98ca24b8c7
Turn several asserts into formal checks.
...
There are several places where stb_image protects itself from bad data with
STBI_ASSERT macros, but if these are compiled out in release builds the code
will overflow buffers, etc, without warning. If they are left enabled, the
process will crash from assertion failures.
This patch attempts to leave the assertions in place that are meant to verify
the correctness of the interfaces (if the calling function was meant to pass
only 8 or 16 for bit depth, it's reasonable to assert that is accurate), but
changes asserts that are triggered by corrupt or malicious image file data.
Failed asserts were the majority of crashes during fuzzing; now all of these
cases safely report an error back to the calling app.
ago%!(EXTRA string=5 years)
95560bc6cf
Be more aggressive about unexpected EOF conditions.
...
Fixes several hangs in the presence of bad input data.
ago%!(EXTRA string=5 years)
eb4b057f0d
Check a return value for errors.
...
Catches bad input data found during fuzzing.
ago%!(EXTRA string=5 years)
b5d2296d5d
Check for some obviously bad inputs from corrupt/malicious data.
...
These all caused crashes during fuzzing.
ago%!(EXTRA string=5 years)
385b5d3cda
stbi__stdio_eof() should check ferror(), too.
...
Otherwise with filesystem errors, you might end up with a short read but
believe there's still more to read from the file, causing infinite loops.
ago%!(EXTRA string=5 years)
00f3f01be3
fseek() resets the EOF flag, even if seeking past the end of a read-only file.
...
This causes problems when stb_image tries to do this with stdio callbacks with
a maliciously crafted file (or just an unfortunately corrupt one)...
// calls fread(), sets EOF flag, sets s->read_from_callbacks = 0
stbi__refill_buffer(s);
// calls fseek(), which resets the stream's EOF flag
stbi__skip(some value we just read)
// calls feof(), which always returns false because EOF flag was reset.
while (!stbi__at_eof(s)) {
// never calls fread() because s->read_from_callbacks==0
stbi__refill_buffer(s);
// loop forever
}
To work around this, after seeking, we call fgetc(), which will set the EOF
flag as appropriate, and if not at EOF, we ungetc the byte so future reads
are correct. This fixes the infinite loop.
ago%!(EXTRA string=5 years)
f54acd4e13
Merge branch 'working'
ago%!(EXTRA string=5 years)
828e6cfdf7
update test
ago%!(EXTRA string=5 years)
95671cca57
update version number
ago%!(EXTRA string=5 years)
cd742941e6
stb_truetype: fix warning
ago%!(EXTRA string=5 years)
37b9b20fde
update version numbers
ago%!(EXTRA string=5 years)
efdaadcb4a
Merge branch 'master' of https://github.com/MarcoLizza/stb into working
ago%!(EXTRA string=5 years)
2805fe39ab
Merge branch 'fix_ub_shift' of https://github.com/wojdyr/stb into working
ago%!(EXTRA string=5 years)
cb9d4e9547
sprintf: warning fixes
ago%!(EXTRA string=5 years)
6b38abed1f
Merge branch 'mine/avoid_warning' of https://github.com/wojdyr/stb into working
ago%!(EXTRA string=5 years)
f06f586d18
sprintf warnings
ago%!(EXTRA string=5 years)
41a6bb58d1
Other (pedantic) warnings for possible uninitialized variables.
ago%!(EXTRA string=5 years)
43c6bd4e0e
Fixing (pedantic) cast warnings.
ago%!(EXTRA string=5 years)
6e8c31685f
Fixing fall-trough (pedantic) warnings.
ago%!(EXTRA string=5 years)
3366d1e797
stb_sprintf: avoid left shift of negative value
...
fix undefined behaviour reported by UBSan:
runtime error: left shift of negative value -9223372036854775808
and add a test case.
fixes #800
ago%!(EXTRA string=5 years)
3bb12a14e9
stb_sprintf.h: fix unused-parameter warning
ago%!(EXTRA string=5 years)
498bd3e017
Fix typo in stbds_hmget_key_ts_wrapper
ago%!(EXTRA string=5 years)
0224a44a10
stb_image: fix new warnings
ago%!(EXTRA string=5 years)
0cbdb25d2b
Merge branch 'master' of https://github.com/nothings/stb
ago%!(EXTRA string=5 years)
dc664b1289
update readme
ago%!(EXTRA string=5 years)
2bb4a0accd
Fix trailing whitespace
ago%!(EXTRA string=5 years)
7a69424f15
update version numbers
ago%!(EXTRA string=5 years)
17c301817b
Merge branch 'working'
ago%!(EXTRA string=5 years)
8ee3beabba
Merge branch 'master' of https://github.com/BSVino/stb into working
ago%!(EXTRA string=5 years)
50dc48013b
test stb_include.h
ago%!(EXTRA string=5 years)
5e4a0617b7
udpate version numbers
ago%!(EXTRA string=5 years)
d79349d0b7
stb_vorbis: update credits
ago%!(EXTRA string=5 years)
95ce252305
Merge branch 'OggComment' of https://github.com/audinowho/stb into work2
ago%!(EXTRA string=5 years)
49cbedfab6
LICENSE: remove trailign spaces
ago%!(EXTRA string=5 years)
bd79d89de2
Merge branch 'patch-1' of https://github.com/Croydon/stb into work2
ago%!(EXTRA string=5 years)
1ced9faea1
Merge branch 'unused-function-warnings' of https://github.com/BradleyMarie/stb into work2
ago%!(EXTRA string=5 years)
d2569111cd
Merge branch 'splitpath_raw_fix' of https://github.com/bcollins526/stb into work2
ago%!(EXTRA string=5 years)
aad77ec74e
Merge branch 'issue-799' of https://github.com/pwaller/stb into work2
ago%!(EXTRA string=5 years)
a6726a3d28
Merge branch 'patch-1' of https://github.com/cshesse/stb into work2
ago%!(EXTRA string=5 years)
24fdc35c90
stb_image_write: fix jpeg to work on non-C99 compilers
ago%!(EXTRA string=5 years)
4067b6d28b
Merge branch 'kc/fix-coverity-issues-1' of https://github.com/krcroft/stb into work2
ago%!(EXTRA string=5 years)
6a6e028e26
Merge branch 'fix-vs2019-warning' of https://github.com/Reedbeta/stb into work2
ago%!(EXTRA string=5 years)
454da539a2
Merge branch 'stbiw_update_jpeg' of https://github.com/DanielGibson/stb into work2
ago%!(EXTRA string=5 years)
1586318a00
Merge branch 'master' of https://github.com/Try/stb into work2
ago%!(EXTRA string=5 years)
cc99be2a9f
Merge branch 'quell-clang-wcast-align' of https://github.com/a-e-k/stb into work2
ago%!(EXTRA string=5 years)
fad1aa50c9
Merge branch 'fix-stb_include_strings' of https://github.com/sp0lsh/stb into work2
ago%!(EXTRA string=5 years)
ca1b58154d
Merge branch 'working' into work2
ago%!(EXTRA string=5 years)
acd1c66aa4
Merge branch 'fix806' of https://github.com/kolbma/stb into work2
ago%!(EXTRA string=5 years)
d882f542e9
Merge branch 'vorbis_seek_fixes' of https://github.com/dougallj/stb into work2
ago%!(EXTRA string=5 years)
fd4f1f702e
Merge branch 'master' of https://github.com/haferburg/stb into work2
ago%!(EXTRA string=5 years)
Ryan C. Gordon
Sean Barrett
Marco Lizza
Marcin Wojdyr
Nerd