diff options
| author | Matt Caswell <matt@openssl.org> | 2018-04-18 14:22:36 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2018-04-19 08:57:45 +0100 |
| commit | 0e80714fb8175a7c059668e9fab25e4b26a3dae6 (patch) | |
| tree | 1e5b85bce15e714c3fe05126a7d2269fbf31f8d3 /test | |
| parent | c02a03bff851cd17c51812643cd1964b7da007f3 (diff) | |
Add a test for a NULL X509_STORE in X509_STORE_CTX_init
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6002)
Diffstat (limited to 'test')
| -rw-r--r-- | test/verify_extra_test.c | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/test/verify_extra_test.c b/test/verify_extra_test.c index cc05bc2ef1..e0dccfb925 100644 --- a/test/verify_extra_test.c +++ b/test/verify_extra_test.c @@ -137,6 +137,43 @@ static int test_alt_chains_cert_forgery(const char *roots_f, return ret; } +static int test_store_ctx(const char *bad_f) +{ + X509_STORE_CTX *sctx = NULL; + X509 *x = NULL; + BIO *bio = NULL; + int testresult = 0, ret; + + bio = BIO_new_file(bad_f, "r"); + if (bio == NULL) + goto err; + + x = PEM_read_bio_X509(bio, NULL, 0, NULL); + if (x == NULL) + goto err; + + sctx = X509_STORE_CTX_new(); + if (sctx == NULL) + goto err; + + if (!X509_STORE_CTX_init(sctx, NULL, x, NULL)) + goto err; + + /* Verifying a cert where we have no trusted certs should fail */ + ret = X509_verify_cert(sctx); + + if (ret == 0) { + /* This is the result we were expecting: Test passed */ + testresult = 1; + } + + err: + X509_STORE_CTX_free(sctx); + X509_free(x); + BIO_free(bio); + return testresult; +} + int main(int argc, char **argv) { CRYPTO_set_mem_debug(1); @@ -152,6 +189,11 @@ int main(int argc, char **argv) return 1; } + if (!test_store_ctx(argv[3])) { + fprintf(stderr, "Test X509_STORE_CTX failed\n"); + return 1; + } + #ifndef OPENSSL_NO_CRYPTO_MDEBUG if (CRYPTO_mem_leaks_fp(stderr) <= 0) return 1; |