forked from pool/tigervnc
Stefan Dirsch
150affba65
0001-Make-ZlibInStream-more-robust-against-failures.patch
0002-Encapsulate-PixelBuffer-internal-details.patch
0003-Restrict-PixelBuffer-dimensions-to-safe-values.patch
0004-Add-write-protection-to-OffsetPixelBuffer.patch
0005-Handle-empty-Tight-gradient-rects.patch
0006-Add-unit-test-for-PixelFormat-sanity-checks.patch
0007-Fix-depth-sanity-test-in-PixelFormat.patch
0008-Add-sanity-checks-for-PixelFormat-shift-values.patch
0009-Remove-unused-FixedMemOutStream.patch
0010-Use-size_t-for-lengths-in-stream-objects.patch
0011-Be-defensive-about-overflows-in-stream-objects.patch
0012-Add-unit-tests-for-PixelFormat.is888-detection.patch
0013-Handle-pixel-formats-with-odd-shift-values.patch
* stack use-after-return due to incorrect usage of stack memory
in ZRLEDecoder (CVE-2019-15691, bsc#1159856)
* improper value checks in CopyRectDecode may lead to heap
buffer overflow (CVE-2019-15692, bsc#1160250)
* heap buffer overflow in TightDecoder::FilterGradient
(CVE-2019-15693, bsc#1159858)
* improper error handling in processing MemOutStream may lead
to heap buffer overflow (CVE-2019-15694, bsc#1160251
* stack buffer overflow, which could be triggered from
CMsgReader::readSetCurso (CVE-2019-15695, bsc#1159860)
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/tigervnc?expand=0&rev=168
91 lines
2.4 KiB
Diff
91 lines
2.4 KiB
Diff
From 91bdaa6c87a7f311163b5f1e4bbcd9de584968cd Mon Sep 17 00:00:00 2001
|
|
From: Pierre Ossman <ossman@cendio.se>
|
|
Date: Wed, 2 Oct 2019 16:05:34 +0200
|
|
Subject: [PATCH] Add unit tests for PixelFormat.is888() detection
|
|
|
|
---
|
|
tests/unit/pixelformat.cxx | 60 +++++++++++++++++++++++++++++++++++++++++++++-
|
|
1 file changed, 59 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/tests/unit/pixelformat.cxx b/tests/unit/pixelformat.cxx
|
|
index 46fecfb4..cfae2f9d 100644
|
|
--- a/tests/unit/pixelformat.cxx
|
|
+++ b/tests/unit/pixelformat.cxx
|
|
@@ -52,8 +52,31 @@ static void doTest(bool should_fail, int b, int d, bool e, bool t,
|
|
fflush(stdout);
|
|
}
|
|
|
|
-int main(int argc, char** argv)
|
|
+static void do888Test(bool expected, int b, int d, bool e, bool t,
|
|
+ int rm, int gm, int bm, int rs, int gs, int bs)
|
|
+{
|
|
+ rfb::PixelFormat* pf;
|
|
+
|
|
+ printf("PixelFormat(%d, %d, %s, %s, %d, %d, %d, %d, %d, %d): ",
|
|
+ b, d, e ? "true" : "false", t ? "true": "false",
|
|
+ rm, gm, bm, rs, gs, bs);
|
|
+
|
|
+ pf = new rfb::PixelFormat(b, d, e, t, rm, gm, bm, rs, gs, bs);
|
|
+
|
|
+ if (pf->is888() == expected)
|
|
+ printf("OK");
|
|
+ else
|
|
+ printf("FAILED");
|
|
+ printf("\n");
|
|
+ fflush(stdout);
|
|
+
|
|
+ delete pf;
|
|
+}
|
|
+
|
|
+static void sanityTests()
|
|
{
|
|
+ printf("Sanity checks:\n\n");
|
|
+
|
|
/* Normal true color formats */
|
|
|
|
doTest(false, 32, 24, false, true, 255, 255, 255, 0, 8, 16);
|
|
@@ -120,5 +143,40 @@ int main(int argc, char** argv)
|
|
doTest(true, 32, 24, false, true, 255, 255, 255, 0, 8, 15);
|
|
doTest(true, 32, 24, false, true, 255, 255, 255, 0, 16, 7);
|
|
|
|
+ printf("\n");
|
|
+}
|
|
+
|
|
+void is888Tests()
|
|
+{
|
|
+ printf("Simple format detection:\n\n");
|
|
+
|
|
+ /* Positive cases */
|
|
+
|
|
+ do888Test(true, 32, 24, false, true, 255, 255, 255, 0, 8, 16);
|
|
+ do888Test(true, 32, 24, false, true, 255, 255, 255, 24, 16, 8);
|
|
+ do888Test(true, 32, 24, false, true, 255, 255, 255, 24, 8, 0);
|
|
+
|
|
+ /* Low depth */
|
|
+
|
|
+ do888Test(false, 32, 16, false, true, 15, 31, 15, 0, 8, 16);
|
|
+ do888Test(false, 32, 8, false, true, 3, 7, 3, 0, 8, 16);
|
|
+
|
|
+ /* Low bpp and depth */
|
|
+
|
|
+ do888Test(false, 16, 16, false, true, 15, 31, 15, 0, 5, 11);
|
|
+ do888Test(false, 8, 8, false, true, 3, 7, 3, 0, 2, 5);
|
|
+
|
|
+ /* Colour map */
|
|
+
|
|
+ do888Test(false, 8, 8, false, false, 0, 0, 0, 0, 0, 0);
|
|
+
|
|
+ printf("\n");
|
|
+}
|
|
+
|
|
+int main(int argc, char** argv)
|
|
+{
|
|
+ sanityTests();
|
|
+ is888Tests();
|
|
+
|
|
return 0;
|
|
}
|
|
--
|
|
2.16.4
|
|
|