commit | d3bb1a7a05f2b77126dd8ecb8f1d30543de3e8c1 | [log] [tgz] |
---|---|---|
author | Leon Scroggins III <scroggo@google.com> | Thu Sep 28 13:28:55 2017 -0400 |
committer | JP Sugarbroad <jpsugar@google.com> | Mon Nov 06 15:28:21 2017 -0800 |
tree | d70782bd529c209d72da1c8f3112de70004df782 | |
parent | 1010681da9d3afe89c775920800caf1fc583a5f2 [diff] |
Add a test for invalid webp file Bug: 65290323 Test: This Prior to the fix, attempting to decode this image would read uninitialized memory and write to arbitrary memory. The new image is a modified (truncated) version of webp_test.webp. Merged-In: Ibb1d4aaba5deba0101b2722259c5f856f1645f1a Change-Id: Ibb1d4aaba5deba0101b2722259c5f856f1645f1a (cherry picked from commit 13d3ef0279965f7b11590b7c1111d785d12ad951)
diff --git a/tests/tests/security/res/raw/b65290323.webp b/tests/tests/security/res/raw/b65290323.webp new file mode 100644 index 0000000..e4671bb --- /dev/null +++ b/tests/tests/security/res/raw/b65290323.webp Binary files differ
diff --git a/tests/tests/security/src/android/security/cts/BitmapFactoryDecodeStreamTest.java b/tests/tests/security/src/android/security/cts/BitmapFactoryDecodeStreamTest.java index 9115530..5aeb30f 100644 --- a/tests/tests/security/src/android/security/cts/BitmapFactoryDecodeStreamTest.java +++ b/tests/tests/security/src/android/security/cts/BitmapFactoryDecodeStreamTest.java
@@ -39,4 +39,11 @@ BitmapFactory.decodeStream(inStream); } + + @SecurityTest + public void test_b65290323() throws Exception { + InputStream exploitImage = new BufferedInputStream(mContext.getResources().openRawResource( + R.raw.b65290323)); + BitmapFactory.decodeStream(exploitImage); + } }