third_party/exiv2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6,183 Commits 2 Branches 0 Tags 122 MiB
c0ecc2ae36
Commit Graph

60 Commits

Author SHA1 Message Date
Kevin Backhouse
c0ecc2ae36 Avoid integer overflow. 2019-05-13 22:46:25 +02:00
D4N
d20a0a7b57 Update tests/bugfixes/github/test_issue_791.py 
Co-Authored-By: kevinbackhouse <kev@semmle.com>
 2019-05-12 14:15:21 +02:00
Kevin Backhouse
caa4e6745a Avoid negative integer overflow when filesize < io_->tell(). 
This fixes #791.
 2019-05-12 14:15:21 +02:00
clanmills
db870755b9 fix #818. Restore 0.25 behaviour of $ exiv2 -g image ... to apply grep to keys. 2019-05-11 07:35:26 +02:00
Kevin Backhouse
8cd95e2218 Avoid negative integer overflow when chunkLength == 0. 
This fixes #789.
 2019-05-06 06:27:10 +02:00
Kevin Backhouse
6fa2e31206 Avoid negative integer overflow when iccOffset > chunkLength. 
This fixes #790.
 2019-05-05 12:21:32 +02:00
D4N
adfc01f2e0 Update tests/bugfixes/github/test_issue_742.py 
Co-Authored-By: piponazo <piponazo@gmail.com>
(cherry picked from commit 39d8904696338d5bd4a9c7e9a96a798a791d0973)
 2019-04-07 18:06:42 +02:00
Luis Diaz Mas
f33d8daaa0 Add regression test for #742 
(cherry picked from commit 885dd2a7437b946c975f2a37c9ccaecc1b91fc95)
 2019-04-07 18:06:42 +02:00
Dan Čermák
7bd929de31
[tests] Add regression test for #756 2019-03-25 23:56:57 +01:00
Dan Čermák
a557c7f477
[tests] Add regression test for second bug from #590 2019-02-26 00:09:21 +01:00
Luis Díaz Más
dc04cc92eb Add test reproducer for #561 2018-11-26 16:39:00 +01:00
Luis Diaz Mas
9a84d4b64f Skip python tests using -pR 2018-11-22 18:19:08 +01:00
Luis Diaz Mas
b07c480a0a Add regression test for #511 2018-11-06 14:40:36 +01:00
Luis Diaz Mas
b6bc4262c4 Add regression test for #426 2018-11-06 13:17:35 +01:00
Luis Díaz Más
274b65a671 Add reproducer for #460 2018-10-14 11:58:25 +02:00
Luis Díaz Más
3f97960a1c Add reproducer for #457 2018-10-13 11:37:57 +02:00
Dan Čermák
f6d775b400 [testsuite] Add reproducers for #263 
This issue got resolved by #180 and #461.
 2018-10-12 00:41:46 +02:00
Dan Čermák
d224f897b0 [testsuite] Add reproducer for #216 
The bug got resolved by PR #461 (slices).
 2018-10-12 00:41:46 +02:00
Dan Čermák
eeb520bf39 [testsuite] Add reproducer for second bug from #159 
The bug described in the issue got resolved by PR #461 (slices).
 2018-10-12 00:41:46 +02:00
Dan Čermák
1af8e2875e [testsuite] Add reproducers for CVE-2017-17724 & #209, #211 2018-10-11 14:06:16 +02:00
Roberto C. Sánchez
c03f73268f Prevent SIGABRT on excessive subBox length in jp2image.cpp 
This fixes CVE-2018-9145
 2018-10-10 11:52:39 +02:00
Dan Čermák
19bb57ff25 Add reproducer for #262 to the test suite 2018-09-13 11:18:29 +02:00
Dan Čermák
75415693d8 [testsuite] Update testsuite after printStructure deletion 2018-09-13 11:18:29 +02:00
Luis Díaz Más
7d32da890b Add remaining pocs for the issue 428 and adapt the regression test 2018-09-11 09:49:59 +02:00
Luis Díaz Más
f5b40f3e82 Fix more issues in PngChunk::readRawProfile 2018-09-11 09:49:59 +02:00
Luis Díaz Más
a6a1c31140 Add integration test to reproduce the issue 2018-09-11 09:49:59 +02:00
Robin Mills
74bc0e0535 Changes for cross-platform getopt 2018-09-01 20:19:45 +02:00
Dan Čermák
dadd1d19f9 Add reproducer for #400 to the test suite 2018-08-21 13:46:53 +02:00
Dan Čermák
e67910a669 [tests] Change name of test for #365 and #366 
Issues got a CVE assigned
 2018-07-30 00:32:07 +02:00
Dan Čermák
f522cbf460 [testsuite] Add reproducer for #378/CVE-2018-14046 to the testsuite 2018-07-16 23:40:23 +02:00
Dan Čermák
b517f2e13b Add regression test for #366 to the testsuite 2018-06-11 22:55:49 +02:00
Dan Čermák
9b08354aca Add reproducer for #365 to the testsuite 2018-06-11 22:55:49 +02:00
Dan Čermák
7e1cd7d1b6 [testsuite] Fix name of regression test #283 
issue got a CVE assigned
 2018-06-06 13:31:53 +02:00
Dan Čermák
23e29e9527 [testsuite] Use system_tests.path() in some test cases 2018-05-29 10:21:13 +02:00
Luis Diaz Mas
8eca055058 Add POC + regression test. 
Note that we override here the method check_no_ASAN_UBSAN_errors to also
analyze the last two lines of got_stderr.
 2018-05-26 09:59:37 +02:00
Luis Diaz Mas
2fb00c8a16 Analyze minimum needed number of null separators in PngChunk::parseTXTChunk 
This commit fixes the heap-buffer-overflow in PngChunk::parseTXTChunk.

