sean-m
/
stb
mirror of https://github.com/nothings/stb.git
1
0
Fork 0
Code Issues Releases Activity
1,171 Commits
2 Branches
0 Tags
3.7 MiB
Commit Graph

1171 Commits (02190634c2ff6e3b68fcd99b84cf4acabb70ea2e)

Author SHA1 Message Date
Fabian Giesen 02190634c2 stb_image: Overflow checking for image allocs. 
Adds some helpers that check whether a product of multiple
factors (that need to be non-negative: this is enforced)
summed with another non-negative value overflows when
performed as int. Since stb_image mostly works in ints,
this seems like the safest route. Limits size of images
to 2GB but several of the decoders already enforce this
limit (or even lower ones).

Also adds wrappers for malloc that combine a mul-add-with-
overflow-check with the actual malloc, and return NULL
on failure. Then use them when allocating something that
is the product of multiple factors.

For image formats, also add a top-level "is this too big?"
check that gives a more useful error message; otherwise,
the failed mallocs result in an "out of memory" error.
The idea is that the top-level checks should be the primary
way to catch these bugs (and produce a useful error message).
But a misleading error message is still vastly preferable to
a buffer overflow exploit.

Fixes issues #310, #313, #314, #318. (Verified with the
provided test images)

Along the way, this fixes a previously unnoticed bug in
ldr_to_hdr / hdr_to_ldr (missing NULL check); these functions
are called with the result of an image decoder, so NULLs can
definitely happen.

Another bug noticed along the way is that handling of
interlaced 16-bit PNGs was incorrect. Fixing this (along
with the previous modifications) fixes issue #311.

