openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity
openssl/test/recipes
History
Neil Horman a552c23c65 Harden asn1 oid loader to invalid inputs 
In the event that a config file contains this sequence:
=======
openssl_conf = openssl_init

config_diagnostics = 1

[openssl_init]
oid_section = oids

[oids]
testoid1 = 1.2.3.4.1
testoid2 = A Very Long OID Name, 1.2.3.4.2
testoid3 = ,1.2.3.4.3
======

The leading comma in testoid3 can cause a heap buffer overflow, as the
parsing code will move the string pointer back 1 character, thereby
pointing to an invalid memory space

correct the parser to detect this condition and handle it by treating it
as if the comma doesn't exist (i.e. an empty long oid name)

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22957)
 		2023-12-13 11:10:36 -05:00
..
04-test_conf_data
04-test_params_conversion_data
04-test_pem_read_depr_data
04-test_pem_reading_data
10-test_bn_data
15-test_dsaparam_data
15-test_ecparam_data
15-test_mp_rsa_data Fix the LCM computation in the RSA multiprime key check 2023-04-13 15:23:05 +02:00
15-test_rsaoaep_data
15-test_rsapss_data
20-test_dhparam_check_data
20-test_dhparam_data
25-test_eai_data
25-test_pkcs7_data Add test for d2i_PKCS7 NULL dereference 2023-02-07 17:05:10 +01:00
25-test_rusext_data
30-test_defltfips
30-test_evp_data Import repro from #22708 as a test case 2023-11-15 08:41:06 +01:00
30-test_evp_pkey_provided
30-test_pairwise_fail_data Add tests for FIPS keygen self test failures. 2023-02-08 17:00:55 +01:00
61-test_bio_prefix_data
65-test_cmp_client_data
65-test_cmp_msg_data
65-test_cmp_protect_data CMP: generalize ossl_cmp_calc_protection() to handle Edwards curves correctly 2023-09-05 13:25:41 +02:00
65-test_cmp_server_data
65-test_cmp_vfy_data
66-test_ossl_store_data
75-test_quicapi_data QUIC CHANNEL: Correct timeout calculation for ACKs 2023-10-25 11:14:24 +01:00
80-test_ca_data
80-test_ca_internals_data
80-test_cmp_http_data apps/cmp.c: -tls_used may be implied by -server https:...; improve related checks and doc 2023-10-10 20:36:05 +02:00
80-test_cms_data Additional testcase for missing return check of BIO_set_md() calls 2023-02-07 17:05:10 +01:00
80-test_cmsapi_data
80-test_ocsp_data
80-test_policy_tree_data test: add test cases for the policy resource overuse 2023-03-22 11:25:44 +11:00
80-test_ssl_old_data
80-test_tsa_data
90-test_gost_data
90-test_includes_data Add config tests for including provider config files 2023-11-09 13:27:56 +01:00
90-test_sslapi_data
90-test_store_cases_data Add a test case for the password prompt on garbage PKCS#12 file 2023-06-26 08:00:52 +10:00
90-test_store_data
90-test_threads_data
91-test_pkey_check_data Add test for DSA pubkey without param import and check 2023-02-07 17:05:10 +01:00
95-test_external_cf_quiche_data Add simple interoperability test with Cloudflare quiche 2023-03-22 10:13:30 +11:00
95-test_external_gost_engine_data
95-test_external_krb5_data
95-test_external_oqsprovider_data updated (lib+)oqsprovider to latest releases 2023-06-15 08:39:10 +10:00
95-test_external_pyca_data
95-test_external_tlsfuzzer_data
00-prep_fipsmodule_cnf.t Copyright year updates 2023-09-07 09:59:15 +01:00
01-test_abort.t
01-test_fipsmodule_cnf.t
01-test_sanity.t
01-test_symbol_presence.t test/recipes/01-test_symbol_presence.t: Treat common symbols specially 2023-12-04 09:55:15 +01:00
01-test_test.t
02-test_errstr.t
02-test_internal_context.t
02-test_internal_ctype.t
02-test_internal_exts.t
02-test_internal_keymgmt.t
02-test_internal_provider.t
02-test_lhash.t
02-test_list.t
