1 files changed, 43 insertions, 1 deletions

diff --git a/deps/openssl/openssl/test/verify_extra_test.c b/deps/openssl/openssl/test/verify_extra_test.c
index cc05bc2ef1..fabc1dc59f 100644
--- a/deps/openssl/openssl/test/verify_extra_test.c
+++ b/deps/openssl/openssl/test/verify_extra_test.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -137,6 +137,43 @@ static int test_alt_chains_cert_forgery(const char *roots_f,
     return ret;
 }
 
+static int test_store_ctx(const char *bad_f)
+{
+    X509_STORE_CTX *sctx = NULL;
+    X509 *x = NULL;
+    BIO *bio = NULL;
+    int testresult = 0, ret;
+
+    bio = BIO_new_file(bad_f, "r");
+    if (bio == NULL)
+        goto err;
+
+    x = PEM_read_bio_X509(bio, NULL, 0, NULL);
+    if (x == NULL)
+        goto err;
+
+    sctx = X509_STORE_CTX_new();
+    if (sctx == NULL)
+        goto err;
+
+    if (!X509_STORE_CTX_init(sctx, NULL, x, NULL))
+        goto err;
+
+    /* Verifying a cert where we have no trusted certs should fail */
+    ret = X509_verify_cert(sctx);
+
+    if (ret == 0) {
+        /* This is the result we were expecting: Test passed */
+        testresult = 1;
+    }
+
+ err:
+    X509_STORE_CTX_free(sctx);
+    X509_free(x);
+    BIO_free(bio);
+    return testresult;
+}
+
 int main(int argc, char **argv)
 {
     CRYPTO_set_mem_debug(1);
@@ -152,6 +189,11 @@ int main(int argc, char **argv)
         return 1;
     }
 
+    if (!test_store_ctx(argv[3])) {
+        fprintf(stderr, "Test X509_STORE_CTX failed\n");
+        return 1;
+    }
+
 #ifndef OPENSSL_NO_CRYPTO_MDEBUG
     if (CRYPTO_mem_leaks_fp(stderr) <= 0)
         return 1;