aboutsummaryrefslogtreecommitdiff
path: root/tests/sys/netpfil/pf/Makefile
diff options
context:
space:
mode:
authorKristof Provost <kp@FreeBSD.org>2019-03-01 07:39:55 +0000
committerKristof Provost <kp@FreeBSD.org>2019-03-01 07:39:55 +0000
commit15426769bbe28670290c0905af0f444c205126a7 (patch)
tree4bddff5ee551fb61259f871de51c868a0a449e66 /tests/sys/netpfil/pf/Makefile
parent6f4909de5feffdaca01782ad12938f6d95d633ae (diff)
downloadsrc-15426769bbe28670290c0905af0f444c205126a7.tar.gz
src-15426769bbe28670290c0905af0f444c205126a7.zip
pf tests: Test CVE-2019-5597
Generate a fragmented packet with different header chains, to provoke the incorrect behaviour of pf. Without the fix this will trigger a panic. Obtained from: Corentin Bayet, Nicolas Collignon, Luca Moro at Synacktiv
Notes
Notes: svn path=/head/; revision=344692
Diffstat (limited to 'tests/sys/netpfil/pf/Makefile')
-rw-r--r--tests/sys/netpfil/pf/Makefile4
1 files changed, 3 insertions, 1 deletions
diff --git a/tests/sys/netpfil/pf/Makefile b/tests/sys/netpfil/pf/Makefile
index dc7f68aa59fa..b774e44071ed 100644
--- a/tests/sys/netpfil/pf/Makefile
+++ b/tests/sys/netpfil/pf/Makefile
@@ -20,8 +20,10 @@ ATF_TESTS_SH+= anchor \
${PACKAGE}FILES+= utils.subr \
echo_inetd.conf \
- pft_ping.py
+ pft_ping.py \
+ CVE-2019-5597.py
${PACKAGE}FILESMODE_pft_ping.py= 0555
+${PACKAGE}FILESMODE_CVE-2019-5597.py= 0555
.include <bsd.test.mk>