Add test case for CVE-2013-1416

ticket: 7635 (new)
author: Tom Yu <tlyu@mit.edu> 2013-05-09 16:51:31 -0400
committer: Tom Yu <tlyu@mit.edu> 2013-05-09 18:16:46 -0400
commit: ab8aa580737d0283bf7cc1f71fa8d692a2ddd75c (patch)
tree: e997cb07f09ee0c95f210eb6c45e3fb88a6f5a8f /src/tests/t_cve-2013-1416.py
parent: efa31786c01bc7be064a6f94c233488c30e4a2dc (diff)
download: krb5-ab8aa580737d0283bf7cc1f71fa8d692a2ddd75c.tar.gz
krb5-ab8aa580737d0283bf7cc1f71fa8d692a2ddd75c.tar.xz
krb5-ab8aa580737d0283bf7cc1f71fa8d692a2ddd75c.zip
1 files changed, 15 insertions, 0 deletions
diff --git a/src/tests/t_cve-2013-1416.py b/src/tests/t_cve-2013-1416.py
new file mode 100644
index 0000000000..94fb6d5ef1
--- /dev/null
+++ b/src/tests/t_cve-2013-1416.py
@@ -0,0 +1,15 @@
+#!/usr/bin/python
+
+from k5test import *
+
+realm = K5Realm()
+
+# CVE-2013-1416 KDC dereferences null pointer
+
+realm.kinit(realm.user_princ, password('user'))
+realm.run([kvno, '/test'], expected_code=1)
+realm.run([kvno, 'test/'], expected_code=1)
+realm.run([kvno, '/'], expected_code=1)
+# Make sure KDC is still running.
+realm.kinit(realm.user_princ, password('user'))
+success('CVE-2013-1416 regression test')
author	Tom Yu <tlyu@mit.edu>	2013-05-09 16:51:31 -0400
committer	Tom Yu <tlyu@mit.edu>	2013-05-09 18:16:46 -0400
commit	ab8aa580737d0283bf7cc1f71fa8d692a2ddd75c (patch)
tree	e997cb07f09ee0c95f210eb6c45e3fb88a6f5a8f /src/tests/t_cve-2013-1416.py
parent	efa31786c01bc7be064a6f94c233488c30e4a2dc (diff)
download	krb5-ab8aa580737d0283bf7cc1f71fa8d692a2ddd75c.tar.gz krb5-ab8aa580737d0283bf7cc1f71fa8d692a2ddd75c.tar.xz krb5-ab8aa580737d0283bf7cc1f71fa8d692a2ddd75c.zip