zeek/testing/btest/scripts/base/protocols/ssl/x509-invalid-extension.test at 2d8acab6643cfa54a42e137c6af4072f6a94f9e2 - Mirror/zeek - git.uphillsecurity.com: We code.

Mirror/zeek

mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00

Johanna Amann a891517762 Fix read at invalid address in X509 extension parser.

When encountering an extension unknown to OpenSSL, we would read from
the wrong memory location. Also added a testcase to prevent this specific
case from happening again.

2018-06-04 12:05:56 -07:00

11 lines

250 B

Text

Raw Blame History

 # @TEST-EXEC: bro -C -r $TRACES/tls/ocsp-stapling.trace %INPUT
 # @TEST-EXEC: btest-diff .stdout
 event x509_extension(f: fa_file, ext: X509::Extension)
 	{
 	if ( ext$oid != "1.3.6.1.5.5.7.1.12" )
 		return;
 	print ext$short_name;
 	print ext$value;
 	}