search

tbeu / matio

MATLAB MAT File I/O Library
https://matio.sourceforge.io
BSD 2-Clause "Simplified" License
330 stars 97 forks source link

lock up with truncated files #120

Closed jcupitt closed 3 years ago

jcupitt commented 5 years ago

Hello, thank you for this nice lib.

(I opened this issue on the sourceforge tracker before realizing that this one seems to be where the activity is. Sorry for the extra work.)

This loop will run endlessly if fread() returns zero (no more bytes in file), since it's not checking feof() or ferror():

https://github.com/tbeu/matio/blob/master/src/inflate.c#L646

To reproduce:

wget https://github.com/libvips/libvips/raw/master/test/test-suite/images/sample.mat
head -c 10000 sample.mat > truncated.mat

Now try to load truncated.mat. Tested with 1.5.17 and 1.5.11 on Windows and Linux. Credit to @kleisauke for finding this.

tbeu commented 5 years ago

Confirmed. Need to think about correct error handling.

tbeu commented 3 years ago

Hopefully closed by v1.5.18. Please reopen if it is not good enough.

jcupitt commented 3 years ago

Thank you for doing all this work, @tbeu !

I'll add matio back to the fuzzer and see what happens.