astcenc outright segfaults in decode mode with these inputs #4
Comments
|
Hi, |
Merged
|
Pull Request #13 fixes these; they were mostly a matter of zero-dimension values for the overall image size, and overly simplified ASTC-blocksize dimension value checking allowing for a combination of... *p = malloc(0); // segfault if p is accessed ...and trying to lookup invalid expansions at 7, 9, or 11 X/Y or 2, 7, 8, 9, 10, 11, or 12 Z blocksizes. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I realize that input validation is not currently a priority; however, in case you'd ever like to work on it, I let a fuzzer have its way with
astcenc -dfor more-or-less twenty hours, and it shook out these 173 address boundary errors, which may be mostly related.This link refers to a gzipped tarball containing the test cases it found. Each test case is trimmed to the smallest form that still reliably produces the crash.
http://marumie.magnifi.ca/astcenc/crashes.tgz
If any of these are architecture-specific, my test platform was AMD64.
Have a nice morning in Cambridge. :- )
The text was updated successfully, but these errors were encountered: