search

dropbox / lepton

Lepton is a tool and file format for losslessly compressing JPEGs by an average of 22%.
https://blogs.dropbox.com/tech/2016/07/lepton-image-compression-saving-22-losslessly-from-images-at-15mbs/
Apache License 2.0
5.01k stars 355 forks source link

Corrupt JPG files causing various SIGFPE's in src/lepton/jpgcoder.cc's decode_jpeg() #90

Closed Fusl closed 7 years ago

Fusl commented 7 years ago

decode_jpeg (huff_input_offsets=..., luma_row_offset_return=) at src/lepton/jpgcoder.cc:2713 (2713.jpg)

        aligned_block = <optimized out>
        old_mcu = <optimized out>
        do_handoff_print = <optimized out>
        type = <optimized out>
        len = <optimized out>
        hpos = <optimized out>
        lastdc = {0, 0, 0, 0}
        block = {<Sirikata::Aligned256ArrayNd<Sirikata::Array1d<short, 64u, Sirikata::RoundToPow2, Sirikata::ReferenceType<Sirikata::ArrayBaseType1d<short, 64u, Sirikata::RoundToPow2> > > >> = {<Sirikata::Array1d<short, 64u, Sirikata::RoundToPow2, Sirikata::ReferenceType<Sirikata::ArrayBaseType1d<short, 64u, Sirikata::RoundToPow2> > >> = {
              data = 0x7fffffffe040},
            backingStore = '\000' <repeats 16 times>, "w\000\000\000|\000\000\000\340m\227UUU\000\000Y\001\000\000\000\000\000\000\340m\227UUU\000\000\016\000\000\000\000\000\000\000\252\234XUUU\000\000\322_\\UUU\000\000:\n", '\000' <repeats 14 times>, " n\227UUU\000\000:\n\000\000\000\000\000\000 n\227UUU", '\000' <repeats 18 times>, "\002\000\000\000\000\000\000\000\366\t\000\000\000\000\000\000`\342\377\377\377\177\000\000\000\341\377\377\377\177"}, <No data fields>}
        peobrun = 0
        eobrun = 0
        rstw = 0
        cmp = 0
        bpos = <optimized out>
        dpos = 0
        mcu = 0
        sub = 0
        csc = 0
        eob = <optimized out>
        sta = <optimized out>
        is_baseline = <optimized out>

decode_jpeg (huff_input_offsets=..., luma_row_offset_return=) at src/lepton/jpgcoder.cc:2715 (2715.jpg)

        aligned_block = <optimized out>
        old_mcu = <optimized out>
        do_handoff_print = <optimized out>
        type = <optimized out>
        len = <optimized out>
        hpos = <optimized out>
        lastdc = {0, 0, 0, 0}
        block = {<Sirikata::Aligned256ArrayNd<Sirikata::Array1d<short, 64u, Sirikata::RoundToPow2, Sirikata::ReferenceType<Sirikata::ArrayBaseType1d<short, 64u, Sirikata::RoundToPow2> > > >> = {<Sirikata::Array1d<short, 64u, Sirikata::RoundToPow2, Sirikata::ReferenceType<Sirikata::ArrayBaseType1d<short, 64u, Sirikata::RoundToPow2> > >> = {
              data = 0x7fffffffe040},
            backingStore = '\000' <repeats 16 times>, "w\000\000\000|\000\000\000\340m\227UUU\000\000R\001\000\000\000\000\000\000\340m\227UUU\000\000\016\000\000\000\000\000\000\000\252\234XUUU\000\000\322_\\UUU\000\000%\n", '\000' <repeats 14 times>, " n\227UUU\000\000%\n\000\000\000\000\000\000 n\227UUU", '\000' <repeats 18 times>, "\002\000\000\000\000\000\000\000\353\t\000\000\000\000\000\000`\342\377\377\377\177\000\000\000\341\377\377\377\177"}, <No data fields>}
        peobrun = 0
        eobrun = 0
        rstw = 0
        cmp = 0
        bpos = <optimized out>
        dpos = 0
        mcu = 0
        sub = 0
        csc = 0
        eob = <optimized out>
        sta = <optimized out>
        is_baseline = <optimized out>

decode_jpeg (huff_input_offsets=..., luma_row_offset_return=) at src/lepton/jpgcoder.cc:2765 (2765.jpg)

