Skip to content

Fix: UB in CIccOpDefEnvVar::Exec()#685

Merged
xsscx merged 1 commit intomasterfrom
issue-670
Mar 15, 2026
Merged

Fix: UB in CIccOpDefEnvVar::Exec()#685
xsscx merged 1 commit intomasterfrom
issue-670

Conversation

@ChrisCoxArt
Copy link
Contributor

@ChrisCoxArt ChrisCoxArt commented Mar 15, 2026

so UB doesn't happen when we read bad values
Fixes #670

Pull Request Checklist

  • Have you followed the guidelines in Contributing document?
  • Have you checked to ensure there aren't other open Pull Requests for the same change?
  • Have you built your Pull Request locally with the Build Instructions?
  • Have you added or updated relevant tests?
  • Have you added or updated relevant docs?

@ChrisCoxArt
give icSigCmmEnvVar a size
0e46c4b 
so UB doesn't happen when we read bad values
Fixes #670
@ChrisCoxArt ChrisCoxArt requested a review from xsscx as a code owner March 15, 2026 00:33
@xsscx xsscx self-assigned this Mar 15, 2026
@xsscx xsscx added PR Pull Request Review in Process Issue is being Reviewed by Maintainers and removed pending labels Mar 15, 2026
@xsscx xsscx changed the title give icSigCmmEnvVar a size Fix: UB in CIccOpDefEnvVar::Exec() Mar 15, 2026
@xsscx xsscx added Pending Merge Maintainer indicates Merge Pending and requests no further changes Review in Process Issue is being Reviewed by Maintainers Test Status Maintainer indicates TEST Status and removed Review in Process Issue is being Reviewed by Maintainers Pending Merge Maintainer indicates Merge Pending and requests no further changes Test Status Maintainer indicates TEST Status labels Mar 15, 2026
xsscx
xsscx approved these changes Mar 15, 2026
View reviewed changes
Copy link
Member

@xsscx xsscx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maintainer Review

2026-03-15 00:50:41 UTC

Repro

mkdir pr-685
cd pr-685
git clone https://github.com/InternationalColorConsortium/iccDEV.git
cd iccDEV/Build
git fetch origin pull/685/head:pr-685
git checkout pr-685
export CXX=clang++ && export CXXFLAGS="-fsanitize=address,undefined -fno-omit-frame-pointer -g -O1 -fprofile-arcs -ftest-coverage" && export LDFLAGS="-fsanitize=address,undefined -fprofile-arcs" && cmake Cmake -DCMAKE_BUILD_TYPE=Debug -DENABLE_ASAN=ON -DENABLE_UBSAN=ON -DENABLE_COVERAGE=ON
make -j$(nproc)
        cd ../Testing/
        echo "=== Updating PATH ==="
         for d in ../Build/Tools/*; do
          [ -d "$d" ] && export PATH="$(realpath "$d"):$PATH"
         done
wget https://github.com/xsscx/fuzz/raw/refs/heads/master/graphics/icc/ub-nan-outside-range-iccApplyProfiles_cpp-Line560.icc
wget https://github.com/xsscx/fuzz/raw/refs/heads/master/graphics/tif/test_rgb.tif
ASAN_OPTIONS=detect_leaks=0 iccApplyProfiles test_rgb.tif ub-out.tif 1 0 0 0 0 ub-nan-outside-range-iccApplyProfiles_cpp-Line560.icc 0

PR Application Output

100%

@xsscx xsscx merged commit 21d95b1 into master Mar 15, 2026
27 checks passed
@xsscx xsscx removed the Pending Merge Maintainer indicates Merge Pending and requests no further changes label Mar 15, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@xsscx xsscx xsscx approved these changes

Assignees

@xsscx xsscx

Labels

PR Pull Request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

UB in CIccOpDefEnvVar::Exec() at IccMpeCalc.cpp:335

2 participants

@ChrisCoxArt @xsscx