third_party/exiv2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
7,692 Commits 2 Branches 0 Tags 122 MiB
decfda43df
Commit Graph

7692 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dan Čermák
8b7941b733 [cmake] Add EXTRA_COMPILE_FLAGS to samples & unitTests 
Add the additional compiler flags added by -DEXIV2_TEAM_EXTRA_WARNINGS=ON to
the targets in samples/ & unitTests/
This fixes #204
 2018-03-29 13:17:24 +02:00
D4N
1e016f82e7
Merge pull request #249 from D4N/port_github_issues 
Port GitHub issues to the new test suite
 2018-03-28 15:02:57 +02:00
Dan Čermák
e78982c81a [testsuite] simplify test/Makefile 2018-03-28 10:07:41 +02:00
Dan Čermák
1f32207271 [testsuite] rename test_issue_208 -> test_CVE_2017_17722 
the issue got a CVE assigned
 2018-03-28 10:07:41 +02:00
Dan Čermák
4533d60e74 [testsuite] Added helper function for system_tests.Case.compare_stderr 2018-03-28 10:07:41 +02:00
Dan Čermák
02f60f11ae [testsuite] Reimplemented a part of system_tests.CopyFiles 
- main file handling functionality is performed by a base class => can
  be easier extended if required
 2018-03-28 10:07:41 +02:00
Dan Čermák
3b01d5205a [testsuite] Port all regression tests for github issues 2018-03-28 10:07:41 +02:00
Dan Čermák
3cbb031442 [testsuite] Unified CVE test cases 2018-03-28 10:07:41 +02:00
Dan Čermák
e597e5b811 [testsuite] Fixed CVE number 2018-03-28 10:07:41 +02:00
Dan Čermák
c754ca6d14 [testsuite] Corrected class name, issue had no CVE assigned 2018-03-28 10:07:41 +02:00
Dan Čermák
71f9a24027 [testsuite] Unified variable names 2018-03-28 10:07:32 +02:00
D4N
bdbab63531
Merge pull request #239 from D4N/fix_CVE_2017_1000126 
Fix CVE-2017-1000126
 2018-03-28 09:27:42 +02:00
Dan Čermák
48982697b0 Add reproducer for CVE-2017-1000126 to the test suite 2018-03-27 23:46:13 +02:00
Dan Čermák
3c20cc06a9 Fix CVE-2017-1000126 
CVE-2017-1000126 is a Stack out of bounds read in the WebP parser caused by the
parameter size & filesize being too large, causing the parser to land in an
infinite loop and eventually crash. Enforcing that the size over which the
parser iterates is smaller than the file fixes this issue.

This fixes #175.
 2018-03-27 23:46:13 +02:00
Dan Čermák
49db96cd58 [webp] Fix wrong filesize parameter being extracted from the header 
The webp header contains the filesize of the image starting at the 8th byte in
bytes 4 to 8 encoded as a little endian 32 bit unsigned integer. The code was
erroneously assuming that the extracted filesize is starting at the 12th byte,
i.e. at the end of the WebP file header.

Source: https://developers.google.com/speed/webp/docs/riff_container
 2018-03-27 23:46:13 +02:00
D4N
be992520b1
Merge pull request #252 from D4N/add_enforce 
Add enforce() from D
 2018-03-27 22:30:28 +02:00
Dan Čermák
842dd4cecc Add a unit tests for enforce() 2018-03-25 23:25:23 +02:00
Dan Čermák
5de9a7b562 Add a port of enforce() from D 
enforce is a function comparable to assert(), it ensures that a condition is
true. However, while assert() should be used for conditions where we can be
certain that they are true, enforce is intended to be used for conditions that
can fail (like on invalid input). Therefore enforce() throws an exception when
the condition is false and does not abort the program's execution. Also, it is
not turned off by defining NDEBUG.

