mirrors/stb
1
0
Fork 0
mirror of https://github.com/nothings/stb synced 2024-12-16 04:42:42 +03:00
Code Issues Packages Projects Releases Wiki Activity
1,876 Commits 2 Branches 0 Tags 10 MiB
c29138ba59
Commit Graph

1876 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ryan C. Gordon
c29138ba59 Add randy408 to the "Bug warnings & fixes" list. 2020-04-29 14:20:33 -04:00
Randy
29d639546d fix integer arithmetic in stbi__zexpand() 2020-04-29 14:19:01 -04:00
Ryan C. Gordon
b09cb2c6f5 Add Ryan C. Gordon to "Bug & warning fixes" contribution list. 2020-04-28 13:28:45 -04:00
Ryan C. Gordon
89f3f35c9f stbi__skip should return immediately if skipping zero bytes. 
Otherwise we might waste time or throw away state in the i/o callbacks.
 2020-04-28 13:28:45 -04:00
Ryan C. Gordon
d60594847e Reject images that are too large (as defined by the application). 
The BMP loader already had this hardcoded to (1 << 24) pixels, so this seems
like a good default to apply to all formats, but many apps will want to clamp
this much much lower.

It's possible to craft malicious but valid images that are enormous, causing
stb_image to allocate tons of memory and eat a ton of CPU, so locking these
to a maximum permitted size can save a lot of headaches in the wild.
 2020-04-28 13:28:45 -04:00
Ryan C. Gordon
98ca24b8c7 Turn several asserts into formal checks. 
There are several places where stb_image protects itself from bad data with
STBI_ASSERT macros, but if these are compiled out in release builds the code
will overflow buffers, etc, without warning. If they are left enabled, the
process will crash from assertion failures.

This patch attempts to leave the assertions in place that are meant to verify
the correctness of the interfaces (if the calling function was meant to pass
only 8 or 16 for bit depth, it's reasonable to assert that is accurate), but
changes asserts that are triggered by corrupt or malicious image file data.

Failed asserts were the majority of crashes during fuzzing; now all of these
cases safely report an error back to the calling app.
 2020-04-28 13:28:45 -04:00
Ryan C. Gordon
95560bc6cf Be more aggressive about unexpected EOF conditions. 
Fixes several hangs in the presence of bad input data.
 2020-04-28 13:28:45 -04:00
Ryan C. Gordon
eb4b057f0d Check a return value for errors. 
Catches bad input data found during fuzzing.
 2020-04-28 13:28:45 -04:00
Ryan C. Gordon
b5d2296d5d Check for some obviously bad inputs from corrupt/malicious data. 
These all caused crashes during fuzzing.
 2020-04-28 13:28:45 -04:00
Ryan C. Gordon
385b5d3cda stbi__stdio_eof() should check ferror(), too. 
Otherwise with filesystem errors, you might end up with a short read but
believe there's still more to read from the file, causing infinite loops.
 2020-04-28 13:25:57 -04:00
Ryan C. Gordon
00f3f01be3 fseek() resets the EOF flag, even if seeking past the end of a read-only file. 
This causes problems when stb_image tries to do this with stdio callbacks with
a maliciously crafted file (or just an unfortunately corrupt one)...

    // calls fread(), sets EOF flag, sets s->read_from_callbacks = 0
    stbi__refill_buffer(s);

    // calls fseek(), which resets the stream's EOF flag
    stbi__skip(some value we just read)

    // calls feof(), which always returns false because EOF flag was reset.
    while (!stbi__at_eof(s)) {
        // never calls fread() because s->read_from_callbacks==0
        stbi__refill_buffer(s);
        // loop forever
    }

