FPE in sixel_encoder_do_resize, encoder.c:610

[waugustus]

This is a duplicate report of issue saitoha#166 in the original project, and both projects are affected.

Description

There is a floating point exception error in sixel_encoder_do_resize, encoder.c:610 in img2sixel 1.10.2. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file.

Version

img2sixel 1.10.2, commit id 2855eea ( Sun Feb 6 22:12:51 2022 -0500)

Reproduction

# img2sixel -w 128 poc /tmp/foo
AddressSanitizer:DEADLYSIGNAL
=================================================================
==702171==ERROR: AddressSanitizer: FPE on unknown address 0x55555558f807 (pc 0x55555558f807 bp 0x7fffffff8b50 sp 0x7fffffff8b30 T0)
    #0 0x55555558f806 in sixel_encoder_do_resize ../src/encoder.c:610
    #1 0x555555590924 in sixel_encoder_encode_frame ../src/encoder.c:919
    #2 0x5555555ff4da in load_gif ../src/fromgif.c:675
    #3 0x5555555dfaf8 in load_with_builtin ../src/loader.c:869
    #4 0x5555555e6ae0 in sixel_helper_load_image_file ../src/loader.c:1379
    #5 0x555555596d70 in sixel_encoder_encode ../src/encoder.c:1695
    #6 0x55555558ec7b in main ../converters/img2sixel.c:432
    #7 0x7ffff71a80b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x240b2)
    #8 0x55555558f26d in _start (/home/data/wdw/programs/libsixel/build_asan/bin/img2sixel+0x3b26d)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: FPE ../src/encoder.c:610 in sixel_encoder_do_resize
==702171==ABORTING

poc.zip

Platform

# uname -a
Linux 4a409ce47130 5.4.0-70-generic #78~18.04.1-Ubuntu SMP Sat Mar 20 14:10:07 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux