exiv2/exiv2-CVE-2025-26623-test.patch

From 630487ffc5feda28aa62dc91eaeae8b0b7507851 Mon Sep 17 00:00:00 2001
From: Kevin Backhouse <kevinbackhouse@github.com>
Date: Wed, 19 Feb 2025 16:21:06 +0000
Subject: [PATCH] Regression test for
 https://github.com/Exiv2/exiv2/security/advisories/GHSA-38h4-fx85-qcx7

(cherry picked from commit 9f8e1a57b6c6853947360d1187bc24d72056c97a)
---
 test/data/issue_ghsa_38h4_fx85_qcx7_poc.tiff  | Bin 0 -> 603 bytes
 .../github/test_issue_ghsa_38h4_fx85_qcx7.py  |  22 ++++++++++++++++++
 .../test_regression_allfiles.py               |   1 +
 tests/suite.conf                              |   1 +
 4 files changed, 24 insertions(+)
 create mode 100644 test/data/issue_ghsa_38h4_fx85_qcx7_poc.tiff
 create mode 100644 tests/bugfixes/github/test_issue_ghsa_38h4_fx85_qcx7.py

diff --git a/tests/bugfixes/github/test_issue_ghsa_38h4_fx85_qcx7.py b/tests/bugfixes/github/test_issue_ghsa_38h4_fx85_qcx7.py
new file mode 100644
index 0000000000..07082caf62
--- /dev/null
+++ b/tests/bugfixes/github/test_issue_ghsa_38h4_fx85_qcx7.py
@@ -0,0 +1,22 @@
+# -*- coding: utf-8 -*-
+
+from system_tests import CaseMeta, path
+
+
+class TiffSubIfd_use_after_free(metaclass=CaseMeta):
+    """
+    Regression test for the bug described in:
+    https://github.com/Exiv2/exiv2/security/advisories/GHSA-38h4-fx85-qcx7
+    """
+
+    url = "https://github.com/Exiv2/exiv2/security/advisories/GHSA-38h4-fx85-qcx7"
+
+    filename = path("$data_path/issue_ghsa_38h4_fx85_qcx7_poc.tiff")
+    commands = ["$exiv2 -q fi $filename"]
+    stdout = [""]
+    stderr = [
+        """Exiv2 exception in fixiso action for file $filename:
+$kerImageWriteFailed
+"""
+    ]
+    retval = [1]
diff --git a/tests/regression_tests/test_regression_allfiles.py b/tests/regression_tests/test_regression_allfiles.py
index eb7f7cef2d..53e8de44ae 100644
--- a/tests/regression_tests/test_regression_allfiles.py
+++ b/tests/regression_tests/test_regression_allfiles.py
@@ -120,6 +120,7 @@ def get_valid_files(data_dir):
         "issue_ghsa_mxw9_qx4c_6m8v_poc.jp2",
         "issue_ghsa_hrw9_ggg3_3r4r_poc.jpg",
         "issue_ghsa_g9xm_7538_mq8w_poc.mov",
+        "issue_ghsa_38h4_fx85_qcx7_poc.tiff",
         "pocIssue283.jpg",
         "poc_1522.jp2",
         "xmpsdk.xmp",
diff --git a/tests/suite.conf b/tests/suite.conf
index c2bf1741e8..249a97fa93 100644
--- a/tests/suite.conf
+++ b/tests/suite.conf
@@ -41,6 +41,7 @@ jpegparsetest: ${ENV:exiv2_path}/jpegparsetest
 kerOffsetOutOfRange: Offset out of range
 kerFailedToReadImageData: Failed to read image data
 kerInputDataReadFailed: Failed to read input data
+kerImageWriteFailed: Failed to write image
 kerCorruptedMetadata: corrupted image metadata
 kerInvalidMalloc: invalid memory allocation request
 kerInvalidTypeValue: invalid type in tiff structure
Fix CVE-2025-26623 exiv2: Use After Free Resolves: RHEL-80106 2025-02-24 12:50:02 +00:00			`From 630487ffc5feda28aa62dc91eaeae8b0b7507851 Mon Sep 17 00:00:00 2001`
			`From: Kevin Backhouse <kevinbackhouse@github.com>`
			`Date: Wed, 19 Feb 2025 16:21:06 +0000`
			`Subject: [PATCH] Regression test for`
			`https://github.com/Exiv2/exiv2/security/advisories/GHSA-38h4-fx85-qcx7`

