User Activity
-
Modified
a comment
on
ticket #671
on
ZAngband
sorry, "ncol can be overflowed" was a typo. I meant underflowed.
-
Posted
a comment
on
ticket #671
on
ZAngband
sorry, "ncol can be overflowed" was a type. I meant underflowed.
-
Created
ticket #671
on
ZAngband
integer underflow bug
-
Posted
a comment
on
discussion Open Discussion
on
FreeImage
Hi, seems I've found a potential integer underflow in PSDParser.cpp https://github.com/WohlSoft/libFreeImage/blob/master/Source/FreeImage/PSDParser.cpp#L801 https://github.com/WohlSoft/libFreeImage/blob/master/Source/FreeImage/PSDParser.cpp#L801 memcpy(dst_line_start, line_start, _Width * _BitPerPixel / 8); In this line of code, observe that _Width * _BitPerPixel / 8 bytes of line_start are copied into dst_line_start. It seems that the variable _Width may have an arbitrary integer value -see below-,...
-
Posted
a comment
on
discussion Open Discussion
on
FreeImage
Hi, seems I've found a potential integer underflow in PSDParser.cpp https://github.com/WohlSoft/libFreeImage/blob/master/Source/FreeImage/PSDParser.cpp#L801 memcpy(dst_line_start, line_start, _Width * _BitPerPixel / 8); In this line of code, observe that _Width * _BitPerPixel / 8 bytes of line_start are copied into dst_line_start. It seems that the variable _Width may have an arbitrary integer value -see below-, so that _Width * _BitPerPixel / 8 is negative, which leads to integer underflow when...
-
Created
ticket #331
on
FreeImage
Potential integer underflow in PSDParser.cpp
Personal Data
- Username:
- byhoson
- Joined:
- 2021-07-30 02:16:41
Projects
- No projects to display.