- add a new file enforce.hpp
- implement enforce()
 2018-03-25 23:25:11 +02:00
HumanDynamo
22a0b32c01 Fix typo of Xmp.video.AspectRatio's value type 2018-03-24 09:11:32 +01:00
Luis Díaz Más
eb61e57de0 [conan] Update to conan 1.1.1 and recipes in which we depend on 
* Update dependency on libexpat to version 2.2.5
    This new version of the conan recipe contain packages for new compilers
* Get gtest and libcurl from bincrafters
* Update the zlib dependency
* Use clang-5.0
 2018-03-22 22:52:59 +01:00
Dan Čermák
59b148aee9 Add regression test for CVE-2017-18005 2018-03-20 21:30:06 +01:00
Luis Díaz Más
d21e794239 Do not deference value when it does not exist (Thanks D4N) 2018-03-20 21:30:06 +01:00
Luis Díaz Más
01a5d863ad Apply clang-format to Print::printMetadatum 2018-03-20 21:30:06 +01:00
Luis Díaz Más
45fe44aa2f Move condition in if statement to discard work earlier 2018-03-20 21:30:06 +01:00
Luis Díaz Más
d82b9434e1 Only print items (Params::prValue) when size > 0 2018-03-20 21:30:06 +01:00
Robin Mills
185d0e9482 #199 Fix for getopt(). Use src/getopt_win32 code instead of libc/getopt() 2018-03-20 18:49:16 +01:00
D4N
a4a0516dc4
Merge pull request #238 from D4N/safe_op_improvements 
Addition overflow checks improvements
 2018-03-17 00:39:21 +01:00
Dan Čermák
06ec1e6984 [safe_op] Refactored addition overflow checks using functions only 
- templated structs were not required, SFINAE works for functions too
  => use instead, removes some unneeded code
- fix non-usage of builtins with clang
- adjust unit tests
 2018-03-09 00:14:24 +01:00
Dan Čermák
684c8c89de [safe_op] Simplified unsigned int overflow check 
Simply check for overflows after the addition, as no undefined behavior can
occur here.
 2018-03-08 00:34:14 +01:00
Dan Čermák
31b96b58e7 [safe_op] improved signed int overflow checks via integer promotion 
The fallback signed integer overflow check is quite expensive, but the addition
can be safely performed when saved in an int due to integer promotion
rules. This makes the check a little less expensive.
 2018-03-08 00:32:14 +01:00
Dan Čermák
029b997ca0 [safe_op] fixed typo in doc-comment 2018-03-08 00:31:02 +01:00
D4N
28fa146d97
Merge pull request #230 from D4N/fix_170 
Fix for #170
 2018-02-22 17:16:09 +01:00
Dan Čermák
cabf756553 Add reproducer for #170 to the test suite 2018-02-22 16:42:51 +01:00
Dan Čermák
751fba8b54 Added dataBuf size check before calling PngChunk::decodeIHDRChunk 
- cdataBuf must be at least 8 bytes long otherwise decodeIHDRChunk
  reads out of bounds
- pngImage::readMetadata now skips png chunks where the offset for
  IHDR chunks is invalid
- added assertion into PngChunk::decodeIHDRChunk() to ensure dataBuf
  size
 2018-02-22 14:55:12 +01:00
D4N
a1ab522eda
Merge pull request #231 from D4N/pngimage_documentation_fix 
Fix outdated documentation of PngImage::doWriteMetadata()
 2018-02-22 14:54:20 +01:00
Dan Čermák
22a7a8c2ed Fix outdated documentation of PngImage::doWriteMetadata() 
The function does not return anything, it only throws exceptions.
 2018-02-22 11:57:51 +01:00
D4N
9f74f247b4
Merge pull request #227 from frli8848/master 
Nikon mount - Sigma Lens Updates
 2018-02-22 11:57:03 +01:00
Dan Čermák
73ac02d7f2 Added test for Sigma lenses 2018-02-21 12:57:45 +01:00
Fredrik lingvall
fc8b45dd12 Added the Sigma 120-300mm F2.8 DG OS HSM | S for Nikon mount. 2018-02-21 12:56:42 +01:00
Fredrik lingvall
34a3be025e Added Sigma 50mm F1.4 DG HSM | A mount/UPC code (for Nikon mount). 2018-02-21 12:56:42 +01:00
Fredrik Lingvall
215227024d Added Sigma 20mm F1.4 DG HSM | A mount/UPC code (for Nikon mount). 2018-02-21 12:56:42 +01:00
D4N
f9d421b172
Merge pull request #109 from D4N/error_codes_enum 
[WIP] Added error codes from src/error.cpp into an enumeration
 2018-02-19 14:25:33 +01:00
Dan Čermák
3965a44df2 Replace error variable names in test suite with enum error codes 2018-02-18 10:44:05 +01:00
Dan Čermák
a15f090f81 Modified test suite so that case sensitive keys are possible 2018-02-18 10:42:16 +01:00
Dan Čermák
efe2ccdcb6 Replaced all hardcoded error codes with ker... constants 2018-02-18 09:28:57 +01:00
Dan Čermák
d897997b29 Force error code usage to construct a Exiv2::BasicError 
changed parameter code_'s type from int to ErrorCode => requires the
usage of the enum constants
 2018-02-18 09:28:40 +01:00
Dan Čermák
d3c3c036b8 Incorporated error codes into errList 2018-02-18 09:26:47 +01:00
Dan Čermák
b80fa1b4ed Added error codes from src/error.cpp into an enumeration 2018-02-18 09:26:32 +01:00
D4N
efee9a2b58
Merge pull request #205 from D4N/CVE-2017-1000127_reproducer 
Added reproducer for CVE-2017-1000127
 2018-02-07 12:36:10 +01:00
Dan Čermák
ead7f309b0 Added reproducer for CVE-2017-1000127 2018-02-07 11:16:23 +01:00