Add tests for overreads in pem_read_buffer()

This commit is contained in:
Andres AG 2016-10-24 14:31:54 +01:00
parent d3cbc15951
commit fada2e9f3e
3 changed files with 28 additions and 7 deletions

View file

@ -4,7 +4,7 @@ mbed TLS ChangeLog (Sorted per branch, date)
Bugfix
* Fixed multiple buffer overreads in mbedtls_pem_read_buffer() when parsing
the input string in pem format to extract the different components. Found
the input string in PEM format to extract the different components. Found
by Eyal Itkin.
= mbed TLS 1.3.18 branch 2016-10-17

View file

@ -15,3 +15,12 @@ pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"00010203040506
PEM write (exactly two lines + 1)
pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F00":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAA==\n-----END TEST-----\n"
PEM read (DES-EDE3-CBC + invalid iv)
pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-EDE3-CBC,00$":-4608
PEM read (DES-CBC + invalid iv)
pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,00$":-4608
PEM read (unknown encryption algorithm)
pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-,00$":-4736

View file

@ -3,12 +3,7 @@
#include "polarssl/pem.h"
/* END_HEADER */
/* BEGIN_DEPENDENCIES
* depends_on:POLARSSL_PEM_WRITE_C
* END_DEPENDENCIES
*/
/* BEGIN_CASE */
/* BEGIN_CASE depends_on:POLARSSL_PEM_WRITE_C */
void pem_write_buffer( char *start, char *end, char *buf_str, char *result_str )
{
unsigned char buf[5000];
@ -38,3 +33,20 @@ exit:
polarssl_free( check_buf );
}
/* END_CASE */
/* BEGIN_CASE depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_AES_C:POLARSSL_DES_C:POLARSSL_MD5_C:POLARSSL_CIPHER_MODE_CBC */
void pem_read_buffer( char *header, char *footer, char *data, int ret )
{
pem_context ctx;
size_t use_len = 0;
pem_init( &ctx );
TEST_ASSERT( pem_read_buffer( &ctx, header, footer,
(const unsigned char *)data, NULL, 0,
&use_len ) == ret );
exit:
pem_free( &ctx );
}
/* END_CASE */