upstream: regression test for find-principals NULL deref; from Fabian

Stelzer OpenBSD-Regress-ID: f845a8632a5a7d5ae26978004c93e796270fd3e5
author: djm@openbsd.org <djm@openbsd.org> 2022-01-05 04:10:39 +0000
committer: Damien Miller <djm@mindrot.org> 2022-01-05 15:12:46 +1100
commit: 37a14249ec993599a9051731e4fb0ac5e976aec1 (patch)
tree: 10cb8c0ab4cff58d6fa89ea33c66c8110e949188 /regress/sshsig.sh
parent: eb1f042142fdaba93f6c9560cf6c91ae25f6884a (diff)
download: openssh-git-37a14249ec993599a9051731e4fb0ac5e976aec1.tar.gz
1 files changed, 9 insertions, 1 deletions
diff --git a/regress/sshsig.sh b/regress/sshsig.sh
index 732b3bf5..40aa0c38 100644
--- a/regress/sshsig.sh
+++ b/regress/sshsig.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: sshsig.sh,v 1.11 2021/11/27 07:23:35 djm Exp $
+#	$OpenBSD: sshsig.sh,v 1.12 2022/01/05 04:10:39 djm Exp $
 #	Placed in the Public Domain.
 
 tid="sshsig"
@@ -208,6 +208,14 @@ for t in $SIGNKEYS; do
 	${SSHKEYGEN} -vvv -Y find-principals -s $sigfile -f $OBJ/allowed_signers >/dev/null 2>&1 && \
 		fail "succeeded finding principal with invalid signers file"
 
+	# find-principals with a configured namespace but none on command-line
+	(printf "$sig_principal " ;
+	 printf "namespaces=\"test1,test2\" ";
+	 cat $pubkey) > $OBJ/allowed_signers
+	${SSHKEYGEN} -vvv -Y find-principals -s $sigfile \
+	    -f $OBJ/allowed_signers >/dev/null 2>&1 || \
+		fail "failed finding principal when namespaces are configured"
+
 	# Check signing keys using ssh-agent.
 	${SSHADD} -D >/dev/null 2>&1 # Remove all previously-loaded keys.
 	${SSHADD} ${privkey} > /dev/null 2>&1 || fail "ssh-add failed"
author	djm@openbsd.org <djm@openbsd.org>	2022-01-05 04:10:39 +0000
committer	Damien Miller <djm@mindrot.org>	2022-01-05 15:12:46 +1100
commit	37a14249ec993599a9051731e4fb0ac5e976aec1 (patch)
tree	10cb8c0ab4cff58d6fa89ea33c66c8110e949188 /regress/sshsig.sh
parent	eb1f042142fdaba93f6c9560cf6c91ae25f6884a (diff)
download	openssh-git-37a14249ec993599a9051731e4fb0ac5e976aec1.tar.gz