shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-11 18:50:28 +09:00
Code Issues Packages Projects Releases Wiki Activity

CVE-2026-0968 tests: Reproducer for invalid longname data

Browse Source 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Jakub Jelen
2025-12-22 21:00:03 +01:00
parent 20856f44c1
commit 90a5d8f473
2 changed files with 93 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
tests/unittests/CMakeLists.txt
View File

@@ -126,6 +126,13 @@ if (HAVE_LIBFIDO2)
) )
endif (HAVE_LIBFIDO2) endif (HAVE_LIBFIDO2)
if (WITH_SFTP)
set(LIBSSH_UNIT_TESTS
${LIBSSH_UNIT_TESTS}
torture_unit_sftp
)
endif (WITH_SFTP)
foreach(_UNIT_TEST ${LIBSSH_UNIT_TESTS}) foreach(_UNIT_TEST ${LIBSSH_UNIT_TESTS})
add_cmocka_test(${_UNIT_TEST} add_cmocka_test(${_UNIT_TEST}
SOURCES ${_UNIT_TEST}.c SOURCES ${_UNIT_TEST}.c

86
tests/unittests/torture_unit_sftp.c Normal file
View File

@@ -0,0 +1,86 @@
#include "config.h"
#include "sftp_common.c"
#include "torture.h"
#define LIBSSH_STATIC
static void test_sftp_parse_longname(void **state)
{
const char *lname = NULL;
char *value = NULL;
/* state not used */
(void)state;
/* Valid example from SFTP draft, page 18:
* https://datatracker.ietf.org/doc/draft-spaghetti-sshm-filexfer/
*/
lname = "-rwxr-xr-x 1 mjos staff 348911 Mar 25 14:29 t-filexfer";
value = sftp_parse_longname(lname, SFTP_LONGNAME_PERM);
assert_string_equal(value, "-rwxr-xr-x");
free(value);
value = sftp_parse_longname(lname, SFTP_LONGNAME_OWNER);
assert_string_equal(value, "mjos");
free(value);
value = sftp_parse_longname(lname, SFTP_LONGNAME_GROUP);
assert_string_equal(value, "staff");
free(value);
value = sftp_parse_longname(lname, SFTP_LONGNAME_SIZE);
assert_string_equal(value, "348911");
free(value);
/* This function is broken further as the date contains space which breaks
* the parsing altogether */
value = sftp_parse_longname(lname, SFTP_LONGNAME_DATE);
assert_string_equal(value, "Mar");
free(value);
value = sftp_parse_longname(lname, SFTP_LONGNAME_TIME);
assert_string_equal(value, "25");
free(value);
value = sftp_parse_longname(lname, SFTP_LONGNAME_NAME);
assert_string_equal(value, "14:29");
free(value);
}
static void test_sftp_parse_longname_invalid(void **state)
{
const char *lname = NULL;
char *value = NULL;
/* state not used */
(void)state;
/* Invalid inputs should not crash
*/
lname = NULL;
value = sftp_parse_longname(lname, SFTP_LONGNAME_PERM);
assert_null(value);
value = sftp_parse_longname(lname, SFTP_LONGNAME_NAME);
assert_null(value);
lname = "";
value = sftp_parse_longname(lname, SFTP_LONGNAME_PERM);
assert_string_equal(value, "");
free(value);
value = sftp_parse_longname(lname, SFTP_LONGNAME_NAME);
assert_null(value);
lname = "-rwxr-xr-x 1";
value = sftp_parse_longname(lname, SFTP_LONGNAME_PERM);
assert_string_equal(value, "-rwxr-xr-x");
free(value);
value = sftp_parse_longname(lname, SFTP_LONGNAME_NAME);
assert_null(value);
}
int torture_run_tests(void)
{
int rc;
const struct CMUnitTest tests[] = {
cmocka_unit_test(test_sftp_parse_longname),
cmocka_unit_test(test_sftp_parse_longname_invalid),
};
rc = cmocka_run_group_tests(tests, NULL, NULL);
return rc;
}