In some cases, an assertion failure may be intentional behavior, not a vulnerability,
However, Assertion failure may cause denial of service attacks in some cases.
And CVE IDs have been assigned such as CVE-2018-7712,CVE-2018-7713,CVE-2018-7714.
The text was updated successfully, but these errors were encountered:
Details: https://www.cvedetails.com/cve/CVE-2018-7712/ , etc
OpenCV CV_Assert is not an assertion (C-like assert()), it is regular C++ exception which can raised in case of invalid or non-supported parameters.
Considering this as invalid report: It is application developer responsibility to catch C++ errors from C++ libraries.
These exceptions are raised in case of malformed images or to avoid loading of very huge images (to resolve unwanted denial of service related to memory limits).
There is no runtime way at this moment to control values of these limits, but these limits are enough for usual modern applications.
In some cases, an assertion failure may be intentional behavior, not a vulnerability,
However, Assertion failure may cause denial of service attacks in some cases.
And CVE IDs have been assigned such as CVE-2018-7712,CVE-2018-7713,CVE-2018-7714.
The text was updated successfully, but these errors were encountered: