-AT_BANNER([system file reader - positive])
+dnl PSPP - a program for statistical analysis.
+dnl Copyright (C) 2017 Free Software Foundation, Inc.
+dnl
+dnl This program is free software: you can redistribute it and/or modify
+dnl it under the terms of the GNU General Public License as published by
+dnl the Free Software Foundation, either version 3 of the License, or
+dnl (at your option) any later version.
+dnl
+dnl This program is distributed in the hope that it will be useful,
+dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
+dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+dnl GNU General Public License for more details.
+dnl
+dnl You should have received a copy of the GNU General Public License
+dnl along with this program. If not, see <http://www.gnu.org/licenses/>.
+dnl AT_BANNER([system file reader - positive])
AT_SETUP([variable labels and missing values])
AT_KEYWORDS([sack synthetic system file positive])
dnl File header.
"$FL2"; s60 "$(#) SPSS DATA FILE PSPP synthetic test file";
2; dnl Layout code
-2; dnl Nominal case size
+3; dnl Nominal case size
0; dnl Not compressed
0; dnl Not weighted
0; dnl 1 case.
dnl Variables.
2; 0; 0; 0; 0x050800 *2; s8 "FIRSTVAR";
2; 0; 0; 0; 0x050800 *2; s8 "SECONDVA";
+2; 0; 0; 0; 0x050800 *2; s8 "THIRDVAR";
dnl Machine integer info record.
7; 3; 4; 8; 1; 2; 3; -1; 1; 1; ENDIAN; 1252;
7; 13; 1; COUNT (
"FIRSTVAR=FirstVariable"; i8 9;
"SECONDVA=S"; i8 233; "condVariable"; i8 9;
+"THIRDVAR=ThirdVariable"; i8 9
);
dnl Data file attributes record.
"xyzzy('quux'"; i8 10; ")";
);
+dnl Another variable attributes record.
+dnl Only system files written by "Stata 14.1/-savespss- 1.77 by S.Radyakin"
+dnl include multiple variable attributes records.
+7; 18; 1; COUNT ("ThirdVariable:fizz('buzz'"; i8 10; ")";);
dnl Character encoding record.
7; 20; 1; 12; "windows-1252";
bert,123"
SĂ©condVariable,"Attribute,Value
xyzzy,quux"
+ThirdVariable,"Attribute,Value
+fizz,buzz"
Table: Custom data file attributes.
Attribute,Value
Attribute,Value
xyzzy,quux",2
+ThirdVariable,"Format: F8.0
+Role: Input
+
+Attribute,Value
+fizz,buzz",3
Table: Custom data file attributes.
Attribute,Value
\f
AT_BANNER([system file reader - negative])
+AT_SETUP([no variables])
+AT_KEYWORDS([sack synthetic system file negative])
+AT_DATA([sys-file.sack], [dnl
+dnl File header.
+"$FL2"; s60 "$(#) SPSS DATA FILE PSPP synthetic test file";
+2; dnl Layout code
+0; dnl Nominal case size (empty)
+0; dnl Not compressed
+0; dnl Not weighted
+0; dnl 0 cases.
+100.0; dnl Bias.
+"01 Jan 11"; "20:53:52"; s64 "PSPP synthetic test file";
+i8 0 *3;
+
+dnl Character encoding record.
+7; 20; 1; 12; "windows-1252";
+
+dnl Dictionary termination record.
+999; 0;
+])
+for variant in be le; do
+ AT_CHECK([sack --$variant sys-file.sack > sys-file.sav])
+ AT_DATA([sys-file.sps], [dnl
+GET FILE='sys-file.sav'.
+])
+ AT_CHECK([pspp -O format=csv sys-file.sps], [1], [dnl
+sys-file.sps:1: error: GET: `sys-file.sav': Data file dictionary has no variables.
+])
+
+ dnl At one point pspp-convert would hang forever if there were no variables,
+ dnl so check against regression.
