diff options
| author | Matt Caswell <matt@openssl.org> | 2022-12-13 16:02:26 +0100 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2023-02-07 17:05:10 +0100 |
| commit | dc341a46677fe19f055bd2eea0e3a2af21053903 (patch) | |
| tree | 7cfd6088d6659b5007308b039e96b6e31105574f | |
| parent | Avoid dangling ptrs in header and data params for PEM_read_bio_ex (diff) | |
| download | openssl-dc341a46677fe19f055bd2eea0e3a2af21053903.tar.xz openssl-dc341a46677fe19f055bd2eea0e3a2af21053903.zip | |
Add a test for CVE-2022-4450
Call PEM_read_bio_ex() and expect a failure. There should be no dangling
ptrs and therefore there should be no double free if we free the ptrs on
error.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
| -rw-r--r-- | test/pemtest.c | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/test/pemtest.c b/test/pemtest.c index a8d2d49bb5..a5d28cb256 100644 --- a/test/pemtest.c +++ b/test/pemtest.c @@ -96,6 +96,35 @@ static int test_cert_key_cert(void) return 1; } +static int test_empty_payload(void) +{ + BIO *b; + static char *emptypay = + "-----BEGIN CERTIFICATE-----\n" + "-\n" /* Base64 EOF character */ + "-----END CERTIFICATE-----"; + char *name = NULL, *header = NULL; + unsigned char *data = NULL; + long len; + int ret = 0; + + b = BIO_new_mem_buf(emptypay, strlen(emptypay)); + if (!TEST_ptr(b)) + return 0; + + /* Expected to fail because the payload is empty */ + if (!TEST_false(PEM_read_bio_ex(b, &name, &header, &data, &len, 0))) + goto err; + + ret = 1; + err: + OPENSSL_free(name); + OPENSSL_free(header); + OPENSSL_free(data); + BIO_free(b); + return ret; +} + int setup_tests(void) { if (!TEST_ptr(pemfile = test_get_argument(0))) @@ -103,5 +132,6 @@ int setup_tests(void) ADD_ALL_TESTS(test_b64, OSSL_NELEM(b64_pem_data)); ADD_TEST(test_invalid); ADD_TEST(test_cert_key_cert); + ADD_TEST(test_empty_payload); return 1; } |