Blame tests/bugfixes/github/test_CVE_2018_12265.py
|
Packit |
01d647 |
# -*- coding: utf-8 -*-
|
|
Packit |
01d647 |
|
|
Packit |
01d647 |
import system_tests
|
|
Packit |
01d647 |
|
|
Packit |
01d647 |
|
|
Packit |
01d647 |
class AdditionOverflowInLoaderExifJpeg(metaclass=system_tests.CaseMeta):
|
|
Packit |
01d647 |
"""
|
|
Packit |
01d647 |
Regression test for bug #365:
|
|
Packit |
01d647 |
https://github.com/Exiv2/exiv2/issues/365
|
|
Packit |
01d647 |
aka CVE 2018-12265:
|
|
Packit |
01d647 |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-12265
|
|
Packit |
01d647 |
"""
|
|
Packit |
01d647 |
filename = system_tests.path("$data_path/1-out-of-read-Poc")
|
|
Packit |
01d647 |
commands = ["$exiv2 -ep $filename"]
|
|
Packit |
01d647 |
stdout = [""]
|
|
Packit |
01d647 |
stderr = [
|
|
Packit |
01d647 |
"""Error: Upper boundary of data for directory Image, entry 0x00fe is out of bounds: Offset = 0x0000002a, size = 64, exceeds buffer size by 22 Bytes; truncating the entry
|
|
Packit |
01d647 |
Warning: Directory Image, entry 0x0201: Strip 0 is outside of the data area; ignored.
|
|
Packit |
01d647 |
Warning: Directory Image, entry 0x0201: Strip 7 is outside of the data area; ignored.
|
|
Packit |
01d647 |
Error: Offset of directory Thumbnail, entry 0x0201 is out of bounds: Offset = 0x00000000; truncating the entry
|
|
Packit |
01d647 |
$uncaught_exception $addition_overflow_message
|
|
Packit |
01d647 |
"""
|
|
Packit |
01d647 |
]
|
|
Packit |
01d647 |
retval = [1]
|