Comment 8 for bug 1630702
Revision history for this message
| Seth Arnold (seth-arnold) wrote Re: CVE-2016-8332 allows an out-of-bound heap write to occur resulting in heap corruption and arbitrary code execution | #8 |
Hi Nikita, it's always nice when you can test directly if a known bad input has been handled correctly, but not all security fixes come with sample inputs to see the issue. So when you can find them, that's always welcome, but not necessary.
But it is necessary to make sure that programs that use openjpeg can still use it correctly after the update -- e.g., a selection of tools that use openjpeg should still be able to read their inputs or create their outputs after the updated packages have been installed.
If you yourself don't use openjpeg based tools perhaps someone else who does could help with the testing.
Thanks