Loading test/d2i-tests/high_tag.der 0 → 100644 +6 B File added.Preview suppressed by a .gitattributes entry or the file's encoding is unsupported. View file test/recipes/25-test_d2i.t +10 −1 Original line number Diff line number Diff line Loading @@ -15,7 +15,7 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/; setup("test_d2i"); plan tests => 3; plan tests => 4; ok(run(test(["d2i_test", "X509", "decode", srctop_file('test','d2i-tests','bad_cert.der')])), Loading @@ -28,3 +28,12 @@ ok(run(test(["d2i_test", "GENERAL_NAME", "decode", ok(run(test(["d2i_test", "ASN1_ANY", "BIO", srctop_file('test','d2i-tests','bad_bio.der')])), "Running d2i_test bad_bio.der"); # This test checks CVE-2016-2108. The data consists of an tag 258 and # two zero content octets. This is parsed as an ASN1_ANY type. If the # type is incorrectly interpreted as an ASN.1 INTEGER the two zero content # octets will be reject as invalid padding and this test will fail. # If the type is correctly interpreted it will by treated as an ASN1_STRING # type and the content octets copied verbatim. ok(run(test(["d2i_test", "ASN1_ANY", "OK", srctop_file('test','d2i-tests','high_tag.der')])), "Running d2i_test high_tag.der"); Loading
test/d2i-tests/high_tag.der 0 → 100644 +6 B File added.Preview suppressed by a .gitattributes entry or the file's encoding is unsupported. View file
test/recipes/25-test_d2i.t +10 −1 Original line number Diff line number Diff line Loading @@ -15,7 +15,7 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/; setup("test_d2i"); plan tests => 3; plan tests => 4; ok(run(test(["d2i_test", "X509", "decode", srctop_file('test','d2i-tests','bad_cert.der')])), Loading @@ -28,3 +28,12 @@ ok(run(test(["d2i_test", "GENERAL_NAME", "decode", ok(run(test(["d2i_test", "ASN1_ANY", "BIO", srctop_file('test','d2i-tests','bad_bio.der')])), "Running d2i_test bad_bio.der"); # This test checks CVE-2016-2108. The data consists of an tag 258 and # two zero content octets. This is parsed as an ASN1_ANY type. If the # type is incorrectly interpreted as an ASN.1 INTEGER the two zero content # octets will be reject as invalid padding and this test will fail. # If the type is correctly interpreted it will by treated as an ASN1_STRING # type and the content octets copied verbatim. ok(run(test(["d2i_test", "ASN1_ANY", "OK", srctop_file('test','d2i-tests','high_tag.der')])), "Running d2i_test high_tag.der");
Emilia Käsper <emilia@openssl.org>Emilia Käsper <emilia@openssl.org>