Closed dsewtz closed 2 years ago
Thank you! I've just pushed a fix for this.
Since this issue leads to memory corruption, anyone using quirc in an environment where an untrusted user can control input should update.
Hi, thank you for integrating this so quickly :-) I was unsure which possibility would be the better one. Keep up the great work. Quirc is really fast and convenient to integrate. THX!
VS2019: Run-Time Check Failure #2 - Stack around the variable 'data' was corrupted. when destructing quirc after use with this image:
Reason: QUIRC_MAX_GRID_SIZE is 40*4+17 = 177 (default) [identify.c:942] measure_grid_size in record_qr_grid detects 265 and 273 which leads to [identify.c:1038] code->cell_bitmap[i >> 3] |= (1 << (i & 7)); writing to (i>>3)=8778 > QUIRC_MAX_BITMAP=3917
Proposed Fix 1: Ignore detected grid in record_qr_grid [identify.c:953] if (qr->grid_size >= QUIRC_MAX_GRID_SIZE) goto fail;
Proposed Fix 2: Record grid but don't extract by default in quirc_extract [identidy.c:1119] if (qr->grid_size >= QUIRC_MAX_GRID_SIZE) return;