search

mchehab / zbar

ZBar is an open source software suite for reading bar codes from various sources, including webcams. As its development stopped in 2012, I took the task of keeping it updated with the V4L2 API. This is the main repository for it. There's a clone at at LinuxTV.org, and another one at gitlab.
https://linuxtv.org/downloads/zbar/
GNU Lesser General Public License v2.1
1k stars 206 forks source link

Potential bug in _zbar_image_copy function ? #288

Open khoaphamce opened 4 months ago

khoaphamce commented 4 months ago

Hi authors, this issue I found is CRITICAL, please take some time and make quick response to enhance reliability.

I found the potential bug from _zbar_image_copy function in zbar/image.h (line 158 -> 172):

int i, len = src->datalen;
long *sp = (void *)src->data, *dp = (void *)dst->data;
char *spc, *dpc;

/* Do it word per word, in order to speedup */
for (i = 0; i < len; i += sizeof(long))
      *dp++ = ~(*sp++);

// (1): i is now larger or equal to len (i >= len)

/* Deal with non-aligned remains, if any */
len -= i; // (2): from (1) => (len <= 0)
spc = (char *)sp;
dpc = (char *)dp;
for (i = 0; i < len; i++) //(3): from (2) => this loop will never be executed
      *dpc++ = ~(*spc++);

The for loop to /* Deal with non-aligned remains, if any */ will never be executed since the loop above /* Do it word per word, in order to speedup */ make an additional of i += sizeof(long) right before exit the loop, this will result in i >= len in every situation. The loop to /* Deal with non-aligned remains, if any */ will never run because of the described behaviour.

May I create a PR to fix this ?

Thank you.

jasp00 commented 2 months ago

Current code does not deal with non-aligned remains correctly, so you may prepare a pull request.

khoaphamce commented 2 months ago

Current code does not deal with non-aligned remains correctly, so you may prepare a pull request.

I created the PR: https://github.com/mchehab/zbar/pull/295 , please help check it out. Thanks.