diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2012-01-11 15:46:19 +0100 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2012-01-24 08:54:26 +0100 |
| commit | c11c30a8c8d727dcf5634fa0cc6ee0b4b77ddc3d (patch) | |
| tree | bb50ea23b104ba2f6d793903164364649fe11b9a | |
| parent | 75ca568fa1c19de4c5358fed246686de8467c238 (diff) | |
tests: test CRLF in URLs
Related to the security vulnerability: CVE-2012-0036
Bug: http://curl.haxx.se/docs/adv_20120124.html
| -rw-r--r-- | tests/data/Makefile.am | 2 | ||||
| -rw-r--r-- | tests/data/test1322 | 29 | ||||
| -rw-r--r-- | tests/data/test1323 | 29 | ||||
| -rw-r--r-- | tests/data/test1324 | 29 |
4 files changed, 88 insertions, 1 deletions
diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index 85a6e4b2f..610243c24 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -82,7 +82,7 @@ test1220 \ test1300 test1301 test1302 test1303 test1304 test1305 \ test1306 test1307 test1308 test1309 test1310 test1311 test1312 test1313 \ test1314 test1315 test1316 test1317 test1318 test1319 test1320 test1321 \ -test1325 test1326 test1327 \ +test1322 test1323 test1324 test1325 test1326 test1327 \ test2000 test2001 test2002 test2003 test2004 EXTRA_DIST = $(TESTCASES) DISABLED diff --git a/tests/data/test1322 b/tests/data/test1322 new file mode 100644 index 000000000..996727e94 --- /dev/null +++ b/tests/data/test1322 @@ -0,0 +1,29 @@ +<testcase> +<info> +<keywords> +POP3 +CRLF-in-URL +</keywords> +</info> + +# Client-side +<client> +<server> +pop3 +</server> + <name> +POP3 with URL-encoded CR LF in the URL + </name> + <command> +pop3://%HOSTIP:%POP3PORT/%0d%0a/1322 +</command> +</client> + +# +<verify> +# 3 - CURLE_URL_MALFORMAT +<errorcode> +3 +</errorcode> +</verify> +</testcase> diff --git a/tests/data/test1323 b/tests/data/test1323 new file mode 100644 index 000000000..90eb88b7d --- /dev/null +++ b/tests/data/test1323 @@ -0,0 +1,29 @@ +<testcase> +<info> +<keywords> +SMTP +CRLF-in-URL +</keywords> +</info> + +# Client-side +<client> +<server> +smtp +</server> + <name> +SMTP with URL-encoded CR LF in the URL + </name> + <command> +smtp://%HOSTIP:%SMTPPORT/%0d%0a/1323 +</command> +</client> + +# +<verify> +# 3 - CURLE_URL_MALFORMAT +<errorcode> +3 +</errorcode> +</verify> +</testcase> diff --git a/tests/data/test1324 b/tests/data/test1324 new file mode 100644 index 000000000..c9835efea --- /dev/null +++ b/tests/data/test1324 @@ -0,0 +1,29 @@ +<testcase> +<info> +<keywords> +IMAP +CRLF-in-URL +</keywords> +</info> + +# Client-side +<client> +<server> +imap +</server> + <name> +IMAP with URL-encoded CR LF in the URL + </name> + <command> +imap://%HOSTIP:%IMAPPORT/%0d%0a/1322 +</command> +</client> + +# +<verify> +# 3 - CURLE_URL_MALFORMAT +<errorcode> +3 +</errorcode> +</verify> +</testcase> |