Skip to content

fix potential undefined behavior in cgif_addframe#112

Merged
dloebl merged 1 commit into
mainfrom
fix-potential-ub-int-overflow
Mar 30, 2026
Merged

fix potential undefined behavior in cgif_addframe#112
dloebl merged 1 commit into
mainfrom
fix-potential-ub-int-overflow

Conversation

@dloebl

@dloebl dloebl commented Mar 22, 2026

Copy link
Copy Markdown
Owner

Resolves #110

src/cgif.c:521:43: runtime error: signed integer overflow: 50000 * 50000 cannot be represented in type 'int'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior src/cgif.c:521:43

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Fixes undefined behavior in cgif_addframe’s frame-comparison loop by preventing signed integer overflow when computing the pixel count (width * height), addressing issue #110.

Changes:

  • Switches the per-pixel comparison loop bound from width * height to MULU16(width, height) to avoid signed-int promotion overflow.
  • Updates the loop index type from int to uint32_t to match the (potentially large) pixel-count domain.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@dloebl
dloebl merged commit a9ecd7a into main Mar 30, 2026
19 checks passed
@dloebl
dloebl deleted the fix-potential-ub-int-overflow branch March 30, 2026 11:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

CGIF Integer Overflow Frame Skipping Vulnerability

2 participants