source: josm/trunk/test/unit/org/openstreetmap/josm/tools/ImageProviderTest.java@ 11647

Last change on this file since 11647 was 11526, checked in by Don-vip, 7 years ago

fix #14319 - CVE-2017-5617: svgSalamander SSRF (Server-Side Request Forgery)
  • Property svn:eol-style set to native
File size: 3.7 KB
Line 
1// License: GPL. For details, see LICENSE file.
2package org.openstreetmap.josm.tools;
3
4import static org.junit.Assert.assertEquals;
5import static org.junit.Assert.assertFalse;
6import static org.junit.Assert.assertNotNull;
7
8import java.awt.Transparency;
9import java.awt.image.BufferedImage;
10import java.io.File;
11import java.io.IOException;
12import java.util.logging.Handler;
13import java.util.logging.LogRecord;
14import java.util.logging.Logger;
15
16import javax.swing.ImageIcon;
17
18import org.junit.BeforeClass;
19import org.junit.Test;
20import org.openstreetmap.josm.JOSMFixture;
21import org.openstreetmap.josm.TestUtils;
22
23import com.kitfox.svg.SVGConst;
24
25/**
26 * Unit tests of {@link ImageProvider} class.
27 */
28public class ImageProviderTest {
29
30 private static final class LogHandler14319 extends Handler {
31 boolean failed;
32
33 @Override
34 public void publish(LogRecord record) {
35 if ("Could not load image: https://host-in-the-trusted-network.com/test.jpg".equals(record.getMessage())) {
36 failed = true;
37 }
38 }
39
40 @Override
41 public void flush() {
42 }
43
44 @Override
45 public void close() throws SecurityException {
46 }
47 }
48
49 /**
50 * Setup test.
51 */
52 @BeforeClass
53 public static void setUp() {
54 JOSMFixture.createUnitTestFixture().init();
55 }
56
57 /**
58 * Non-regression test for ticket <a href="https://josm.openstreetmap.de/ticket/9984">#9984</a>
59 * @throws IOException if an error occurs during reading
60 */
61 @Test
62 public void testTicket9984() throws IOException {
63 File file = new File(TestUtils.getRegressionDataFile(9984, "tile.png"));
64 assertEquals(Transparency.TRANSLUCENT, ImageProvider.read(file, true, true).getTransparency());
65 assertEquals(Transparency.TRANSLUCENT, ImageProvider.read(file, false, true).getTransparency());
66 assertEquals(Transparency.OPAQUE, ImageProvider.read(file, false, false).getTransparency());
67 assertEquals(Transparency.OPAQUE, ImageProvider.read(file, true, false).getTransparency());
68 }
69
70 /**
71 * Non-regression test for ticket <a href="https://josm.openstreetmap.de/ticket/10030">#10030</a>
72 * @throws IOException if an error occurs during reading
73 */
74 @Test
75 public void testTicket10030() throws IOException {
76 File file = new File(TestUtils.getRegressionDataFile(10030, "tile.jpg"));
77 BufferedImage img = ImageProvider.read(file, true, true);
78 assertNotNull(img);
79 }
80
81 /**
82 * Non-regression test for ticket <a href="https://josm.openstreetmap.de/ticket/14319">#14319</a>
83 * @throws IOException if an error occurs during reading
84 */
85 @Test
86 public void testTicket14319() throws IOException {
87 LogHandler14319 handler = new LogHandler14319();
88 Logger.getLogger(SVGConst.SVG_LOGGER).addHandler(handler);
89 ImageIcon img = new ImageProvider(
90 new File(TestUtils.getRegressionDataDir(14319)).getAbsolutePath(), "attack.svg").get();
91 assertNotNull(img);
92 assertFalse(handler.failed);
93 }
94
95 /**
96 * Test fetching an image using {@code wiki://} protocol.
97 */
98 @Test
99 public void testWikiProtocol() {
100 // https://commons.wikimedia.org/wiki/File:OpenJDK_logo.svg
101 assertNotNull(ImageProvider.get("wiki://OpenJDK_logo.svg"));
102 }
103
104 /**
105 * Test fetching an image using {@code data:} URL.
106 */
107 @Test
108 public void testDataUrl() {
109 // Red dot image, taken from https://en.wikipedia.org/wiki/Data_URI_scheme#HTML
110 assertNotNull(ImageProvider.get("data:image/png;base64," +
111 "iVBORw0KGgoAAAANSUhEUgAAAAUAAAAFCAYAAACNbyblAAAAHElEQVQI12P4"+
112 "//8/w38GIAXDIBKE0DHxgljNBAAO9TXL0Y4OHwAAAABJRU5ErkJggg=="));
113 }
114}
Note: See TracBrowser for help on using the repository browser.