From b36ffe2dedec4d6117f4718449035d1c5338df1c Mon Sep 17 00:00:00 2001 From: doug <> Date: Sun, 28 Jun 2015 00:08:27 +0000 Subject: Convert ssl_bytes_to_cipher_list to CBS. Link in the new 'unit' regress and expand the invalid tests to include some that would fail before the CBS conversion. input + ok miod@ jsing@ --- src/regress/lib/libssl/unit/cipher_list.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) (limited to 'src/regress/lib/libssl/unit') diff --git a/src/regress/lib/libssl/unit/cipher_list.c b/src/regress/lib/libssl/unit/cipher_list.c index b513007771..1c829f369c 100644 --- a/src/regress/lib/libssl/unit/cipher_list.c +++ b/src/regress/lib/libssl/unit/cipher_list.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher_list.c,v 1.1 2015/06/27 23:35:52 doug Exp $ */ +/* $OpenBSD: cipher_list.c,v 1.2 2015/06/28 00:08:27 doug Exp $ */ /* * Copyright (c) 2015 Doug Hogan * Copyright (c) 2015 Joel Sing @@ -146,6 +146,8 @@ err: static int ssl_bytes_to_list_invalid(SSL *s, STACK_OF(SSL_CIPHER) **ciphers) { + uint8_t empty_cipher_bytes[] = { }; + sk_SSL_CIPHER_free(*ciphers); /* Invalid length: CipherSuite is 2 bytes so it must be even */ @@ -153,6 +155,19 @@ ssl_bytes_to_list_invalid(SSL *s, STACK_OF(SSL_CIPHER) **ciphers) sizeof(cipher_bytes) - 1); CHECK(*ciphers == NULL); + /* Invalid length: cipher_suites must be at least 2 */ + *ciphers = ssl_bytes_to_cipher_list(s, empty_cipher_bytes, + sizeof(empty_cipher_bytes)); + CHECK(*ciphers == NULL); + + /* Invalid length: cipher_suites must be at most 2^16-2 */ + *ciphers = ssl_bytes_to_cipher_list(s, cipher_bytes, 0x10000); + CHECK(*ciphers == NULL); + + /* Invalid len: prototype is signed, but it shouldn't accept len < 0 */ + *ciphers = ssl_bytes_to_cipher_list(s, cipher_bytes, -2); + CHECK(*ciphers == NULL); + return 1; } -- cgit v1.2.3-55-g6feb