Fix/softimage channel bounds#5178
Open
ssh4net wants to merge 1 commit intoAcademySoftwareFoundation:mainfrom
Open
Fix/softimage channel bounds#5178ssh4net wants to merge 1 commit intoAcademySoftwareFoundation:mainfrom
ssh4net wants to merge 1 commit intoAcademySoftwareFoundation:mainfrom
Conversation
Collaborator
|
Can you rebase this one on top of current main? I think it now conflicts slightly with the other I just merged. |
Signed-off-by: Vlad (Kuzmin) Erium <libalias@gmail.com>
ssh4net
force-pushed
the
fix/softimage-channel-bounds
branch
from
508d460 to
4274382
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Fixes malformed Softimage PIC channel packet handling.
Before this change, the reader counted the number of channels in the file, but decoded pixels using fixed channel indexes: R=0, G=1, B=2, A=3. A malformed PIC could advertise only an alpha channel, producing a one-channel ImageSpec, while decode still wrote to channel index 3. That could write past the scanline
buffer in iconvert, iinfo --stats, or other callers that read pixel data from an untrusted .pic.
After this change, Softimage channel packets are validated during open() before the output spec is accepted. The reader now rejects empty, duplicate, unsupported, mixed-depth, and sparse channel packet maps instead of accepting a layout that decode cannot safely write into the declared channel count.
Tests
Added regression coverage to testsuite/softimage.
The test now generates small malformed PIC files with alpha-only sparse channel packets for the uncompressed, pure-RLE, and mixed-RLE decode paths. Each file is passed through iconvert to out.null, and the test records a rejection marker when the malformed input is rejected.
Checklist:
and if I used AI coding assistants, I have an
Assisted-by: Codex GPT5.5 xHighline in the pull request description above.
behavior.
PR, by pushing the changes to my fork and seeing that the automated CI
passed there. (Exceptions: If most tests pass and you can't figure out why
the remaining ones fail, it's ok to submit the PR and ask for help. Or if
any failures seem entirely unrelated to your change; sometimes things break
on the GitHub runners.)
fixed any problems reported by the clang-format CI test.
corresponding Python bindings. If altering ImageBufAlgo functions, I also
exposed the new functionality as oiiotool options.