Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Exist a undefined-behavior issue in file src/lib/openjp2/tcd.c:2327 #1480

Closed
xiaoxiaoafeifei opened this issue Sep 11, 2023 · 0 comments
Closed

Exist a undefined-behavior issue in file src/lib/openjp2/tcd.c:2327 #1480

xiaoxiaoafeifei opened this issue Sep 11, 2023 · 0 comments

Comments

@xiaoxiaoafeifei
Copy link
Contributor

xiaoxiaoafeifei commented Sep 11, 2023
edited
Loading

Expected behavior and actual behavior.

Hi,
I found a runtime error: applying zero offset to null pointer in current master, and I also reproduced it on latest released version 2.5.0.

Steps to reproduce the problem.

git clone https://github.com/uclouvain/openjpeg.git

cd openjpeg
mkdir build
cd build

cmake .. -DCMAKE_BUILD_TYPE=Debug
-DCMAKE_C_COMPILER=clang
-DCMAKE_CXX_COMPILER=clang++
-DCMAKE_C_FLAGS="-fsanitize=undefined"
-DCMAKE_CXX_FLAGS="-fsanitize=undefined"

make

./bin/opj_decompress -o res.bmp -r 5 -i poc_file
poc_file:
poc_file.zip

Reproduction

root@iZ2vcadn43p7fjzbhl6zqwZ:~#./openjpeg/build/bin/opj_decompress -o res.bmp -r 5 -i poc_file

===========================================
The extension of this file is incorrect.
FOUND ep:8. SHOULD BE .j2k or .jpc or .j2c or .jhc

[INFO] Start to read j2k main header (0).
[INFO] Main header has been correctly decoded.
[INFO] No decoded area parameters, set the decoded area to the whole image
[INFO] Header of tile 1 / 1 has been read.
/root/fuzz_pro/fuzz_openjpeg/openjpeg/src/lib/openjp2/tcd.c:2327:31: runtime error: applying zero offset to null pointer
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /root/fuzz_pro/fuzz_openjpeg/openjpeg/src/lib/openjp2/tcd.c:2327:31 in
[INFO] Tile 1/1 has been decoded.
[INFO] Image data has been updated with tile 1.

[WARNING] Failed to decode component 0
[WARNING] Failed to decode component 1
[WARNING] Failed to decode component 2
[WARNING] Failed to decode component 3
[ERROR] Failed to decode all used components
ERROR -> opj_decompress: failed to decode image

Operating system

DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=22.04
DISTRIB_CODENAME=jammy
DISTRIB_DESCRIPTION="Ubuntu 22.04.3 LTS"

openjpeg version

currrent master version
@xiaoxiaoafeifei xiaoxiaoafeifei mentioned this issue Sep 11, 2023
Closed
rouault added a commit to rouault/openjpeg that referenced this issue Dec 8, 2023
@rouault
opj_tcd_dc_level_shift_decode(): avoid increment nullptr (fixes uclou…
6c8c6c2 
…vain#1480)

(likely harmless issue as we don't dereference it)
@rouault rouault closed this as completed in 90312af Dec 8, 2023
rouault added a commit that referenced this issue Dec 8, 2023
@rouault
Merge pull request #1496 from rouault/fix_1480
dfdedea 
opj_tcd_dc_level_shift_decode(): avoid increment nullptr (fixes #1480)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix runtime error: applying zero offset to null pointer xiaoxiaoafeifei/openjpeg
1 participant
@xiaoxiaoafeifei