02-test_localetest.t
02-test_ordinals.t
02-test_priority_queue.t
02-test_sparse_array.t
02-test_stack.t
02-test_time.t Add a test for converting OSSL_TIME to struct timeval 2023-10-20 16:33:40 +01:00
03-test_exdata.t
03-test_fipsinstall.t Copyright year updates 2023-09-07 09:59:15 +01:00
03-test_internal_asn1.t
03-test_internal_asn1_dsa.t
03-test_internal_bn.t
03-test_internal_chacha.t
03-test_internal_curve448.t Copyright year updates 2023-09-07 09:59:15 +01:00
03-test_internal_ec.t
03-test_internal_ffc.t
03-test_internal_mdc2.t
03-test_internal_modes.t
03-test_internal_namemap.t
03-test_internal_poly1305.t
03-test_internal_rsa_sp800_56b.t
03-test_internal_siphash.t
03-test_internal_sm2.t
03-test_internal_sm3.t
03-test_internal_sm4.t
03-test_internal_ssl_cert_table.t
03-test_internal_x509.t
03-test_params_api.t
03-test_property.t
03-test_ui.t
04-test_asn1_decode.t
04-test_asn1_encode.t
04-test_asn1_parse.t Harden asn1 oid loader to invalid inputs 2023-12-13 11:10:36 -05:00
04-test_asn1_string_table.t
04-test_bio_callback.t
04-test_bio_core.t
04-test_bio_dgram.t
04-test_bio_tfo.t
04-test_bioprint.t
04-test_conf.t
04-test_encoder_decoder.t Copyright year updates 2023-09-07 09:59:15 +01:00
04-test_encoder_decoder_legacy.t
04-test_err.t
04-test_hexstring.t
04-test_membio.t
04-test_nodefltctx.t Add a test for no initialisation of the default config file 2023-02-22 10:03:14 +11:00
04-test_param_build.t
04-test_params.t
04-test_params_conversion.t
04-test_pem_read_depr.t
04-test_pem_reading.t
04-test_provfetch.t
04-test_provider.t Add a minimal test provider 2023-12-04 15:12:34 +01:00
04-test_provider_default_search_path.t
04-test_provider_fallback.t
04-test_provider_pkey.t
04-test_punycode.t
04-test_upcalls.t
05-test_bf.t
05-test_cast.t
05-test_cmac.t
05-test_des.t
05-test_hmac.t
05-test_idea.t
05-test_pbe.t
05-test_rand.t Augment rand argument parsing to allow scaling 2023-11-13 12:21:34 +01:00
05-test_rc2.t
05-test_rc4.t
05-test_rc5.t
06-test_algorithmid.t Copyright year updates 2023-09-07 09:59:15 +01:00
06-test_rdcpu_sanity.t
07-test_bio_comp.t
10-test_bn.t
10-test_exp.t
15-test_dh.t
15-test_dsa.t
15-test_dsaparam.t
15-test_ec.t Copyright year updates 2023-09-07 09:59:15 +01:00
15-test_ecdsa.t
15-test_ecparam.t
15-test_gendh.t
15-test_gendhparam.t
15-test_gendsa.t Copyright year updates 2023-09-07 09:59:15 +01:00
15-test_genec.t Copyright year updates 2023-09-28 14:23:29 +01:00
15-test_genpkey.t Copyright year updates 2023-09-07 09:59:15 +01:00
15-test_genrsa.t Copyright year updates 2023-09-07 09:59:15 +01:00
15-test_mp_rsa.t Copyright year updates 2023-09-07 09:59:15 +01:00
15-test_out_option.t
15-test_rsa.t Copyright year updates 2023-09-07 09:59:15 +01:00
15-test_rsaoaep.t
15-test_rsapss.t Fix a possible memleak in rsa_pub_encode 2023-09-11 10:48:54 +02:00
15-test_rsax931.t Add Tests for RSA signatures using X931 padding. 2023-03-15 08:48:21 +11:00
15-test_sha.t
20-test_app.t Copyright year updates 2023-09-07 09:59:15 +01:00
20-test_cli_fips.t Copyright year updates 2023-09-07 09:59:15 +01:00
20-test_dgst.t Copyright year updates 2023-09-07 09:59:15 +01:00
20-test_dhparam.t
20-test_dhparam_check.t
20-test_enc.t Copyright year updates 2023-09-07 09:59:15 +01:00
20-test_enc_more.t
20-test_kdf.t
20-test_legacy_okay.t
20-test_mac.t
20-test_passwd.t
20-test_pkeyutl.t Copyright year updates 2023-09-07 09:59:15 +01:00
20-test_rand_config.t
20-test_spkac.t
25-test_crl.t
25-test_d2i.t
25-test_eai_data.t
25-test_pkcs7.t Copyright year updates 2023-09-07 09:59:15 +01:00
