[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] [PATCH] Test handling of non-existant x509 certs



From: "Daniel P. Berrange" <berrange redhat com>

In commit f905cc998449c89339d0e2894a71d9a9e45293e5 a use of
uninitialized data was fixed based on a coverity report. It
turns out it was possible to trigger this issue by pointing
libvirt at non-existant certificate files, typically causing
a crash.

This adds a test case for that scenario. With the above
commit reverted, this new test case will crash with a SEGV.
With the fix applied, it passes, reporting a normal libvirt
error to the caller.

Signed-off-by: Daniel P. Berrange <berrange redhat com>
---
 tests/virnettlscontexttest.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tests/virnettlscontexttest.c b/tests/virnettlscontexttest.c
index 2c7d400..33f239c 100644
--- a/tests/virnettlscontexttest.c
+++ b/tests/virnettlscontexttest.c
@@ -563,6 +563,8 @@ mymain(void)
     DO_CTX_TEST(true, "cacertchain-ctx.pem", servercertlevel3areq.filename, false);
     DO_CTX_TEST(false, "cacertchain-ctx.pem", clientcertlevel2breq.filename, false);
 
+    DO_CTX_TEST(false, "cacertdoesnotexist.pem", "servercertdoesnotexist.pem", true);
+
     testTLSDiscardCert(&cacertreq);
     testTLSDiscardCert(&cacert1req);
     testTLSDiscardCert(&cacert2req);
-- 
1.8.3.1


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]