From 1a76bba4a40255f63dbc3694de4c9cb49afa52ba Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Wed, 9 Aug 2017 10:21:06 +0200
Subject: [PATCH] tests: added reproducer for private key import leak

Issue found using oss-fuzz:
  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=561

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
---
 tests/key-tests/Makefile.am           |   2 +-
 tests/key-tests/data/key-invalid6.der | Bin 0 -> 633 bytes
 tests/key-tests/key-invalid           |   5 ++---
 3 files changed, 3 insertions(+), 4 deletions(-)
 create mode 100644 tests/key-tests/data/key-invalid6.der

diff --git a/tests/key-tests/Makefile.am b/tests/key-tests/Makefile.am
index 9184233da1..90c8f5472e 100644
--- a/tests/key-tests/Makefile.am
+++ b/tests/key-tests/Makefile.am
@@ -30,7 +30,7 @@ EXTRA_DIST = data/key-ca.pem data/key-user.pem \
 	data/dsa.1024.pem data/dsa.2048.pem data/dsa.3072.pem data/dsa-pubkey-1018.pem \
 	data/bad-key.pem data/p8key-illegal.pem data/key-illegal.pem data/pkcs8-pbes2-sha256.pem \
 	data/pkcs8-pbes1-des-md5.pem data/pkcs8-invalid8.der data/key-invalid1.der \
-	data/key-invalid4.der data/key-invalid5.der \
+	data/key-invalid4.der data/key-invalid5.der data/key-invalid6.der \
 	data data/pkcs8-invalid9.der data/key-invalid2.der data/pkcs8-invalid10.der \
 	data/key-invalid3.der data/pkcs8-eddsa.pem data/pkcs8-eddsa.pem.txt
 
diff --git a/tests/key-tests/data/key-invalid6.der b/tests/key-tests/data/key-invalid6.der
new file mode 100644
index 0000000000000000000000000000000000000000..d4efbcb1cab284711fcb9ba1dbe71cb6937f6e39
GIT binary patch
literal 633
zc-jGZ0*3uCf&z5{0RS)!1_>&LNQU<f0RaI800e>pUoe6KTLJ+90)c@5>x#YLz87|k
zH?tp}@ts;fQdWJjsV93Idr+G6Ar#OmMN<yeeR^uzRk1YP?g@Z<`nu=OO2Wf+H^9;j
zoO?Fm;hlZnzh!1F;d5><)f&psM9>8MxxzGut6<gEHOx(}{yQB^&AfMZ&&-8X-I*Ta
zjgge`MiWXdisiOPZ18po0s{d60Rn-5bFmx#ji3Cic9&Mly(Vh2dw<*!En=kyB$T}8
zcyK<Z<dPjxp(I7)qyKzX9h)&Ov_hq&owWE!RPZvqSjF^sArtWWq;O>yH2d%8v`_vx
z3I-fE3g4YZj37@2Dr)-0y>^=fj2U-Nnu4dXMb@fcFrSJ?Bb{rc;4$?bpa}EX0zm-z
z*}KpR7Y_?ggzm_UJqR@6#0wcU|8XG(!Fd2{4@s@v>hEW`!nnGqp?-HmR*t2g><#Gl
zldFZ#Q)Lyp8zv_LK>+bq+A3#>6<0taQ>%aT8R?IZwZ#}W)3^aQ#>YM<=uVx%@~c(*
zLc%V<!kK%RHkCSWP;6U#qN+Nkeyd&Z&`$zD3aqlpfTY`xup1rNlch)GdVtlqjs^?g
zO<I<~-O?Fj#7A{g2_eX$u<^BJg9`txH8t>}GiJNJOU_hNNl-tb0zh0Z39M4t=-ub=
zbhkKbT19<=5Byc|)g2zu_)3_vQ>fe5eq!~vz}r1ifx>W<Mx7tA?=3`-$?a|Pv|{DL
z8$SX-dM@4#{?PlxX}qx7xys;gv_h24G%EznmEGR$=rX)G*k(IJWO5F&CbXhZOuL2>
T^RHG(edF-NZxXV>(2a^Kz#BB>

literal 0
Hc-jL100001

diff --git a/tests/key-tests/key-invalid b/tests/key-tests/key-invalid
index b0e6d52c77..eeb94ee976 100755
--- a/tests/key-tests/key-invalid
+++ b/tests/key-tests/key-invalid
@@ -35,12 +35,11 @@ if ! test -z "${VALGRIND}"; then
 fi
 
 ret=0
-for p8 in "key-invalid1.der" "key-invalid2.der" "key-invalid3.der" "key-invalid4.der" \
-"key-invalid5.der";do
+for p8 in ${srcdir}/data/key-invalid*.der;do
 	set -- ${p8}
 	file="$1"
 	${VALGRIND} "${CERTTOOL}" --inder --key-info \
-		--infile "${srcdir}/data/${file}"
+		--infile "${file}"
 	rc=$?
 	if test ${rc} != 1; then
 		echo "FATAL ${p8} - errno ${rc}"
-- 
2.47.3