Skip to content

Commit 160b317

Browse files
committed
Add regression tests for various d2i_* methods
1 parent 7aed5ac commit 160b317

2 files changed

Lines changed: 48 additions & 0 deletions

File tree

tests/api.c

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16966,6 +16966,32 @@ static int test_wolfSSL_PKCS8_d2i(void)
1696616966
EVP_PKEY_free(pkey);
1696716967
pkey = NULL;
1696816968
#endif
16969+
/* A negative length must be rejected before the signed->word32 cast
16970+
* (CWE-190 -> CWE-125): length = -1 becomes (word32)0xFFFFFFFF, so the
16971+
* decoder believes ~4 GiB are available and reads past the input. The
16972+
* same key buffers are decoded with their correct positive length above,
16973+
* so these calls fail only because of the negative length. All must
16974+
* return NULL; with the guard removed the over-read is reported by ASan
16975+
* (and, with a full key, faults outright). */
16976+
{
16977+
const unsigned char malformed[2] = { 0x30, 0x10 };
16978+
const unsigned char* mp;
16979+
#ifndef NO_RSA
16980+
#ifdef USE_CERT_BUFFERS_1024
16981+
const unsigned char* rp = (const unsigned char*)server_key_der_1024;
16982+
#else
16983+
const unsigned char* rp = (const unsigned char*)server_key_der_2048;
16984+
#endif
16985+
const unsigned char* rp0 = rp;
16986+
ExpectNull(d2i_AutoPrivateKey(NULL, &rp, -1));
16987+
rp = rp0;
16988+
ExpectNull(d2i_PrivateKey(EVP_PKEY_RSA, NULL, &rp, -1));
16989+
#endif
16990+
/* The reported PoC: a 2-byte header claiming 16 bytes of absent
16991+
* content drives the over-read in the key-type detection loop. */
16992+
mp = malformed;
16993+
ExpectNull(d2i_AutoPrivateKey(NULL, &mp, -1));
16994+
}
1696916995
#endif /* OPENSSL_ALL */
1697016996

1697116997
#ifndef NO_FILESYSTEM

tests/api/test_ossl_asn1.c

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2816,6 +2816,28 @@ int test_ASN1_strings(void)
28162816
der = NULL;
28172817
}
28182818

2819+
/* Negative length must be rejected before the signed->word32 cast
2820+
* (CWE-190 -> CWE-125). The 2-byte header claims 16 bytes of content
2821+
* that are not present in the buffer; passing len = -1 would, without
2822+
* the guard, cast to ~4 GiB so GetLength accepts the claimed length and
2823+
* d2i_ASN1_STRING over-reads 16 bytes past the buffer. Every wrapper
2824+
* must instead return NULL without reading the content. */
2825+
{
2826+
unsigned char hdr[2];
2827+
const unsigned char* p;
2828+
2829+
hdr[1] = 0x10; /* claim 16 bytes of (absent) content */
2830+
2831+
p = hdr; hdr[0] = ASN_OCTET_STRING;
2832+
ExpectNull(d2i_ASN1_OCTET_STRING(NULL, &p, -1));
2833+
p = hdr; hdr[0] = ASN_GENERALSTRING;
2834+
ExpectNull(d2i_ASN1_GENERALSTRING(NULL, &p, -1));
2835+
p = hdr; hdr[0] = ASN_UTF8STRING;
2836+
ExpectNull(d2i_ASN1_UTF8STRING(NULL, &p, -1));
2837+
p = hdr; hdr[0] = ASN_BIT_STRING;
2838+
ExpectNull(d2i_ASN1_BIT_STRING(NULL, &p, -1));
2839+
}
2840+
28192841
#endif
28202842
return EXPECT_RESULT();
28212843
}

0 commit comments

Comments
 (0)