Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Report an error if a block doesn't define any EOF symbol #27

Merged
merged 2 commits into from
Sep 18, 2024
Merged

Report an error if a block doesn't define any EOF symbol #27

merged 2 commits into from
Sep 18, 2024

Conversation

fintelia
Copy link
Contributor

No description provided.

@kornelski
Copy link
Contributor

Have you checked if zlib/libpng catches this error? I wonder if there are images in the wild that rely on this.

@fintelia
Copy link
Contributor Author

Yes, zlib specifically catches this error:

As another example, the RFC does not explicitly state that a dynamic block must define a code for end-of-block. However if you don't, the deflate stream can never terminate. zlib's inflate requires a definition of an end-of-block code in a dynamic block or the stream is rejected. This assures that when, for example, random data is fed to inflate it will soon reject the stream as invalid.

@kornelski kornelski merged commit 05a3118 into image-rs:main Sep 18, 2024
@fintelia fintelia mentioned this pull request Sep 19, 2024
Closed
anforowicz added a commit to anforowicz/fdeflate that referenced this pull request Sep 19, 2024
@anforowicz
Regression tests for input chunking sensitivity.
6a3405d 
Explicitly reject Huffman trees with no symbol for end-of-block.
This commit adds regression tests:

* `test_input_chunking_sensitivity_when_no_end_of_block_symbol_example1`
  and `..._example2` (regression tests covering the issue fixed by
  image-rs#27)
* `test_input_chunking_sensitivity_when_handling_distance_codes`
  (regression test for the issue fixed by
  image-rs#26
* `inflate_bytewise3` fuzzer (used to discover inputs for the first 2 of
  the unit tests above + minimize the input for the other one)
anforowicz added a commit to anforowicz/fdeflate that referenced this pull request Sep 19, 2024
@anforowicz
Regression tests for input chunking sensitivity.
3b0c518 
This commit adds regression tests:

* `test_input_chunking_sensitivity_when_no_end_of_block_symbol_example1`
  and `..._example2` (regression tests covering the issue fixed by
  image-rs#27)
* `test_input_chunking_sensitivity_when_handling_distance_codes`
  (regression test for the issue fixed by
  image-rs#26
* `inflate_bytewise3` fuzzer (used to discover inputs for the first 2 of
  the unit tests above + minimize the input for the other one)
This was referenced Sep 19, 2024
Merged
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@fintelia @kornelski