You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A crafted file may trigger signed integer overflow in int v = FAST_SCALED_FLOAT_TO_INT(temp, f,15);. The macro is defined as #define FAST_SCALED_FLOAT_TO_INT(temp,x,s) (temp.f = (x) + MAGIC(s), temp.i - ADDEND(s)) and the overflow happens in the temp.i - ADDEND(s) part of it.
Impact
It doesn't look like a security issue, however signed integer overflow is undefined according to C/C++.
Run the program with the following options: UBSAN_OPTIONS=silence_unsigned_overflow=1 <program name> to hit the error.
/src/stb/tests/../stb_vorbis.c:5285:21: runtime error: signed integer overflow: -1025582044 - 1136656384 cannot be represented in type 'int'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /src/stb/tests/../stb_vorbis.c:5285:21 in
The text was updated successfully, but these errors were encountered:
A crafted file may trigger signed integer overflow in
int v = FAST_SCALED_FLOAT_TO_INT(temp, f,15);
. The macro is defined as#define FAST_SCALED_FLOAT_TO_INT(temp,x,s) (temp.f = (x) + MAGIC(s), temp.i - ADDEND(s))
and the overflow happens in thetemp.i - ADDEND(s)
part of it.Impact
It doesn't look like a security issue, however signed integer overflow is undefined according to C/C++.
Resources
To reproduce the issue:
UBSAN_OPTIONS=silence_unsigned_overflow=1 <program name>
to hit the error.The text was updated successfully, but these errors were encountered: