Fix panic when prediction calculation is invalid #282

richard-viney · 2025-03-05T03:40:01Z

This bug was found during fuzz testing of a library that depends on jpeg-decoder, on the following line:

Line 112 in e70564b

let prediction = 1 << (frame.precision - scan.point_transform - 1) as i32;

It's triggered when the math underflows in the situation that scan.point_transform isn't less than frame.precision.

This PR adds a check in the parser that errors when this situation is detected, as well as the test case generated by the fuzz tester.

(I also changed to explicitly specify Ubuntu 22.04 in CI due to failures running on 24.04).

fintelia · 2025-03-07T02:12:14Z

.github/workflows/rust.yml

@@ -8,7 +8,7 @@ on:

 jobs:
  build:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04


I saw that the cross_compile jobs failed due to Ubuntu version, but do you know whether this one can stay Ubuntu latest?

I'll see if the issue on 24.04 can be fixed, may just be a package that changed its name

fintelia · 2025-03-07T02:46:25Z

Thanks!

richard-viney · 2025-03-07T03:42:01Z

Thanks for merging! If it's possible to release a v0.3.2 at some stage that'd be great, but no urgency.

Fix panic when prediction calculation is invalid

9c138ff

fintelia approved these changes Mar 7, 2025

View reviewed changes

Fix CI on Ubuntu 24.04

2059842

richard-viney force-pushed the fix-panic-in-invalid-prediction-shift branch from 00d6bd9 to 2059842 Compare March 7, 2025 02:26

fintelia merged commit 95550d7 into image-rs:master Mar 7, 2025
20 checks passed

Provide feedback