From 248971348b36d0dc5473499f19981ee51f877de0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Thu, 19 Jan 2023 20:57:44 +0100 Subject: [PATCH] Replace fuzzer-generated PKCS7 regression tests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This commit adds well-formed reproducers for the memory management issues fixed in the following commits: 290f01b3f54a16045be201699becda8f500eebd5 e7f8c616d0b9388fd20ffd6c9730ea8188f27716 f7641544eafeaf0c71d109fbbec1d9f8aa2e74d8 Signed-off-by: Bence Szépkúti --- tests/data_files/Makefile | 12 ++++++++++++ ...info_set-leak-fuzz_pkcs7-4541044530479104.der | Bin 108 -> 0 bytes ...-missing_free-fuzz_pkcs7-6213931373035520.der | Bin 108 -> 0 bytes ...Info_1_serial_invalid_tag_after_long_name.der | Bin 0 -> 810 bytes .../pkcs7_signerInfo_2_invalid_tag.der | Bin 0 -> 1185 bytes tests/suites/test_suite_pkcs7.data | 12 ++++++------ 6 files changed, 18 insertions(+), 6 deletions(-) delete mode 100644 tests/data_files/pkcs7_get_signers_info_set-leak-fuzz_pkcs7-4541044530479104.der delete mode 100644 tests/data_files/pkcs7_get_signers_info_set-missing_free-fuzz_pkcs7-6213931373035520.der create mode 100644 tests/data_files/pkcs7_signerInfo_1_serial_invalid_tag_after_long_name.der create mode 100644 tests/data_files/pkcs7_signerInfo_2_invalid_tag.der diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 622a28977..a7517bf78 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -1369,6 +1369,18 @@ pkcs7_data_signed_badsigner.der: pkcs7_data_cert_signed_sha256.der echo -en '\xa1' | dd of=$@ bs=1 seek=918 conv=notrunc all_final += pkcs7_data_signed_badsigner.der +# pkcs7 signature file with invalid tag in signerInfo[1].serial after long issuer name +pkcs7_signerInfo_1_serial_invalid_tag_after_long_name.der: pkcs7_data_multiple_signed.der + cp $< $@ + echo -en '\xa1' | dd of=$@ bs=1 seek=498 conv=notrunc +all_final += pkcs7_signerInfo_1_serial_invalid_tag_after_long_name.der + +# pkcs7 signature file with invalid tag in signerInfo[2] +pkcs7_signerInfo_2_invalid_tag.der: pkcs7_data_3_signed.der + cp $< $@ + echo -en '\xa1' | dd of=$@ bs=1 seek=810 conv=notrunc +all_final += pkcs7_signerInfo_2_invalid_tag.der + # pkcs7 file with version 2 pkcs7_data_cert_signed_v2.der: pkcs7_data_cert_signed_sha256.der cp pkcs7_data_cert_signed_sha256.der $@ diff --git a/tests/data_files/pkcs7_get_signers_info_set-leak-fuzz_pkcs7-4541044530479104.der b/tests/data_files/pkcs7_get_signers_info_set-leak-fuzz_pkcs7-4541044530479104.der deleted file mode 100644 index 51aef0d0929043a6c080846758c96bf08a945216..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 108 zcmXrWVq#=8FQ)N1o+`_9YA&S+?7APZDrz-_=`$Y#L8#=yhC l!