diff options
| author | Alan Coopersmith <alan.coopersmith@oracle.com> | 2023-09-07 16:55:25 -0700 |
|---|---|---|
| committer | Alan Coopersmith <alan.coopersmith@oracle.com> | 2023-10-03 08:29:01 -0700 |
| commit | 00348988396c88150f6ddfea3d3195cbf01d60c2 (patch) | |
| tree | ef9ab6fae7ff1486f8abb22e0156fb09d306f7e9 /test/pixmaps/README.md | |
| parent | 84fb14574c039f19ad7face87eb9acc31a50701c (diff) | |
test: Add test case for CVE-2023-43787 (integer overflow in XCreateImage)
Provided by Yair Mizrahi of the JFrog Vulnerability Research team
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Diffstat (limited to 'test/pixmaps/README.md')
| -rw-r--r-- | test/pixmaps/README.md | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/test/pixmaps/README.md b/test/pixmaps/README.md index 8f20a8b..97dd144 100644 --- a/test/pixmaps/README.md +++ b/test/pixmaps/README.md @@ -61,6 +61,11 @@ return XpmFileInvalid when parsed. - corrupt-colormap.xpm - This file was generated by the clang libfuzzer, and serves as a test for CVE-2023-43789 +- width-overflow.xpm - This file was provided by Yair Mizrahi of + the JFrog Vulnerability Research team as a test for CVE-2023-43787. + Its width causes an integer overflow when multiplied by a depth of 4 bytes + (32-bits) when using 32-bit ints. + no-mem ------ |