'Index out of bounds'-panic when decoding invalid alphanumeric data

piderman314 / bardecoder

Detect and decode QR Codes, written in 100% Rust.

MIT License

268 stars 34 forks source link

Closed xeniagda closed 2 years ago

xeniagda commented 2 years ago

At https://github.com/piderman314/bardecoder/blob/d42a92f72a05a62f80dc556c5baca434c245313f/src/decode/qr/data.rs#L108, the ALPHANUMERIC array is accessed at index read_bits_u16(...) / 45. However if the chars variable is greater than 45 * 45 = 2025, the index will be invalid. While a QR-code with such content is invalid, the function should return a QRError specifying the error instead of panicking.

piderman314 commented 2 years ago

Sounds reasonable. Fixed!

yescallop commented 2 years ago

I'm afraid this is a duplicate of #37. But yeah glad to see it fixed :)