Stack corruption when grid_size > QUIRC_MAX_GRID_SIZE

[dsewtz]

VS2019: Run-Time Check Failure #2 - Stack around the variable 'data' was corrupted. when destructing quirc after use with this image:

Reason: QUIRC_MAX_GRID_SIZE is 40*4+17 = 177 (default) [identify.c:942] measure_grid_size in record_qr_grid detects 265 and 273 which leads to [identify.c:1038] code->cell_bitmap[i >> 3] |= (1 << (i & 7)); writing to (i>>3)=8778 > QUIRC_MAX_BITMAP=3917

Proposed Fix 1: Ignore detected grid in record_qr_grid [identify.c:953] if (qr->grid_size >= QUIRC_MAX_GRID_SIZE) goto fail;

Proposed Fix 2: Record grid but don't extract by default in quirc_extract [identidy.c:1119] if (qr->grid_size >= QUIRC_MAX_GRID_SIZE) return;

[dlbeer]

Thank you! I've just pushed a fix for this.

Since this issue leads to memory corruption, anyone using quirc in an environment where an untrusted user can control input should update.

[dsewtz]

Hi, thank you for integrating this so quickly :-) I was unsure which possibility would be the better one. Keep up the great work. Quirc is really fast and convenient to integrate. THX!