Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PKCS7 parser tests: Replace fuzzer inputs by robust test cases #6690

Closed
gilles-peskine-arm opened this issue Nov 29, 2022 · 0 comments · Fixed by #6949
Closed

PKCS7 parser tests: Replace fuzzer inputs by robust test cases #6690

gilles-peskine-arm opened this issue Nov 29, 2022 · 0 comments · Fixed by #6949
Assignees
Labels
component-x509 enhancement size-s Estimated task size: small (~2d)

Comments

@gilles-peskine-arm
Copy link
Contributor

gilles-peskine-arm commented Nov 29, 2022

The PKCS#7 unit tests include some test data that was found by fuzzing. As such it's somewhat “bizarre”, for example it uses an obscure hash (RIPEMD160), and it turns out that they won't reach the intended function once other validation bugs are fixed.

The goal of this issue is to construct robust test cases for the bugs fixed by 290f01b, e7f8c61 (if it's indeed a bug, if not explain why) and 4f01121. A robust test case should only have one thing wrong with the data, and is generally constructed by starting from a valid input and making one modification.

The test cases can be unit tests for auxiliary functions, they don't have to be for the main parser entry point.

Once we have robust test cases, we can remove the fuzzer inputs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
component-x509 enhancement size-s Estimated task size: small (~2d)
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants