zlib-ng

mirror of https://github.com/GerbilSoft/zlib-ng.git synced 2025-06-18 11:35:35 -04:00

History

Daniel Axtens f246b9310d Add test cases for CVE-2005-1849 and CVE-2005-2096 CVE-2005-1849[0] is an overflow of a fixed size buffer defined in inftrees.h CVE-2005-2096[1] is an overflow caused by insufficient input validation of code trees[2]. This makes sure we don't accidentally reintroduce them. zlib-1.2.1 was download and fuzz tested using AFL[3]. The crashing cases were discovered. A patch for 1849 was then applied, and used to determine which cases hit only that bug, and which ones hit 2096. [0] http://seclists.org/bugtraq/2005/Jul/451 [1] http://seclists.org/bugtraq/2005/Jul/53 [2] https://bug299445.bugzilla.mozilla.org/attachment.cgi?id=188021 [3] http://lcamtuf.coredump.cx/afl/ Signed-off-by: Daniel Axtens <dja@axtens.net>	2016-04-28 14:00:05 +02:00
..
test.gz	Add test cases for CVE-2005-1849 and CVE-2005-2096	2016-04-28 14:00:05 +02:00

Daniel Axtens f246b9310d Add test cases for CVE-2005-1849 and CVE-2005-2096

CVE-2005-1849[0] is an overflow of a fixed size buffer defined in
inftrees.h

CVE-2005-2096[1] is an overflow caused by insufficient input
validation of code trees[2].

This makes sure we don't accidentally reintroduce them.

zlib-1.2.1 was download and fuzz tested using AFL[3].  The crashing
cases were discovered. A patch for 1849 was then applied, and used to
determine which cases hit only that bug, and which ones hit 2096.

[0] http://seclists.org/bugtraq/2005/Jul/451
[1] http://seclists.org/bugtraq/2005/Jul/53
[2] https://bug299445.bugzilla.mozilla.org/attachment.cgi?id=188021
[3] http://lcamtuf.coredump.cx/afl/

Signed-off-by: Daniel Axtens <dja@axtens.net>

2016-04-28 14:00:05 +02:00

test.gz

Add test cases for CVE-2005-1849 and CVE-2005-2096

2016-04-28 14:00:05 +02:00