We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
There is issue in line 5051 of stbi__shiftsigned function of stb_image.h file, which cause a denial of service (assert fault) via a crafted bmp file.
5035 static int stbi__shiftsigned(int v, int shift, int bits) 5036 { ... 5049 STBI_ASSERT(v >= 0 && v < 256); 5050 v >>= (8-bits); 5051 STBI_ASSERT(bits >= 0 && bits <= 8); 5052 return (int) ((unsigned) v * mul_table[bits]) >> shift_table[bits]; 5053 }
root@ubuntu:/libsixel-master/converters# ./img2sixel crafted.bmp lt-img2sixel: stb_image.h:5051: stbi__shiftsigned: Assertion `bits >= 0 && bits <= 8' failed. Aborted (core dumped)
Guoxiang Niu, Xiaolong Zhao, Muxing Guan, EaglEye Team
The text was updated successfully, but these errors were encountered:
Raise an error instead of assert() when wrong color mask is detected (#…
a516125
…89)
Fixed on v1.8.4, Thanks!
Sorry, something went wrong.
No branches or pull requests
There is issue in line 5051 of stbi__shiftsigned function of stb_image.h file, which cause a denial of service (assert fault) via a crafted bmp file.
5035 static int stbi__shiftsigned(int v, int shift, int bits)
5036 {
...
5049 STBI_ASSERT(v >= 0 && v < 256);
5050 v >>= (8-bits);
5051 STBI_ASSERT(bits >= 0 && bits <= 8);
5052 return (int) ((unsigned) v * mul_table[bits]) >> shift_table[bits];
5053 }
root@ubuntu:/libsixel-master/converters# ./img2sixel crafted.bmp
lt-img2sixel: stb_image.h:5051: stbi__shiftsigned: Assertion `bits >= 0 && bits <= 8' failed.
Aborted (core dumped)
Guoxiang Niu, Xiaolong Zhao, Muxing Guan, EaglEye Team
The text was updated successfully, but these errors were encountered: