diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2016-10-14 12:02:12 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-11-10 13:04:05 +0000 |
commit | e9fcdd2e69052412e67cbbf6e8b5bdc5b545d364 (patch) | |
tree | 76c7337820f590b7da25ba3b8ede722296cb65a7 | |
parent | 610b66267e41a32805ab54cbc580c5a6d5826cb4 (diff) |
add test for CVE-2016-7053
Reviewed-by: Richard Levitte <levitte@openssl.org>
-rw-r--r-- | test/d2i-tests/bad-cms.der | 1 | ||||
-rw-r--r-- | test/d2i_test.c | 4 | ||||
-rw-r--r-- | test/recipes/25-test_d2i.t | 9 |
3 files changed, 12 insertions, 2 deletions
diff --git a/test/d2i-tests/bad-cms.der b/test/d2i-tests/bad-cms.der new file mode 100644 index 0000000000..19cd3cc3f2 --- /dev/null +++ b/test/d2i-tests/bad-cms.der @@ -0,0 +1 @@ +0 *†H†÷
010
\ No newline at end of file diff --git a/test/d2i_test.c b/test/d2i_test.c index 8dbb8f14ec..32c0b0fb93 100644 --- a/test/d2i_test.c +++ b/test/d2i_test.c @@ -20,6 +20,7 @@ #include <openssl/err.h> #include <openssl/x509.h> #include <openssl/x509v3.h> +#include <openssl/cms.h> #include "e_os.h" static const ASN1_ITEM *item_type; @@ -149,7 +150,8 @@ int main(int argc, char **argv) ASN1_ITEM_ref(ASN1_ANY), ASN1_ITEM_ref(X509), ASN1_ITEM_ref(GENERAL_NAME), - ASN1_ITEM_ref(ASN1_INTEGER) + ASN1_ITEM_ref(ASN1_INTEGER), + ASN1_ITEM_ref(CMS_ContentInfo) }; static error_enum expected_errors[] = { diff --git a/test/recipes/25-test_d2i.t b/test/recipes/25-test_d2i.t index 9db0b2be45..e663534c4d 100644 --- a/test/recipes/25-test_d2i.t +++ b/test/recipes/25-test_d2i.t @@ -15,7 +15,7 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/; setup("test_d2i"); -plan tests => 13; +plan tests => 14; ok(run(test(["d2i_test", "X509", "decode", srctop_file('test','d2i-tests','bad_cert.der')])), @@ -79,3 +79,10 @@ ok(run(test(["d2i_test", "ASN1_INTEGER", "decode", ok(run(test(["d2i_test", "ASN1_INTEGER", "decode", srctop_file('test','d2i-tests','bad-int-padminus1.der')])), "Running d2i_test bad-int-padminus1.der INTEGER"); + +# Invalid CMS structure with decode error in CHOICE value. +# Test for CVE-2016-7053 + +ok(run(test(["d2i_test", "CMS_ContentInfo", "decode", + srctop_file('test','d2i-tests','bad-cms.der')])), + "Running d2i_test bad-cms.der CMS ContentInfo"); |