diff options
author | Alan Coopersmith <alan.coopersmith@oracle.com> | 2023-01-03 17:23:58 -0800 |
---|---|---|
committer | Alan Coopersmith <alan.coopersmith@oracle.com> | 2023-01-12 15:47:43 -0800 |
commit | f7fbbb92f6d383b21dd1587c3703a5de37c625b5 (patch) | |
tree | 9fd6b854395cfb082b24a4e0145c317b3bcad6a2 /test | |
parent | a3a7c6dcc3b629d765014816c566c63165c63ca8 (diff) |
test: add test cases for CVE-2022-44617 (zero-width w/enormous height)
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Diffstat (limited to 'test')
-rw-r--r-- | test/Makefile.am | 2 | ||||
-rw-r--r-- | test/pixmaps/README.md | 3 | ||||
-rw-r--r-- | test/pixmaps/invalid/zero-width-v1.xpm | 37 | ||||
-rw-r--r-- | test/pixmaps/invalid/zero-width.xpm | 35 |
4 files changed, 77 insertions, 0 deletions
diff --git a/test/Makefile.am b/test/Makefile.am index 175eccb..32a4b43 100644 --- a/test/Makefile.am +++ b/test/Makefile.am @@ -93,5 +93,7 @@ EXTRA_DIST = \ pixmaps/invalid/invalid-type.xpm \ pixmaps/invalid/no-contents.xpm \ pixmaps/invalid/unending-comment-c.xpm \ + pixmaps/invalid/zero-width.xpm \ + pixmaps/invalid/zero-width-v1.xpm \ pixmaps/no-mem/oversize.xpm \ tap-test diff --git a/test/pixmaps/README.md b/test/pixmaps/README.md index f361f77..f51af00 100644 --- a/test/pixmaps/README.md +++ b/test/pixmaps/README.md @@ -55,6 +55,9 @@ return XpmFileInvalid when parsed. - unending-comment-c.xpm - This file has a C comment block without the closing "*/" to test for CVE-2022-46285 +- zero-width.xpm & zero-width-v1.xpm - These files declare a width of 0 + and a height of nearly UINT_MAX, to test for CVE-2022-44617 + no-mem ------ diff --git a/test/pixmaps/invalid/zero-width-v1.xpm b/test/pixmaps/invalid/zero-width-v1.xpm new file mode 100644 index 0000000..9b403ca --- /dev/null +++ b/test/pixmaps/invalid/zero-width-v1.xpm @@ -0,0 +1,37 @@ +#define PLAID_format 1 +#define PLAID_width 0 +#define PLAID_height 4294967293 +#define PLAID_ncolors 4 +#define PLAID_chars_per_pixel 2 + +static char *PLAID_colors[] = { +" ", "red", +"Y ", "green", +"+ ", "yellow", +"x ", "black" +}; + +static char *PLAID_pixels[] = { +"x x x x x x x x x x x x + x x x x x ", +" x x x x x x x x x x x x x x x x ", +"x x x x x x x x x x x x + x x x x x ", +" x x x x x x x x x x x x x x x x ", +"x x x x x x x x x x x x + x x x x x ", +"Y Y Y Y Y x Y Y Y Y Y + x + x + x + x + x + ", +"x x x x x x x x x x x x + x x x x x ", +" x x x x x x x x x x x x x x x x ", +"x x x x x x x x x x x x + x x x x x ", +" x x x x x x x x x x x x x x x x ", +"x x x x x x x x x x x x + x x x x x ", +" x x x x Y x x x ", +" x x x Y x x ", +" x x x x Y x x x ", +" x x x Y x x ", +" x x x x Y x x x ", +"x x x x x x x x x x x x x x x x x x x x x x ", +" x x x x Y x x x ", +" x x x Y x x ", +" x x x x Y x x x ", +" x x x Y x x ", +" x x x x Y x x x " +}; diff --git a/test/pixmaps/invalid/zero-width.xpm b/test/pixmaps/invalid/zero-width.xpm new file mode 100644 index 0000000..78f367b --- /dev/null +++ b/test/pixmaps/invalid/zero-width.xpm @@ -0,0 +1,35 @@ +/* XPM */ +static char * plaid[] = { +/* plaid pixmap + * width height ncolors chars_per_pixel */ +"0 4294967293 4 2 ", /*cxpm hang*/ +/*"41474 31474 4 2 ",*/ /*ego ctrl all memory*/ +/* colors */ +" c red m white s light_color ", +"Y c green m black s lines_in_mix ", +"+ c yellow m white s lines_in_dark ", +"x m black s dark_color ", +/* pixels */ +"x x x x x x x x x x x x + x x x x x ", +" x x x x x x x x x x x x x x x x ", +"x x x x x x x x x x x x + x x x x x ", +" x x x x x x x x x x x x x x x x ", +"x x x x x x x x x x x x + x x x x x ", +"Y Y Y Y Y x Y Y Y Y Y + x + x + x + x + x + ", +"x x x x x x x x x x x x + x x x x x ", +" x x x x x x x x x x x x x x x x ", +"x x x x x x x x x x x x + x x x x x ", +" x x x x x x x x x x x x x x x x ", +"x x x x x x x x x x x x + x x x x x ", +" x x x x Y x x x ", +" x x x Y x x ", +" x x x x Y x x x ", +" x x x Y x x ", +" x x x x Y x x x ", +"x x x x x x x x x x x x x x x x x x x x x x ", +" x x x x Y x x x ", +" x x x Y x x ", +" x x x x Y x x x ", +" x x x Y x x ", +" x x x x Y x x x " +} ; |