f7a403d8d9
Added reproducer for CVE-2017-14865 / #134 to the test suite
8 years ago
8a04b7683c
Merge pull request #130 from D4N/reproducer-for-54
...
Added reproducer for #54 / CVE-2017-11592 to the test suite
8 years ago
f4f05001e9
Updated bugfixes-test.out
8 years ago
35cb91a9f3
Added reproducer for #54 / CVE-2017-11592 to the test suite
8 years ago
091d4edbdb
Corrected bugfix test number #54 to #56
8 years ago
1c3f0dab5e
Merge pull request #128 from D4N/master
...
Added reproducer for #76 / CVE-2017-14857 to the testsuite
8 years ago
72b75ddfe4
Updated bugfixes-test.out
8 years ago
87e0c6ec53
Added reproducer for #76 to the testsuite
8 years ago
319ccdbc71
Merge pull request #119 from a17r/ccache
...
Add build switch to disable auto ccache
8 years ago
7f515e6da7
Add build switch to enable auto ccache
...
Make usage of ccache by build system opt-in.
8 years ago
5e8a76667a
Merge pull request #116 from piponazo/UnitTests
...
Add Unit tests with Google Test
8 years ago
2e8376dccc
Do not use Gtest imported target (Not available in minimum CMake version required)
8 years ago
8582c564e0
(AppVeyor) Move to project directory
8 years ago
142a9a9178
(AppVeyor) Disable unit tests until we found out the problem
8 years ago
bf6670abb0
(AppVeyor) Install ninja & Use it as the CMake generator (speed up builds)
8 years ago
f9fab45163
(AppVeyor) Trying to run unit tests properly from windows
8 years ago
3f53588de7
(Travis) Should run tests on mac
8 years ago
a721ab343d
(travis) Use 2 threads in the compilation
8 years ago
b78aa69455
(travis) Do not install things bring with conan already
8 years ago
9482763061
Run unit tests in travis-ci and appveyor
8 years ago
752e7a6bea
Add simple unit tests for DataBuf
8 years ago
72cf9166fe
Add simple tests for exifTime
8 years ago
2bad771834
(CMake) Add GTEST_LINKED_AS_SHARED_LIBRARY definition
8 years ago
26189ad287
(CMake) Add a new CMake option to enable the new Unit Tests
8 years ago
89629f0056
(CMake) Bring GTest and GMock via conan
8 years ago
cd38a570fa
(CMake) Same output directories for binaries and libraries on all the platforms
8 years ago
00f5b2ab6d
Merge pull request #114 from D4N/readme_improvements
...
Adapted README.md to better render on Github
8 years ago
942044e7d9
Adapted README.md to better render on github
8 years ago
38584d938b
Merge pull request #118 from a17r/exiv2command
...
Fix build with EXIV2_BUILD_EXIV2_COMMAND=OFF
8 years ago
6c01726404
Merge branch 'master' into exiv2command
8 years ago
57883ee664
Fix build with EXIV2_BUILD_EXIV2_COMMAND=OFF
8 years ago
269370863e
Merge pull request #117 from a17r/pobuildswitch
...
Fix remaining occurrence of EXIV2_ENABLE_BUILD_PO
8 years ago
3f39c23f2c
Fix remaining occurrence of EXIV2_ENABLE_BUILD_PO
8 years ago
549cac47af
Merge pull request #110 from D4N/fix_CVE-2017-14864
...
Fix for CVE-2017-14864, CVE-2017-14862 and CVE-2017-14859
8 years ago
de298b8e5d
Added reproducers for #73 , #74 and #75 to the test suite
8 years ago
c686843e20
Added exception throw on Value pointer being null
...
v can be null if the typeId is invalid => throw an exception notifying
the user that his file is corrupted instead of the assertion
8 years ago
75940da0a6
Added check for overflows in calculation of size
8 years ago
8a586c74bb
Fix for CVE-2017-14864, CVE-2017-14862 and CVE-2017-14859
...
The invalid memory dereference in
Exiv2::getULong()/Exiv2::StringValueBase::read()/Exiv2::DataValue::read()
is caused further up the call-stack, by
v->read(pData, size, byteOrder) in TiffReader::readTiffEntry()
passing an invalid pData pointer (pData points outside of the Tiff
file). pData can be set out of bounds in the (size > 4) branch where
baseOffset() and offset are added to pData_ without checking whether
the result is still in the file. As offset comes from an untrusted
source, an attacker can craft an arbitrarily large offset into the
file.
This commit adds a check into the problematic branch, whether the
result of the addition would be out of bounds of the Tiff
file. Furthermore the whole operation is checked for possible
overflows.
8 years ago
6c1ba331b9
Added arithmetic operation overflow error
8 years ago
f06418c656
Merge pull request #108 from D4N/fix_CVE-2017-14860
...
Fix CVE-2017-14860
8 years ago
c884a3b4bf
Added the reproducer for CVE-2017-14860 to the test suite
8 years ago
ff18fec24b
Fix for CVE-2017-14860
...
A heap buffer overflow could occur in memcpy when icc.size_ is larger
than data.size_ - pad, as then memcpy would read out of bounds of data.
This commit adds a sanity check to iccLength (= icc.size_): if it is
larger than data.size_ - pad (i.e. an overflow would be caused) an
exception is thrown.
This fixes #71 .
8 years ago
65f45a3505
Added new error message to warn about corrupted metadata
8 years ago
27cabb2a1a
Merge pull request #115 from piponazo/appVeyorChanges
...
App veyor changes
8 years ago
39e3d7fbe4
Merge branch 'master' into appVeyorChanges
8 years ago
7f0d753d10
Use separate conanData directory for the conan cache in travis
8 years ago
62a0f8cde8
Unify appveyor style
8 years ago
bdce47b6e7
Use VS2015 instead of 2017, Use newer conan version and enable cache in appveyor
8 years ago
0a56b0ab81
Merge pull request #113 from greenbigfrog/patch-1
...
Fix URL to wiki in README.md
8 years ago
2ff0bb9a6a
Fix URL to wiki in README.md
8 years ago
Dan Čermák
D4N
Luis Díaz Más
Andreas Sturmlechner
Pix4d
Jonathan