Yet another bug noticed during this change is that reduce_png
did not check the right pointer during its out of memory
check. Fix that too.
 2016-10-22 00:29:37 -07:00
Fabian Giesen 8c8d735eb7 stb_image: More input validation in deflate decoder 
Fixes issue #312.
 2016-10-22 00:29:37 -07:00
Sean Barrett 2f4166e91d stb_connected_components 2016-10-16 07:59:57 -07:00
Sean Barrett 7d0099ecc9 fix bug in stb_connected_components adjacency list updating incorrectly handling avoiding adding the same connection twice 2016-10-16 07:58:59 -07:00
Sean Barrett dca0a37ff4 other_libs points to new location 2016-10-07 17:36:21 -07:00
Sean Barrett bf1dd13245 Merge branch 'master' of https://github.com/nothings/stb 2016-10-07 08:56:45 -07:00
Sean Barrett d9e0dfcd63 readme change link to other_libs 2016-10-07 08:56:29 -07:00
Sean Barrett 5ecb2d86b8 Delete other_libs.md 2016-10-07 08:55:48 -07:00
Sean Barrett 33ac18a7fb tinyfiledialogs 2016-10-07 08:43:38 -07:00
Sean Barrett 3dabed0208 Merge branch 'working' 
Conflicts:
	docs/other_libs.md
 2016-10-07 08:38:30 -07:00
Sean Barrett 97305532a9 tweak genann 2016-10-07 08:37:42 -07:00
Sean Barrett f05f8c3348 Merge branch 'codeplea-genann' of https://github.com/codeplea/stb into working 2016-10-07 08:34:59 -07:00
Sean Barrett f2847a5493 Merge branch 'master' of https://github.com/nothings/stb 2016-10-07 08:31:19 -07:00
Sean Barrett a117f374b2 update readme with links 2016-10-07 08:30:52 -07:00
Sean Barrett 3df8926443 Merge branch 'feature/add-link' of https://github.com/1ace/stb into working 2016-10-07 08:27:40 -07:00
Sean Barrett c36e8ae082 Merge branch 'master' into working 2016-10-07 08:27:26 -07:00
Sean Barrett 7fa4f12048 tweak doctest 2016-10-07 08:25:24 -07:00
Sean Barrett 51e136aad7 Merge branch 'patch-1' of https://github.com/onqtam/stb into working 2016-10-07 08:24:16 -07:00
Sean Barrett cf51044bc6 update stb_pg project 2016-10-07 08:23:24 -07:00
Sean Barrett f814cd7577 Update other_libs.md 2016-09-25 17:10:51 -07:00
Sean Barrett 4f51089d1d Update other_libs.md 2016-09-25 15:09:45 -07:00
Sean Barrett e713a69f1e Update other_libs.md 2016-08-28 14:10:03 -07:00
Sean Barrett fa775881d6 Update other_libs.md 2016-08-28 11:04:38 -07:00
Sean Barrett 973ad3611c other_libs updates 2016-08-28 10:42:22 -07:00
Sean Barrett fa3db1eb89 Merge branch 'working' 2016-08-27 12:55:06 -07:00
Sean Barrett e3d804279a Merge branch 'patch-1' of https://github.com/terrehbyte/stb into working 
Conflicts:
	docs/other_libs.md
 2016-08-27 12:54:59 -07:00
Sean Barrett ac646fdc27 Merge branch 'working' 2016-08-27 12:54:03 -07:00
Sean Barrett a1b466ab2f Merge branch 'patch-1' of https://github.com/dbohdan/stb into working 2016-08-27 12:53:59 -07:00
Sean Barrett 2c105e40fc Merge branch 'working' 2016-08-27 12:53:27 -07:00
Sean Barrett 5e596c8c2d other_libs: fix indentation 2016-08-27 12:52:28 -07:00
Sean Barrett 5b3957a546 Merge branch 'master' of https://github.com/xelatihy/stb into working 2016-08-27 12:45:35 -07:00
Sean Barrett 1e87fa472f Merge branch 'working' 2016-08-27 12:44:53 -07:00
Sean Barrett 1976e1aee5 Merge branch 'master' of https://github.com/jobtalle/stb into working 
Conflicts:
	docs/other_libs.md
 2016-08-27 12:44:45 -07:00
Sean Barrett 6704bc4023 Merge branch 'working' 2016-08-27 12:41:51 -07:00
Sean Barrett 7a02596aae Merge branch 'otherlibs-dg_dynarr' of https://github.com/DanielGibson/stb into working 2016-08-27 12:41:24 -07:00
Sean Barrett 01dc6abdcf Merge branch 'working' 2016-08-27 12:40:31 -07:00
Sean Barrett 5db11942d1 Merge branch 'master' of https://github.com/kieselsteini/stb into working 2016-08-27 12:39:42 -07:00
Sean Barrett 6f72440159 bump version numbers 2016-08-27 12:38:09 -07:00
Sean Barrett 19c9615e90 rect_pack patch; 
fix typo in stb_textedit
 2016-08-27 12:36:26 -07:00
Sean Barrett 5ad14faf38 Merge branch 'master' into working 2016-08-27 12:35:29 -07:00
cosmy1 4e758682b0 Minor fixes. 2016-08-27 12:35:20 -07:00
Sean Barrett 2c71a43206 Merge branch 'working' 2016-08-27 12:33:04 -07:00
Sean Barrett bde8f7c102 tweaks to stb_textedit custom-move-by-word patch 2016-08-27 12:32:45 -07:00
Sean Barrett 841930cca4 Merge branch 'textedit-moveright-moveleft' of https://github.com/ocornut/stb into working 2016-08-27 12:25:29 -07:00
Sean Barrett 50ec40269d Merge branch 'working' 2016-08-27 12:24:05 -07:00
Sean Barrett 094e8e923b Merge branch 'master' of https://github.com/kritzikratzi/stb into working 2016-08-27 12:23:37 -07:00
Sean Barrett f4d348de8e Merge branch 'working' 2016-08-27 12:17:05 -07:00
Sean Barrett 14e6a98469 clarify alloca #include whitelists 2016-08-27 12:10:46 -07:00
Sean Barrett f4938bfa4d Whitelist the compilers that need malloc.h for alloca 2016-08-27 12:09:01 -07:00
Sean Barrett a2f50a1b6a Merge branch 'working' 2016-08-27 12:03:10 -07:00