[FEATURE REQUEST] Add check_open validity plausibility checks to format readers #3974
Labels
file formats
Image file formats, ImageInput, ImageOutput
good first issue
Good one-day project for beginners without much knowledge of the code base.
Comments
lgritz
added
file formats
lgritz
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
There is a new helper function, ImageInput::check_open(), that can be used by ImageInput::open() implementations to do some sanity checking to try to discover which files have certain header values so preposterous that they seem likelier to be corrupted or even malicious than they are to be legit.
You can see how this is used in the TIFF reader (search tiffinput.cpp for "check_open") or the Targa reader (targainput.cpp). Check also in imageio.h for the check_open helper method of ImageInput. (N.B. Not to be confused for the ImageOutput::check_open helper, of a similar theme, but for output.)
Task: Add this to the other file format's ImageInput implementations.
A "good first issue" is adding the check to any ONE format reader. You don't need to do them all.
It does need some format-specific care to be sure that the resolution limits you pass to check_open match what seems likely or possible for the given format. So don't just blindly cut and paste the call from one format reader to another without understanding it and whether it reflects the right choices for that format.
The text was updated successfully, but these errors were encountered: