zlib-ng

mirror of https://github.com/GerbilSoft/zlib-ng.git synced 2025-06-18 11:35:35 -04:00

History

Daniel Axtens 821dd3d85d Add test for CVE-2002-0059 CVE-2002-0059 was a double free in inflation. [0] This makes sure we don't accidentally reintroduce it. zlib-1.1.3 was download and fuzz tested using AFL[1]. This crashing case (test.gz) was discovered, and using gdb it was confirmed to be a double free in the expected place. The test script looks for a normal error exit (status code 1), and fails if any other code is returned. [0] http://www.cvedetails.com/cve/CVE-2002-0059/ [1] http://lcamtuf.coredump.cx/afl/ Signed-off-by: Daniel Axtens <dja@axtens.net>	2016-04-28 14:00:05 +02:00
..
test.gz	Add test for CVE-2002-0059	2016-04-28 14:00:05 +02:00

Daniel Axtens 821dd3d85d Add test for CVE-2002-0059

CVE-2002-0059 was a double free in inflation. [0]

This makes sure we don't accidentally reintroduce it.

zlib-1.1.3 was download and fuzz tested using AFL[1].
This crashing case (test.gz) was discovered, and using gdb it was
confirmed to be a double free in the expected place.

The test script looks for a normal error exit (status code 1),
and fails if any other code is returned.

[0] http://www.cvedetails.com/cve/CVE-2002-0059/
[1] http://lcamtuf.coredump.cx/afl/

Signed-off-by: Daniel Axtens <dja@axtens.net>

2016-04-28 14:00:05 +02:00

test.gz

Add test for CVE-2002-0059

2016-04-28 14:00:05 +02:00