Commit Graph

389 Commits

Author SHA1 Message Date
Fabian Giesen
86b7570cfb stb_image: Fix bug on JPEGs with malformed DC deltas
extend_receive implicitly requires n <= 15 (code length);
the maximum that actually makes sense for 8-bit baseline JPEG is
11, but 15 is the natural limit for us because the AC coding path
stores the number of magnitude bits in a nibble.

Check that DC delta bits are in range before attempting to call
extend_receive.

Fixes issue #1108.
2021-07-04 01:39:09 -07:00
Fabian Giesen
6ab6303f98 stb_image: Check results of all mallocs.
A few were missing. Make sure to always report ouf-of-memory
errors.

Fixes issue #1056.
2021-07-04 01:39:09 -07:00
Fabian Giesen
8e8f7d9b69 stb_image: Update credits, change log 2021-07-04 01:38:24 -07:00
Simon Breuss
8c15cc9c79 Adds 16-bit support for pnm files. 2021-07-04 01:38:24 -07:00
Jacko Dirks
c62af85657 stb_image.h: Suppress warnings about out_size, delay_size
These two variables are unused on some targets, resulting in
warnings. Add STBI_NOTUSED around them to suppress those
warnings.
2021-07-04 01:38:24 -07:00
Fabian Giesen
448bb137e3 stb_image: Better docs for stbi_info.
Fixes #1026.
2021-07-04 01:38:24 -07:00
Fabian Giesen
1203eb554b stb_image: Fix issue #994.
Accidentally introduced during a merge.
2021-07-04 01:38:24 -07:00
Sean Barrett
e140649ccf remove trailign whitespace 2020-07-13 04:40:31 -07:00
Sean Barrett
314d0a6f9a update version numbers 2020-07-13 04:36:03 -07:00
Sean Barrett
f3085776a4 Merge branch 'patch-1' of https://github.com/coltongit/stb into working 2020-07-13 04:07:16 -07:00
Sean Barrett
589a678b65 Merge branch 'master' of https://github.com/recp/stb into working 2020-07-13 04:06:19 -07:00
Sean Barrett
bfaccab17a Merge branch 'stb-image-fuzzing-fixes' of https://github.com/rcgordon/stb into working 2020-07-13 03:53:53 -07:00
Sean Barrett
fd9c3ea4af Merge branch 'bmp-assert' of https://github.com/zturtleman/stb into working 2020-07-13 03:01:52 -07:00
Sean Barrett
6f7420a825 add credits for last few PR merges 2020-07-13 02:59:10 -07:00
Sean Barrett
fdafd1aab4 Merge branch 'loadgif-realloc-sized' of https://github.com/SasLuca/stb into test 2020-07-13 02:45:13 -07:00
Sean Barrett
802a1df278 tweak indentation 2020-07-13 02:20:37 -07:00
Colton G. Rushton
9e292f0731
Fix minor typo in comment on line 6532 2020-05-30 17:41:25 -03:00
Recep Aslantas
ec898982b0 stbi: use __thread if GCC can't use _Thread_local 2020-05-26 00:22:12 +03:00
Recep Aslantas
8cb98357de stbi: fix thread local selector
* GCC < 5 supports __thread and GCC >= 5 supports C11 with _Thread_local
* Skip _Thread_local for MSVC because it may not be supported
2020-05-26 00:03:46 +03:00
Ryan C. Gordon
c29138ba59 Add randy408 to the "Bug warnings & fixes" list. 2020-04-29 14:20:33 -04:00
Randy
29d639546d fix integer arithmetic in stbi__zexpand() 2020-04-29 14:19:01 -04:00
Ryan C. Gordon
b09cb2c6f5 Add Ryan C. Gordon to "Bug & warning fixes" contribution list. 2020-04-28 13:28:45 -04:00
Ryan C. Gordon
89f3f35c9f stbi__skip should return immediately if skipping zero bytes.
Otherwise we might waste time or throw away state in the i/o callbacks.
2020-04-28 13:28:45 -04:00
Ryan C. Gordon
d60594847e Reject images that are too large (as defined by the application).
The BMP loader already had this hardcoded to (1 << 24) pixels, so this seems
like a good default to apply to all formats, but many apps will want to clamp
this much much lower.

It's possible to craft malicious but valid images that are enormous, causing
stb_image to allocate tons of memory and eat a ton of CPU, so locking these
to a maximum permitted size can save a lot of headaches in the wild.
2020-04-28 13:28:45 -04:00
Ryan C. Gordon
98ca24b8c7 Turn several asserts into formal checks.
There are several places where stb_image protects itself from bad data with
STBI_ASSERT macros, but if these are compiled out in release builds the code
will overflow buffers, etc, without warning. If they are left enabled, the
process will crash from assertion failures.

This patch attempts to leave the assertions in place that are meant to verify
the correctness of the interfaces (if the calling function was meant to pass
only 8 or 16 for bit depth, it's reasonable to assert that is accurate), but
changes asserts that are triggered by corrupt or malicious image file data.