According to the specification:
http://www.libpng.org/pub/png/spec/1.2/PNG-Chunks.html

There must be 2 null separators when we start to analyze the language tag.
 2018-05-23 10:57:13 +02:00
Luis Diaz Mas
234e5794f6 Add tests for #306 2018-05-23 10:57:13 +02:00
Daniel Zucchetto
cb5135f772 Add test for Canon M100 ModelID 2018-05-21 23:35:39 +02:00
Dan Čermák
11cd1eabf8 [testsuite] Addapt tests to new test suite structure 2018-04-23 10:17:36 +02:00
Luis Diaz Mas
ffab622633 Add reproducer for #247 2018-04-02 17:46:29 +02:00
Luis Diaz Mas
08aa27ae37 Add reproducers for #253 and #246 2018-04-01 09:21:20 +02:00
Dan Čermák
1f32207271 [testsuite] rename test_issue_208 -> test_CVE_2017_17722 
the issue got a CVE assigned
 2018-03-28 10:07:41 +02:00
Dan Čermák
3b01d5205a [testsuite] Port all regression tests for github issues 2018-03-28 10:07:41 +02:00
Dan Čermák
3cbb031442 [testsuite] Unified CVE test cases 2018-03-28 10:07:41 +02:00
Dan Čermák
e597e5b811 [testsuite] Fixed CVE number 2018-03-28 10:07:41 +02:00
Dan Čermák
c754ca6d14 [testsuite] Corrected class name, issue had no CVE assigned 2018-03-28 10:07:41 +02:00
Dan Čermák
71f9a24027 [testsuite] Unified variable names 2018-03-28 10:07:32 +02:00
Dan Čermák
48982697b0 Add reproducer for CVE-2017-1000126 to the test suite 2018-03-27 23:46:13 +02:00
Dan Čermák
59b148aee9 Add regression test for CVE-2017-18005 2018-03-20 21:30:06 +01:00
Dan Čermák
cabf756553 Add reproducer for #170 to the test suite 2018-02-22 16:42:51 +01:00