From c11c30a8c8d727dcf5634fa0cc6ee0b4b77ddc3d Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Wed, 11 Jan 2012 15:46:19 +0100
Subject: tests: test CRLF in URLs

Related to the security vulnerability: CVE-2012-0036

Bug: http://curl.haxx.se/docs/adv_20120124.html
---
 tests/data/Makefile.am |  2 +-
 tests/data/test1322    | 29 +++++++++++++++++++++++++++++
 tests/data/test1323    | 29 +++++++++++++++++++++++++++++
 tests/data/test1324    | 29 +++++++++++++++++++++++++++++
 4 files changed, 88 insertions(+), 1 deletion(-)
 create mode 100644 tests/data/test1322
 create mode 100644 tests/data/test1323
 create mode 100644 tests/data/test1324

diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index 85a6e4b2f..610243c24 100644
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -82,7 +82,7 @@ test1220 \
 test1300 test1301 test1302 test1303 test1304 test1305	\
 test1306 test1307 test1308 test1309 test1310 test1311 test1312 test1313 \
 test1314 test1315 test1316 test1317 test1318 test1319 test1320 test1321 \
-test1325 test1326 test1327 \
+test1322 test1323 test1324 test1325 test1326 test1327 \
 test2000 test2001 test2002 test2003 test2004
 
 EXTRA_DIST = $(TESTCASES) DISABLED
diff --git a/tests/data/test1322 b/tests/data/test1322
new file mode 100644
index 000000000..996727e94
--- /dev/null
+++ b/tests/data/test1322
@@ -0,0 +1,29 @@
+<testcase>
+<info>
+<keywords>
+POP3
+CRLF-in-URL
+</keywords>
+</info>
+
+# Client-side
+<client>
+<server>
+pop3
+</server>
+ <name>
+POP3 with URL-encoded CR LF in the URL
+ </name>
+ <command>
+pop3://%HOSTIP:%POP3PORT/%0d%0a/1322
+</command>
+</client>
+
+#
+<verify>
+# 3 - CURLE_URL_MALFORMAT
+<errorcode>
+3
+</errorcode>
+</verify>
+</testcase>
diff --git a/tests/data/test1323 b/tests/data/test1323
new file mode 100644
index 000000000..90eb88b7d
--- /dev/null
+++ b/tests/data/test1323
@@ -0,0 +1,29 @@
+<testcase>
+<info>
+<keywords>
+SMTP
+CRLF-in-URL
+</keywords>
+</info>
+
+# Client-side
+<client>
+<server>
+smtp
+</server>
+ <name>
+SMTP with URL-encoded CR LF in the URL
+ </name>
+ <command>
+smtp://%HOSTIP:%SMTPPORT/%0d%0a/1323
+</command>
+</client>
+
+#
+<verify>
+# 3 - CURLE_URL_MALFORMAT
+<errorcode>
+3
+</errorcode>
+</verify>
+</testcase>
diff --git a/tests/data/test1324 b/tests/data/test1324
new file mode 100644
index 000000000..c9835efea
--- /dev/null
+++ b/tests/data/test1324
@@ -0,0 +1,29 @@
+<testcase>
+<info>
+<keywords>
+IMAP
+CRLF-in-URL
+</keywords>
+</info>
+
+# Client-side
+<client>
+<server>
+imap
+</server>
+ <name>
+IMAP with URL-encoded CR LF in the URL
+ </name>
+ <command>
+imap://%HOSTIP:%IMAPPORT/%0d%0a/1322
+</command>
+</client>
+
+#
+<verify>
+# 3 - CURLE_URL_MALFORMAT
+<errorcode>
+3
+</errorcode>
+</verify>
+</testcase>
-- 
cgit v1.2.3