Skip to content

Fix: CIccTagSpectralViewingConditions() UB #225

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
xsscx merged 1 commit into from
Nov 24, 2025
Merged

Fix: CIccTagSpectralViewingConditions() UB #225

xsscx merged 1 commit into from
Nov 24, 2025

Conversation

@ChrisCoxArt
Copy link
Contributor

@ChrisCoxArt ChrisCoxArt commented Nov 24, 2025

Fixes #216

@ChrisCoxArt
fix copy constructors for CIccTagSpectralViewingConditions
92b7653 
Fixes #216
But waiting for input from Max about this - was it a mistake, or by design?
@ChrisCoxArt ChrisCoxArt linked an issue Nov 24, 2025 that may be closed by this pull request
Known Defect: runtime error: -nan is outside the range of representable values of type 'int' | IccProfLib/IccUtil.cpp:555 #216
Closed
@xsscx xsscx self-requested a review November 24, 2025 22:56
@xsscx xsscx self-assigned this Nov 24, 2025
@xsscx xsscx added Bug Bug Report PR Pull Request Review in Process PR being Reviewed by Maintainers ci labels Nov 24, 2025
@xsscx xsscx changed the title fix copy constructors for CIccTagSpectralViewingConditions Fix: CIccTagSpectralViewingConditions::CIccTagSpectralViewingConditions() UB Nov 24, 2025
xsscx
xsscx approved these changes Nov 24, 2025
View reviewed changes
Copy link
Member

@xsscx xsscx left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR 225 Repro

          export CXX=clang++
          git clone https://github.com/InternationalColorConsortium/iccDEV.git
          cd iccDEV
          git fetch origin pull/225/head:pr-225
          git checkout pr-225
          cd Build
          cmake -DCMAKE_INSTALL_PREFIX=$HOME/.local -DCMAKE_BUILD_TYPE=Debug -Wno-dev -DCMAKE_CXX_FLAGS="-g -fsanitize=address,undefined -fno-omit-frame-pointer -Wall" -DENABLE_TOOLS=ON -DENABLE_STATIC_LIBS=ON -DENABLE_SHARED_LIBS=ON Cmake/
          make -j$(nproc)
          echo "========= BEGIN INSIDE STUB for Issue 216 ========="
          cd ../Testing/
          echo "=== Updating PATH ==="
           for d in ../Build/Tools/*; do
            [ -d "$d" ] && export PATH="$(realpath "$d"):$PATH"
           done
          echo "========= fetching the profile... =========" 
          wget https://github.com/xsscx/Commodity-Injection-Signatures/raw/refs/heads/master/graphics/icc/Cat8Lab-D65_2degMeta.icc
          iccRoundTrip Cat8Lab-D65_2degMeta.icc

Expected Output

2025-11-24 18:07:45 (12.7 MB/s) - ‘Cat8Lab-D65_2degMeta.icc’ saved [2600/2600]

Profile:          'Cat8Lab-D65_2degMeta.icc'
Rendering Intent: Relative Colorimetric
Specified Gamut:  Not Specified

Round Trip 1
------------
Min DeltaE:        0.00
Mean DeltaE:       0.00
Max DeltaE:        0.00

Max L, a, b:   0.000000, -128.000000, -128.000000

Round Trip 2
------------
Min DeltaE:        0.00
Mean DeltaE:       0.00
Max DeltaE:        0.00

Max L, a, b:   0.000000, -128.000000, -128.000000

PRMG Interoperability - Round Trip Results
------------------------------------------------------
DE <= 1.0 (  201613): 100.0%
DE <= 2.0 (  201613): 100.0%
DE <= 3.0 (  201613): 100.0%
DE <= 5.0 (  201613): 100.0%
DE <=10.0 (  201613): 100.0%
Total     (  201613)

The above Test indicates that PR225 resolves Issue 216 and this PR will be Merged.

Thank You @ChrisCoxArt for your time & efforts!
PR225 addressed the UB in CIccTagSpectralViewingConditions::CIccTagSpectralViewingConditions() reported from Issue 216
Signed-off-by: D Hoyt xss@xss.cx

@xsscx xsscx added Merged Merged and removed Bug Bug Report Review in Process PR being Reviewed by Maintainers ci labels Nov 24, 2025
@xsscx xsscx changed the title Fix: CIccTagSpectralViewingConditions::CIccTagSpectralViewingConditions() UB Fix: CIccTagSpectralViewingConditions() UB Nov 24, 2025
@xsscx xsscx merged commit c675fb4 into master Nov 24, 2025
3 checks passed
@ChrisCoxArt ChrisCoxArt deleted the issue-216 branch November 25, 2025 04:59
@xsscx xsscx added the Security Security Related label Nov 25, 2025
@xsscx
Copy link
Member

xsscx commented Jan 3, 2026

GHSA-fg9m-j9x8-8279

@xsscx xsscx added the CVE Requested Maintainer indicates a CVE has been Requested label Jan 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@xsscx xsscx xsscx approved these changes

Assignees

@xsscx xsscx

Labels

CVE Requested Maintainer indicates a CVE has been Requested Merged Merged PR Pull Request Security Security Related

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Known Defect: runtime error: -nan is outside the range of representable values of type 'int' | IccProfLib/IccUtil.cpp:555

3 participants

@ChrisCoxArt @xsscx