+ AT_CHECK([pspp-convert sys-file.sav sys-file.txt])
+ AT_CHECK([cat sys-file.txt], [0], [
+])
+done
+AT_CLEANUP
+
AT_SETUP([unspecified character encoding])
AT_KEYWORDS([sack synthetic system file positive])
AT_DATA([sys-file.sack], [dnl
AT_DATA([sys-file.sps], [dnl
GET FILE='sys-file.sav'.
])
- AT_CHECK([pspp -O format=csv sys-file.sps], [0], [dnl
-"warning: `sys-file.sav' near offset 0xd8: Unrecognized record type 7, subtype 30. Please send a copy of this file, and the syntax which created it to bug-gnu-pspp@gnu.org."
+ AT_CHECK_UNQUOTED([pspp -O format=csv sys-file.sps], [0], [dnl
+"warning: \`sys-file.sav' near offset 0xd8: Unrecognized record type 7, subtype 30. For help, please send this file to ${PACKAGE_BUGREPORT} and mention that you were using ${PACKAGE_STRING}."
])
done
AT_CLEANUP
dnl Long variable names.
7; 13; 1; COUNT (
"LONGVARI=_Invalid"; i8 9;
+"LONGVARI=$Invalid"; i8 9;
+"LONGVARI=#Invalid"; i8 9;
"LONGVA_A=LongVariableName"; i8 9;
"LONGVA_B=LONGVARIABLENAME"; i8 9;
);
AT_CHECK([pspp -O format=csv sys-file.sps], [0], [dnl
warning: `sys-file.sav' near offset 0x138: Long variable mapping from LONGVARI to invalid variable name `_Invalid'.
+warning: `sys-file.sav' near offset 0x138: Long variable mapping from LONGVARI to invalid variable name `$Invalid'.
+
+warning: `sys-file.sav' near offset 0x138: Long variable mapping from LONGVARI to invalid variable name `#Invalid'.
+
warning: `sys-file.sav' near offset 0x138: Duplicate long variable name `LONGVARIABLENAME'.
])
done
])
done
AT_CLEANUP
+
+# CVE-2017-10791.
+# See also https://bugzilla.redhat.com/show_bug.cgi?id=1467004.
+# See also https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866890.
+# See also https://security-tracker.debian.org/tracker/CVE-2017-10791.
+# Found by team OWL337, using the collAFL fuzzer.
+AT_SETUP([integer overflows in long string missing values])
+cp $top_srcdir/tests/data/CVE-2017-10791.sav .
+AT_CHECK([pspp-convert -O csv CVE-2017-10791.sav -], [0], [], [dnl
+`CVE-2017-10791.sav': This system file does not indicate its own character encoding. Using default encoding ANSI_X3.4-1968. For best results, specify an encoding explicitly. Use SYSFILE INFO with ENCODING="DETECT" to analyze the possible encodings.
+`CVE-2017-10791.sav' near offset 0x217: Extension record subtype 21 ends unexpectedly.
+])
+AT_CLEANUP
+
+# CVE-2017-10792.
+# See also https://bugzilla.redhat.com/show_bug.cgi?id=1467005.
+# See also https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866890.
+# See also https://security-tracker.debian.org/tracker/CVE-2017-10792.
+# Reported by team OWL337, with fuzzer collAFL.
+AT_SETUP([null dereference skipping bad extension record 18])
+cp $top_srcdir/tests/data/CVE-2017-10792.sav .
+AT_CHECK([pspp-convert -O csv CVE-2017-10792.sav -], [0], [], [dnl
+`CVE-2017-10792.sav' near offset 0x1c0: Record type 7, subtype 18 has bad size 4 (expected 1).
+`CVE-2017-10792.sav': This system file does not indicate its own character encoding. Using default encoding ANSI_X3.4-1968. For best results, specify an encoding explicitly. Use SYSFILE INFO with ENCODING="DETECT" to analyze the possible encodings.
+])
+AT_CLEANUP