Exist a null pointer dereference issue in file src/lib/openjp2/dwt.c:2124 #1505
Comments
rouault
added a commit
that referenced
this issue
Feb 18, 2024
opj_dwt_decode_tile(): avoid potential UndefinedBehaviorSanitizer 'applying zero offset to null pointer' (fixes #1505)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Expected behavior and actual behavior.
Hi,
I found a runtime error: applying zero offset to null pointer in current master, and I also reproduced it on latest released version 2.5.0.
Steps to reproduce the problem.
cd openjpeg
mkdir build
cd build
cmake .. -DCMAKE_BUILD_TYPE=Debug
-DCMAKE_C_COMPILER=clang
-DCMAKE_CXX_COMPILER=clang++
-DCMAKE_C_FLAGS="-fsanitize=undefined"
-DCMAKE_CXX_FLAGS="-fsanitize=undefined"
make && make install
opj_decompress -o ./tmp/a.ppm -r 5 -i poc_file
poc_file:
poc_file.zip
Reproduction
root@iZ2vcadn43p7fjzbhl6zqwZ:~#./bin/opj_decompress -o ./tmp/a.ppm -r 5 -i poc_file
Warning: AFL++ tools might need to set AFL_MAP_SIZE to 117791 to be able to run this instrumented program if this crashes!
===========================================
The extension of this file is incorrect.
FOUND ep:4. SHOULD BE .j2k or .jpc or .j2c or .jhc
[INFO] Start to read j2k main header (0).
[INFO] Main header has been correctly decoded.
[INFO] No decoded area parameters, set the decoded area to the whole image
[INFO] Header of tile 1 / 1 has been read.
/root/pro/openjpeg/src/lib/openjp2/dwt.c:2124:35: runtime error: applying zero offset to null pointer
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /root/fuzz_pro/fuzz_openjpeg/test/openjpeg/src/lib/openjp2/dwt.c:2124:35 in
Operating system
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=22.04
DISTRIB_CODENAME=jammy
DISTRIB_DESCRIPTION="Ubuntu 22.04.3 LTS"
openjpeg version
currrent master version
The text was updated successfully, but these errors were encountered: