From cc3d6d76c020b22bf3310baf04cc3821869a8e5d Mon Sep 17 00:00:00 2001 From: Guido Draheim Date: Sun, 4 Feb 2018 15:06:22 +0100 Subject: [PATCH] add test_6541* for #16 CVE --- test/zziptests.py | 141 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 141 insertions(+) diff --git a/test/zziptests.py b/test/zziptests.py index bf83e41..b94d549 100644 --- a/test/zziptests.py +++ b/test/zziptests.py @@ -3081,6 +3081,147 @@ class ZZipTest(unittest.TestCase): # self.assertEqual(os.path.getsize(tmpdir+"/test"), 3) self.assertFalse(os.path.exists(tmpdir+"/test")) self.rm_testdir() + + url_CVE_2018_16 = "https://github.com/ProbeFuzzer/poc/blob/master/zziplib" + zip_CVE_2018_16 = "zziplib_0-13-67_unzzip_memory-aligment-errors___zzip_fetch_disk_trailer.zip" + def test_65410(self): + """ info unzip -l $(CVE).zip """ + tmpdir = self.testdir() + filename = self.zip_CVE_2018_16 + file_url = self.url_CVE_2018_16 + download(file_url, filename, tmpdir) + exe = self.bins("unzip") + run = shell("{exe} -l {tmpdir}/{filename} ".format(**locals()), + returncodes = [0, 9]) + self.assertIn("End-of-central-directory signature not found", run.errors) + self.assertLess(len(run.output), 200) + self.assertLess(len(run.errors), 800) + self.rm_testdir() + def test_65411(self): + """ unzzip-big -l $(CVE).zip """ + tmpdir = self.testdir() + filename = self.zip_CVE_2018_16 + file_url = self.url_CVE_2018_16 + download(file_url, filename, tmpdir) + exe = self.bins("unzzip-big") + run = shell("{exe} -l {tmpdir}/{filename} ".format(**locals()), + returncodes = [0]) + self.assertLess(len(run.output), 1) + self.assertLess(len(run.errors), 1) + self.rm_testdir() + def test_65412(self): + """ unzzip-mem -l $(CVE).zip """ + tmpdir = self.testdir() + filename = self.zip_CVE_2018_16 + file_url = self.url_CVE_2018_16 + download(file_url, filename, tmpdir) + exe = self.bins("unzzip-mem") + run = shell("{exe} -l {tmpdir}/{filename} ".format(**locals()), + returncodes = [0]) + self.assertLess(len(run.output), 1) + self.assertLess(len(run.errors), 1) + self.rm_testdir() + @unittest.expectedFailure + def test_65413(self): + """ unzzip-mix -l $(CVE).zip """ + tmpdir = self.testdir() + filename = self.zip_CVE_2018_16 + file_url = self.url_CVE_2018_16 + download(file_url, filename, tmpdir) + exe = self.bins("unzzip-mix") + run = shell("{exe} -l {tmpdir}/{filename} ".format(**locals()), + returncodes = [0]) + self.assertLess(len(run.output), 1) + self.assertLess(len(run.errors), 1) + self.rm_testdir() + def test_65414(self): + """ unzzip-zap -l $(CVE).zip """ + tmpdir = self.testdir() + filename = self.zip_CVE_2018_16 + file_url = self.url_CVE_2018_16 + download(file_url, filename, tmpdir) + exe = self.bins("unzzip") + run = shell("{exe} -l {tmpdir}/{filename} ".format(**locals()), + returncodes = [0, 255]) + self.assertLess(len(run.output), 1) + self.assertLess(len(run.errors), 200) + self.assertIn(": Success", run.errors) + self.rm_testdir() + def test_65415(self): + """ info unzip $(CVE).zip """ + tmpdir = self.testdir() + filename = self.zip_CVE_2018_16 + file_url = self.url_CVE_2018_16 + download(file_url, filename, tmpdir) + exe = self.bins("unzip") + run = shell("cd {tmpdir} && {exe} -o {filename}".format(**locals()), + returncodes = [9]) + self.assertLess(len(run.output), 200) + self.assertLess(len(run.errors), 800) + self.assertIn('End-of-central-directory signature not found', run.errors) + # self.assertEqual(os.path.getsize(tmpdir+"/test"), 3) + self.assertFalse(os.path.exists(tmpdir+"/test")) + self.rm_testdir() + def test_65416(self): + """ unzzip-big $(CVE).zip """ + tmpdir = self.testdir() + filename = self.zip_CVE_2018_16 + file_url = self.url_CVE_2018_16 + download(file_url, filename, tmpdir) + exe = self.bins("unzzip-big") + run = shell("cd {tmpdir} && ../{exe} {filename} ".format(**locals()), + returncodes = [0]) + self.assertLess(len(run.output), 30) + self.assertLess(len(run.errors), 1) + # self.assertEqual(os.path.getsize(tmpdir+"/test"), 3) + self.assertFalse(os.path.exists(tmpdir+"/test")) + self.rm_testdir() + def test_65417(self): + """ unzzip-mem $(CVE).zip """ + tmpdir = self.testdir() + filename = self.zip_CVE_2018_16 + file_url = self.url_CVE_2018_16 + download(file_url, filename, tmpdir) + exe = self.bins("unzzip-mem") + run = shell("cd {tmpdir} && ../{exe} {filename} ".format(**locals()), + returncodes = [0]) + self.assertLess(len(run.output), 30) + self.assertLess(len(run.errors), 10) + # self.assertEqual(os.path.getsize(tmpdir+"/test"), 3) + self.assertFalse(os.path.exists(tmpdir+"/test")) + self.rm_testdir() + @unittest.expectedFailure + def test_65418(self): + """ unzzip-mix $(CVE).zip """ + tmpdir = self.testdir() + filename = self.zip_CVE_2018_16 + file_url = self.url_CVE_2018_16 + download(file_url, filename, tmpdir) + exe = self.bins("unzzip-mix") + run = shell("cd {tmpdir} && ../{exe} {filename} ".format(**locals()), + returncodes = [0]) + self.assertLess(len(run.output), 30) + self.assertLess(len(run.errors), 10) + # self.assertEqual(os.path.getsize(tmpdir+"/test"), 3) + self.assertFalse(os.path.exists(tmpdir+"/test")) + self.rm_testdir() + @unittest.expectedFailure + def test_65419(self): + """ unzzip $(CVE).zip """ + tmpdir = self.testdir() + filename = self.zip_CVE_2018_16 + file_url = self.url_CVE_2018_16 + download(file_url, filename, tmpdir) + exe = self.bins("unzzip") + run = shell("cd {tmpdir} && ../{exe} {filename} ".format(**locals()), + returncodes = [0]) + self.assertLess(len(run.output), 30) + self.assertLess(len(run.errors), 10) + # self.assertEqual(os.path.getsize(tmpdir+"/test"), 3) + self.assertFalse(os.path.exists(tmpdir+"/test")) + self.rm_testdir() + + def test_91000_zzshowme_check_sfx(self): """ create an *.exe that can extract its own zip content """ exe=self.bins("mkzip") -- 2.40.0