Add unit tests for NTLMv1 portable implementation

net/http/http_auth_handler_ntlm_portable.cc

Index: net/http/http_auth_handler_ntlm_portable.cc
diff --git a/net/http/http_auth_handler_ntlm_portable.cc b/net/http/http_auth_handler_ntlm_portable.cc
index 1f590a0ea832979b22fa61dc98fd91af7301684b..518733c64f7cdef14b7278aa569d7ce568797fc8 100644
--- a/net/http/http_auth_handler_ntlm_portable.cc
+++ b/net/http/http_auth_handler_ntlm_portable.cc
@@ -19,8 +19,8 @@
 #include "base/strings/utf_string_conversions.h"
 #include "net/base/net_errors.h"
 #include "net/base/network_interfaces.h"
-#include "net/http/des.h"
-#include "net/http/md4.h"
+#include "net/ntlm/des.h"
+#include "net/ntlm/md4.h"
 
 namespace net {
 
@@ -363,11 +363,19 @@ static int ParseType2Msg(const void* in_buf, uint32_t in_len, Type2Msg* msg) {
   uint32_t offset = ReadUint32(cursor);  // get offset from in_buf
   msg->target_len = 0;
   msg->target = NULL;
-  // Check the offset / length combo is in range of the input buffer, including
-  // integer overflow checking.
-  if (offset + target_len > offset && offset + target_len <= in_len) {
-    msg->target_len = target_len;
-    msg->target = ((const uint8_t*)in_buf) + offset;
+
+  // Target length 0 is valid and indicates no target information.
+  if (target_len != 0) {
+    // Check the offset / length combo is in range of the input buffer,
+    // including integer overflow checking.
+    if (offset + target_len > offset && offset + target_len <= in_len) {

[Ryan Sleevi, 2017/07/12 17:56:38]

if (target_len <= in_len && in_len - offset >= target_len) ?

[asanka, 2017/07/13 17:26:13]

Ping

[zentaro, 2017/07/13 17:36:20]

Sorry. I didn't see this one.

Changed it. Though this code was always here. Plus it's about to get deleted :)

+      msg->target_len = target_len;
+      msg->target = ((const uint8_t*)in_buf) + offset;
+    } else {
+      // Reject a message with a non-zero target length that
+      // would cause an overflow.
+      return ERR_UNEXPECTED;
+    }
   }
 
   // read flags