Fix CVE-2016-10094: http://bugzilla.maptools.org/show_bug.cgi?id=2640 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094 https://security-tracker.debian.org/tracker/CVE-2016-10094 2016-12-20 Even Rouault * tools/tiff2pdf.c: avoid potential heap-based overflow in t2p_readwrite_pdf_image_tile(). Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2640 /cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog new revision: 1.1199; previous revision: 1.1198 /cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v <-- tools/tiff2pdf.c new revision: 1.101; previous revision: 1.100 Index: libtiff/tools/tiff2pdf.c =================================================================== RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v retrieving revision 1.100 retrieving revision 1.101 diff -u -r1.100 -r1.101 --- libtiff/tools/tiff2pdf.c 20 Dec 2016 17:24:35 -0000 1.100 +++ libtiff/tools/tiff2pdf.c 20 Dec 2016 17:28:17 -0000 1.101 @@ -2895,7 +2895,7 @@ return(0); } if(TIFFGetField(input, TIFFTAG_JPEGTABLES, &count, &jpt) != 0) { - if (count >= 4) { + if (count > 4) { int retTIFFReadRawTile; /* Ignore EOI marker of JpegTables */ _TIFFmemcpy(buffer, jpt, count - 2); f6da4227177895e21bc811203bc12309cc368'>commitdiff
path: root/tests/hash.scm
AgeCommit message (Expand)Author
2017-03-16utils: Move base16 procedures to (guix base16)....* guix/utils.scm (bytevector->base16-string, base16-string->bytevector): Move to... * guix/base16.scm: ... here. New file. * tests/utils.scm ("bytevector->base16-string->bytevector"): Move to... * tests/base16.scm: ... here. New file. * Makefile.am (MODULES): Add guix/base16.scm. (SCM_TESTS): Add tests/base16.scm. * build-aux/download.scm, guix/derivations.scm, guix/docker.scm, guix/import/snix.scm, guix/pk-crypto.scm, guix/scripts/authenticate.scm, guix/scripts/download.scm, guix/scripts/hash.scm, guix/store.scm, tests/hash.scm, tests/pk-crypto.scm: Adjust imports accordingly. Ludovic Courtès
2017-03-08hash: Close or flush sha256 output ports before calling their 'get' procedure....Slightly different buffering of custom binary output ports in Guile 2.1.7 would lead tests missing 'close-port' or 'force-output' to fail. * tests/hash.scm ("open-sha256-port, hello"): Add call to 'force-output' before call to 'get'. * tests/nar.scm ("write-file puts file in C locale collation order"): Call 'close-port' before calling 'get-hash'. Ludovic Courtès
2016-04-03build: Add a Guile custom test driver using SRFI-64....Before that '.log' files for scheme tests were fragmented and not included in test-suite.log. This unifies the semantics of SRFI-64 API with Automake test suite. * build-aux/test-driver.scm: New file. * Makefile.am (SCM_LOG_DRIVER, AM_SCM_LOG_DRIVER_FLAGS): New variables. (SCM_LOG_COMPILER, AM_SCM_LOG_FLAGS): Delete variables. (AM_TESTS_ENVIRONMENT): Set GUILE_AUTO_COMPILE to 0. * test-env.in: Silence guix-daemon. * doc/guix.texi (Running the Test Suite): Describe how to display the detailed results. Bug reports require only 'test-suite.log' file. * tests/base32.scm, tests/build-utils.scm, tests/builders.scm, tests/challenge.scm, tests/cpan.scm, tests/cpio.scm, tests/cran.scm, tests/cve.scm, tests/derivations.scm, tests/elpa.scm, tests/file-systems.scm, tests/gem.scm, tests/gexp.scm, tests/gnu-maintenance.scm, tests/grafts.scm, tests/graph.scm, tests/gremlin.scm, tests/hackage.scm, tests/hash.scm, tests/import-utils.scm, tests/lint.scm, tests/monads.scm, tests/nar.scm, tests/packages.scm, tests/pk-crypto.scm, tests/pki.scm, tests/profiles.scm, tests/publish.scm, tests/pypi.scm, tests/records.scm, tests/scripts-build.scm, tests/scripts.scm, tests/services.scm, tests/sets.scm, tests/size.scm, tests/snix.scm, tests/store.scm, tests/substitute.scm, tests/syscalls.scm, tests/system.scm, tests/ui.scm, tests/union.scm, tests/upstream.scm, tests/utils.scm: Don't exit at the end of test groups. * tests/containers.scm: Likewise. Use 'test-skip' instead of exiting with error code 77. Mathieu Lirzin