Hi Utkarsh,
> On several occasions, I've seen that fixing commits of CVEs have some
> sort of binaries (either an image or some compressed file or whatever)
> added as a test to ensure that the fix is indeed working as expected.
>
> And whilst trying to backport, the patches don't seem to like git
> binaries and so they complain with:
> ```git binary diffs are not supported```
I tend to turn these proof-of-concepts into autopkgtests, and use
uuencode/uudecode to embed them directly there. For example:
Tests: foo
Depends: @, shunit2, sharutils
Restrictions: allow-stderr
§
#!/bin/sh
setUp() {
uudecode >foo.png <<EOF
# (generate this bit with uuencode -m -)
EOF
}
tearDown() {
rm -f poc.png
}
testSuccess() {
program poc.png # should not crash with patch applied
assertEquals "Status code" "${?}" "0"
}
. /usr/bin/shunit2
§
No doubt there are many other ways, but I hope that's somewhere to
start.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org 🍥 chris-lamb.co.uk
`-
