Potential buffer overwrite in pem_write_buffer() fixed
Length indication when given a too small buffer was off.
Added regression test in test_suite_pem to detect this.
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index d5b0512..0460c63 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -75,6 +75,7 @@
add_test_suite(mdx)
add_test_suite(mpi)
add_test_suite(pbkdf2)
+add_test_suite(pem)
add_test_suite(pkcs1_v21)
add_test_suite(pkcs5)
add_test_suite(pk)
diff --git a/tests/Makefile b/tests/Makefile
index 57cac3b..ce458ca 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -58,6 +58,7 @@
test_suite_hmac_drbg.pr \
test_suite_md test_suite_mdx \
test_suite_mpi test_suite_pbkdf2 \
+ test_suite_pem \
test_suite_pkcs1_v21 test_suite_pkcs5 \
test_suite_pkparse test_suite_pkwrite \
test_suite_pk \
@@ -321,6 +322,10 @@
echo " CC $@.c"
$(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@
+test_suite_pem: test_suite_pem.c $(DEP)
+ echo " CC $@.c"
+ $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@
+
test_suite_pkcs1_v21: test_suite_pkcs1_v21.c $(DEP)
echo " CC $@.c"
$(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@
diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function
index 1c50809..95a924f 100644
--- a/tests/suites/main_test.function
+++ b/tests/suites/main_test.function
@@ -1,6 +1,14 @@
#include <stdio.h>
#include <string.h>
+#if defined(POLARSSL_PLATFORM_C)
+#include "polarssl/platform.h"
+#else
+#define polarssl_printf printf
+#define polarssl_malloc malloc
+#define polarssl_free free
+#endif
+
static int test_errors = 0;
SUITE_PRE_DEP
diff --git a/tests/suites/test_suite_pem.data b/tests/suites/test_suite_pem.data
new file mode 100644
index 0000000..311ea9c
--- /dev/null
+++ b/tests/suites/test_suite_pem.data
@@ -0,0 +1,17 @@
+Standard PEM write
+pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8=\n-----END TEST-----\n"
+
+PEM write (zero data)
+pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"":"-----START TEST-----\n-----END TEST-----\n"
+
+PEM write (one byte)
+pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"00":"-----START TEST-----\nAA==\n-----END TEST-----\n"
+
+PEM write (more than line size)
+pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8=\n-----END TEST-----\n"
+
+PEM write (exactly two lines)
+pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\n-----END TEST-----\n"
+
+PEM write (exactly two lines + 1)
+pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F00":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAA==\n-----END TEST-----\n"
diff --git a/tests/suites/test_suite_pem.function b/tests/suites/test_suite_pem.function
new file mode 100644
index 0000000..42d9779
--- /dev/null
+++ b/tests/suites/test_suite_pem.function
@@ -0,0 +1,38 @@
+/* BEGIN_HEADER */
+#include <polarssl/base64.h>
+#include <polarssl/pem.h>
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:POLARSSL_PEM_WRITE_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void pem_write_buffer( char *start, char *end, char *buf_str, char *result_str )
+{
+ unsigned char buf[5000];
+ unsigned char *check_buf;
+ int ret;
+ size_t buf_len, olen = 0, olen2 = 0;
+
+ memset( buf, 0, sizeof( buf ) );
+
+ buf_len = unhexify( buf, buf_str );
+
+ ret = pem_write_buffer( start, end, buf, buf_len, NULL, 0, &olen );
+ TEST_ASSERT( ret == POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL );
+
+ check_buf = (unsigned char *) polarssl_malloc( olen );
+ TEST_ASSERT( check_buf != NULL );
+
+ memset( check_buf, 0, olen );
+ ret = pem_write_buffer( start, end, buf, buf_len, check_buf, olen, &olen2 );
+
+ TEST_ASSERT( olen2 <= olen );
+ TEST_ASSERT( olen > strlen( (char*) result_str ) );
+ TEST_ASSERT( ret == 0 );
+ TEST_ASSERT( strncmp( (char *) check_buf, (char *) result_str, olen ) == 0 );
+ polarssl_free( check_buf );
+}
+/* END_CASE */