CTS/STS test for Android Security b/36724453 Bug:36724453 Change-Id: I63894109ef876fae9fa7ebbe9386bdaa66f8b93c

commit: 3984c7dfb17e040fa74b0dda43383e902a52f0c4 [log] [tgz]
author: Andres Celis <celisa@google.com> Mon Jul 31 13:11:33 2017 -0700
committer: Andres Celis <celisa@google.com> Mon Aug 07 17:49:06 2017 +0000
tree: f3c53e9105095d83ea2bc77d4c97bbccb4cc3e30
parent: 3f1a926ef0f523cbc50146b46af3768b1a561e5b [diff]
diff --git a/tests/tests/security/res/raw/cve_2017_0691.bmp b/tests/tests/security/res/raw/cve_2017_0691.bmp
new file mode 100644
index 0000000..d3f7c6d
--- /dev/null
+++ b/tests/tests/security/res/raw/cve_2017_0691.bmp
Binary files differ

diff --git a/tests/tests/security/src/android/security/cts/BitmapFactoryDecodeStreamTest.java b/tests/tests/security/src/android/security/cts/BitmapFactoryDecodeStreamTest.java
index 83aa615..f36229e7 100644
--- a/tests/tests/security/src/android/security/cts/BitmapFactoryDecodeStreamTest.java
+++ b/tests/tests/security/src/android/security/cts/BitmapFactoryDecodeStreamTest.java

@@ -39,4 +39,11 @@
         BitmapFactory.decodeStream(inStream);
 
     }
+
+    @SecurityTest
+    public void testPocCVE_2017_0691() throws Exception {
+        InputStream exploitImage = new BufferedInputStream(mContext.getResources().openRawResource(
+                R.raw.cve_2017_0691));
+        BitmapFactory.decodeStream(exploitImage);
+    }
 }
commit	3984c7dfb17e040fa74b0dda43383e902a52f0c4	[log] [tgz]
author	Andres Celis <celisa@google.com>	Mon Jul 31 13:11:33 2017 -0700
committer	Andres Celis <celisa@google.com>	Mon Aug 07 17:49:06 2017 +0000
tree	f3c53e9105095d83ea2bc77d4c97bbccb4cc3e30
parent	3f1a926ef0f523cbc50146b46af3768b1a561e5b [diff]