third_party/exiv2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6,768 Commits 2 Branches 0 Tags
d98d30ced236eb9a1eca91bb4e7079a6e0e4e5c3
Commit Graph

119 Commits

Author SHA1 Message Date
Kevin Backhouse 6068df4c01 Add better bounds checking in PngImage::printStructure(). (#862) 2019-05-17 05:44:28 +02:00
Kevin Backhouse 109d5df7ab Check bounds of jpg_img_off and jpg_img_len. (#858) 2019-05-16 15:30:12 +02:00
Kevin Backhouse 1c1436e94e Add bounds check of resourceSize. (#856) 2019-05-16 11:24:18 +02:00
Kevin Backhouse 80cd0d2990 Add bounds check on allocation size. (#854) 2019-05-16 09:36:26 +02:00
Kevin Backhouse fe538e9438 Check bounds in XMP SDK (#852) 
* Check bounds of month and day.

* Add some more bounds checks.

* Fix test failure in clang.
 2019-05-16 07:40:47 +02:00
Kevin Backhouse 81ae213c71 Check bounds of allocation size. (#848) 2019-05-15 13:00:41 +02:00
Kevin Backhouse 7798ae2557 Throw an exception if the data location is invalid. (#842) 2019-05-15 11:12:02 +02:00
Kevin Backhouse 8dc87a1214 Add bounds check. (#840) 2019-05-15 08:58:38 +02:00
Kevin Backhouse d3e69f6d2c Add bounds check on allocation size. 2019-05-14 17:31:37 +02:00
Kevin Backhouse c0ecc2ae36 Avoid integer overflow. 2019-05-13 22:46:25 +02:00
D4N d20a0a7b57 Update tests/bugfixes/github/test_issue_791.py 
Co-Authored-By: kevinbackhouse <kev@semmle.com>
 2019-05-12 14:15:21 +02:00
Kevin Backhouse caa4e6745a Avoid negative integer overflow when filesize < io_->tell(). 
This fixes #791.
 2019-05-12 14:15:21 +02:00
clanmills db870755b9 fix #818. Restore 0.25 behaviour of $ exiv2 -g image ... to apply grep to keys. 2019-05-11 07:35:26 +02:00
Kevin Backhouse 8cd95e2218 Avoid negative integer overflow when chunkLength == 0. 
This fixes #789.
 2019-05-06 06:27:10 +02:00
Kevin Backhouse 6fa2e31206 Avoid negative integer overflow when iccOffset > chunkLength. 
This fixes #790.
 2019-05-05 12:21:32 +02:00
D4N adfc01f2e0 Update tests/bugfixes/github/test_issue_742.py 
Co-Authored-By: piponazo <piponazo@gmail.com>
(cherry picked from commit 39d8904696338d5bd4a9c7e9a96a798a791d0973)
 2019-04-07 18:06:42 +02:00
Luis Diaz Mas f33d8daaa0 Add regression test for #742 
(cherry picked from commit 885dd2a7437b946c975f2a37c9ccaecc1b91fc95)
 2019-04-07 18:06:42 +02:00
Dan Čermák 7bd929de31 [tests] Add regression test for #756 2019-03-25 23:56:57 +01:00
Dan Čermák a557c7f477 [tests] Add regression test for second bug from #590 2019-02-26 00:09:21 +01:00
Luis Díaz Más dc04cc92eb Add test reproducer for #561 2018-11-26 16:39:00 +01:00
Luis Diaz Mas 9a84d4b64f Skip python tests using -pR 2018-11-22 18:19:08 +01:00
Luis Diaz Mas b07c480a0a Add regression test for #511 2018-11-06 14:40:36 +01:00
Luis Diaz Mas b6bc4262c4 Add regression test for #426 2018-11-06 13:17:35 +01:00
Luis Díaz Más 274b65a671 Add reproducer for #460 2018-10-14 11:58:25 +02:00
Luis Díaz Más 3f97960a1c Add reproducer for #457 2018-10-13 11:37:57 +02:00
Dan Čermák f6d775b400 [testsuite] Add reproducers for #263 
