Skip to content

Fix: HBO in CIccFileIO::Read8()#562

Merged
xsscx merged 1 commit intomasterfrom
issue-558
Feb 2, 2026
Merged

Fix: HBO in CIccFileIO::Read8()#562
xsscx merged 1 commit intomasterfrom
issue-558

Conversation

@ChrisCoxArt
Copy link
Contributor

@ChrisCoxArt ChrisCoxArt commented Feb 2, 2026

Fixes #558

Pull Request Checklist

  • Have you followed the guidelines in Contributing document?
  • Have you checked to ensure there aren't other open Pull Requests for the same change?
  • Have you built your Pull Request locally with the Build Instructions?
  • Have you added or updated relevant tests?
  • Have you added or updated relevant docs?

@ChrisCoxArt ChrisCoxArt requested a review from xsscx as a code owner February 2, 2026 00:16
@xsscx xsscx self-assigned this Feb 2, 2026
@xsscx xsscx added PR Pull Request Review in Process Issue is being Reviewed by Maintainers labels Feb 2, 2026
@xsscx xsscx changed the title validate minimum size of tag before underflowing Fix: HBO in CIccFileIO::Read8() Feb 2, 2026
@xsscx
Copy link
Member

xsscx commented Feb 2, 2026

Added https://github.com/InternationalColorConsortium/iccDEV/actions/runs/21573164526

@xsscx xsscx added Changes Requested Maintainer Request for Changes and removed Review in Process Issue is being Reviewed by Maintainers labels Feb 2, 2026
@xsscx
Copy link
Member

xsscx commented Feb 2, 2026

Retest in Progress

@xsscx xsscx added Test Status Maintainer indicates TEST Status Pending Merge Maintainer indicates Merge Pending and requests no further changes and removed Changes Requested Maintainer Request for Changes Test Status Maintainer indicates TEST Status labels Feb 2, 2026
@xsscx
Copy link
Member

xsscx commented Feb 2, 2026

Status

Unable to perform round trip on 'heap-buffer-overflow-display-CIccFileIO-Read8-IccIO_cpp-Line508.icc'

Perfect, must have been stale data in runner

@xsscx
Copy link
Member

xsscx commented Feb 2, 2026

Pre Merge Status

Job Failed, which is the expected outcome.

Unable to perform round trip on 'heap-buffer-overflow-display-CIccFileIO-Read8-IccIO_cpp-Line508.icc'

The Job Failure actually indicates the Bug is Fixed, so the Action logic in the background needs an update.

xsscx
xsscx approved these changes Feb 2, 2026
View reviewed changes
Copy link
Member

@xsscx xsscx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

2026-02-02 00:37:35 UTC

@xsscx xsscx merged commit 8a6df2d into master Feb 2, 2026
28 checks passed
@xsscx xsscx added Merged Merged Security Security Related and removed Pending Merge Maintainer indicates Merge Pending and requests no further changes labels Feb 2, 2026
@xsscx xsscx mentioned this pull request Feb 3, 2026
Merged
5 tasks
@xsscx xsscx added the CVE Requested Maintainer indicates a CVE has been Requested label Feb 4, 2026
@xsscx
Copy link
Member

xsscx commented Feb 4, 2026

GHSA-5ffg-r52h-fgw3

@ChrisCoxArt ChrisCoxArt deleted the issue-558 branch February 4, 2026 23:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@xsscx xsscx xsscx approved these changes

Assignees

@xsscx xsscx

Labels

CVE Requested Maintainer indicates a CVE has been Requested Merged Merged PR Pull Request Security Security Related

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

HBO in CIccFileIO::Read8() at IccIO.cpp:508

2 participants

@ChrisCoxArt @xsscx