Attempt to add with overflow in PNM decoder

Open saethlin opened this issue 4 years ago • 1 comments

More Fuzzing! Failing input to the PNM fuzzer is

[80, 52, 52, 50, 57, 52, 57, 54, 55, 50, 57, 50, 10, 48, 10, 49]

The offending line is: https://github.com/image-rs/image/blob/0f1c38a97ec809f399a2a5edfb85c7e17fcd46ec/src/utils/mod.rs#L49

I'm going to stub this out on my end, but unfortunately this looks like the PNM decoder might need some higher-level input validation before we get into this code.

Nov 20 '21 05:11 saethlin

Decoded to ascii input is:

P44294967292
0
1

In other words, this is a width=4294967292, height=0 image.

Nov 20 '21 16:11 fintelia