diff options
author | Viliam Lejčík <lejcik@gmail.com> | 2024-02-19 21:39:05 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2024-03-25 18:26:24 +0100 |
commit | a4cbffcd8998180b98bb9f7ce6065ed37d079d8b (patch) | |
tree | f37869b64e67b54d8d516e8233e8732099f5d0c0 /test | |
parent | 87e747000fef07c9ec43877bc5e9f2ca34f76a3b (diff) |
Add NULL check before accessing PKCS7 encrypted algorithm
Printing content of an invalid test certificate causes application crash, because of NULL dereference:
user@user:~/openssl$ openssl pkcs12 -in test/recipes/80-test_pkcs12_data/bad2.p12 -passin pass: -info
MAC: sha256, Iteration 2048
MAC length: 32, salt length: 8
PKCS7 Encrypted data: Segmentation fault (core dumped)
Added test cases for pkcs12 bad certificates
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23632)
Diffstat (limited to 'test')
-rw-r--r-- | test/recipes/80-test_pkcs12.t | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/test/recipes/80-test_pkcs12.t b/test/recipes/80-test_pkcs12.t index 817b0bf064..e2156e37c1 100644 --- a/test/recipes/80-test_pkcs12.t +++ b/test/recipes/80-test_pkcs12.t @@ -54,7 +54,7 @@ if (eval { require Win32::API; 1; }) { } $ENV{OPENSSL_WIN32_UTF8}=1; -plan tests => 28; +plan tests => 31; # Test different PKCS#12 formats ok(run(test(["pkcs12_format_test"])), "test pkcs12 formats"); @@ -184,11 +184,23 @@ with({ exit_checker => sub { return shift == 1; } }, "-nomacver"])), "test bad pkcs12 file 1 (nomacver)"); + ok(run(app(["openssl", "pkcs12", "-in", $bad1, "-password", "pass:", + "-info"])), + "test bad pkcs12 file 1 (info)"); + ok(run(app(["openssl", "pkcs12", "-in", $bad2, "-password", "pass:"])), "test bad pkcs12 file 2"); + ok(run(app(["openssl", "pkcs12", "-in", $bad2, "-password", "pass:", + "-info"])), + "test bad pkcs12 file 2 (info)"); + ok(run(app(["openssl", "pkcs12", "-in", $bad3, "-password", "pass:"])), "test bad pkcs12 file 3"); + + ok(run(app(["openssl", "pkcs12", "-in", $bad3, "-password", "pass:", + "-info"])), + "test bad pkcs12 file 3 (info)"); }); # Test with Oracle Trusted Key Usage specified in openssl.cnf |