diff options
| author | Benjamin Peterson <benjamin@python.org> | 2008-09-30 01:31:49 (GMT) |
|---|---|---|
| committer | Benjamin Peterson <benjamin@python.org> | 2008-09-30 01:31:49 (GMT) |
| commit | 8d77d448a53ed9d0607f1ad226056eb8ee8a48f8 (patch) | |
| tree | 85f6ca3349b7c022f8176b57e9a346b4c7b3775e /Lib/test | |
| parent | 37040cdace1982772e5f35e4acfa13861d72065d (diff) | |
| download | cpython-8d77d448a53ed9d0607f1ad226056eb8ee8a48f8.zip cpython-8d77d448a53ed9d0607f1ad226056eb8ee8a48f8.tar.gz cpython-8d77d448a53ed9d0607f1ad226056eb8ee8a48f8.tar.bz2 | |
fix security issue 2: imageop's poor validation of arguments could result in segfaults
patch by Victor Stinner
reviewed by myself and Brett
Diffstat (limited to 'Lib/test')
| -rwxr-xr-x | Lib/test/test_imageop.py | 65 |
1 files changed, 63 insertions, 2 deletions
diff --git a/Lib/test/test_imageop.py b/Lib/test/test_imageop.py index 8cd2dc1..6deaa34 100755 --- a/Lib/test/test_imageop.py +++ b/Lib/test/test_imageop.py @@ -5,13 +5,74 @@ Roger E. Masse """ -from test.test_support import verbose, unlink, import_module +from test.test_support import verbose, unlink, import_module, run_unittest imageop = import_module('imageop', deprecated=True) -import uu, os, imgfile +import uu, os, unittest + + +SIZES = (1, 2, 3, 4) +_VALUES = (1, 2, 2**10, 2**15-1, 2**15, 2**15+1, 2**31-2, 2**31-1) +VALUES = tuple( -x for x in reversed(_VALUES) ) + (0,) + _VALUES +AAAAA = "A" * 1024 + + +class InputValidationTests(unittest.TestCase): + + def _check(self, name, size=None, *extra): + func = getattr(imageop, name) + for height in VALUES: + for width in VALUES: + strlen = abs(width * height) + if size: + strlen *= size + if strlen < 1024: + data = "A" * strlen + else: + data = AAAAA + if size: + arguments = (data, size, width, height) + extra + else: + arguments = (data, width, height) + extra + try: + func(*arguments) + except (ValueError, imageop.error): + pass + + def check_size(self, name, *extra): + for size in SIZES: + self._check(name, size, *extra) + + def check(self, name, *extra): + self._check(name, None, *extra) + + def test_input_validation(self): + self.check_size("crop", 0, 0, 0, 0) + self.check_size("scale", 1, 0) + self.check_size("scale", -1, -1) + self.check_size("tovideo") + self.check("grey2mono", 128) + self.check("grey2grey4") + self.check("grey2grey2") + self.check("dither2mono") + self.check("dither2grey2") + self.check("mono2grey", 0, 0) + self.check("grey22grey") + self.check("rgb2rgb8") # nlen*4 == len + self.check("rgb82rgb") + self.check("rgb2grey") + self.check("grey2rgb") + def test_main(): + run_unittest(InputValidationTests) + + try: + import imgfile + except ImportError: + return + # Create binary test files uu.decode(get_qualified_path('testrgb'+os.extsep+'uue'), 'test'+os.extsep+'rgb') |