25-test_pkcs8.t Copyright year updates 2023-09-07 09:59:15 +01:00
25-test_req.t Fix a possible memory leak in do_othername 2023-12-12 13:43:08 +01:00
25-test_rusext.t
25-test_sid.t
25-test_verify.t ECDSA with SHA3 verification does not depend on FIPS provider version 2023-10-10 16:46:13 +02:00
25-test_verify_store.t
25-test_x509.t Support all NULL-syntax X.509v3 extensions 2023-09-25 15:12:04 -04:00
30-test_acvp.t
30-test_aesgcm.t
30-test_afalg.t
30-test_defltfips.t Copyright year updates 2023-09-07 09:59:15 +01:00
30-test_engine.t
30-test_evp.t Copyright year updates 2023-09-07 09:59:15 +01:00
30-test_evp_extra.t
30-test_evp_fetch_prov.t
30-test_evp_kdf.t
30-test_evp_libctx.t
30-test_evp_pkey_dhkem.t
30-test_evp_pkey_dparam.t
30-test_evp_pkey_provided.t
30-test_evp_xof.t Add EVP_DigestSqueeze() API. 2023-11-10 13:27:00 +01:00
30-test_hpke.t
30-test_pairwise_fail.t Add tests for FIPS keygen self test failures. 2023-02-08 17:00:55 +01:00
30-test_pbelu.t
30-test_pkey_meth.t
30-test_pkey_meth_kdf.t
30-test_prov_config.t
30-test_provider_status.t
40-test_rehash.t
60-test_x509_check_cert_pkey.t
60-test_x509_dup_cert.t
60-test_x509_load_cert_file.t Add a test for X509_load_cert_file() 2023-12-04 09:52:33 +01:00
60-test_x509_store.t
60-test_x509_time.t
61-test_bio_addr.t Add a test for BIO_ADDR_copy() 2023-09-25 07:46:45 +10:00
61-test_bio_prefix.t
61-test_bio_readbuffer.t
65-test_cmp_asn.t
65-test_cmp_client.t
65-test_cmp_ctx.t
65-test_cmp_hdr.t
65-test_cmp_msg.t
65-test_cmp_protect.t Copyright year updates 2023-09-07 09:59:15 +01:00
65-test_cmp_server.t
65-test_cmp_status.t
65-test_cmp_vfy.t
66-test_ossl_store.t
70-test_asyncio.t
70-test_bad_dtls.t
70-test_certtypeext.t RFC7250 (RPK) support 2023-03-28 13:49:54 -04:00
70-test_clienthello.t
70-test_comp.t
70-test_key_share.t Copyright year updates 2023-09-07 09:59:15 +01:00
70-test_packet.t
70-test_quic_cfq.t
70-test_quic_fc.t
70-test_quic_fifd.t
70-test_quic_lcidm.t QUIC LCIDM: Add test 2023-12-06 10:40:11 +00:00
70-test_quic_multistream.t Copyright year updates 2023-09-07 09:59:15 +01:00
70-test_quic_record.t quic_record, quicapi, and quicfaults tests do not support fuzzing builds 2023-10-23 13:45:09 +01:00
70-test_quic_srtm.t QUIC SRTM: Add test 2023-11-23 14:46:01 +00:00
70-test_quic_stream.t
70-test_quic_tserver.t Copyright year updates 2023-09-07 09:59:15 +01:00
70-test_quic_txp.t
70-test_quic_txpim.t
70-test_quic_wire.t
70-test_recordlen.t
70-test_renegotiation.t
70-test_servername.t
70-test_sslcbcpadding.t
70-test_sslcertstatus.t
70-test_sslextension.t
70-test_sslmessages.t
70-test_sslrecords.t
70-test_sslsessiontick.t
70-test_sslsigalgs.t
70-test_sslsignature.t
70-test_sslskewith0p.t
70-test_sslversions.t
70-test_sslvertol.t
70-test_tls13alerts.t
70-test_tls13certcomp.t
70-test_tls13cookie.t Copyright year updates 2023-09-07 09:59:15 +01:00
70-test_tls13downgrade.t
70-test_tls13hrr.t Copyright year updates 2023-09-07 09:59:15 +01:00
70-test_tls13kexmodes.t Add option `SSL_OP_PREFER_NO_DHE_KEX`, allowing the server to prefer non-dhe psk key exchange over psk with dhe (config file option `PreferNoDHEKEX`, server option `prefer_no_dhe_kex`). 2023-11-24 15:08:04 +00:00
70-test_tls13messages.t Copyright year updates 2023-09-07 09:59:15 +01:00
70-test_tls13psk.t Copyright year updates 2023-09-07 09:59:15 +01:00
70-test_tlsextms.t
70-test_verify_extra.t
70-test_wpacket.t
71-test_ssl_ctx.t
75-test_quic_ackm.t
75-test_quic_cc.t Copyright year updates 2023-09-07 09:59:15 +01:00
75-test_quic_srt_gen.t QUIC SRT GEN: Add SRT generator 2023-11-25 09:14:05 +00:00
