Closed Du4t closed 1 month ago
Floating point exception has occurred when running program svgpng in function blend_transformed_tiled_argb at /3rdparty/plutovg/plutovg-blend.c:670
commit d1eec967ec515395cfd669a1bfed8d5a6a119dde (HEAD -> master, origin/master, origin/HEAD) Author: sammycage <sammycageagle@gmail.com> Date: Mon Jan 22 00:48:35 2024 +0100
$ mkdir build $ cd build $ CFLAGS+="-fsanitize=address -fno-omit-frame-pointer -fsanitize-recover=address" cmake -DLUNASVG_BUILD_EXAMPLES=ON ../ $ make -j8 $ ./svg2png ./poc1
================================================================= ==12847==ERROR: AddressSanitizer: FPE on unknown address 0x558142279d0f (pc 0x558142279d0f bp 0x7fff6e11e340 sp 0x7fff6e11d190 T0) #0 0x558142279d0e in blend_transformed_tiled_argb /home/du4t/Desktop/Fuzz/lunasvg/3rdparty/plutovg/plutovg-blend.c:670 #1 0x55814227bc6f in plutovg_blend_texture /home/du4t/Desktop/Fuzz/lunasvg/3rdparty/plutovg/plutovg-blend.c:829 #2 0x55814227a0cb in plutovg_blend /home/du4t/Desktop/Fuzz/lunasvg/3rdparty/plutovg/plutovg-blend.c:710 #3 0x55814226a22e in plutovg_fill_preserve /home/du4t/Desktop/Fuzz/lunasvg/3rdparty/plutovg/plutovg.c:463 #4 0x558142269bb3 in plutovg_fill /home/du4t/Desktop/Fuzz/lunasvg/3rdparty/plutovg/plutovg.c:423 #5 0x558142254709 in lunasvg::Canvas::fill(lunasvg::Path const&, lunasvg::Transform const&, lunasvg::WindRule, lunasvg::BlendMode, double) (/home/du4t/Desktop/Fuzz/lunasvg/reproduce/svg2png+0xf5709) #6 0x55814224953a in lunasvg::FillData::fill(lunasvg::RenderState&, lunasvg::Path const&) const (/home/du4t/Desktop/Fuzz/lunasvg/reproduce/svg2png+0xea53a) #7 0x558142249ce4 in lunasvg::LayoutShape::render(lunasvg::RenderState&) const (/home/du4t/Desktop/Fuzz/lunasvg/reproduce/svg2png+0xeace4) #8 0x558142247a07 in lunasvg::LayoutContainer::renderChildren(lunasvg::RenderState&) const (/home/du4t/Desktop/Fuzz/lunasvg/reproduce/svg2png+0xe8a07) #9 0x558142248528 in lunasvg::LayoutGroup::render(lunasvg::RenderState&) const (/home/du4t/Desktop/Fuzz/lunasvg/reproduce/svg2png+0xe9528) #10 0x558142247a07 in lunasvg::LayoutContainer::renderChildren(lunasvg::RenderState&) const (/home/du4t/Desktop/Fuzz/lunasvg/reproduce/svg2png+0xe8a07) #11 0x55814224830a in lunasvg::LayoutSymbol::render(lunasvg::RenderState&) const (/home/du4t/Desktop/Fuzz/lunasvg/reproduce/svg2png+0xe930a) #12 0x558142213af2 in lunasvg::Document::render(lunasvg::Bitmap, lunasvg::Matrix const&) const (/home/du4t/Desktop/Fuzz/lunasvg/reproduce/svg2png+0xb4af2) #13 0x558142213f03 in lunasvg::Document::renderToBitmap(unsigned int, unsigned int, unsigned int) const (/home/du4t/Desktop/Fuzz/lunasvg/reproduce/svg2png+0xb4f03) #14 0x5581422112cd in main (/home/du4t/Desktop/Fuzz/lunasvg/reproduce/svg2png+0xb22cd) #15 0x7f1db5f13082 in __libc_start_main ../csu/libc-start.c:308 #16 0x55814220b11d in _start (/home/du4t/Desktop/Fuzz/lunasvg/reproduce/svg2png+0xac11d) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: FPE /home/du4t/Desktop/Fuzz/lunasvg/3rdparty/plutovg/plutovg-blend.c:670 in blend_transformed_tiled_argb ==12847==ABORTING
https://github.com/Du4t/POC/blob/main/lunasvg/poc1
Desctiption
Floating point exception has occurred when running program svgpng in function blend_transformed_tiled_argb at /3rdparty/plutovg/plutovg-blend.c:670
Version
Steps to reproduce
POC
https://github.com/Du4t/POC/blob/main/lunasvg/poc1