diff options
author | Sam Thursfield <sam@afuera.me.uk> | 2020-12-27 00:48:49 +0100 |
---|---|---|
committer | Sam Thursfield <sam@afuera.me.uk> | 2020-12-27 00:51:00 +0100 |
commit | 5a56cb295b6d301221b995f1cdcfefeaf8da937e (patch) | |
tree | 5d6d8a1bc7e3e71a5f6bb728898354f12bda203e /tests/mediaarttest.c | |
parent | ac8a12cf0040710b95ddab77b687209d2797ae9c (diff) | |
download | libmediaart-sam/valid-utf8.tar.gz |
Mandate that inputs are valid UTF8sam/valid-utf8
This restriction was already in place, since we passed the inputs
directly to GLib functions that expect valid UTF8.
If this library were widely used then we might proactively validate
inputs to protect against exploits. At time of writing, this module is
only used in 3 places (grilo-plugins, gnome-music and rygel), so just
check they are doing the right thing when calling the API.
See https://gitlab.gnome.org/GNOME/libmediaart/-/merge_requests/5 for
background.
Diffstat (limited to 'tests/mediaarttest.c')
-rw-r--r-- | tests/mediaarttest.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/tests/mediaarttest.c b/tests/mediaarttest.c index cef36c2..1ddb2d7 100644 --- a/tests/mediaarttest.c +++ b/tests/mediaarttest.c @@ -54,6 +54,8 @@ static TestInfo strip_test_cases [] = { { "unbalanced-brackets-gt-lt-end", "Unbalanced brackets>", NULL, "unbalanced brackets" }, { "messy-title-punctuation", "Live at *WEMBLEY* dude!", NULL, "live at wembley dude" }, { "crap-brackets-everywhere", "met[xX[x]alli]ca", NULL, "metallica" }, + /* This value found by fuzz testing, see https://gitlab.gnome.org/GNOME/libmediaart/-/merge_requests/5 */ + { "invalid-utf8-1", "\x0a\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1\xc1", NULL, "" }, { NULL, NULL, NULL, NULL } }; |