        u_last_dc = <optimized out>
        old_mcu = <optimized out>
        do_handoff_print = <optimized out>
        type = <optimized out>
        len = <optimized out>
        hpos = <optimized out>
        lastdc = {0, 0, 0, 0}
        block = {<Sirikata::Aligned256ArrayNd<Sirikata::Array1d<short, 64u, Sirikata::RoundToPow2, Sirikata::ReferenceType<Sirikata::ArrayBaseType1d<short, 64u, Sirikata::RoundToPow2> > > >> = {<Sirikata::Array1d<short, 64u, Sirikata::RoundToPow2, Sirikata::ReferenceType<Sirikata::ArrayBaseType1d<short, 64u, Sirikata::RoundToPow2> > >> = {
              data = 0x7fffffffe040},
            backingStore = '\000' <repeats 16 times>, "w\000\000\000|\000\000\000\340m\227UUU\000\000h\002\000\000\000\000\000\000\340m\227UUU\000\000\016\000\000\000\000\000\000\000\252\234XUUU\000\000\322_\\UUU\000\000a\n", '\000' <repeats 14 times>, "\340m\227UUU\000\000a\n\000\000\000\000\000\000\340m\227UUU", '\000' <repeats 18 times>, "\002\000\000\000\000\000\000\000\004\n\000\000\000\000\000\000`\342\377\377\377\177\000\000\000\341\377\377\377\177"}, <No data fields>}
        peobrun = 0
        eobrun = 0
        rstw = 0
        cmp = 2
        bpos = <optimized out>
        dpos = 0
        mcu = 0
        sub = 0
        csc = 0
        eob = <optimized out>
        sta = <optimized out>
        is_baseline = false

decode_jpeg (huff_input_offsets=..., luma_row_offset_return=) at src/lepton/jpgcoder.cc:2767 (2767.jpg)

        u_last_dc = <optimized out>
        old_mcu = <optimized out>
        do_handoff_print = <optimized out>
        type = <optimized out>
        len = <optimized out>
        hpos = <optimized out>
        lastdc = {0, 0, 0, 0}
        block = {<Sirikata::Aligned256ArrayNd<Sirikata::Array1d<short, 64u, Sirikata::RoundToPow2, Sirikata::ReferenceType<Sirikata::ArrayBaseType1d<short, 64u, Sirikata::RoundToPow2> > > >> = {<Sirikata::Array1d<short, 64u, Sirikata::RoundToPow2, Sirikata::ReferenceType<Sirikata::ArrayBaseType1d<short, 64u, Sirikata::RoundToPow2> > >> = {
              data = 0x7fffffffe040},
            backingStore = '\000' <repeats 16 times>, "w\000\000\000|\000\000\000\340m\227UUU\000\000\062\002\000\000\000\000\000\000\340m\227UUU\000\000\016\000\000\000\000\000\000\000\252\234XUUU\000\000\322_\\UUU\000\000\062\t", '\000' <repeats 14 times>, " n\227UUU\000\000\062\t\000\000\000\000\000\000 n\227UUU", '\000' <repeats 18 times>, "\002\000\000\000\000\000\000\000\336\b\000\000\000\000\000\000`\342\377\377\377\177\000\000\000\341\377\377\377\177"}, <No data fields>}
        peobrun = 0
        eobrun = 0
        rstw = 1
        cmp = 2
        bpos = <optimized out>
        dpos = 0
        mcu = 0
        sub = 0
        csc = 0
        eob = <optimized out>
        sta = <optimized out>
        is_baseline = false

decode_jpeg (huff_input_offsets=..., luma_row_offset_return=) at src/lepton/jpgcoder.cc:2826 (2826.jpg)

        vmul = <optimized out>
        hmul = <optimized out>
        do_handoff_print = true
        type = <optimized out>
        len = <optimized out>
        hpos = <optimized out>
        lastdc = {0, 0, 0, 0}
        block = {<Sirikata::Aligned256ArrayNd<Sirikata::Array1d<short, 64u, Sirikata::RoundToPow2, Sirikata::ReferenceType<Sirikata::ArrayBaseType1d<short, 64u, Sirikata::RoundToPow2> > > >> = {<Sirikata::Array1d<short, 64u, Sirikata::RoundToPow2, Sirikata::ReferenceType<Sirikata::ArrayBaseType1d<short, 64u, Sirikata::RoundToPow2> > >> = {
              data = 0x7fffffffe040},
            backingStore = '\000' <repeats 16 times>, "w\000\000\000|\000\000\000\340m\227UUU\000\000M\001\000\000\000\000\000\000\340m\227UUU\000\000\016\000\000\000\000\000\000\000\252\234XUUU\000\000\322_\\UUU\000\000\202\b", '\000' <repeats 14 times>, " n\227UUU\000\000\202\b\000\000\000\000\000\000 n\227UUU", '\000' <repeats 18 times>, "\002\000\000\000\000\000\000\000C\b\000\000\000\000\000\000`\342\377\377\377\177\000\000\000\341\377\377\377\177"}, <No data fields>}
        peobrun = 0
        eobrun = 0
        rstw = 0
        cmp = 0
        bpos = <optimized out>
        dpos = 0
        mcu = 0
        sub = 0
        csc = 0
        eob = <optimized out>
        sta = 0
        is_baseline = <optimized out>

