libsixel icon indicating copy to clipboard operation
libsixel copied to clipboard
verified publisher icon saitoha

[BUG] a reachable assert in stbi__create_png_image_raw

Open kdsjZh opened this issue 4 years ago • 1 comments

Describe the bug There is a reachable assert bug found in stbi__create_png_image_raw, can be triggered via img2sixel+ ASan

To Reproduce compile the program with CFLAGS="-fsanitize=address" CC=clang then run ./img2sixel $POC output:

img2sixel: ./stb_image.h:4374: int stbi__create_png_image_raw(stbi__png *, stbi_uc *, stbi__uint32, int, stbi__uint32, stbi__uint32, int, int): Assertion `img_width_bytes <= x' failed.
Aborted

system ubuntu 16.04, clang 12.0.1 libsixel latest commit 6a5be8b72d84037b83a5ea838e17bcf372ab1d5f

Credit Han Zheng NCNIPC of China Hexhive

POC poc.zip

kdsjZh avatar Mar 19 '22 20:03 kdsjZh

I believe this was fixed in the libsixel/libsixel fork when upgrading the stb library to 2.26 (https://github.com/libsixel/libsixel/commit/e6d658d6275f73d60c9392b7a3e66050bbe7ac9b).

j4james avatar Feb 23 '25 17:02 j4james

@kdsjZh I cherry-picked libsixel@e6d658d (as 003f9c7) and confirmed that this issue has been fixed. Thank you. cc: dankamongmen

saitoha avatar Aug 05 '25 19:08 saitoha