This issue got resolved by #180 and #461.
 2018-10-12 00:41:46 +02:00
Dan Čermák d224f897b0 [testsuite] Add reproducer for #216 
The bug got resolved by PR #461 (slices).
 2018-10-12 00:41:46 +02:00
Dan Čermák eeb520bf39 [testsuite] Add reproducer for second bug from #159 
The bug described in the issue got resolved by PR #461 (slices).
 2018-10-12 00:41:46 +02:00
Dan Čermák 1af8e2875e [testsuite] Add reproducers for CVE-2017-17724 & #209, #211 2018-10-11 14:06:16 +02:00
Roberto C. Sánchez c03f73268f Prevent SIGABRT on excessive subBox length in jp2image.cpp 
This fixes CVE-2018-9145
 2018-10-10 11:52:39 +02:00
Dan Čermák 19bb57ff25 Add reproducer for #262 to the test suite 2018-09-13 11:18:29 +02:00
Dan Čermák 75415693d8 [testsuite] Update testsuite after printStructure deletion 2018-09-13 11:18:29 +02:00
Luis Díaz Más 7d32da890b Add remaining pocs for the issue 428 and adapt the regression test 2018-09-11 09:49:59 +02:00
Luis Díaz Más f5b40f3e82 Fix more issues in PngChunk::readRawProfile 2018-09-11 09:49:59 +02:00
Luis Díaz Más a6a1c31140 Add integration test to reproduce the issue 2018-09-11 09:49:59 +02:00
Robin Mills 74bc0e0535 Changes for cross-platform getopt 2018-09-01 20:19:45 +02:00
Dan Čermák dadd1d19f9 Add reproducer for #400 to the test suite 2018-08-21 13:46:53 +02:00
Dan Čermák e67910a669 [tests] Change name of test for #365 and #366 
Issues got a CVE assigned
 2018-07-30 00:32:07 +02:00
Dan Čermák f522cbf460 [testsuite] Add reproducer for #378/CVE-2018-14046 to the testsuite 2018-07-16 23:40:23 +02:00
Dan Čermák b517f2e13b Add regression test for #366 to the testsuite 2018-06-11 22:55:49 +02:00
Dan Čermák 9b08354aca Add reproducer for #365 to the testsuite 2018-06-11 22:55:49 +02:00
Dan Čermák 7e1cd7d1b6 [testsuite] Fix name of regression test #283 
issue got a CVE assigned
 2018-06-06 13:31:53 +02:00
Dan Čermák 23e29e9527 [testsuite] Use system_tests.path() in some test cases 2018-05-29 10:21:13 +02:00
Luis Diaz Mas 8eca055058 Add POC + regression test. 
Note that we override here the method check_no_ASAN_UBSAN_errors to also
analyze the last two lines of got_stderr.
 2018-05-26 09:59:37 +02:00
Luis Diaz Mas 2fb00c8a16 Analyze minimum needed number of null separators in PngChunk::parseTXTChunk 
This commit fixes the heap-buffer-overflow in PngChunk::parseTXTChunk.

According to the specification:
http://www.libpng.org/pub/png/spec/1.2/PNG-Chunks.html

There must be 2 null separators when we start to analyze the language tag.
 2018-05-23 10:57:13 +02:00
Luis Diaz Mas 234e5794f6 Add tests for #306 2018-05-23 10:57:13 +02:00
Daniel Zucchetto cb5135f772 Add test for Canon M100 ModelID 2018-05-21 23:35:39 +02:00
Dan Čermák 11cd1eabf8 [testsuite] Addapt tests to new test suite structure 2018-04-23 10:17:36 +02:00
Luis Diaz Mas ffab622633 Add reproducer for #247 2018-04-02 17:46:29 +02:00
Luis Diaz Mas 08aa27ae37 Add reproducers for #253 and #246 2018-04-01 09:21:20 +02:00