Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix incorrect loop condition #1752

Merged
merged 2 commits into from
Jun 30, 2021
Merged

Fix incorrect loop condition #1752

merged 2 commits into from
Jun 30, 2021

Conversation

kevinbackhouse
Copy link
Collaborator

Fixes GHSA-mxw9-qx4c-6m8v

The problem here is caused by bWroteColor. It is false by default, but if it becomes true then it can never revert back to false. When it becomes true, the loop becomes infinite: it can only terminate by throwing an exception or by crashing. I am not completely sure what the intended logic was here, but my best guess is that the loop condition should use && rather than ||.

I also fixed an unaligned pointer dereference that was causing an ASAN error.

hassec
hassec approved these changes Jun 30, 2021
View reviewed changes
Copy link
Member

@hassec hassec left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 😊

Should probably forward this to main, right?

@kevinbackhouse kevinbackhouse added the forward-to-main Forward changes in a 0.28.x PR to main with Mergify label Jun 30, 2021
@hassec hassec merged commit 86d0a1d into Exiv2:0.27-maintenance Jun 30, 2021
mergify bot pushed a commit that referenced this pull request Jun 30, 2021
@kevinbackhouse
fix: fix incorrect loop condition (#1752)
77d1050 
* Regression test for GHSA-mxw9-qx4c-6m8v

* Fix incorrect loop condition.

(cherry picked from commit 86d0a1d)

# Conflicts:
#	src/jp2image.cpp
@mergify mergify bot mentioned this pull request Jun 30, 2021
Merged
@hassec hassec added the bug label Jun 30, 2021
@hassec hassec added this to the v0.27.5 milestone Jun 30, 2021
kevinbackhouse added a commit that referenced this pull request Jul 1, 2021
@kevinbackhouse
fix incorrect loop condition (#1752)
c221943
kevinbackhouse added a commit that referenced this pull request Jul 1, 2021
@kevinbackhouse
fix incorrect loop condition (#1752)
52b7300
hassec pushed a commit that referenced this pull request Jul 1, 2021
@kevinbackhouse @hassec
fix incorrect loop condition (#1752)
d30c95d
@clanmills clanmills mentioned this pull request Aug 9, 2021
Open
@kevinbackhouse kevinbackhouse deleted the Fix-GHSA-mxw9-qx4c-6m8v branch August 11, 2021 15:01
@nehaljwani nehaljwani mentioned this pull request May 8, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hassec hassec hassec approved these changes

Assignees
No one assigned
Labels
bug forward-to-main Forward changes in a 0.28.x PR to main with Mergify
Projects
None yet
Milestone
v0.27.5
Development

Successfully merging this pull request may close these issues.
2 participants
@kevinbackhouse @hassec