[gdk-pixbuf] tests: Fix CVE-2015-4491 test

From: Bastien Nocera <hadess src gnome org>
To: commits-list gnome org
Cc:
Subject: [gdk-pixbuf] tests: Fix CVE-2015-4491 test
Date: Wed, 26 Jul 2017 14:52:03 +0000 (UTC)

commit 86fedf6383d025685edb5bc1dfa45e0420232cb0
Author: Bastien Nocera <hadess hadess net>
Date:   Wed Jul 26 16:36:58 2017 +0200

    tests: Fix CVE-2015-4491 test
    
    The sanity checks for image dimensions have since been tightened in
    commit 4154d4f and we should not be able to open this huge image anymore
    as the dimensions exceed what's possible.

 tests/cve-2015-4491.c |    8 ++------
 1 files changed, 2 insertions(+), 6 deletions(-)
---
diff --git a/tests/cve-2015-4491.c b/tests/cve-2015-4491.c
index 988cb49..f5454d0 100644
--- a/tests/cve-2015-4491.c
+++ b/tests/cve-2015-4491.c
@@ -30,12 +30,8 @@ test_original (void)
   GError* err = NULL;
 
   buf = gdk_pixbuf_new_from_resource_at_scale ("/test/resource/cve-2015-4491.bmp", size, size, FALSE, &err);
-  if (skip_if_insufficient_memory (&err))
-    return;
-
-  g_assert_no_error (err);
-
-  g_object_unref (buf);
+  /* Image is corrupt because the rowstride * height mul overflows */
+  g_assert_error (err, GDK_PIXBUF_ERROR, GDK_PIXBUF_ERROR_CORRUPT_IMAGE);
 }
 
 static void

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]