File: cve2013_4073.phpt

package info (click to toggle)
php5 5.6.7%2Bdfsg-1
  • links: PTS, VCS
  • area: main
  • in suites: jessie-kfreebsd
  • size: 150,376 kB
  • sloc: ansic: 727,510; php: 21,966; sh: 12,356; cpp: 8,763; xml: 6,105; yacc: 1,551; exp: 1,514; makefile: 1,461; pascal: 1,048; awk: 538; perl: 315; sql: 22
file content (19 lines) | stat: -rw-r--r-- 719 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
 
--TEST--
CVE 2013-4073: Null-byte certificate handling
--SKIPIF--
<?php 
if (!extension_loaded("openssl")) die("skip");
--FILE--
<?php
$cert = file_get_contents(__DIR__ . '/cve2013_4073.pem');
$info = openssl_x509_parse($cert);
var_export($info['extensions']);

--EXPECTF--
array (
  'basicConstraints' => 'CA:FALSE',
  'subjectKeyIdentifier' => '88:5A:55:C0:52:FF:61:CD:52:A3:35:0F:EA:5A:9C:24:38:22:F7:5C',
  'keyUsage' => 'Digital Signature, Non Repudiation, Key Encipherment',
  'subjectAltName' => 'DNS:altnull.python.org' . "\0" . 'example.com, email:null@python.org' . "\0" . 'user@example.org, URI:http://null.python.org' . "\0" . 'http://example.org, IP Address:192.0.2.1, IP Address:2001:DB8:0:0:0:0:0:1
',
)