[Podofo-users] PdfParser unit tests

Thu, 19 Apr 2018 08:19:40 -0700 

Hi

Here are the unit tests for PoDoFo::PdfParser I’ve been working on. I’ve just 
included the .cpp and .h files rather than a patch since they’re new files.

I’ve not included a patch for CMakeLists.txt  – but I think all that’s needed 
is adding ParserTests.cpp to the CMakeLists.txt file for the unit tests 
(CppUnit takes care of everything else)

What’s tested:

  *   CVE-2017-8053, CVE-2015-8981, CVE-2017-5853, CVE-2018-5296 CVE-2017-8787, 
CVE-2018-5295 CVE-2017-8378
  *   Stress testing of ReadXRefSubsection( nFirstObject, nNumObjects ) with 
lots of different values for nFirstObject and nNumObjects
  *   Stress testing of ReadXRefSubsection with different values supplied to 
PdfParser::SetMaxObjectCount
  *   Testing other PdfParser functions for infinite recursion, out-of-memory 
handling etc
  *   See comments in ParserTests.h
  *   2k lines of code but still lots more that can be tested…

Test results

  *   Stack overflow in ReadXRefContents and ReadXRefStreamContents see 
https://sourceforge.net/p/podofo/tickets/7/
  *   If this is patched (I have a patch) then the tests run successfully on 
Windows 10 with VC++ 2015 and macOS 10.11 with XCode 8/Clang and 
AddressSanitizer enabled
  *   There’s a problem on macOS 10.13 (a SIGKILL when allocating a lot of 
memory) but it’s probably a macOS problem (10.13 is very buggy)

Not tested:

  *   Win64 build
  *   Linux with GCC - might need a small change to get low memory tests to 
work – see comment in canOutOfMemoryKillUnitTests() at end of ParserTests.cpp


Best Regards
Mark

--
Mark Rogers - mark.rog...@powermapper.com<mailto:mark.rog...@powermapper.com>
PowerMapper Software Ltd - www.powermapper.com
Registered in Scotland No 362274 Quartermile 2 Edinburgh EH3 9GL

Attachment: ParserTest.h
Description: ParserTest.h

Attachment: ParserTest.cpp
Description: ParserTest.cpp

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Podofo-users mailing list
Podofo-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/podofo-users

Reply via email to