Fix stack corruption and bus errors while scanning oversized QR codes

[claudiofelber]

Quirc sometimes falsely detects very large QR codes (false positives). This happens for example when the camera of a smartphone is facing downwards and is recording an almost black image. When the library is trying to decode such a large QR code it accesses more memory than has previously been allocated (quirc_code→cell_bitmap). This leads to stack corruption and bus errors.

This pull requests addresses the issue by first defining a maximum supported QR code version number and defining QUIRC_MAX_BITMAP based on this maximum version number instead of using a fixed number of bytes. Later in measure_timing_pattern() QR codes exceeding the maximum allowed version number are ignored and the decoding process is aborted. This also shortens the time needed to identify and reject a bad QR code.

[claudiofelber]

The attached image is an example of a false positive. Quirc believes to detect two QR codes: one with version 49 and one with version 46. I have also attached an image of the binarized image.

I think with the binarization method used in earlier versions of the library, this image example would not have lead to a problem because it would have been entirely black after the binarization, although the potential to crash would if course have been there. The new Otsu-based thresholding algorithm I contributed last year heavily improved binarization of low-light and unevenly lighted images but at the same time also increased the risk for the error, this pull request addresses, to happen.

[dlbeer]

Thanks for this. This was a pretty basic error -- I'm surprised nobody noticed it earlier!

[kaworu]

And thanks for the test case, I've added it as a regression test to node-quirc: https://github.com/kAworu/node-quirc/blob/master/test/index.js#L314-L335

[claudiofelber]

You're both very welcome. Thank you for providing such a great library!