Blame tests/bugfixes/github/test_CVE_2018_11531.py
|
Packit |
01d647 |
# -*- coding: utf-8 -*-
|
|
Packit |
01d647 |
|
|
Packit |
01d647 |
from system_tests import CaseMeta, path, check_no_ASAN_UBSAN_errors
|
|
Packit |
01d647 |
|
|
Packit |
01d647 |
|
|
Packit |
01d647 |
class TestCvePoC(metaclass=CaseMeta):
|
|
Packit |
01d647 |
"""
|
|
Packit |
01d647 |
Regression test for the bug described in:
|
|
Packit |
01d647 |
https://github.com/Exiv2/exiv2/issues/283
|
|
Packit |
01d647 |
"""
|
|
Packit |
01d647 |
url = "https://github.com/Exiv2/exiv2/issues/283"
|
|
Packit |
01d647 |
cve_url = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11531"
|
|
Packit |
01d647 |
|
|
Packit |
01d647 |
def check_no_ASAN_UBSAN_errors(self, i, command, got_stderr, expected_stderr):
|
|
Packit |
01d647 |
""" Override of system_tests.check_no_ASAN_UBSAN_errors for this particular test case.
|
|
Packit |
01d647 |
|
|
Packit |
01d647 |
Here we want to also check that the two last lines of got_stderr have the expected_stderr
|
|
Packit |
01d647 |
"""
|
|
Packit |
01d647 |
|
|
Packit |
01d647 |
check_no_ASAN_UBSAN_errors(self, i, command, got_stderr, expected_stderr)
|
|
Packit |
01d647 |
self.assertListEqual(expected_stderr.splitlines(), got_stderr.splitlines()[-2:])
|
|
Packit |
01d647 |
|
|
Packit |
01d647 |
filename = path("$data_path/pocIssue283.jpg")
|
|
Packit |
01d647 |
commands = ["$exiv2 $filename"]
|
|
Packit |
01d647 |
stdout = [""]
|
|
Packit |
01d647 |
stderr = [
|
|
Packit |
01d647 |
"""$exiv2_exception_message $filename:
|
|
Packit |
01d647 |
$kerCorruptedMetadata
|
|
Packit |
01d647 |
"""]
|
|
Packit |
01d647 |
compare_stderr = check_no_ASAN_UBSAN_errors
|
|
Packit |
01d647 |
retval = [1]
|