Comments (4)
Hi Aaron,
Good to see you still looking at the code, or perhaps developing your own.
I looked at this issue, and OpenJPH throws an exception for an error in the packet header on line 3462 of ojph_codestream.cpp. Kakadu's kdu_expand also throws an error about an illegal length in the header "Illegal length parameter found while parsing HT code-block contribution to Part-15 packet header". The issue is that the number of missing msbs is larger then K_max, which is illegal -- I am a bit blurry about this now.
If I were to disable this, line 1027 of block_decoder.cpp captures an error;
if (scup < 2 || scup > lcup || scup > 4079) //something is wrong
return false;
because scup > lcup, which is illegal.
If I were to disable this, then I get an access error (seg. fault).
If you look at the area around 1202 of block_decoder, then the only way to have large m_n is if you have large U_q[0], but an error is generated when U_q[0] > missing_msbs; therefore, the only way to have a large m_n is if the missing_msbs is too large, but this is captured on line 1014
if (missing_msbs > 29) // p < 1
return false;
Because of this, the highest m_n can be is 29, unless there is data corruption that changes missing_msbs.
Please let me know how this goes.
Cheers,
Aous.
from openjph.
Hi Aous,
Thank you for taking a look at the code.
This test file comes from the oss-fuzz fuzzer, by the way.
I think I found the bug:
if (U_q[0] > missing_msbs && U_q[1] > missing_msbs)
return false;
should read
if (U_q[0] > missing_msbs || U_q[1] > missing_msbs)
return false;
What do you think?
Cheers,
Aaron
from openjph.
Hi Aaron,
You are absolutely right. Thank you for discovering this bug.
I pushed the corrections.
oss-fuzzer seems like a lot of work, what are your thoughts.
Kind regards,
Aous.
from openjph.
Great, thank you.
oss-fuzz is a bit of work at the beginning, but it is well worth the effort.
Especially for codecs, which can have large attack surfaces.
I can help you set it up, if you're interested. It helps to have a simple C API for the decode functionality,
so the fuzzer can control the decode instead of the command line binary.
The C API will be good to have anyways, for people who want to integrate the library into their own code.
from openjph.
Related Issues (20)
- typo in CMakeLists.txt HOT 1
- ojph_compress support for uppercase file extensions HOT 1
- signed 16bit negative values mismatch in interoperablity test between openjph and kakadu HOT 2
- Incorrect COM marker length HOT 1
- openjph decompression fails HOT 2
- Question : what format to be used to decompress the color HTJ2K compressed imaging data HOT 6
- Build should not fail if SIMD optimizations are enabled and your CPU doesn't support them HOT 2
- Feature: Support ROI based rendering HOT 1
- Sample JPH images, please HOT 5
- Unable to build using MinGW HOT 3
- Apple silicon build error HOT 5
- Support decode/expand a j2c file with just tilepart bytes HOT 2
- Tests fails to pass in version 0.10.4 HOT 2
- Specifying non-standard binary and library directories complicates integration in other projects HOT 1
- Feature Request: Add support for vcpkg HOT 1
- Encode 115x25的YUV444 picture,There is serious distortion. HOT 4
- Automated Testing Improvements HOT 1
- Remove xcode specific files HOT 1
- The block coder should be usable without pulling in the rest of OpenJPH HOT 6
- Removing the ojph_ prefix. HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from openjph.