]> git.ipfire.org Git - thirdparty/zlib-ng.git/commit
projects / thirdparty / zlib-ng.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2fc89ea) | patch
Add test for CVE-2003-0107
authorDaniel Axtens <dja@axtens.net>
Mon, 27 Apr 2015 05:49:43 +0000 (15:49 +1000)
committerHans Kristian Rosbach <hk-git@circlestorm.org>
Thu, 28 Apr 2016 12:00:05 +0000 (14:00 +0200)
commitd7fdc511e1a860b5792c10c53ea187118db12f8f
tree540fb4a457b59ca8aefb9fe2e0c540d537126878tree
parent2fc89eabc3107a99509ffcf4f420c4ad3f7d6d6bcommit | diff
Add test for CVE-2003-0107

CVE-2003-0107[0] was a bug where zlib 1.1.4 failed to validate whether
arguments to gzprintf() fit within an internal buffer.

We should make sure that in refactoring we don't regress. Therefore,
build the sample code supplied in the original report [1], and check
if it crashes.

[0] http://www.cvedetails.com/cve/CVE-2003-0107/
[1] http://www.securityfocus.com/archive/1/312869

Signed-off-by: Daniel Axtens <dja@axtens.net>
.gitignore diff | blob | blame | history
test/CVE-2003-0107.c [new file with mode: 0644] blob
test/Makefile.in diff | blob | blame | history
Mirror of https://github.com/zlib-ng/zlib-ng.git