Nia Bickford

Interesting! I haven't tested this on Visual Studio 2022 yet, so it could be a bug with that. My initial guess was going to be that the imgui, glfw, and...

Quick update: this has been assigned CVE number [CVE-2021-42715](https://nvd.nist.gov/vuln/detail/CVE-2021-42715). Thanks!

Also following up on this - is there anything I can do to help merge this in? I'm hoping to have a go at fixing the remaining ossfuzz issues, but...

Awesome - thank you, will do!

Quick update from the survey of the first 10 ossfuzz issues I did: I think this pull request fixes ossfuzz issues https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24232&q=proj%3Dstb&can=2 and https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24235&q=proj%3Dstb&can=2 (the latter seems to be a...

By the way, I've made another branch at https://github.com/NeilBickford-NV/stb/tree/neilbickford/all-fixes which contains the fixes from this pull request and the other pull requests to fix fuzzer-found issues (#1223 and #1230), in...

I've added some additional checks to fix issues reported in bugs 1292 and 1293; looks like there could still be at least one out-of-memory issue from fuzz-testing with libFuzzer.

Update: Looks like the file causing last comment's out-of-memory issue was in fact correctly reaching the 2^30 byte PNG IDAT section limit implemented in this merge request; the fuzzer set...

One more change in this latest commit: Running libFuzzer on stbi_read_fuzzer locally, I was seeing occasional out-of-bounds errors from UndefinedBehaviorSanitizer when accessing `stbi__bmask` in the line ``` STBI_ASSERT((((j->code_buffer) >> (32...

Thanks, that's good to hear! I can have the fuzzer search for other cases where it winds up reading from uninitialized values and add fixes for those, if that would...