diff options
| author | jsing <> | 2016-12-26 15:24:03 +0000 |
|---|---|---|
| committer | jsing <> | 2016-12-26 15:24:03 +0000 |
| commit | d8c64421db0ae603148c027884d5b60879594535 (patch) | |
| tree | cdd3a816ae18161542cc5a360dd63594102908d8 | |
| parent | 899a1058abcbe6fe59592ed5d46cc4b55cf12326 (diff) | |
| download | openbsd-d8c64421db0ae603148c027884d5b60879594535.tar.gz openbsd-d8c64421db0ae603148c027884d5b60879594535.tar.bz2 openbsd-d8c64421db0ae603148c027884d5b60879594535.zip | |
Ensure that after an i2d_SSL_SESSION() call, the passed pointer now points
to the end of the buffer.
| -rw-r--r-- | src/regress/lib/libssl/asn1/asn1test.c | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/src/regress/lib/libssl/asn1/asn1test.c b/src/regress/lib/libssl/asn1/asn1test.c index 946c672d74..28cd3d827a 100644 --- a/src/regress/lib/libssl/asn1/asn1test.c +++ b/src/regress/lib/libssl/asn1/asn1test.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: asn1test.c,v 1.4 2016/12/21 15:13:29 jsing Exp $ */ | 1 | /* $OpenBSD: asn1test.c,v 1.5 2016/12/26 15:24:03 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -205,7 +205,7 @@ session_strcmp(const unsigned char *o1, const unsigned char *o2, size_t len) | |||
| 205 | static int | 205 | static int |
| 206 | session_cmp(SSL_SESSION *s1, SSL_SESSION *s2) | 206 | session_cmp(SSL_SESSION *s1, SSL_SESSION *s2) |
| 207 | { | 207 | { |
| 208 | /* Compare two sessions, from the perspective of ASN1. */ | 208 | /* Compare the ASN.1 encoded values from two sessions. */ |
| 209 | if (s1->ssl_version != s2->ssl_version) { | 209 | if (s1->ssl_version != s2->ssl_version) { |
| 210 | fprintf(stderr, "ssl_version differs: %i != %i\n", | 210 | fprintf(stderr, "ssl_version differs: %i != %i\n", |
| 211 | s1->ssl_version, s2->ssl_version); | 211 | s1->ssl_version, s2->ssl_version); |
| @@ -320,17 +320,12 @@ do_ssl_asn1_test(int test_no, struct ssl_asn1_test *sat) | |||
| 320 | /* See if the test is expected to fail... */ | 320 | /* See if the test is expected to fail... */ |
| 321 | if (sat->asn1_len == -1) | 321 | if (sat->asn1_len == -1) |
| 322 | return (0); | 322 | return (0); |
| 323 | 323 | ||
| 324 | if ((asn1 = malloc(len)) == NULL) | 324 | if ((asn1 = malloc(len)) == NULL) |
| 325 | errx(1, "failed to allocate memory"); | 325 | errx(1, "failed to allocate memory"); |
| 326 | 326 | ||
| 327 | ap = asn1; | 327 | ap = asn1; |
| 328 | len = i2d_SSL_SESSION(&sat->session, &ap); | 328 | len = i2d_SSL_SESSION(&sat->session, &ap); |
| 329 | if ((ap - asn1) > len) { | ||
| 330 | fprintf(stderr, "FAIL: test %i overflowed ticket buffer " | ||
| 331 | "(%i > %i)\n", test_no, (int)(ap - asn1), len); | ||
| 332 | goto failed; | ||
| 333 | } | ||
| 334 | 329 | ||
| 335 | /* | 330 | /* |
| 336 | * Length *should* be the same, but check it again since the code | 331 | * Length *should* be the same, but check it again since the code |
| @@ -341,6 +336,12 @@ do_ssl_asn1_test(int test_no, struct ssl_asn1_test *sat) | |||
| 341 | "want %i\n", test_no, len, sat->asn1_len); | 336 | "want %i\n", test_no, len, sat->asn1_len); |
| 342 | goto failed; | 337 | goto failed; |
| 343 | } | 338 | } |
| 339 | /* ap should now point at the end of the buffer. */ | ||
| 340 | if (ap - asn1 != len) { | ||
| 341 | fprintf(stderr, "FAIL: test %i pointer increment does not " | ||
| 342 | "match length (%i != %i)\n", test_no, (int)(ap - asn1), len); | ||
| 343 | goto failed; | ||
| 344 | } | ||
| 344 | 345 | ||
| 345 | if (memcmp(asn1, &sat->asn1, len) != 0) { | 346 | if (memcmp(asn1, &sat->asn1, len) != 0) { |
| 346 | fprintf(stderr, "FAIL: test %i - encoding differs:\n", test_no); | 347 | fprintf(stderr, "FAIL: test %i - encoding differs:\n", test_no); |