image-rs / jpeg-decoder

JPEG decoder written in Rust -- currently in maintenance mode
Apache License 2.0
148 stars 89 forks source link

Panic while decoding #38

Closed frewsxcv closed 8 years ago

frewsxcv commented 8 years ago
use std::io::{self, Read, Cursor};
use std::{intrinsics};
use std::panic;

extern crate jpeg_decoder;

use jpeg_decoder::Decoder;

fn main() {
    let mut decoder = Decoder::new(b"\xff\xd8\xff\xee\x30\x30\xff\xd9" as &[u8]);
    let a = decoder.read_info();
}
ubuntu@ip-172-31-32-38:~/image/image-fuzz$ cargo run --release
     Running `target/release/image-fuzz`
thread '<main>' panicked at 'called `Option::unwrap()` on a `None` value', ../src/libcore/option.rs:325
stack backtrace:
   1:     0x7fafb74dd5b4 - std::sys::backtrace::tracing::imp::write::h9fb600083204ae7f
   2:     0x7fafb74e09bb - std::panicking::default_hook::_$u7b$$u7b$closure$u7d$$u7d$::hca543c34f11229ac
   3:     0x7fafb74e0643 - std::panicking::default_hook::hc2c969e7453d080c
   4:     0x7fafb74d899d - std::panicking::rust_panic_with_hook::hfe203e3083c2b544
   5:     0x7fafb74e0c51 - std::panicking::begin_panic::h4889569716505182
   6:     0x7fafb74d952a - std::panicking::begin_panic_fmt::h484cd47786497f03
   7:     0x7fafb74e0be1 - rust_begin_unwind
   8:     0x7fafb751615f - core::panicking::panic_fmt::h257ceb0aa351d801
   9:     0x7fafb7516438 - core::panicking::panic::h4bb1497076d04ab9
  10:     0x7fafb7488286 - _<jpeg_decoder..decoder..Decoder<R>>::decode_internal::h5b87959ffb22e82d
  11:     0x7fafb74762c4 - image_fuzz::main::hdbde171b5ac48c88
  12:     0x7fafb74e0258 - std::panicking::try::call::hc5e1f5b484ec7f0e
  13:     0x7fafb74ea36b - __rust_try
  14:     0x7fafb74ea30e - __rust_maybe_catch_panic
  15:     0x7fafb74dfc8c - std::rt::lang_start::h61f4934e780b4dfc
  16:     0x7fafb686ef44 - __libc_start_main
  17:     0x7fafb7476068 - <unknown>
  18:                0x0 - <unknown>
error: Process didn't exit successfully: `target/release/image-fuzz` (exit code: 101)

Found using afl.rs.

kaksmet commented 8 years ago

Thank you for taking the time to fuzz test jpeg-decoder!