youtube-dl/test
Filippo Valsorda 4d318be195 [update] fix (unexploitable) BB'06 vulnerability in rsa_verify
The rsa_verify code was vulnerable to a BB'06 attack, allowing to forge
signatures for arbitrary messages if and only if the public key exponent is
3.  Since the updates key is hardcoded to 65537, there is no risk for
youtube-dl, but I don't want vulnerable code in the wild.

The new function adopts a way safer approach of encoding-and-comparing to
replace the dangerous parsing code.
2016-01-21 20:12:17 +00:00
..
swftests
__init__.py
helper.py [test/helper] Fix style 2015-10-02 13:42:11 +02:00
parameters.json
test_InfoExtractor.py [extractor/common] Allow angle brackets in attributes in _og_regexes (#7215) 2015-10-18 09:11:02 +06:00
test_YoutubeDL.py [YoutubeDL] urlopen: disable the 'file:' protocol (#8227) 2016-01-14 00:24:04 +01:00
test_aes.py
test_age_restriction.py
test_all_urls.py [test/test_all_urls] Update pbs extractor name 2015-12-08 21:12:13 +01:00
test_cache.py
test_compat.py [compat] compat_etree_fromstring: also decode the text attribute 2015-10-26 16:41:24 +01:00
test_download.py [test/test_download] Use extract_flat = 'in_playlist' for playlist items 2015-10-23 14:12:46 +02:00
test_execution.py
test_http.py [test/http] Add test for proxy support 2015-03-20 14:59:38 +01:00
test_jsinterp.py [jsinterp] Support alternative function definition form 2015-11-10 12:54:02 +08:00
test_netrc.py Make sure netrc works for all extractors with login support 2015-03-03 12:59:17 +01:00
test_postprocessors.py
test_subtitles.py [test_subtitles] remove BlipTV test 2015-12-21 16:52:47 +01:00
test_swfinterp.py
test_unicode_literals.py
test_update.py [update] fix (unexploitable) BB'06 vulnerability in rsa_verify 2016-01-21 20:12:17 +00:00
test_utils.py [test_utils] Add tests for encode_compat_str 2015-12-20 07:07:14 +06:00
test_write_annotations.py Fix typos 2016-01-10 17:24:28 +01:00
test_youtube_lists.py [test_youtube_lists] Add test flat playlist entries' titles 2015-10-18 00:27:06 +06:00
test_youtube_signature.py
testcert.pem
versions.json [update] fix (unexploitable) BB'06 vulnerability in rsa_verify 2016-01-21 20:12:17 +00:00