Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

clarification of the functionality. #3

Open
ihsinme opened this issue Nov 2, 2021 · 0 comments
Open

clarification of the functionality. #3

ihsinme opened this issue Nov 2, 2021 · 0 comments

Comments

@ihsinme
Copy link

ihsinme commented Nov 2, 2021

Good afternoon.
I am confused about the use of tmpnam functions in your code.

jxrlib/image/encode/strenc.c

Line 485 in f752187

if ((pFilename = tmpnam(NULL)) == NULL)

If you want to get an unused name on the system.
do you consider the threat, the file can be created between scan and open?

thanks for taking the time to answer.
bgilbert referenced this issue in bgilbert/jxrlib Dec 8, 2022
@milianw
fix warnings about unaligned loads from UBSAN
ab9c6b7 
Use memcpy instead to ensure that we don't get warnings about
unaligned loads from UBSAN:

```
../3rdParty/jxrlib/image/decode/segdec.c:66:12: runtime error: load of misaligned address 0x7fc3a0544006 for type 'U32', which requires 4 byte alignment
0x7fc3a0544006: note: pointer points here
 01 01 a5 c0 b0 7c  0a 06 05 00 0c 14 10 c2  c0 30 80 38 72 41 ae 1a  8f 54 26 c2 9e f6 c1 25  a9 65
             ^
    #0 0x7fc3e137429a in _load4 ../3rdParty/jxrlib/image/decode/segdec.c:66
    #1 0x7fc3e13748b8 in _flushBit16 ../3rdParty/jxrlib/image/decode/segdec.c:80
    #2 0x7fc3e13749a6 in _getBit16 ../3rdParty/jxrlib/image/decode/segdec.c:86
    #3 0x7fc3e1385d75 in DecodeMacroblockDC ../3rdParty/jxrlib/image/decode/segdec.c:1224
    #4 0x7fc3e131924a in processMacroblockDec ../3rdParty/jxrlib/image/decode/strdec.c:412
    #5 0x7fc3e137207a in ImageStrDecDecode ../3rdParty/jxrlib/image/decode/strdec.c:4003
    #6 0x7fc3e126c0b2 in PKImageDecode_Copy_WMP ../3rdParty/jxrlib/jxrgluelib/JXRGlueJxr.c:1874
```
bgilbert referenced this issue in bgilbert/jxrlib Dec 8, 2022
@bgilbert @milianw
Avoid left-shifting negative values to fix UBSAN warning
6538ccd 
Instead, shift as an unsigned value, then convert back to signed:

```
    ../3rdParty/jxrlib/image/decode/segdec.c:1081:36: runtime error: left shift of negative value -1
    #0 0x7f0cc5c997c8 in DecodeMacroblockLowpass ../3rdParty/jxrlib/image/decode/segdec.c:1081
    #1 0x7f0cc5c2f4f4 in processMacroblockDec ../3rdParty/jxrlib/image/decode/strdec.c:417
    #2 0x7f0cc5c881f8 in ImageStrDecDecode ../3rdParty/jxrlib/image/decode/strdec.c:4010
    #3 0x7f0cc5b82102 in PKImageDecode_Copy_WMP ../3rdParty/jxrlib/jxrgluelib/JXRGlueJxr.c:1874
```

Co-authored-by: Milian Wolff <[email protected]>
topalex pushed a commit to topalex/jxrlib-static that referenced this issue Jul 12, 2024
@milianw
Don't left-shift negative values to fix UBSAN warning
608803a 
Instead, make the value positive, do the left-shift then, and make the
result negative again afterwards:

```
    ../3rdParty/jxrlib/image/decode/segdec.c:1081:36: runtime error: left shift of negative value -1
    #0 0x7f0cc5c997c8 in DecodeMacroblockLowpass ../3rdParty/jxrlib/image/decode/segdec.c:1081
    #1 0x7f0cc5c2f4f4 in processMacroblockDec ../3rdParty/jxrlib/image/decode/strdec.c:417
    #2 0x7f0cc5c881f8 in ImageStrDecDecode ../3rdParty/jxrlib/image/decode/strdec.c:4010
    4creators#3 0x7f0cc5b82102 in PKImageDecode_Copy_WMP ../3rdParty/jxrlib/jxrgluelib/JXRGlueJxr.c:1874
```

Considering that the tests still pass, I think this is a safe solution
to this warning.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ihsinme