clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-23 10:57:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
6f739318fd
php-src/ext/openssl/tests/cve2013_4073.phpt
Stanislav Malyshev dcea4ec698 Fix CVE-2013-4073 - handling of certs with null bytes
2013-08-13 22:24:11 -07:00

20 lines
719 B
PHP
Raw Blame History

--TEST--
CVE 2013-4073: Null-byte certificate handling
--SKIPIF--
<?php
if (!extension_loaded("openssl")) die("skip");
--FILE--
<?php
$cert = file_get_contents(__DIR__ . '/cve2013_4073.pem');
$info = openssl_x509_parse($cert);
var_export($info['extensions']);
--EXPECTF--
array (
'basicConstraints' => 'CA:FALSE',
'subjectKeyIdentifier' => '88:5A:55:C0:52:FF:61:CD:52:A3:35:0F:EA:5A:9C:24:38:22:F7:5C',
'keyUsage' => 'Digital Signature, Non Repudiation, Key Encipherment',
'subjectAltName' => 'DNS:altnull.python.org' . "\0" . 'example.com, email:null@python.org' . "\0" . 'user@example.org, URI:http://null.python.org' . "\0" . 'http://example.org, IP Address:192.0.2.1, IP Address:2001:DB8:0:0:0:0:0:1
',
)
Reference in New Issue View Git Blame Copy Permalink