gil icon indicating copy to clipboard operation
gil copied to clipboard
verified publisher icon boostorg

heap-buffer-overflow when using io-related functions

Open Osyotr opened this issue 2 years ago • 0 comments

Actual behavior

Writing images and views to files does not work because string conversion functions are not implemented properly: https://github.com/boostorg/gil/blob/eabd679f632be3170d98145fcc3b49e85df7cc4b/include/boost/gil/io/path_spec.hpp#L90-L97 The code above does not work for paths that contain non-ascii symbols. The string it produces does not have \0 at the end.

Expected behavior

Passing std::filesystem::path or std::wstring to io-related functions should work properly. Possible solution is to remove explicit string conversions, construct std::filesystem::path and use its .string() method. Note that it may break on windows because of usage of fopen https://github.com/boostorg/gil/blob/eabd679f632be3170d98145fcc3b49e85df7cc4b/include/boost/gil/io/device.hpp#L105 (_wfopen should be used on windows)

C++ Minimal Working Example

I've extracted broken part (linked above) to reproduce the issue: https://godbolt.org/z/rvxsPG7a4

#include <boost/gil.hpp>
#include <filesystem>
namespace gil = boost::gil;
int main
{
    std::filesystem::path path = L"/some_path/傳/привет/qwerty";
    gil::bgra8_image_t image;
    gil::write_view(path, gil::const_view(image));
}

Environment

  • Compiler version: GCC 11.2
  • Build settings: None
  • Version: 1.80

Osyotr avatar Apr 12 '23 14:04 Osyotr