Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
openssl-1_1.30140
openssl-CVE-2022-4450-2of2.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openssl-CVE-2022-4450-2of2.patch of Package openssl-1_1.30140
commit 075039740c6981d9b9a90ab3a8a6879d3014a987 Author: Matt Caswell <matt@openssl.org> Date: Tue Dec 13 15:02:26 2022 +0000 Add a test for CVE-2022-4450 Call PEM_read_bio_ex() and expect a failure. There should be no dangling ptrs and therefore there should be no double free if we free the ptrs on error. diff --git a/test/pemtest.c b/test/pemtest.c index 3203d976be..edeb0a1205 100644 --- a/test/pemtest.c +++ b/test/pemtest.c @@ -83,9 +83,39 @@ static int test_invalid(void) return 1; } +static int test_empty_payload(void) +{ + BIO *b; + static char *emptypay = + "-----BEGIN CERTIFICATE-----\n" + "-\n" /* Base64 EOF character */ + "-----END CERTIFICATE-----"; + char *name = NULL, *header = NULL; + unsigned char *data = NULL; + long len; + int ret = 0; + + b = BIO_new_mem_buf(emptypay, strlen(emptypay)); + if (!TEST_ptr(b)) + return 0; + + /* Expected to fail because the payload is empty */ + if (!TEST_false(PEM_read_bio_ex(b, &name, &header, &data, &len, 0))) + goto err; + + ret = 1; + err: + OPENSSL_free(name); + OPENSSL_free(header); + OPENSSL_free(data); + BIO_free(b); + return ret; +} + int setup_tests(void) { ADD_ALL_TESTS(test_b64, OSSL_NELEM(b64_pem_data)); ADD_TEST(test_invalid); + ADD_TEST(test_empty_payload); return 1; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor