From 47d5495bc3baf5f5c195de8e9905860ad04abc37 Mon Sep 17 00:00:00 2001 From: "Benjamin A. Beasley" Date: Wed, 25 Oct 2023 10:55:21 -0400 Subject: [PATCH] Backport a PR fixing undefined behavior in stb_image_resize2 --- 1561.patch | 28 ++++++++++++++++++++++++++++ stb.spec | 11 ++++++++++- 2 files changed, 38 insertions(+), 1 deletion(-) create mode 100644 1561.patch diff --git a/1561.patch b/1561.patch new file mode 100644 index 0000000..9d9e4a7 --- /dev/null +++ b/1561.patch @@ -0,0 +1,28 @@ +From 6e715778416b229799f85b49fa3ffc0400428f89 Mon Sep 17 00:00:00 2001 +From: "Jeff Roberts (LA)" +Date: Thu, 19 Oct 2023 17:42:58 -0700 +Subject: [PATCH] Fixed asan error on tiny input images + +--- + stb_image_resize2.h | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/stb_image_resize2.h b/stb_image_resize2.h +index e0c428246..1d7bed5bd 100644 +--- a/stb_image_resize2.h ++++ b/stb_image_resize2.h +@@ -1,4 +1,4 @@ +-/* stb_image_resize2 - v2.01 - public domain image resizing ++/* stb_image_resize2 - v2.02 - public domain image resizing + + by Jeff Roberts (v2) and Jorge L Rodriguez + http://github.com/nothings/stb +@@ -3697,7 +3697,7 @@ static int stbir__pack_coefficients( int num_contributors, stbir__contributors* + float * coeffs = coefficents + widest * ( num_contributors - 1 ); + + // go until no chance of clipping (this is usually less than 8 lops) +- while ( ( ( contribs->n0 + widest*2 ) >= row_width ) && ( contribs >= contributors ) ) ++ while ( ( contribs >= contributors ) && ( ( contribs->n0 + widest*2 ) >= row_width ) ) + { + // might we clip?? + if ( ( contribs->n0 + widest ) > row_width ) diff --git a/stb.spec b/stb.spec index 954915d..cdcc5f4 100644 --- a/stb.spec +++ b/stb.spec @@ -67,6 +67,15 @@ Patch: %{url}/pull/1236.patch # https://github.com/nothings/stb/pull/1454 Patch: %{url}/pull/1454.patch +# Fixed asan error on tiny input images +# https://github.com/nothings/stb/pull/1561 +# +# Fixes: +# +# stb_image_resize2.h: Address Sanitizer error +# https://github.com/nothings/stb/issues/1526 +Patch: %{url}/pull/1561.patch + # Fix integer overflow # https://github.com/nothings/stb/pull/1530 # @@ -104,7 +113,7 @@ Patch: %{url}/pull/1534.patch %global stb_hexwave_version 0.5 %global stb_image_version 2.28 %global stb_image_resize_version 0.97 -%global stb_image_resize2_version 2.0 +%global stb_image_resize2_version 2.02 %global stb_image_write_version 1.16 %global stb_include_version 0.2 %global stb_leakcheck_version 0.6