Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Potential string overflow in stbi_parse_png_file function #7431

Closed
arch-btw opened this issue May 21, 2024 · 1 comment · Fixed by #9161
Closed

Potential string overflow in stbi_parse_png_file function #7431

arch-btw opened this issue May 21, 2024 · 1 comment · Fixed by #9161

Comments

@arch-btw
Copy link
Contributor

There's a warning in the stbi__parse_png_file function while compiling clip.cpp in examples/llava/clip.cpp.

Here is the output:

In file included from examples/llava/clip.cpp:20:
common/stb_image.h: In function ‘int stbi__parse_png_file(stbi__png*, int, int)’:
common/stb_image.h:5450:31: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=]
 5450 |                         tc[k] = (stbi_uc)(stbi__get16be(s) & 255) *
      |                         ~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 5451 |                                 stbi__depth_scale_table[z->depth]; // non 8-bit images will be larger
      |                                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
common/stb_image.h:5326:28: note: at offset 3 into destination object ‘tc’ of size 3
 5326 |     stbi_uc has_trans = 0, tc[3] = {0};
      |                            ^~

I think it's related to this issue in the original project for stb_image.h: nothings/stb#1642.

So there might not be anything we can do about it, but I figured I'd report the issue.

Copy link
Contributor

github-actions bot commented Jul 5, 2024

This issue was closed because it has been inactive for 14 days since being marked as stale.

@github-actions github-actions bot closed this as completed Jul 5, 2024
ggerganov pushed a commit that referenced this issue Aug 27, 2024
* Update stb_image.h to latest version

Fixes #7431

* Update .ecrc
dsx1986 pushed a commit to dsx1986/llama.cpp that referenced this issue Oct 29, 2024
* Update stb_image.h to latest version

Fixes ggerganov#7431

* Update .ecrc
arthw pushed a commit to arthw/llama.cpp that referenced this issue Nov 15, 2024
* Update stb_image.h to latest version

Fixes ggerganov#7431

* Update .ecrc
arthw pushed a commit to arthw/llama.cpp that referenced this issue Nov 18, 2024
* Update stb_image.h to latest version

Fixes ggerganov#7431

* Update .ecrc
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants
@arch-btw and others