To work around this, after seeking, we call fgetc(), which will set the EOF
flag as appropriate, and if not at EOF, we ungetc the byte so future reads
are correct. This fixes the infinite loop.
 2020-04-28 13:25:57 -04:00
Sean Barrett
f54acd4e13 Merge branch 'working' 2020-02-05 04:32:20 -08:00
Sean Barrett
828e6cfdf7 update test 2020-02-05 04:31:55 -08:00
Sean Barrett
95671cca57 update version number 2020-02-05 03:41:17 -08:00
Sean Barrett
cd742941e6 stb_truetype: fix warning 2020-02-05 03:40:17 -08:00
Sean Barrett
37b9b20fde update version numbers 2020-02-05 03:19:08 -08:00
Sean Barrett
efdaadcb4a Merge branch 'master' of https://github.com/MarcoLizza/stb into working 2020-02-05 03:16:46 -08:00
Sean Barrett
2805fe39ab Merge branch 'fix_ub_shift' of https://github.com/wojdyr/stb into working 2020-02-05 03:15:56 -08:00
Sean Barrett
cb9d4e9547 sprintf: warning fixes 2020-02-05 03:15:41 -08:00
Sean Barrett
6b38abed1f Merge branch 'mine/avoid_warning' of https://github.com/wojdyr/stb into working 2020-02-05 03:10:20 -08:00
Sean Barrett
f06f586d18 sprintf warnings 2020-02-05 03:10:07 -08:00
Marco Lizza
41a6bb58d1 Other (pedantic) warnings for possible uninitialized variables. 2020-02-04 17:03:48 +01:00
Marco Lizza
43c6bd4e0e Fixing (pedantic) cast warnings. 2020-02-04 17:03:23 +01:00
Marco Lizza
6e8c31685f Fixing fall-trough (pedantic) warnings. 2020-02-04 16:59:47 +01:00
Marcin Wojdyr
3366d1e797 stb_sprintf: avoid left shift of negative value 
fix undefined behaviour reported by UBSan:
  runtime error: left shift of negative value -9223372036854775808
and add a test case.

fixes #800
 2020-02-03 20:17:03 +01:00
Marcin Wojdyr
3bb12a14e9 stb_sprintf.h: fix unused-parameter warning 2020-02-03 14:42:35 +01:00
Nerd
498bd3e017
Fix typo in stbds_hmget_key_ts_wrapper 2020-02-03 16:17:42 +08:00
Sean Barrett
0224a44a10 stb_image: fix new warnings 2020-02-02 20:30:25 -08:00
Sean Barrett
0cbdb25d2b Merge branch 'master' of https://github.com/nothings/stb 2020-02-02 11:32:55 -08:00
Sean Barrett
dc664b1289 update readme 2020-02-02 11:32:21 -08:00
Sean Barrett
2bb4a0accd Fix trailing whitespace 2020-02-02 11:30:27 -08:00
Sean Barrett
7a69424f15 update version numbers 2020-02-02 11:26:50 -08:00
Sean Barrett
17c301817b Merge branch 'working' 2020-02-02 11:16:16 -08:00
Sean Barrett
8ee3beabba Merge branch 'master' of https://github.com/BSVino/stb into working 2020-02-02 11:16:06 -08:00
Sean Barrett
50dc48013b test stb_include.h 2020-02-02 11:12:27 -08:00
Sean Barrett
5e4a0617b7 udpate version numbers 2020-02-02 11:12:13 -08:00
Sean Barrett
d79349d0b7 stb_vorbis: update credits 2020-02-02 10:54:29 -08:00
Sean Barrett
95ce252305 Merge branch 'OggComment' of https://github.com/audinowho/stb into work2 2020-02-02 10:51:14 -08:00
Sean Barrett
49cbedfab6 LICENSE: remove trailign spaces 2020-02-02 10:36:08 -08:00
Sean Barrett
bd79d89de2 Merge branch 'patch-1' of https://github.com/Croydon/stb into work2 2020-02-02 10:11:53 -08:00
Sean Barrett
1ced9faea1 Merge branch 'unused-function-warnings' of https://github.com/BradleyMarie/stb into work2 2020-02-02 10:11:43 -08:00
Sean Barrett
d2569111cd Merge branch 'splitpath_raw_fix' of https://github.com/bcollins526/stb into work2 2020-02-02 10:06:31 -08:00
Sean Barrett
aad77ec74e Merge branch 'issue-799' of https://github.com/pwaller/stb into work2 2020-02-02 10:04:39 -08:00
Sean Barrett
a6726a3d28 Merge branch 'patch-1' of https://github.com/cshesse/stb into work2 2020-02-02 10:03:31 -08:00
Sean Barrett
24fdc35c90 stb_image_write: fix jpeg to work on non-C99 compilers 2020-02-02 10:02:53 -08:00
Sean Barrett
4067b6d28b Merge branch 'kc/fix-coverity-issues-1' of https://github.com/krcroft/stb into work2 2020-02-02 10:02:25 -08:00
Sean Barrett
6a6e028e26 Merge branch 'fix-vs2019-warning' of https://github.com/Reedbeta/stb into work2 2020-02-02 10:01:51 -08:00
Sean Barrett
454da539a2 Merge branch 'stbiw_update_jpeg' of https://github.com/DanielGibson/stb into work2 2020-02-02 10:01:04 -08:00
Sean Barrett
1586318a00 Merge branch 'master' of https://github.com/Try/stb into work2 2020-02-02 09:53:28 -08:00
Sean Barrett
cc99be2a9f Merge branch 'quell-clang-wcast-align' of https://github.com/a-e-k/stb into work2 2020-02-02 09:51:34 -08:00