Add test using real files for tiff (intel#512)

SaurabhK122 · web-flow · commit ea5ca3464d5a · 2020-04-02T09:30:30.000-07:00
diff --git a/test/binaries/test-tiff-4.0.2.c b/test/binaries/test-tiff-4.0.2.c
@@ -0,0 +1,11 @@
+#include <stdio.h>
+
+int main() {
+	printf("This program is designed to test the cve-bin-tool checker.");
+	printf("It outputs a few strings normally associated with libtiff 4.0.2");
+	printf("They appear below this line.");
+	printf("------------------");
+	printf("LIBTIFF, Version 4.0.2");
+
+	return 0;
+}
diff --git a/test/test_scanner.py b/test/test_scanner.py
@@ -567,6 +567,21 @@ def _file_test(self, url, filename, package, version):
                     "CVE-2016-6153",
                 ],
             ),
+            (
+                "test-tiff-4.0.2.out",
+                "tiff",
+                "4.0.2",
+                [
+                    # Check for known cves in this version
+                    "CVE-2018-5360",
+                    "CVE-2013-4244",
+                    "CVE-2013-4243",
+                ],
+                [
+                    # Check to make sure an older CVE isn't included
+                    "CVE-2008-2327"
+                ],
+            ),
             (
                 "test-systemd-239.out",
                 "systemd",
@@ -976,6 +991,12 @@ def test_binaries(self, binary, package, version, are_in, not_in):
                         "tiff",
                         "4.0.10",
                     ),
+                    (
+                        "http://mirror.centos.org/centos/7/os/x86_64/Packages/",
+                        "libtiff-4.0.3-32.el7.x86_64.rpm",
+                        "tiff",
+                        "4.0.3",
+                    ),
                     (
                         "http://rpmfind.net/linux/fedora/linux/releases/30/Everything/x86_64/os/Packages/l/",
                         "libxml2-2.9.9-2.fc30.x86_64.rpm",
