- Regression test for missing bounds check in MemIo::seek()
- Add bounds check to MemIo::seek(), this fixes CVE-2019-13504
(cherry picked from commit bd0afe0390439b2c424d881c8c6eb0c5624e31d9)
Additional fixes for 0.27:
- Add fix for the linux variant of MemIo::seek
- Change type of variable from unsigned to signed
This build passes the test suite and jens.cpp on MacOS-X. I'll submit and see what the CI has to say. With the changes only relating to unitTests (which I didn't run on FreeBSD), we should not have disturbed Linux/FreeBSD/jens.cpp.
- reimplement binaryToString:
- it now accepts a Slice and nothing else
- it does not return a std::string but instead a proxy object that implements
operator<< (this should be more efficient, as we do not need to touch the
heap in most cases)
- addapt unit tests
- replace all occurences with the new API
- Integration tests had to be disabled with 2012 and 2013. There were
few (4) tests failing for these cases.
- Only bring libiconv with conan when a windows subsystem is detected.
- libiconv can be enabled now with a conan option.
- Use infinity instead of INFINITY
- Use conan_basic_setup(). Fixes a problem with gtest is VS2012
- call vcvarsall.bat for each compiler version so that nmake can be
found.
XmpProperties::registerNs allocates strings on the heap that must be freed
manually via XmpProperties::unregisterNs().
=> do this in TearDownTestCase()
I feel more confortable doing changes in a code that I do not know by
having some unit tests around it. These characterisation tests will
also be useful as documentation.
- templated structs were not required, SFINAE works for functions too
=> use instead, removes some unneeded code
- fix non-usage of builtins with clang
- adjust unit tests
errno can be set to a non-zero value from a previously failed system
call, it is not reset by successful ones
=> have to do that manually or the unit test fails because it detects
an "outdated" error message
This change define explicitly the behavior that exiv2::getEnv should have
on response to unexpected inputs.
There are some other minor changes:
- Use _putenv_s for the unit tests on Windows
- Add todo comment
- Remove deprecated note about freeing memory
clanmills
Luis Diaz Mas
Kevin Backhouse
Dan Čermák
Dan Čermák