~mq36ch}Y*cezCVA3LnLJ(;XDFadhBo)BmKZH_H004ib3yc5& diff --git a/tests/data_files/pkcs7_get_signers_info_set-missing_free-fuzz_pkcs7-6213931373035520.der b/tests/data_files/pkcs7_get_signers_info_set-missing_free-fuzz_pkcs7-6213931373035520.der deleted file mode 100644 index ce4fb3bd49fdaf0ccd10069af549eb55ec9554fe..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 108 zcmXrWVq#=8FQ)N1o+`_9YA&S>avAPZDrz-_=`$Y#L8#=y+L V!~mq36ch}Y*cezC2uLd+0|0Qt3R(aF diff --git a/tests/data_files/pkcs7_signerInfo_1_serial_invalid_tag_after_long_name.der b/tests/data_files/pkcs7_signerInfo_1_serial_invalid_tag_after_long_name.der new file mode 100644 index 0000000000000000000000000000000000000000..fe5539006c9ec85d67bb841a63c2767a643c1179 GIT binary patch literal 810 zcmXqLVpe10)N1o+`_9YA&a|M3S=^wBS(u5D(U9MOmyI)_&4V$OnT3gwmBD};p^(wA ziRqm|6Js$@p@ENqi6OTECmVAp3!5;LpN}D*0S}17#lsrl?Hp`wC~6=K;xqH`fcXl} zsYN9UhD;*W_wHVD@ws^RUyS1l0iDk6_w{o2qgx7e1JrelKsT^7F)~EIxluUv;JyD7 z4*5(}n;p9OL*^c(7^56RAF05K{C^@R4EFhXAGg_McCxH|i(`iR?3Z#i_iH3AvK~n! z70wl2yx{+b23t4Iq)%s8n2WTu8wDM{&g#2E#7>(-%0lcd2g|8|nd{=;ys(YYF>l^D zqubl<&XlL2?F-poiMs7qy41y4pQ`1Mc1JT+Z9?XH{lK!_Jugq?3jRzF|6s)OJ*>dA z{Q}n&mCBq+f2v;Rd%76ToOjD$CZB(JakAc}h<{9F>83Mp<)1S>yS7|y!EPp>wKKCj z9-N-h>hn5=JMXy1&7bG8a;})ScCXnXlGvrL|9Oe%u?O|G8)meZ|9#UEHGO}rfbIp# zg57ALNSJS^gX;Roc}4}5n~L~8@P4lOT|+q7SrTU4iPxU_c#qz-6y18R#P_QY##kIr zHr{jQ-8-{c{$9~{SGiufEP22YUvi1{cFwg3#x2dhuO0V4g zu_IChH$WOk=G!d%3Z2+p)Uqhct5budx5I zF#Y(RLe6#1uRokH`*O?gKZ%q3{w$U0oP1n%vv@JT*z@OQZBDcuZZyRM%7_+Yxjn=Du9|G|F06a(g4FRyN7+$p#GY3%KPB8-6r r>DM<%X>nA3=!og`YCpfN$G7gqganVqbvtX6E`BzDKgo_cDun?6%%4K* literal 0 HcmV?d00001 diff --git a/tests/data_files/pkcs7_signerInfo_2_invalid_tag.der b/tests/data_files/pkcs7_signerInfo_2_invalid_tag.der new file mode 100644 index 0000000000000000000000000000000000000000..3a4287426c1758419224ca36729255bee68c32c5 GIT binary patch literal 1185 zcmXqLVwuavsnzDu_MMlJooPW6OP@g#OBWL(qanWmFB@k(-%0lcd2g|8|nd{=;ys(YYF>l^D zqubl<&XlL2?F-poiMs7qy41y4pQ`1Mc1JT+Z9?XH{lK!_Jugq?3jRzF|6s)OJ*>dA z{Q}n&mCBq+f2v;Rd%76ToOjD$CZB(JakAc}h<{9F>83Mp<)1S>yS7|y!EPp>wKKCj z9-N-h>hn5=JMXy1&7bG8a;})ScCXnXlGvrL|9Oe%u?O|G8)meZ|9#UEHGO}rfbIp# zg58KoB+NI|L3MrPJfnijO+|bkct6+tt|1)kED1C2#B0xdyhra^if%nu;``MHV=Rs* z8}B*u?w#2zf3N7fD_%vaIjTI-{Lp5UVS9UF^?o(orfvIvS^J4Jm}m9W+tk)+rC09$ z*p#%Ywf4m!E}?CU&h`1$8{Uv^Xk1bi{OewV&VC<6HM)LV`!*x}7yj7eAZ7pJc}zmBO%)qSS88B$DJ_G^2E0 zA4_4^(`33vX}Q9+54o_a4zHC=QW;J zd&MqqdMTrq_`<+u@%6WhE9-A;j#;j~(OYzpci8TNJHj5WsSS++|6{lIgneJ&9LE0m zaM15BUjx}b&EUU$*2%JVf1&xidO4%B4U4z07TS^{Hc3Ifw_JRCmyPQ+%P3*4?uZtd zJ(_&}jkS-L{1ba~q5PEbf>o-IOwZJ(g|6UUvF=U#gy>DnLn62DIl9pJ(@c}eTjc+I fv$?)_;^SxE8>XCc(P