diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2017-10-08 17:15:44 +0200 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2017-10-08 17:51:10 +0200 |
| commit | 6df6367188ea4ebacb87bd8aef6a673e94a91485 (patch) | |
| tree | 4f644c8835153c208737390bdbac4a7ea8435cd5 /tests/data/test577 | |
| parent | b2df2d47e58d1150f11ea2f42aac6b84fa7f4d00 (diff) | |
| download | curl-bagder/rtsp-integer-overflow.tar.gz | |
RTSP: avoid integer overflow on funny RTSP responsebagder/rtsp-integer-overflow
... like a very large non-existing RTSP version number.
Added test 577 to verify.
Detected by OSS-fuzz.
Diffstat (limited to 'tests/data/test577')
| -rw-r--r-- | tests/data/test577 | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/tests/data/test577 b/tests/data/test577 new file mode 100644 index 000000000..525549264 --- /dev/null +++ b/tests/data/test577 @@ -0,0 +1,55 @@ +<testcase> + +#Informational +<info> +<keywords> +RTSP +OPTIONS +</keywords> +</info> + +# Server-side +<reply> +<data> +RTSP/1.1234567 200 OK
+Server: RTSPD/libcurl-test
+CSeq: 1
+Public: DESCRIBE, OPTIONS, SETUP, TEARDOWN, PLAY, PAUSE
+Curl-Private: swsclose
+</data> +<datacheck> +</datacheck> +</reply> + +# Client-Side +<client> +<server> +rtsp +</server> +<tool> +lib567 +</tool> + +<name> +Funny RTSP version in response +</name> +<command> +rtsp://%HOSTIP:%RTSPPORT/577 +</command> +</client> + +<verify> +<protocol> +OPTIONS rtsp://%HOSTIP:%RTSPPORT/577 RTSP/1.0
+CSeq: 1
+User-Agent: test567
+Test-Number: 567
+
+</protocol> +# 8 == CURLE_WEIRD_SERVER_REPLY +<errorcode> +8 +</errorcode> +</verify> + +</testcase> |