diff options
author | Matt Caswell <matt@openssl.org> | 2022-12-13 15:02:26 +0000 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2023-02-03 11:22:47 +0100 |
commit | 2bd611267868a008afa576846ba71566bd0d4d15 (patch) | |
tree | f4a0712674e64de832d6a200cb8c6e343c949692 | |
parent | bbcf509bd046b34cca19c766bbddc31683d0858b (diff) |
Add a test for CVE-2022-4450
Call PEM_read_bio_ex() and expect a failure. There should be no dangling
ptrs and therefore there should be no double free if we free the ptrs on
error.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
-rw-r--r-- | test/pemtest.c | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/test/pemtest.c b/test/pemtest.c index 3203d976be..edeb0a1205 100644 --- a/test/pemtest.c +++ b/test/pemtest.c @@ -83,9 +83,39 @@ static int test_invalid(void) return 1; } +static int test_empty_payload(void) +{ + BIO *b; + static char *emptypay = + "-----BEGIN CERTIFICATE-----\n" + "-\n" /* Base64 EOF character */ + "-----END CERTIFICATE-----"; + char *name = NULL, *header = NULL; + unsigned char *data = NULL; + long len; + int ret = 0; + + b = BIO_new_mem_buf(emptypay, strlen(emptypay)); + if (!TEST_ptr(b)) + return 0; + + /* Expected to fail because the payload is empty */ + if (!TEST_false(PEM_read_bio_ex(b, &name, &header, &data, &len, 0))) + goto err; + + ret = 1; + err: + OPENSSL_free(name); + OPENSSL_free(header); + OPENSSL_free(data); + BIO_free(b); + return ret; +} + int setup_tests(void) { ADD_ALL_TESTS(test_b64, OSSL_NELEM(b64_pem_data)); ADD_TEST(test_invalid); + ADD_TEST(test_empty_payload); return 1; } |