TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / db73d3b149becb510f3515b7e7e6f1b8dc3111ee^! / . / tests
commitdb73d3b149becb510f3515b7e7e6f1b8dc3111ee[log] [tgz]
authorDavid Horstmann <david.horstmann@arm.com>Tue Oct 04 16:49:16 2022 +0100
committerDavid Horstmann <david.horstmann@arm.com>Wed Oct 05 13:09:57 2022 +0100
treeca1d04d0f4ea3bd00a37e1d3f6f22eea62996b41
parent05bb2c5d0e61b2804edfafc080e584c3be6ab5e4 [diff]
Add mbedtls_x509_get_name memory leak unit test

Introduce a unit test to test mbedtls_x509_get_name() and add a testcase
with a corrupt DER-encoded name that causes mbedtls_x509_get_name() to
have to cleanup things it is allocated. If it fails to do this, a memory
leak is detected under Asan builds.

Signed-off-by: David Horstmann <david.horstmann@arm.com>

diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index 6263fba..1db0982 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data

@@ -415,6 +415,12 @@
 X509 Get Next DN #4 Consecutive Multivalue RDNs
 mbedtls_x509_dn_get_next:"C=NL, O=PolarSSL, title=Example, CN=PolarSSL Server 1":0x05:"C title":2:"C=NL + O=PolarSSL, title=Example + CN=PolarSSL Server 1"
 
+X509 Get Name Valid DN
+mbedtls_x509_get_name:"310B3009060355040613024E4C3111300F060355040A0C08506F6C617253534C3119301706035504030C10506F6C617253534C2054657374204341":0
+
+X509 Get Name Corrupted DN Mem Leak
+mbedtls_x509_get_name:"310B3009060355040613024E4C3111300F060355040A0C08506F6C617253534C3019301706035504030C10506F6C617253534C2054657374204341":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+
 X509 Time Expired #1
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA
 mbedtls_x509_time_is_past:"data_files/server1.crt":"valid_from":1

diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function
index 60e703a..e8a2bb9 100644
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function

@@ -818,6 +818,42 @@
 }
 /* END_CASE */
 
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */
+void mbedtls_x509_get_name( char * hex_name, int exp_ret )
+{
+    unsigned char *name;
+    unsigned char *p;
+    size_t name_len;
+    mbedtls_x509_name head;
+    mbedtls_x509_name *allocated, *prev;
+    int res;
+
+    name = mbedtls_test_unhexify_alloc( hex_name, &name_len );
+    p = name;
+
+    res = mbedtls_x509_get_name( &p, ( name + name_len ), &head );
+
+    if( res == 0 )
+    {
+        allocated = head.next;
+        head.next = NULL;
+        prev = NULL;
+
+        while( allocated != NULL )
+        {
+            prev = allocated;
+            allocated = allocated->next;
+
+            mbedtls_free( prev );
+        }
+    }
+
+    TEST_ASSERT( res == exp_ret );
+
+    mbedtls_free( name );
+}
+/* END_CASE */
+
 /* BEGIN_CASE depends_on:MBEDTLS_X509_CREATE_C:MBEDTLS_X509_USE_C:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */
 void mbedtls_x509_dn_get_next( char * name_str, int next_merged, char * expected_oids, int exp_count, char * exp_dn_gets )
 {