yyc12345/stb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,171 Commits 1 Branch 0 Tags 11 MiB
02190634c2
Commit Graph

1171 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Fabian Giesen
02190634c2 stb_image: Overflow checking for image allocs. 
Adds some helpers that check whether a product of multiple
factors (that need to be non-negative: this is enforced)
summed with another non-negative value overflows when
performed as int. Since stb_image mostly works in ints,
this seems like the safest route. Limits size of images
to 2GB but several of the decoders already enforce this
limit (or even lower ones).

Also adds wrappers for malloc that combine a mul-add-with-
overflow-check with the actual malloc, and return NULL
on failure. Then use them when allocating something that
is the product of multiple factors.

For image formats, also add a top-level "is this too big?"
check that gives a more useful error message; otherwise,
the failed mallocs result in an "out of memory" error.
The idea is that the top-level checks should be the primary
way to catch these bugs (and produce a useful error message).
But a misleading error message is still vastly preferable to
a buffer overflow exploit.

Fixes issues #310, #313, #314, #318. (Verified with the
provided test images)

Along the way, this fixes a previously unnoticed bug in
ldr_to_hdr / hdr_to_ldr (missing NULL check); these functions
are called with the result of an image decoder, so NULLs can
definitely happen.

Another bug noticed along the way is that handling of
interlaced 16-bit PNGs was incorrect. Fixing this (along
with the previous modifications) fixes issue #311.

