Closed pinobatch closed 4 years ago
LodePNG does get tested and fuzzed with both address and undefined behavior sanitizer, interestingly this case did not come up before. Added a TODO in the test to add coverage for this.
Also fixed the issue: C has the "interesting" behavior that when you combine an unsigned char with an unsigned int, it outputs a signed int (and also, C's behavior on unsigned ints is well defined but not on signed ones). Fixed with unsigned casts in better location.
Inspired by a Tweet by John Regehr, I decided to try compiling a simple LodePNG test program with GCC's undefined behavior sanitizer. Both GCC 7 and GCC 8 catch an undefined behavior that the fix for #91 may not have caught.
Software versions used:
Steps to reproduce:
Place this
and then run the following:
sample.png
in a cloned treeExpected result: No output.
Actual result: The following warning messages.