Fix for CVE-2007-1667 causes XCreateImage-1 testcase failure?
Alan Coopersmith
alan.coopersmith at Sun.COM
Tue May 8 00:02:25 EEST 2007
Since applying the fix for CVE-2007-1667 to our Xlib, which validates the
bytes_per_line is large enough (which wasn't done before) our QA is now
reporting that the XCreateImage-1 testcase fails. (They're running VSW5,
but XTS5 appears to be the same, with the bytes_per_line hardcoded to 11:
http://cvsweb.freedesktop.org/xtest/xts5/tset/Xlib17/crtimg/crtimg.m?revision=1.2&view=markup
)
Is this a bug in the test suite? Any reason the test suite shouldn't set
bytes_per_line to 0 to allow the library to calculate the correct value?
With a width of 10 pixels, bytes_per_line can't be correct at 11 for
anything larger than 8-bit in any case can it? In our case, it appears
to fail even at 8-bit since our SPARC graphics card with 8-bit & 24-bit
visuals is setting padding to 32-bits for all pixmap types - from xdpyinfo:
supported pixmap formats:
depth 1, bits_per_pixel 1, scanline_pad 32
depth 8, bits_per_pixel 8, scanline_pad 32
depth 24, bits_per_pixel 32, scanline_pad 32
(A quick standalone test with the new libX11 shows that with our
8-bits-per-pixel, 32-bit-padded visuals, 11 bytes_per_line fails
but 12 bytes_per_line works in XCreateImage.)
-Alan Coopersmith- alan.coopersmith at sun.com
Sun Microsystems, Inc. - X Window System Engineering
-------- Original Message --------
200|1 1 17:16:56|TP Start
520|1 1 00001235 1 1|VSW5TESTSUITE PURPOSE 1
520|1 1 00001235 1 2|Assertion XCreateImage-1.(A)
520|1 1 00001235 1 3|A call to XCreateImage allocates and returns an XImage
520|1 1 00001235 1 4|structure.
520|1 1 00001235 1 5|METH: For format XYPixmap and ZPixmap:
520|1 1 00001235 1 6|METH: Create an XImage structure using XCreateImage.
520|1 1 00001235 1 7|METH: Verify that the call did not return NULL.
520|1 1 00001235 1 8|METH: Verify that the structure components set from the
parameters are set correctly.
520|1 1 00001235 1 9|CHECK: XCreateImage-1 1, line 308
520|1 1 00001235 1 10|TRACE: --- Running test with visual class PseudoColor, depth 8
520|1 1 00001235 1 11|TRACE: ZPixmap.
520|1 1 00001235 1 12|REPORT: XCreateImage() returned NULL.
520|1 1 00001235 1 13|unexpected signal 11 (SIGSEGV) received
220|1 1 2 17:16:56|UNRESOLVED
410|1 1 1 17:16:56|IC End
80|1 0 17:16:56|TC End, scenario ref 2-0
900|17:16:56|TCC End
scenario file used
# : my_scen,v n# Revision 1.0 2002/07/17
Display
"VSW5TESTSUITE CASE XCreateImage 3"
/tset/Xlib17/crtimg/Test{1}
More information about the xorg-test
mailing list