Add tests for overreads in pem_read_buffer()

commit: 9c94b6951cdd483eeee191b8dab7a0230d3fb4e8 [log] [tgz]
author: Andres AG <andres.amayagarcia@arm.com> Mon Oct 24 14:31:54 2016 +0100
committer: Andres AG <andres.amayagarcia@arm.com> Mon Nov 21 11:03:40 2016 +0000
tree: 1cee55afd341241651fc2be9985ca922797a6063
parent: 703990b83938302d81cdeb8cf382964e45c3beaf [diff]
diff --git a/ChangeLog b/ChangeLog
index cae68a6..e0c74e6 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -4,7 +4,7 @@
 
 Bugfix
    * Fixed multiple buffer overreads in mbedtls_pem_read_buffer() when parsing
-     the input string in pem format to extract the different components. Found
+     the input string in PEM format to extract the different components. Found
      by Eyal Itkin.
 
 = mbed TLS 2.4.0 branch released 2016-10-17

diff --git a/tests/suites/test_suite_pem.data b/tests/suites/test_suite_pem.data
index 973c923..9a62db8 100644
--- a/tests/suites/test_suite_pem.data
+++ b/tests/suites/test_suite_pem.data

@@ -15,3 +15,12 @@
 
 PEM write (exactly two lines + 1)
 mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F00":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAA==\n-----END TEST-----\n"
+
+PEM read (DES-EDE3-CBC + invalid iv)
+mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-EDE3-CBC,00$":-4608
+
+PEM read (DES-CBC + invalid iv)
+mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,00$":-4608
+
+PEM read (unknown encryption algorithm)
+mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-,00$":-4736

diff --git a/tests/suites/test_suite_pem.function b/tests/suites/test_suite_pem.function
index 6a62bfe..5e02210 100644
--- a/tests/suites/test_suite_pem.function
+++ b/tests/suites/test_suite_pem.function

@@ -3,12 +3,7 @@
 #include "mbedtls/pem.h"
 /* END_HEADER */
 
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PEM_WRITE_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */
 void mbedtls_pem_write_buffer( char *start, char *end, char *buf_str, char *result_str )
 {
     unsigned char buf[5000];
@@ -38,3 +33,20 @@
     mbedtls_free( check_buf );
 }
 /* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_AES_C:MBEDTLS_DES_C:MBEDTLS_MD5_C:MBEDTLS_CIPHER_MODE_CBC */
+void mbedtls_pem_read_buffer( char *header, char *footer, char *data, int ret )
+{
+    mbedtls_pem_context ctx;
+    size_t use_len = 0;
+
+    mbedtls_pem_init( &ctx );
+
+    TEST_ASSERT( mbedtls_pem_read_buffer( &ctx, header, footer,
+                                          (const unsigned char *)data, NULL, 0,
+                                          &use_len ) == ret );
+
+exit:
+    mbedtls_pem_free( &ctx );
+}
+/* END_CASE */
commit	9c94b6951cdd483eeee191b8dab7a0230d3fb4e8	[log] [tgz]
author	Andres AG <andres.amayagarcia@arm.com>	Mon Oct 24 14:31:54 2016 +0100
committer	Andres AG <andres.amayagarcia@arm.com>	Mon Nov 21 11:03:40 2016 +0000
tree	1cee55afd341241651fc2be9985ca922797a6063
parent	703990b83938302d81cdeb8cf382964e45c3beaf [diff]