From: Matt Caswell <matt@openssl.org>
Date: Tue, 13 Dec 2022 15:02:26 +0000 (+0000)
Subject: Add a test for CVE-2022-4450
X-Git-Tag: openssl-3.2.0-alpha1~1337
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=dc341a46677fe19f055bd2eea0e3a2af21053903;p=thirdparty%2Fopenssl.git

Add a test for CVE-2022-4450

Call PEM_read_bio_ex() and expect a failure. There should be no dangling
ptrs and therefore there should be no double free if we free the ptrs on
error.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
---

diff --git a/test/pemtest.c b/test/pemtest.c
index a8d2d49bb52..a5d28cb2565 100644
--- a/test/pemtest.c
+++ b/test/pemtest.c
@@ -96,6 +96,35 @@ static int test_cert_key_cert(void)
     return 1;
 }
 
+static int test_empty_payload(void)
+{
+    BIO *b;
+    static char *emptypay =
+        "-----BEGIN CERTIFICATE-----\n"
+        "-\n" /* Base64 EOF character */
+        "-----END CERTIFICATE-----";
+    char *name = NULL, *header = NULL;
+    unsigned char *data = NULL;
+    long len;
+    int ret = 0;
+
+    b = BIO_new_mem_buf(emptypay, strlen(emptypay));
+    if (!TEST_ptr(b))
+        return 0;
+
+    /* Expected to fail because the payload is empty */
+    if (!TEST_false(PEM_read_bio_ex(b, &name, &header, &data, &len, 0)))
+        goto err;
+
+    ret = 1;
+ err:
+    OPENSSL_free(name);
+    OPENSSL_free(header);
+    OPENSSL_free(data);
+    BIO_free(b);
+    return ret;
+}
+
 int setup_tests(void)
 {
     if (!TEST_ptr(pemfile = test_get_argument(0)))
@@ -103,5 +132,6 @@ int setup_tests(void)
     ADD_ALL_TESTS(test_b64, OSSL_NELEM(b64_pem_data));
     ADD_TEST(test_invalid);
     ADD_TEST(test_cert_key_cert);
+    ADD_TEST(test_empty_payload);
     return 1;
 }