Add test case for CVE-2013-1417

author Tom Yu <tlyu@mit.edu>

Fri, 28 Jun 2013 19:34:17 +0000 (15:34 -0400)

committer Tom Yu <tlyu@mit.edu>

Mon, 1 Jul 2013 18:12:49 +0000 (14:12 -0400)
author Tom Yu <tlyu@mit.edu>
Fri, 28 Jun 2013 19:34:17 +0000 (15:34 -0400)
committer Tom Yu <tlyu@mit.edu>
Mon, 1 Jul 2013 18:12:49 +0000 (14:12 -0400)
diff --git a/src/tests/Makefile.in b/src/tests/Makefile.in

index c5536c3ec8136060dad40aa905448b09af4ac48c..a7f8c2d413d5da0e59c20bb7ad1efa2bc80624f7 100644 (file)
--- a/src/tests/Makefile.in
+++ b/src/tests/Makefile.in
@@ -106,6 +106,7 @@ check-pytests:: gcred hist kdbtest plugorder t_init_creds t_localauth
         $(RUNPYTEST) $(srcdir)/t_cve-2012-1014.py $(PYTESTFLAGS)
         $(RUNPYTEST) $(srcdir)/t_cve-2012-1015.py $(PYTESTFLAGS)
         $(RUNPYTEST) $(srcdir)/t_cve-2013-1416.py $(PYTESTFLAGS)
+       $(RUNPYTEST) $(srcdir)/t_cve-2013-1417.py $(PYTESTFLAGS)
  
  clean::
         $(RM) gcred hist kdbtest plugorder t_init_creds t_localauth
diff --git a/src/tests/t_cve-2013-1417.py b/src/tests/t_cve-2013-1417.py

new file mode 100644 (file)

index 0000000..c26930a
--- /dev/null
+++ b/src/tests/t_cve-2013-1417.py
@@ -0,0 +1,13 @@
+#!/usr/bin/python
+
+from k5test import *
+
+realm = K5Realm(realm='TEST')
+
+# CVE-2013-1417 KDC dereferences null pointer
+
+realm.kinit(realm.user_princ, password('user'))
+realm.run([kvno, '-S', 'host', 'example.com'], expected_code=1)
+# Make sure KDC is still running.
+realm.kinit(realm.user_princ, password('user'))
+success('CVE-2013-1417 regression test')
author	Tom Yu <tlyu@mit.edu>
	Fri, 28 Jun 2013 19:34:17 +0000 (15:34 -0400)
committer	Tom Yu <tlyu@mit.edu>
	Mon, 1 Jul 2013 18:12:49 +0000 (14:12 -0400)
src/tests/Makefile.in		patch \| blob \| blame \| history
src/tests/t_cve-2013-1417.py	[new file with mode: 0644]	patch \| blob