From 32b316e23b2a3d59f00f13be33bfdb7fafef74e3 Mon Sep 17 00:00:00 2001 From: Brad Hards Date: Fri, 1 Dec 2023 17:06:49 +1100 Subject: [PATCH] idat: protect against trying to output negative size --- libheif/box.cc | 6 +++++- tests/CMakeLists.txt | 3 ++- tests/idat.cc | 51 ++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 58 insertions(+), 2 deletions(-) create mode 100644 tests/idat.cc diff --git a/libheif/box.cc b/libheif/box.cc index e752ac4807..49c555eb34 100644 --- a/libheif/box.cc +++ b/libheif/box.cc @@ -2854,7 +2854,11 @@ std::string Box_idat::dump(Indent& indent) const std::ostringstream sstr; sstr << Box::dump(indent); - sstr << indent << "number of data bytes: " << get_box_size() - get_header_size() << "\n"; + if (get_box_size() >= get_header_size()) { + sstr << indent << "number of data bytes: " << get_box_size() - get_header_size() << "\n"; + } else { + sstr << indent << "number of data bytes is invalid\n"; + } return sstr.str(); } diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index fd9d115a89..2e060a0ba4 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -16,9 +16,10 @@ endmacro() # --- tests that require access to internal symbols if (WITH_REDUCED_VISIBILITY) - message(WARNING "Conversion and JPEG 2000 box unit tests can only be compiled with full symbol visibility (WITH_REDUCED_VISIBILITY=OFF)") + message(WARNING "Conversion and box unit tests can only be compiled with full symbol visibility (WITH_REDUCED_VISIBILITY=OFF)") else() add_libheif_test(conversion) + add_libheif_test(idat) add_libheif_test(jpeg2000) endif() diff --git a/tests/idat.cc b/tests/idat.cc new file mode 100644 index 0000000000..f03721b1b7 --- /dev/null +++ b/tests/idat.cc @@ -0,0 +1,51 @@ +/* + libheif Item Data Box (idat) unit tests + + MIT License + + Copyright (c) 2023 Brad Hards + + Permission is hereby granted, free of charge, to any person obtaining a copy + of this software and associated documentation files (the "Software"), to deal + in the Software without restriction, including without limitation the rights + to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + copies of the Software, and to permit persons to whom the Software is + furnished to do so, subject to the following conditions: + + The above copyright notice and this permission notice shall be included in all + copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + SOFTWARE. +*/ + +#include "catch.hpp" +#include "libheif/box.h" +#include +#include + +TEST_CASE("idat bad") { + std::vector testData{0x00, 0x00, 0x00, 0x00, 'i', + 'd', 'a', 't', 0x65}; + auto reader = std::make_shared(testData.data(), + testData.size(), false); + + BitstreamRange range(reader, testData.size()); + for (;;) { + std::shared_ptr box; + Error error = Box::read(range, &box); + if (error != Error::Ok || range.error()) { + break; + } + + box->get_type(); + box->get_type_string(); + Indent indent; + box->dump(indent); + } +}