diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2017-03-01 07:58:04 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2017-03-01 07:58:04 +0100 |
| commit | d8b2117106fafef83f253aa0e1d7ff46735e6a5e (patch) | |
| tree | dd2a6d4970e8106dfbb41085acea3679db8f24b4 | |
| parent | ae7d5433868b996e0a5f2750ec8daaedc5bd5444 (diff) | |
| download | gnutls-tmp-further-openpgp-fixes.tar.gz | |
tests: added test cases with invalid openpgp certstmp-further-openpgp-fixes
These certificates contain invalid secret key sub-packets.
These trigger invalid memory accesses:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=360
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=354
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
| -rw-r--r-- | tests/cert-tests/Makefile.am | 3 | ||||
| -rw-r--r-- | tests/cert-tests/data/openpgp-invalid7.pub | bin | 0 -> 383 bytes | |||
| -rw-r--r-- | tests/cert-tests/data/openpgp-invalid8.pub | bin | 0 -> 6590 bytes | |||
| -rwxr-xr-x | tests/cert-tests/openpgp-cert-parser | 2 |
4 files changed, 3 insertions, 2 deletions
diff --git a/tests/cert-tests/Makefile.am b/tests/cert-tests/Makefile.am index 2578559402..87b4b50418 100644 --- a/tests/cert-tests/Makefile.am +++ b/tests/cert-tests/Makefile.am @@ -65,7 +65,8 @@ EXTRA_DIST = data/ca-no-pathlen.pem data/no-ca-or-pathlen.pem data/aki-cert.pem data/openpgp-invalid1.pub data/openpgp-invalid2.pub data/openpgp-invalid3.pub \ data/x509-v1-with-sid.pem data/x509-v1-with-iid.pem data/x509-v3-with-fractional-time.pem \ data/openpgp-invalid5.pub data/openpgp-invalid6.pub templates/template-long-dns.tmpl \ - data/long-dns.pem data/template-long-dns-crq.pem + data/long-dns.pem data/template-long-dns-crq.pem data/openpgp-invalid7.pub \ + data/openpgp-invalid8.pub dist_check_SCRIPTS = pathlen aki certtool invalid-sig email \ pkcs7 pkcs7-broken-sigs privkey-import name-constraints certtool-long-cn crl provable-privkey \ diff --git a/tests/cert-tests/data/openpgp-invalid7.pub b/tests/cert-tests/data/openpgp-invalid7.pub Binary files differnew file mode 100644 index 0000000000..f808f49c0c --- /dev/null +++ b/tests/cert-tests/data/openpgp-invalid7.pub diff --git a/tests/cert-tests/data/openpgp-invalid8.pub b/tests/cert-tests/data/openpgp-invalid8.pub Binary files differnew file mode 100644 index 0000000000..3ee82dab01 --- /dev/null +++ b/tests/cert-tests/data/openpgp-invalid8.pub diff --git a/tests/cert-tests/openpgp-cert-parser b/tests/cert-tests/openpgp-cert-parser index 1039cf136e..7f22271077 100755 --- a/tests/cert-tests/openpgp-cert-parser +++ b/tests/cert-tests/openpgp-cert-parser @@ -42,7 +42,7 @@ echo "Checking OpenPGP certificate parsing" for i in "truncated.pub" "attribute-leak-1.pub" "subpkt-leak.pub" "openpgp-invalid1.pub" \ "openpgp-invalid2.pub" "openpgp-invalid3.pub" "openpgp-invalid4.pub" "openpgp-invalid5.pub" \ - "openpgp-invalid6.pub";do + "openpgp-invalid6.pub" "openpgp-invalid7.pub" "openpgp-invalid8.pub";do ${VALGRIND} "${CERTTOOL}" --inraw --pgp-certificate-info --infile "${srcdir}/data/${i}" rc=$? if test $rc != 1;then |