decode_jpeg (huff_input_offsets=..., luma_row_offset_return=) at src/lepton/jpgcoder.cc:2827 (2827.jpg)

        vmul = 2
        hmul = <optimized out>
        do_handoff_print = true
        type = <optimized out>
        len = <optimized out>
        hpos = <optimized out>
        lastdc = {0, 0, 0, 0}
        block = {<Sirikata::Aligned256ArrayNd<Sirikata::Array1d<short, 64u, Sirikata::RoundToPow2, Sirikata::ReferenceType<Sirikata::ArrayBaseType1d<short, 64u, Sirikata::RoundToPow2> > > >> = {<Sirikata::Array1d<short, 64u, Sirikata::RoundToPow2, Sirikata::ReferenceType<Sirikata::ArrayBaseType1d<short, 64u, Sirikata::RoundToPow2> > >> = {
              data = 0x7fffffffe040},
            backingStore = '\000' <repeats 16 times>, "w\000\000\000|\000\000\000\340m\227UUU\000\000D\001\000\000\000\000\000\000\340m\227UUU\000\000\005\000\000\000\000\000\000\000\252\234XUUU\000\000\322_\\UUU\000\000H\n", '\000' <repeats 14 times>, " n\227UUU\000\000H\n\000\000\000\000\000\000 n\227UUU", '\000' <repeats 18 times>, "\002\000\000\000\000\000\000\000\020\n\000\000\000\000\000\000`\342\377\377\377\177\000\000\000\341\377\377\377\177"}, <No data fields>}
        peobrun = 0
        eobrun = 0
        rstw = 0
        cmp = 0
        bpos = <optimized out>
        dpos = 0
        mcu = 0
        sub = 0
        csc = 0
        eob = <optimized out>
        sta = 0
        is_baseline = <optimized out>

decode_jpeg (huff_input_offsets=..., luma_row_offset_return=) at src/lepton/jpgcoder.cc:2883 (2883.jpg)

        do_handoff_print = <optimized out>
        type = <optimized out>
        len = <optimized out>
        hpos = <optimized out>
        lastdc = {0, 0, 0, 0}
        block = {<Sirikata::Aligned256ArrayNd<Sirikata::Array1d<short, 64u, Sirikata::RoundToPow2, Sirikata::ReferenceType<Sirikata::ArrayBaseType1d<short, 64u, Sirikata::RoundToPow2> > > >> = {<Sirikata::Array1d<short, 64u, Sirikata::RoundToPow2, Sirikata::ReferenceType<Sirikata::ArrayBaseType1d<short, 64u, Sirikata::RoundToPow2> > >> = {
              data = 0x7fffffffe040},
            backingStore = '\000' <repeats 16 times>, "w\000\000\000|\000\000\000\340m\227UUU\000\000\070\001\000\000\000\000\000\000\340m\227UUU\000\000\016\000\000\000\000\000\000\000\252\234XUUU\000\000\322_\\UUU\000\000K\n", '\000' <repeats 14 times>, " n\227UUU\000\000K\n\000\000\000\000\000\000 n\227UUU", '\000' <repeats 18 times>, "\002\000\000\000\000\000\000\000\000\n\000\000\000\000\000\000`\342\377\377\377\177\000\000\000\341\377\377\377\177"}, <No data fields>}
        peobrun = 0
        eobrun = 0
        rstw = 0
        cmp = 0
        bpos = <optimized out>
        dpos = 0
        mcu = 0
        sub = 0
        csc = 0
        eob = <optimized out>
        sta = <optimized out>
        is_baseline = false

Note: JPG files generated with american fuzzy lop, lepton compiled with AFL_USE_ASAN=1 CC=/usr/local/bin/afl-gcc CXX=/usr/local/bin/afl-g++ ./configure using 6d940eb00576f2b262e9c478c8dfed1559d32563 (HEAD at this time), command arguments are lepton -unjailed -singlethread -skipvalidate $infile $outfile.