summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDr. Stephen Henson <steve@openssl.org>2016-10-14 12:02:12 +0100
committerMatt Caswell <matt@openssl.org>2016-11-10 13:04:05 +0000
commite9fcdd2e69052412e67cbbf6e8b5bdc5b545d364 (patch)
tree76c7337820f590b7da25ba3b8ede722296cb65a7
parent610b66267e41a32805ab54cbc580c5a6d5826cb4 (diff)
add test for CVE-2016-7053
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat
-rw-r--r--test/d2i-tests/bad-cms.der1
-rw-r--r--test/d2i_test.c4
-rw-r--r--test/recipes/25-test_d2i.t9
3 files changed, 12 insertions, 2 deletions
diff --git a/test/d2i-tests/bad-cms.der b/test/d2i-tests/bad-cms.der
new file mode 100644
index 0000000000..19cd3cc3f2
--- /dev/null
+++ b/test/d2i-tests/bad-cms.der
@@ -0,0 +1 @@
+0 *†H†÷   010 \ No newline at end of file
diff --git a/test/d2i_test.c b/test/d2i_test.c
index 8dbb8f14ec..32c0b0fb93 100644
--- a/test/d2i_test.c
+++ b/test/d2i_test.c
@@ -20,6 +20,7 @@
#include <openssl/err.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
+#include <openssl/cms.h>
#include "e_os.h"
static const ASN1_ITEM *item_type;
@@ -149,7 +150,8 @@ int main(int argc, char **argv)
ASN1_ITEM_ref(ASN1_ANY),
ASN1_ITEM_ref(X509),
ASN1_ITEM_ref(GENERAL_NAME),
- ASN1_ITEM_ref(ASN1_INTEGER)
+ ASN1_ITEM_ref(ASN1_INTEGER),
+ ASN1_ITEM_ref(CMS_ContentInfo)
};
static error_enum expected_errors[] = {
diff --git a/test/recipes/25-test_d2i.t b/test/recipes/25-test_d2i.t
index 9db0b2be45..e663534c4d 100644
--- a/test/recipes/25-test_d2i.t
+++ b/test/recipes/25-test_d2i.t
@@ -15,7 +15,7 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/;
setup("test_d2i");
-plan tests => 13;
+plan tests => 14;
ok(run(test(["d2i_test", "X509", "decode",
srctop_file('test','d2i-tests','bad_cert.der')])),
@@ -79,3 +79,10 @@ ok(run(test(["d2i_test", "ASN1_INTEGER", "decode",
ok(run(test(["d2i_test", "ASN1_INTEGER", "decode",
srctop_file('test','d2i-tests','bad-int-padminus1.der')])),
"Running d2i_test bad-int-padminus1.der INTEGER");
+
+# Invalid CMS structure with decode error in CHOICE value.
+# Test for CVE-2016-7053
+
+ok(run(test(["d2i_test", "CMS_ContentInfo", "decode",
+ srctop_file('test','d2i-tests','bad-cms.der')])),
+ "Running d2i_test bad-cms.der CMS ContentInfo");
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-24 08:18:02 +0000