From 160330c325a24f777ec0e403cbed3201613a98c3 Mon Sep 17 00:00:00 2001
From: Jan Grulich <jgrulich@redhat.com>
Date: Thu, 19 Aug 2021 12:26:02 +0200
Subject: [PATCH] Fix test for CVE-2021-29470 Resolves: bz#1993284

---
 exiv2-CVE-2021-37619.patch | 31 +++++++++++++++++++++++++++++++
 exiv2.spec                 |  6 +++++-
 2 files changed, 36 insertions(+), 1 deletion(-)

diff --git a/exiv2-CVE-2021-37619.patch b/exiv2-CVE-2021-37619.patch
index 4f8145a..2572914 100644
--- a/exiv2-CVE-2021-37619.patch
+++ b/exiv2-CVE-2021-37619.patch
@@ -29,3 +29,34 @@ index b6a388542f..3bf3566294 100644
              Jp2BoxHeader   newBox =  subBox;
 
              if ( count < length ) {
+diff --git a/tests/bugfixes/github/test_issue_ghsa_8949_hhfh_j7rj.py b/tests/bugfixes/github/test_issue_ghsa_8949_hhfh_j7rj.py
+index c98b3815eb..44f6a906cb 100644
+--- a/tests/bugfixes/github/test_issue_ghsa_8949_hhfh_j7rj.py
++++ b/tests/bugfixes/github/test_issue_ghsa_8949_hhfh_j7rj.py
+@@ -1,7 +1,7 @@
+ # -*- coding: utf-8 -*-
+
+-from system_tests import CaseMeta, path
+-
++from system_tests import CaseMeta, CopyTmpFiles, path
++@CopyTmpFiles("$data_path/issue_ghsa_8949_hhfh_j7rj_poc.jp2","$data_path/issue_ghsa_8949_hhfh_j7rj_poc.exv")
+
+ class Jp2ImageEncodeJp2HeaderOutOfBoundsRead(metaclass=CaseMeta):
+     """
+@@ -10,13 +10,12 @@ class Jp2ImageEncodeJp2HeaderOutOfBoundsRead(metaclass=CaseMeta):
+     """
+     url = "https://github.com/Exiv2/exiv2/security/advisories/GHSA-8949-hhfh-j7rj"
+
+-    filename1 = path("$data_path/issue_ghsa_8949_hhfh_j7rj_poc.jp2")
+-    filename2 = path("$data_path/issue_ghsa_8949_hhfh_j7rj_poc.exv")
++    filename1 = path("$tmp_path/issue_ghsa_8949_hhfh_j7rj_poc.jp2")
++    filename2 = path("$tmp_path/issue_ghsa_8949_hhfh_j7rj_poc.exv")
+     commands = ["$exiv2 in $filename1"]
+     stdout = [""]
+     stderr = [
+ """Error: XMP Toolkit error 201: XML parsing failure
+ Warning: Failed to decode XMP metadata.
+-$filename1: Could not write metadata to file: $kerCorruptedMetadata
+ """]
+-    retval = [1]
++    retval = [0]
diff --git a/exiv2.spec b/exiv2.spec
index acfb197..fd03feb 100644
--- a/exiv2.spec
+++ b/exiv2.spec
@@ -5,7 +5,7 @@ Summary: Exif and Iptc metadata manipulation library
 Name:    exiv2
 Version: 0.27.4
 %global internal_ver %{version}
-Release: 4%{?dist}
+Release: 5%{?dist}
 
 License: GPLv2+
 URL:     http://www.exiv2.org/
@@ -128,6 +128,10 @@ test -x %{buildroot}%{_libdir}/libexiv2.so
 
 
 %changelog
+* Wed Aug 18 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.4-5
+- Fix test for CVE-2021-29470
+  Resolves: bz#1993284
+
 * Wed Aug 18 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.4-4
 - Fix out-of-bounds read in Exiv2::Jp2Image::printStructure
   Resolves: bz#1993247