Failed asserts were the majority of crashes during fuzzing; now all of these
cases safely report an error back to the calling app.
2020-04-28 13:28:45 -04:00
Ryan C. Gordon
95560bc6cf Be more aggressive about unexpected EOF conditions.
Fixes several hangs in the presence of bad input data.
2020-04-28 13:28:45 -04:00
Ryan C. Gordon
eb4b057f0d Check a return value for errors.
Catches bad input data found during fuzzing.
2020-04-28 13:28:45 -04:00
Ryan C. Gordon
b5d2296d5d Check for some obviously bad inputs from corrupt/malicious data.
These all caused crashes during fuzzing.
2020-04-28 13:28:45 -04:00
Ryan C. Gordon
385b5d3cda stbi__stdio_eof() should check ferror(), too.
Otherwise with filesystem errors, you might end up with a short read but
believe there's still more to read from the file, causing infinite loops.
2020-04-28 13:25:57 -04:00
Ryan C. Gordon
00f3f01be3 fseek() resets the EOF flag, even if seeking past the end of a read-only file.
This causes problems when stb_image tries to do this with stdio callbacks with
a maliciously crafted file (or just an unfortunately corrupt one)...

    // calls fread(), sets EOF flag, sets s->read_from_callbacks = 0
    stbi__refill_buffer(s);

    // calls fseek(), which resets the stream's EOF flag
    stbi__skip(some value we just read)

    // calls feof(), which always returns false because EOF flag was reset.
    while (!stbi__at_eof(s)) {
        // never calls fread() because s->read_from_callbacks==0
        stbi__refill_buffer(s);
        // loop forever
    }

To work around this, after seeking, we call fgetc(), which will set the EOF
flag as appropriate, and if not at EOF, we ungetc the byte so future reads
are correct. This fixes the infinite loop.
2020-04-28 13:25:57 -04:00
Zack Middleton
e919bcd32e stb_image: fix assert failing when loading BMP
This fixes two issues with an assert failing. I tested that the
first part fixes #909 and the second fixes #897.

1. Loading 16/24/32-bit BMP from memory caused an assert to fail
(excluding 16-bit BMP with hsz 12).

img_buffer offset was always compared with the buffer for
stbi_load_from_file() but stbi_load_from_memory() uses an external
buffer.

Resolution: Change s->buffer_start to s->img_buffer_original.

2. Loading BMP with large header from file caused assert to fail.

img_buffer points to stbi_uc buffer_start[128] but the largest BMP
supported has a 138 byte header (hsz 124) causing img_buffer to wrap
around to an offset of 10. The assert fails because 138 (header size)
!= 10 (offset in temp read buffer).

Resolution: Add the previously read bytes to the offset in temp read
buffer to get the absolute offset.

The issues were introduced by the commit c440a53d06
("stb_image: fix reading BMP with explicit masks").
2020-03-24 21:53:08 -04:00
Luca Sas
c5102ecc4d Refactored stbi__load_gif_main to use STBI_REALLOC_SIZED instead of STBI_REALLOC. 2020-02-13 13:05:12 +00:00
Sean Barrett
0224a44a10 stb_image: fix new warnings 2020-02-02 20:30:25 -08:00
Sean Barrett
2bb4a0accd Fix trailing whitespace 2020-02-02 11:30:27 -08:00
Sean Barrett
5e4a0617b7 udpate version numbers 2020-02-02 11:12:13 -08:00
Sean Barrett
1ced9faea1 Merge branch 'unused-function-warnings' of https://github.com/BradleyMarie/stb into work2 2020-02-02 10:11:43 -08:00
Sean Barrett
1586318a00 Merge branch 'master' of https://github.com/Try/stb into work2 2020-02-02 09:53:28 -08:00
Sean Barrett
6877b1afd3 Merge branch 'fix_issue_746' of https://github.com/BlackMATov/stb into work2 2020-02-02 08:52:48 -08:00
Sean Barrett
81d1537579 Merge branch 'fix_issue_745' of https://github.com/BlackMATov/stb into work2 2020-02-02 08:21:46 -08:00
Sean Barrett
28cc61a1ff stb_image: fix previous fix 2020-02-02 08:16:58 -08:00
Sean Barrett
f9ec936e7e Merge branch 'patch-1' of https://github.com/GMacharadze/stb into work2 2020-02-02 08:14:23 -08:00
Sean Barrett
ecf2a56f6d Merge branch 'patch-1' of https://github.com/StylishTriangles/stb into work2 2020-02-02 08:03:06 -08:00
Sean Barrett
eb48fbdced stb_image: use thread-locals for vertically_flip flag and g_failure_reason 2020-02-02 07:06:05 -08:00
Brad Weinberger
e2b8524aa2 Fix clang unused function compile warnings 2020-02-01 11:41:47 -08:00
Sean Barrett
c440a53d06 stb_image: fix reading BMP with explicit masks 2020-02-01 04:19:28 -08:00
Try
4148eb4d90 stb_image: fix CRC reading at the end of IEND chunk in png file 2019-11-18 19:25:38 +01:00
BlackMATov
01b2d76baf stb_image.h: fix warning about unused function 'stbi__err'
Fixes issue #746.
2019-08-22 10:28:16 +07:00
Sean Barrett
787f1d646a Update version numbers 2019-08-11 05:38:37 -07:00
Sean Barrett
5072185467 stb_image: fix static analyzer warnings 2019-08-11 05:19:33 -07:00
Sean Barrett
26a02f81ca stb_image: fix bug where bmp claimed to be 24-bit but also claimed to have an alpha bitfield 2019-08-11 04:54:52 -07:00