			`(cherry picked from commit 9f8e1a57b6c6853947360d1187bc24d72056c97a)`
			`---`
			`test/data/issue_ghsa_38h4_fx85_qcx7_poc.tiff \| Bin 0 -> 603 bytes`
			`.../github/test_issue_ghsa_38h4_fx85_qcx7.py \| 22 ++++++++++++++++++`
			`.../test_regression_allfiles.py \| 1 +`
			`tests/suite.conf \| 1 +`
			`4 files changed, 24 insertions(+)`
			`create mode 100644 test/data/issue_ghsa_38h4_fx85_qcx7_poc.tiff`
			`create mode 100644 tests/bugfixes/github/test_issue_ghsa_38h4_fx85_qcx7.py`

			`diff --git a/tests/bugfixes/github/test_issue_ghsa_38h4_fx85_qcx7.py b/tests/bugfixes/github/test_issue_ghsa_38h4_fx85_qcx7.py`
			`new file mode 100644`
			`index 0000000000..07082caf62`
			`--- /dev/null`
			`+++ b/tests/bugfixes/github/test_issue_ghsa_38h4_fx85_qcx7.py`
			`@@ -0,0 +1,22 @@`
			`+# -- coding: utf-8 --`
			`+`
			`+from system_tests import CaseMeta, path`
			`+`
			`+`
			`+class TiffSubIfd_use_after_free(metaclass=CaseMeta):`
			`+ """`
			`+ Regression test for the bug described in:`
			`+ https://github.com/Exiv2/exiv2/security/advisories/GHSA-38h4-fx85-qcx7`
			`+ """`
			`+`
			`+ url = "https://github.com/Exiv2/exiv2/security/advisories/GHSA-38h4-fx85-qcx7"`
			`+`
			`+ filename = path("$data_path/issue_ghsa_38h4_fx85_qcx7_poc.tiff")`
			`+ commands = ["$exiv2 -q fi $filename"]`
			`+ stdout = [""]`
			`+ stderr = [`
			`+ """Exiv2 exception in fixiso action for file $filename:`
			`+$kerImageWriteFailed`
			`+"""`
			`+ ]`
			`+ retval = [1]`
			`diff --git a/tests/regression_tests/test_regression_allfiles.py b/tests/regression_tests/test_regression_allfiles.py`
			`index eb7f7cef2d..53e8de44ae 100644`
			`--- a/tests/regression_tests/test_regression_allfiles.py`
			`+++ b/tests/regression_tests/test_regression_allfiles.py`
			`@@ -120,6 +120,7 @@ def get_valid_files(data_dir):`
			`"issue_ghsa_mxw9_qx4c_6m8v_poc.jp2",`
			`"issue_ghsa_hrw9_ggg3_3r4r_poc.jpg",`
			`"issue_ghsa_g9xm_7538_mq8w_poc.mov",`
			`+ "issue_ghsa_38h4_fx85_qcx7_poc.tiff",`
			`"pocIssue283.jpg",`
			`"poc_1522.jp2",`
			`"xmpsdk.xmp",`
			`diff --git a/tests/suite.conf b/tests/suite.conf`
			`index c2bf1741e8..249a97fa93 100644`
			`--- a/tests/suite.conf`
			`+++ b/tests/suite.conf`
			`@@ -41,6 +41,7 @@ jpegparsetest: ${ENV:exiv2_path}/jpegparsetest`
			`kerOffsetOutOfRange: Offset out of range`
			`kerFailedToReadImageData: Failed to read image data`
			`kerInputDataReadFailed: Failed to read input data`
			`+kerImageWriteFailed: Failed to write image`
			`kerCorruptedMetadata: corrupted image metadata`
			`kerInvalidMalloc: invalid memory allocation request`
			`kerInvalidTypeValue: invalid type in tiff structure`