75-test_quicapi.t quic_record, quicapi, and quicfaults tests do not support fuzzing builds 2023-10-23 13:45:09 +01:00
79-test_http.t Copyright year updates 2023-09-07 09:59:15 +01:00
80-test_ca.t Copyright year updates 2023-09-07 09:59:15 +01:00
80-test_ca_internals.t
80-test_cipherbytes.t
80-test_cipherlist.t
80-test_ciphername.t
80-test_cmp_http.t Prevent 80-test_cmp_http from accidentally killing perl in error. 2023-09-11 09:08:35 +10:00
80-test_cms.t cms encrypt, better OBJ_nid2obj() return check 2023-10-18 16:49:11 +02:00
80-test_cmsapi.t
80-test_ct.t
80-test_dane.t
80-test_dtls.t
80-test_dtls_mtu.t
80-test_dtlsv1listen.t
80-test_ocsp.t
80-test_pkcs12.t Convert jdkTrustedKeyUsage to be a pkcs12 cmd line option 2023-10-20 16:30:43 +01:00
80-test_policy_tree.t Disable the policy tree exponential growth test conditionally 2023-03-23 20:09:07 +11:00
80-test_ssl_new.t Copyright year updates 2023-09-07 09:59:15 +01:00
80-test_ssl_old.t
80-test_ssl_test_ctx.t
80-test_sslcorrupt.t
80-test_tsa.t
80-test_x509aux.t
81-test_cmp_cli.t
82-test_tfo_cli.t
90-test_asn1_time.t
90-test_async.t
90-test_bio_enc.t
90-test_bio_memleak.t
90-test_cert_comp.t
90-test_constant_time.t
90-test_fatalerr.t
90-test_fipsload.t
90-test_gmdiff.t
90-test_ige.t
90-test_includes.t Add config tests for including provider config files 2023-11-09 13:27:56 +01:00
90-test_memleak.t
90-test_overhead.t
90-test_quicfaults.t quic_record, quicapi, and quicfaults tests do not support fuzzing builds 2023-10-23 13:45:09 +01:00
90-test_rpk.t RFC7250 (RPK) support 2023-03-28 13:49:54 -04:00
90-test_secmem.t
90-test_shlibload.t
90-test_srp.t
90-test_sslapi.t [feat] SSL RTT in both client and server statem. SSL_get_handshake_rtt makes it available 2023-06-02 05:46:46 +02:00
90-test_sslbuffers.t
90-test_store.t Copyright year updates 2023-09-07 09:59:15 +01:00
90-test_store_cases.t Add a test case for the password prompt on garbage PKCS#12 file 2023-06-26 08:00:52 +10:00
90-test_sysdefault.t
90-test_threads.t
90-test_time_offset.t
90-test_tls13ccs.t
90-test_tls13encryption.t
90-test_tls13secrets.t
90-test_trace_api.t Copyright year updates 2023-09-07 09:59:15 +01:00
90-test_v3name.t
91-test_pkey_check.t Copyright year updates 2023-09-07 09:59:15 +01:00
95-test_external_cf_quiche.t Add simple interoperability test with Cloudflare quiche 2023-03-22 10:13:30 +11:00
95-test_external_gost_engine.t
95-test_external_krb5.t
95-test_external_oqsprovider.t
95-test_external_pyca.t
95-test_external_tlsfuzzer.t
99-test_ecstress.t
99-test_fuzz_asn1.t
99-test_fuzz_asn1parse.t
99-test_fuzz_bignum.t
99-test_fuzz_bndiv.t
99-test_fuzz_client.t
99-test_fuzz_cmp.t
99-test_fuzz_cms.t
99-test_fuzz_conf.t
99-test_fuzz_crl.t
99-test_fuzz_ct.t
99-test_fuzz_decoder.t Copyright year updates 2023-09-07 09:59:15 +01:00
99-test_fuzz_pem.t Copyright year updates 2023-09-07 09:59:15 +01:00
99-test_fuzz_punycode.t Copyright year updates 2023-09-07 09:59:15 +01:00
99-test_fuzz_quic_client.t Don't run the QUIC client fuzzer if QUIC is disabled 2023-10-23 10:08:22 +01:00
99-test_fuzz_quic_lcidm.t QUIC LCIDM: Add fuzzer 2023-12-06 10:40:11 +00:00
99-test_fuzz_quic_srtm.t QUIC SRTM: Add fuzzer for SRTM 2023-11-23 14:46:01 +00:00
99-test_fuzz_server.t
99-test_fuzz_smime.t Added a fuzzer for SMIME 2023-02-27 09:29:20 +00:00
99-test_fuzz_v3name.t Copyright year updates 2023-09-07 09:59:15 +01:00
99-test_fuzz_x509.t Copyright year updates 2023-09-07 09:59:15 +01:00
fuzz.pl
ocsp-response.der
tconversion.pl Copyright year updates 2023-09-07 09:59:15 +01:00