Skip to content

Avoid potential overflow#3526

Open
dirkmueller wants to merge 1 commit intoExiv2:mainfrom
dirkmueller:avoid_overflow
Open

Avoid potential overflow#3526
dirkmueller wants to merge 1 commit intoExiv2:mainfrom
dirkmueller:avoid_overflow

Conversation

@dirkmueller
Copy link
Copy Markdown

@dirkmueller dirkmueller commented Mar 11, 2026

if (count * size) is very large, (count*size) + 20 can be a very small number, passing the overflow check.

Copilot AI review requested due to automatic review settings March 11, 2026 22:27
Copilot AI reviewed Mar 11, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a pre-allocation guard in Image::printIFDStructure to prevent integer overflow leading to undersized allocations that can bypass the existing allocate64 > io.size() check.

Changes:

  • Introduces a new upper-bound check on count before computing (size * count) + pad + 20.
  • Throws kerInvalidMalloc earlier when the bound is exceeded.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

@dirkmueller
Avoid potential overflow
67936d7 
if (count * size) is very large, (count*size) + 20 can be a very small
number, passing the overflow check.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dirkmueller