diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2016-04-23 13:52:43 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-05-03 13:06:15 +0100 |
commit | 106cb9505746ddb69dc07ef45232084e620940ec (patch) | |
tree | f3c1f2380d64cd2a3a4846a24bfb2fd4ee47a66b /test | |
parent | d7ab691bc479d3cf2eea07329db6ce0e2589f0b9 (diff) |
Add test for CVE-2016-2018
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Diffstat (limited to 'test')
-rw-r--r-- | test/d2i-tests/high_tag.der | bin | 0 -> 6 bytes | |||
-rw-r--r-- | test/recipes/25-test_d2i.t | 11 |
2 files changed, 10 insertions, 1 deletions
diff --git a/test/d2i-tests/high_tag.der b/test/d2i-tests/high_tag.der Binary files differnew file mode 100644 index 0000000000..5c523ecde5 --- /dev/null +++ b/test/d2i-tests/high_tag.der diff --git a/test/recipes/25-test_d2i.t b/test/recipes/25-test_d2i.t index 9e1a643aaf..d50de0431b 100644 --- a/test/recipes/25-test_d2i.t +++ b/test/recipes/25-test_d2i.t @@ -15,7 +15,7 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/; setup("test_d2i"); -plan tests => 3; +plan tests => 4; ok(run(test(["d2i_test", "X509", "decode", srctop_file('test','d2i-tests','bad_cert.der')])), @@ -28,3 +28,12 @@ ok(run(test(["d2i_test", "GENERAL_NAME", "decode", ok(run(test(["d2i_test", "ASN1_ANY", "BIO", srctop_file('test','d2i-tests','bad_bio.der')])), "Running d2i_test bad_bio.der"); +# This test checks CVE-2016-2108. The data consists of an tag 258 and +# two zero content octets. This is parsed as an ASN1_ANY type. If the +# type is incorrectly interpreted as an ASN.1 INTEGER the two zero content +# octets will be reject as invalid padding and this test will fail. +# If the type is correctly interpreted it will by treated as an ASN1_STRING +# type and the content octets copied verbatim. +ok(run(test(["d2i_test", "ASN1_ANY", "OK", + srctop_file('test','d2i-tests','high_tag.der')])), + "Running d2i_test high_tag.der"); |