Commit 106cb950 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson Committed by Matt Caswell
Browse files

Add test for CVE-2016-2018 



Reviewed-by: default avatarEmilia Käsper <emilia@openssl.org>
parent d7ab691b

test/d2i-tests/high_tag.der

0 → 100644
+6 B

File added.

Preview suppressed by a .gitattributes entry or the file's encoding is unsupported.

View file

test/recipes/25-test_d2i.t

+10 −1
Original line number Diff line number Diff line
@@ -15,7 +15,7 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/; 


setup("test_d2i");



plan tests => 3;

plan tests => 4;



ok(run(test(["d2i_test", "X509", "decode",

             srctop_file('test','d2i-tests','bad_cert.der')])),
@@ -28,3 +28,12 @@ ok(run(test(["d2i_test", "GENERAL_NAME", "decode", 
ok(run(test(["d2i_test", "ASN1_ANY", "BIO",

             srctop_file('test','d2i-tests','bad_bio.der')])),

   "Running d2i_test bad_bio.der");

# This test checks CVE-2016-2108. The data consists of an tag 258 and

# two zero content octets. This is parsed as an ASN1_ANY type. If the

# type is incorrectly interpreted as an ASN.1 INTEGER the two zero content

# octets will be reject as invalid padding and this test will fail.

# If the type is correctly interpreted it will by treated as an ASN1_STRING

# type and the content octets copied verbatim.

ok(run(test(["d2i_test", "ASN1_ANY", "OK",

             srctop_file('test','d2i-tests','high_tag.der')])),

   "Running d2i_test high_tag.der");