Closed YourButterfly closed 6 years ago
Thank you for reporting this!
In this case sam2p runs out of memory, because the input image is too large. sam2p reports this by showing terminate called after throwing an instance of 'std::bad_alloc'
, and fails with SIGABRT. I can't see a vulnerability or bug here.
What should sam2p do instead? It could fail with a friendlier error message, e.g. Input image is too large, doesn't fit in memory, aborting. This would be too much work to implement, because we'd have to override all new
operators in the code. What other improvement do you recommend?
Closing this issue for now. I'll reopen it as soon as I learn about an improvement which is feasible to implement.
All right, it just a large flag x , flag y in file pbm, and over the actual size of the input.
AFAICS, the ImageMagic, They use disk space instead of memory sometimes. I `m not sure which one is better.
It would be possible to reduce the memory usage of sam2p to just 21 * image_width + constant bytes by making it use temporary files instead of loading the entire image to memory. (Thus the image_height wouldn't matter.) However, this would need a full rewrite of the image transformation and compression code in sam2p, which is a huge piece of work, and it becomes feasible only when someone volunteers for that.
Description of problem:
a received signal SIGABRT via a large malloc in function pnm_load_image,line 285 ,file input-pnm.ci
Version-Release number of selected component (if applicable):
<= latest version
The output information is as follows:
The gdb debugging information is listed below:(with asan):
More Information position: function pnm_load_image,line 285 ,file input-pnm.ci
some debug info:
and in multiply_check
In here, slen_t` size is 8 bytes,
so , in Macro Define XMALLOCT ,the size is 0x55d20d5548
found by pwd@360TeamSerions