New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SEGV on unknown access while get a bmp's width #1
Comments
|
Hi, your bitmap file, not_kitty.bmp is a 4-bit image, but the bitmap module only supports 8-bit palletized or 24-bit BMP images. So the call to I've been meaning to add support for more types in the future, but I haven't gotten around to it yet. I will update the documentation to mention that it only supports those two types in the meantime. Here is a test program: Its output: |
|
and how about this PNG file? Is it the same reason as you say? |
|
Mmm, this is interesting. Your image is an 8-bit PNG, and I've used I see some error handling code is also missing, so I think I haven't pushed all of my most recent changes to GitHub. I'll look into it this evening. I'll also keep your files as examples of images that the library should be able to load. |
|
|
CVE-2018-17073 was assigned to this issue. |
|
I've added a bunch of (I've done it through asserts for performance reasons; so that the release version don't need to check for NULL pointers on every single call to the API functions) |
System: Ubuntu 18.04
Compile use: clang++ with asan, libpng, libjpeg
Here's my program:
and here is my bmp:
not_kitty.zip
AddressSanitizer:DEADLYSIGNAL
==18470==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x000000553844 bp 0x000000572df0 sp 0x7ffc6aced1f0 T0)
==18470==The signal is caused by a READ memory access.
==18470==Hint: address points to the zero page.
#0 0x553843 in bm_width /opt/bitmap/bmp.c:4255:15
#1 0x517f7e in main /opt/bitmap/mytest.cpp:19:10
#2 0x7fd86af7fb96 in __libc_start_main /build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310
#3 0x41b669 in _start (/opt/bitmap/mytest+0x41b669)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /opt/bitmap/bmp.c:4255:15 in bm_width
==18470==ABORTING
The text was updated successfully, but these errors were encountered: