 1132thdox2017-01-051-0/+16
|/ / /
* / / [misc] Update year in copyright notice to 2017Alexis Hildebrandt2017-01-051-1/+1
|/ / | | | | | | [ci skip]
* | Don't explicitly reference test file in 1057.testJohn Wiegley2016-11-131-1/+1
| |
* | Update cmd-tags.test for fix for bug #1043Martin Michlmayr2016-11-121-0/+3
| |
* | Add test for --color optionthdox2016-10-271-0/+11
| |
* | Add another test to opt-force-color.testthdox2016-10-271-0/+8
| | | | | | | | | | To verify that no ANSI color codes are printed when the --force-color option is not set.
* | --force-color is now tested in CheckBaselinetests.pythdox2016-10-272-1/+0
| |
* | --force-color does not require anymore --color.thdox2016-10-272-2/+2
| | | | | | | | This was reported as Bug #1109
* | Fix bug 1187: Allow balance assertions with multiple posts to same accountMitchell Kember2016-10-074-0/+105
| |
* | Merge pull request #469 from schmave/win-383John Wiegley2016-10-021-1/+1
|\ \ | | | | | | Fix regress test 383 on Windows
| * | Fix regress test 383 on WindowsEvan Mallory2016-10-021-1/+1
| | | | | | | | | | | | %g is not available in Windows strftime. See documentation at https://msdn.microsoft.com/en-us/library/fe06s4ak.aspx
* | | Merge pull request #468 from Vanav/cygwin_fixJohn Wiegley2016-10-021-1/+1
|\ \ \ | |/ / |/| | Fix build under Cygwin
| * | Fix build under Cygwin.Ivan Vanyushkin2016-09-291-1/+1
| | |
* | | Fix test harness to work with msys2Evan Mallory2016-09-234-4/+36
|/ / | | | | | | | | | | With this change, 97% of the tests pass. See the build on appveyor for more info: https://ci.appveyor.com/project/Evan/ledger/build/build-49 I'll follow up with another PR to fix some of the remaining broken tests
* | Fix build under msys32; add Appveyor continuous buildEvan Mallory2016-09-171-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | * Appveyor is a continuous integration platform for Windows that is free for open source projects. See latest test build here: https://ci.appveyor.com/project/Evan/ledger/build/artifacts * Changed WIN32 to _WIN32 because this article http://nadeausoftware.com/articles/2012/01/c_c_tip_how_use_compiler_predefined_macros_detect_operating_system claims that it is defined by the greatest number of compilers. * Modified HAVE_ISATTY and other system defines so that system.hh compiles when cmake fails to find the relevant function. * Add missing include in test/unit/t_value.cc Almost all tests fail when you run them on msys32. I will address that in a future PR.
* | Fix Bug 1147: Check balance assertions against the amount AFTERMitchell Kember2016-03-224-3/+25
| |
* | Merge pull request #449 from ppickfor/nextJohn Wiegley2016-03-141-0/+29
|\ \ | | | | | | Use interval start date (period from/since) to initialize first period.
| * | Periods should be initialized from from/since clause rather than earliest ↵Peter Pickford2016-03-091-0/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | transaction date Bug 1159 Use interval start date (period from/since) to initialize first period. This allows the offset of a period start to be specified -p 'every 12 months from 2000-04-01' will have periods yyyy-04-01 to yyyy-03-31 .... If no from/since is specified for the period the first transaction date reported is used to initialize the period as before. added test case regress/1159.test
* | | days - do not stabalize periods spacified in daysPeter Pickford2016-03-135-0/+532
|/ / | | | | | | | | | | | | | | weeks - calculate start date for finding period using remainer 400/periodlength to reduce number of iterations (perhaps this ought to follow the same conventio as years months and quarters) add sample period command tests add add day period tests for forecasts and budgets add week period tests for forecasts and budgets - these do not change
* | Fix test suite failureMartin Michlmayr2016-02-161-1/+1
| | | | | | | | | | I'm sure I used $FILE for the final version but I must have committed an old version.
* | Increase maximum length for regexMartin Michlmayr2016-02-151-0/+28
| | | | | | | | Fixes bug #981