git.ipfire.org Git - thirdparty/zlib-ng.git/commit

author	Daniel Axtens <dja@axtens.net>
	Wed, 29 Apr 2015 06:20:37 +0000 (16:20 +1000)
committer	Hans Kristian Rosbach <hk-git@circlestorm.org>
	Thu, 28 Apr 2016 12:00:05 +0000 (14:00 +0200)
commit	a54d505bda0b0bbfe99ab07f91dabb73b6362256
tree	6a1f5eb9c2ee6e59edfe7bfd28969a7a56bc1e3c	tree
parent	f246b9310df9a62ba50630b763606af066574183	commit \| diff

Add test for CVE-2004-0797

CVE-2004-0797[0] occured when an error was detected but no action
was taken --- that is, execution was allowed to continue.

One of the tests for CVE-2005-2096 actually hit the code path that
was fixed in the patch for CVE-2004-0797.

This occured because all the fuzzing was done on zlib 1.2.1, and
zlib 1.2.2 fixed this bug but not the 2005 CVEs. It was detected by
running the test cases against zlib 1.2.2.

The relevant bits of the zlib 1.2.2 patch are [1] and [2].

[0] http://www.kb.cert.org/vuls/id/238678
[1] https://github.com/madler/zlib/commit/7a6955760ba950eb82f57929f8f6c9847c65f0af?diff=unified#diff-154f1240658ec1e9f5c90024002d749aR437
[2] https://github.com/madler/zlib/commit/7a6955760ba950eb82f57929f8f6c9847c65f0af?diff=unified#diff-327188edf18799ffbb5a51cc69f797e8R864

Signed-off-by: Daniel Axtens <dja@axtens.net>

test/CVE-2004-0797/test.gz	[moved from test/CVE-2005-2096/test1.gz with 100% similarity]	blob \| blame \| history
test/CVE-2005-2096/test.gz	[moved from test/CVE-2005-2096/test2.gz with 100% similarity]	blob \| blame \| history
test/INDEX		diff \| blob \| blame \| history
test/testCVEinputs.sh		diff \| blob \| blame \| history