Skip to content

Fix: TC in SIccCalcOp::ArgsPushed() at IccProfLib/IccMpeCalc.cpp #422

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
xsscx merged 2 commits into from
Jan 3, 2026
Merged

Fix: TC in SIccCalcOp::ArgsPushed() at IccProfLib/IccMpeCalc.cpp #422

xsscx merged 2 commits into from
Jan 3, 2026
+129 −31

Conversation

@ChrisCoxArt
Copy link
Contributor

@ChrisCoxArt ChrisCoxArt commented Jan 3, 2026

Fixes #379
And fix one obvious typo that is most likely the second part of 379.

Pull Request Checklist

  • Have you followed the guidelines in Contributing document?
  • Have you checked to ensure there aren't other open Pull Requests for the same change?
  • Have you built your Pull Request locally with the Build Instructions?
  • Have you added or updated relevant tests?
  • Have you added or updated relevant docs?

@ChrisCoxArt
clip MPE/calc argument counts against max stack size
f86a62b 
static assert to make sure the max stack size fits in the function result type.
promote values to larger ints, clip results against icMaxDataStackSize to prevent overflow
SIccCalcOp::ArgsPushed()  and SIccCalcOp::ArgsUsed()
Fixes #379
@ChrisCoxArt
fix typo
4383a02 
Speculative fix (it is a typo) for the second part of #379
@ChrisCoxArt ChrisCoxArt requested a review from xsscx as a code owner January 3, 2026 22:20
@xsscx xsscx self-assigned this Jan 3, 2026
@xsscx xsscx added PR Pull Request Review in Process PR being Reviewed by Maintainers labels Jan 3, 2026
@xsscx
Copy link
Member

xsscx commented Jan 3, 2026

Sat Jan 3 10:37:28 PM UTC 2026

@xsscx xsscx added the Pending Merge Maintainer indicates Merge Pending and requests no further changes label Jan 3, 2026
@xsscx
Copy link
Member

xsscx commented Jan 3, 2026

PR422 Manually Verified

Sat Jan 3 10:50:35 PM UTC 2026

git rev-parse HEAD
git show --no-patch --oneline
4383a02
4383a02 (HEAD -> issue-379, origin/issue-379) fix typo

...
signed-integer-overflow.xml
...
2026-01-03 22:49:39 (80.5 MB/s) - ‘signed-integer-overflow.xml’ saved [5592/5592]

xss@W5:~/issue-379/iccDEV/Testing$ iccFromXml signed-integer-overflow.xml  sio.icc
Unable to parse Main Calculator Function from "{ env(0000) if { tput[0] } else { pop 000 tput }env(0000) if { t"
Unable to parse element of type CIccMpeXmlCalculator
Unable to parse element (CalculatorElement) starting on line 1
Unable to Parse "multiProcessElementType" (AToB1Tag) Tag on line 1

Unable to Parse 'signed-integer-overflow.xml'

@xsscx xsscx changed the title Clip MPE/Calc arguments against maximum stack size, preventing overflow. Fix: TC in SIccCalcOp::ArgsPushed() at IccProfLib/IccMpeCalc.cpp Jan 3, 2026
@xsscx xsscx merged commit b835299 into master Jan 3, 2026
17 of 24 checks passed
@xsscx xsscx added Merged Merged and removed Review in Process PR being Reviewed by Maintainers Pending Merge Maintainer indicates Merge Pending and requests no further changes labels Jan 3, 2026
@xsscx
Copy link
Member

xsscx commented Jan 4, 2026

GHSA-3r2x-j7v3-pg6f

@xsscx xsscx added CVE Requested Maintainer indicates a CVE has been Requested Security Security Related labels Jan 4, 2026
@ChrisCoxArt ChrisCoxArt deleted the issue-379 branch January 6, 2026 02:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@xsscx xsscx xsscx approved these changes

Assignees

@xsscx xsscx

Labels

CVE Requested Maintainer indicates a CVE has been Requested Merged Merged PR Pull Request Security Security Related

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

TC in SIccCalcOp::ArgsPushed() at IccProfLib/IccMpeCalc.cpp:2426:32

3 participants

@ChrisCoxArt @xsscx