search

xiaozhuai / imageinfo

Free Palestine🇵🇸🇵🇸🇵🇸Cross platform super fast single header c++ library to get image size and format without loading/decoding. Support avif, bmp, cur, dds, gif, hdr (pic), heic (heif), icns, ico, j2k, jp2, jpeg (jpg), jpx, ktx, png, psd, qoi, tga, tiff (tif), webp ...
MIT License
106 stars 26 forks source link

Fix a lot of bugs #14

Closed chan233 closed 1 month ago

chan233 commented 1 month ago

These are test samples that causes heap overflow or out of range: crashs.tar.gz

xiaozhuai commented 1 month ago

Hello @chan233 , thanks for the pr and the test samples you made. I will look into this issue and respond soon or later.

xiaozhuai commented 1 month ago

@chan233 You are absolutely right. When I wrote this library, maliciously constructed data was not considered. It will indeed cause a huge security risk. After reviewing your PR, I made some changes:

  1. I think the assertions should not be changed. Just let it crash. Expose problems earlier.
  2. Where integer overflow is possible, promote to uint64 type and then compare.
  3. Do not use try/catch. We should provide a safe and exception-free implementation of string to integer conversion. Unsigned integer is sufficient.
  4. Changes to other parts looks good to me.

I commit my changes into this pr directly, feel free to review the changes : )

BTW, would you mind if I add the sample files you created into this project? Then we can include tests for these case.

chan233 commented 1 month ago

My code isn't that great; I'm just more skilled at testing. Feel free to fix the bugs as you see fit, and use the sample files as you like. I'll also continue to follow up and conduct testing. Just for fun~

@chan233 You are absolutely right. When I wrote this library, maliciously constructed data was not considered. It will indeed cause a huge security risk. After reviewing your PR, I made some changes:

1. I think the assertions should not be changed. Just let it crash. Expose problems earlier.

2. Where integer overflow is possible, promote to uint64 type and then compare.

3. Do not use try/catch. We should provide a safe and exception-free implementation of string to integer conversion. Unsigned integer is sufficient.

4. Changes to other parts looks good to me.

I commit my changes into this pr directly, feel free to review the changes : )

BTW, would you mind if I add the sample files you created into this project? Then we can include tests for these case.

My code isn't that great; I'm just more skilled at testing. Feel free to fix the bugs as you see fit, and use the sample files as you like. I'll also continue to follow up and conduct testing. Just for fun~

xiaozhuai commented 1 month ago

@chan233 Sorry, I just made a mistake in operating the repo. Please re-submit a PR again. Thanks