Yet another bug noticed during this change is that reduce_png
did not check the right pointer during its out of memory
check. Fix that too.
 2016-10-22 00:29:37 -07:00
Fabian Giesen
8c8d735eb7 stb_image: More input validation in deflate decoder 
Fixes issue #312.
 2016-10-22 00:29:37 -07:00
Sean Barrett
2f4166e91d stb_connected_components 2016-10-16 07:59:57 -07:00
Sean Barrett
7d0099ecc9 fix bug in stb_connected_components adjacency list updating incorrectly handling avoiding adding the same connection twice 2016-10-16 07:58:59 -07:00
Sean Barrett
dca0a37ff4 other_libs points to new location 2016-10-07 17:36:21 -07:00
Sean Barrett
bf1dd13245 Merge branch 'master' of https://github.com/nothings/stb 2016-10-07 08:56:45 -07:00
Sean Barrett
d9e0dfcd63 readme change link to other_libs 2016-10-07 08:56:29 -07:00
Sean Barrett
5ecb2d86b8 Delete other_libs.md 2016-10-07 08:55:48 -07:00
Sean Barrett
33ac18a7fb tinyfiledialogs 2016-10-07 08:43:38 -07:00
Sean Barrett
3dabed0208 Merge branch 'working' 
Conflicts:
	docs/other_libs.md
 2016-10-07 08:38:30 -07:00
Sean Barrett
97305532a9 tweak genann 2016-10-07 08:37:42 -07:00
Sean Barrett
f05f8c3348 Merge branch 'codeplea-genann' of https://github.com/codeplea/stb into working 2016-10-07 08:34:59 -07:00
Sean Barrett
f2847a5493 Merge branch 'master' of https://github.com/nothings/stb 2016-10-07 08:31:19 -07:00
Sean Barrett
a117f374b2 update readme with links 2016-10-07 08:30:52 -07:00
Sean Barrett
3df8926443 Merge branch 'feature/add-link' of https://github.com/1ace/stb into working 2016-10-07 08:27:40 -07:00
Sean Barrett
c36e8ae082 Merge branch 'master' into working 2016-10-07 08:27:26 -07:00
Sean Barrett
7fa4f12048 tweak doctest 2016-10-07 08:25:24 -07:00
Sean Barrett
51e136aad7 Merge branch 'patch-1' of https://github.com/onqtam/stb into working 2016-10-07 08:24:16 -07:00
Sean Barrett
cf51044bc6 update stb_pg project 2016-10-07 08:23:24 -07:00
Sean Barrett
f814cd7577 Update other_libs.md 2016-09-25 17:10:51 -07:00
Sean Barrett
4f51089d1d Update other_libs.md 2016-09-25 15:09:45 -07:00
Sean Barrett
e713a69f1e Update other_libs.md 2016-08-28 14:10:03 -07:00
Sean Barrett
fa775881d6 Update other_libs.md 2016-08-28 11:04:38 -07:00
Sean Barrett
973ad3611c other_libs updates 2016-08-28 10:42:22 -07:00
Sean Barrett
fa3db1eb89 Merge branch 'working' 2016-08-27 12:55:06 -07:00
Sean Barrett
e3d804279a Merge branch 'patch-1' of https://github.com/terrehbyte/stb into working 
Conflicts:
	docs/other_libs.md
 2016-08-27 12:54:59 -07:00
Sean Barrett
ac646fdc27 Merge branch 'working' 2016-08-27 12:54:03 -07:00
Sean Barrett
a1b466ab2f Merge branch 'patch-1' of https://github.com/dbohdan/stb into working 2016-08-27 12:53:59 -07:00
Sean Barrett
2c105e40fc Merge branch 'working' 2016-08-27 12:53:27 -07:00
Sean Barrett
5e596c8c2d other_libs: fix indentation 2016-08-27 12:52:28 -07:00
Sean Barrett
5b3957a546 Merge branch 'master' of https://github.com/xelatihy/stb into working 2016-08-27 12:45:35 -07:00
Sean Barrett
1e87fa472f Merge branch 'working' 2016-08-27 12:44:53 -07:00
Sean Barrett
1976e1aee5 Merge branch 'master' of https://github.com/jobtalle/stb into working 
Conflicts:
	docs/other_libs.md
 2016-08-27 12:44:45 -07:00
Sean Barrett
6704bc4023 Merge branch 'working' 2016-08-27 12:41:51 -07:00
Sean Barrett
7a02596aae Merge branch 'otherlibs-dg_dynarr' of https://github.com/DanielGibson/stb into working 2016-08-27 12:41:24 -07:00
Sean Barrett
01dc6abdcf Merge branch 'working' 2016-08-27 12:40:31 -07:00
Sean Barrett
5db11942d1 Merge branch 'master' of https://github.com/kieselsteini/stb into working 2016-08-27 12:39:42 -07:00
Sean Barrett
6f72440159 bump version numbers 2016-08-27 12:38:09 -07:00
Sean Barrett
19c9615e90 rect_pack patch; 
fix typo in stb_textedit
 2016-08-27 12:36:26 -07:00
Sean Barrett
5ad14faf38 Merge branch 'master' into working 2016-08-27 12:35:29 -07:00
cosmy1
4e758682b0 Minor fixes. 2016-08-27 12:35:20 -07:00
Sean Barrett
2c71a43206 Merge branch 'working' 2016-08-27 12:33:04 -07:00
Sean Barrett
bde8f7c102 tweaks to stb_textedit custom-move-by-word patch 2016-08-27 12:32:45 -07:00
Sean Barrett
841930cca4 Merge branch 'textedit-moveright-moveleft' of https://github.com/ocornut/stb into working 2016-08-27 12:25:29 -07:00
Sean Barrett
50ec40269d Merge branch 'working' 2016-08-27 12:24:05 -07:00
Sean Barrett
094e8e923b Merge branch 'master' of https://github.com/kritzikratzi/stb into working 2016-08-27 12:23:37 -07:00
Sean Barrett
f4d348de8e Merge branch 'working' 2016-08-27 12:17:05 -07:00
Sean Barrett
14e6a98469 clarify alloca #include whitelists 2016-08-27 12:10:46 -07:00
Sean Barrett
f4938bfa4d Whitelist the compilers that need malloc.h for alloca 2016-08-27 12:09:01 -07:00
Sean Barrett
a2f50a1b6a Merge branch 'working' 2016-08-27 12:03:10 -07:00