Set breakpoint at line 2225 in stbi__jpeg_decode_block and run the program to hit the overflow.
/src/stb/tests/../stb_image.h:2225:26: runtime error: signed integer overflow: -33759 * 65535 cannot be represented in type 'int'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /src/stb/tests/../stb_image.h:2225:26 in
dc * dequant[0]
signed integer multiplication instbi__jpeg_decode_block
[1] overflows with a crafted image file.Impact
It doesn't look like a potential security issue, but the signed integer overflow behavior is undefined according to C/C++ standard.
Resources
To reproduce the issue in
stbi__vertical_flip_slices
:stbi__jpeg_decode_block
and run the program to hit the overflow.