It's actual unit tests (a new tests/unit/ParserTest.cpp file) and most of the 
tests are for PdfParser::ReadXRefSubsection (responsible for CVE-2015-8981, 
CVE-2017-5853, CVE-2017-5855, CVE-2017-6844, CVE-2018-5296 - 14% of the CVEs 
discovered in PoDoFo)

I'll submit the new tests next week - my main concern is adding a new .CPP and 
.H file to the build lists risks breaking the build very close to release. 

A safer option (until 0.9.6 is released) might be adding the new unit test 
files without changing the build - and anyone that's running tests can patch 
their build locally to include the new tests. 

Best Regards

Mark Rogers -
PowerMapper Software Ltd -
Registered in Scotland No 362274 Quartermile 2 Edinburgh EH3 9GL

On 13/04/2018, 21:58, "Mattia Rizzolo" <> wrote:

    On Fri, Apr 13, 2018 at 02:09:40PM +0000, Mark Rogers wrote:
    > If I can also submit the parser unit tests now, but I was planning
    > to wait until 0.9.6 release was complete
    If you have actual unit tests (i.e., patches to tests/unit, or even
    within tests/ only, and not external reproducers), I'd recommend
    submitting them, and I would also recommend libpodofo maintainers to
    accept them (as really, more tests can't possibly be a bad thing…).
                            Mattia Rizzolo
    GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540      .''`.
    more about me:                             : :'  :
    Launchpad user:                  `. `'`
    Debian QA page:  `-

Check out the vibrant tech community on one of the world's most
engaging tech sites,!
Podofo-users mailing list

Reply via email to