Add test cases for CVE-2005-1849 and CVE-2005-2096

CVE-2005-1849[0] is an overflow of a fixed size buffer defined in inftrees.h CVE-2005-2096[1] is an overflow caused by insufficient input validation of code trees[2]. This makes sure we don't accidentally reintroduce them. zlib-1.2.1 was download and fuzz tested using AFL[3]. The crashing cases were discovered. A patch for 1849 was then applied, and used to determine which cases hit only that bug, and which ones hit 2096. [0] http://seclists.org/bugtraq/2005/Jul/451 [1] http://seclists.org/bugtraq/2005/Jul/53 [2] https://bug299445.bugzilla.mozilla.org/attachment.cgi?id=188021 [3] http://lcamtuf.coredump.cx/afl/ Signed-off-by: Daniel Axtens <dja@axtens.net>
2025-06-18 11:35:35 -04:00 · 2015-04-29 14:56:57 +10:00 · 2015-04-29 14:56:57 +10:00 · f246b9310d
commit f246b9310d
parent 821dd3d85d
5 changed files with 10 additions and 1 deletions
--- a/test/CVE-2005-1849/test.gz
+++ b/test/CVE-2005-1849/test.gz
--- a/test/CVE-2005-2096/test1.gz
+++ b/test/CVE-2005-2096/test1.gz
--- a/test/CVE-2005-2096/test2.gz
+++ b/test/CVE-2005-2096/test2.gz
--- a/test/INDEX
+++ b/test/INDEX
@ -0,0 +1,9 @@
+Makefile.in: template for Unix Makefile
+
+CVE-2003-0107.c:
+CVE-2002-0059  : 
+CVE-2005-1849  :
+CVE-2005-2096  : test cases for the relevant CVEs
+
+testCVEinputs.sh: script to run tests for CVEs where input data is supplied
+
--- a/test/testCVEinputs.sh
+++ b/test/testCVEinputs.sh
@ -1,7 +1,7 @@
 #!/bin/bash
 TESTDIR="$(dirname "$0")"

-CVEs="CVE-2002-0059"
+CVEs="CVE-2002-0059 CVE-2005-1849 CVE-2005-2096"

 for CVE in $CVEs; do
    fail=0