Skip to content

S
stb

itdan3344 / stb
与 Fork 源项目一致

从无法访问的项目Fork

通知 2
Star 0
Fork 0
S
stb

体验新版 GitCode,发现更多精彩内容 >>

切换分支/标签
  1. 20 12月, 2016 1 次提交
  3. 05 12月, 2016 13 次提交
  5. 04 12月, 2016 8 次提交
  7. 29 11月, 2016 4 次提交
  9. 25 10月, 2016 2 次提交
  11. 22 10月, 2016 4 次提交
    • F
      stb_image: Fix memory leak and missing out-of-mem check. · 6b66033e
      Fabian Giesen 提交于 
      stbi__process_frame_header had two bugs when dealing with progressive
JPEGs:
1. when malloc failed allocating raw_data, previous components'
   raw_coeff didn't get freed
2. no out-of-memory check in raw_coeff allocation

Fix both and share a bit more cleanup code in general.
      6b66033e
    • F
      stb_image: Fix HDR/PSD RLE decoders. · 62f37275
      Fabian Giesen 提交于 
      Runs need to be bounds checked.

Fixes issues #315, #317.
      62f37275
    • F
      stb_image: Overflow checking for image allocs. · 02190634
      Fabian Giesen 提交于 
      Adds some helpers that check whether a product of multiple
factors (that need to be non-negative: this is enforced)
summed with another non-negative value overflows when
performed as int. Since stb_image mostly works in ints,
this seems like the safest route. Limits size of images
to 2GB but several of the decoders already enforce this
limit (or even lower ones).

Also adds wrappers for malloc that combine a mul-add-with-
overflow-check with the actual malloc, and return NULL
on failure. Then use them when allocating something that
is the product of multiple factors.

For image formats, also add a top-level "is this too big?"
check that gives a more useful error message; otherwise,
the failed mallocs result in an "out of memory" error.
The idea is that the top-level checks should be the primary
way to catch these bugs (and produce a useful error message).
But a misleading error message is still vastly preferable to
a buffer overflow exploit.

Fixes issues #310, #313, #314, #318. (Verified with the
provided test images)

Along the way, this fixes a previously unnoticed bug in
ldr_to_hdr / hdr_to_ldr (missing NULL check); these functions
are called with the result of an image decoder, so NULLs can
definitely happen.

Another bug noticed along the way is that handling of
interlaced 16-bit PNGs was incorrect. Fixing this (along
with the previous modifications) fixes issue #311.

Yet another bug noticed during this change is that reduce_png
did not check the right pointer during its out of memory
check. Fix that too.
      02190634
    • F
      stb_image: More input validation in deflate decoder · 8c8d735e
      Fabian Giesen 提交于 
      Fixes issue #312.
      8c8d735e
  13. 16 10月, 2016 2 次提交
  15. 08 10月, 2016 1 次提交
  17. 07 10月, 2016 5 次提交