Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

IFF output safety #3676

Merged
merged 1 commit into from
Nov 18, 2022
Merged

Conversation

lgritz
Copy link
Collaborator

@lgritz lgritz commented Nov 16, 2022

  • Maya IFF documentation says IFF file has max resolution of 8192, and our implementation only allows writing RGB and RGBA, so check these limits when an IFF file is opened for output.

  • Make sure scratch space allocates enough for tile padding.

  • Check for non-zero image origin coordinates (which are not allowed in IFF files).

  • Change some 16-bit loop variables to uint32_t to avoid possible overflow.

Fixes TALOS-2022-1654, TALOS-2022-1655, TALOS-2022-1656

* Maya IFF documentation says IFF file has max resolution of 8192, and
  our implementation only allows writing RGB and RGBA, so check these
  limits when an IFF file is opened for output.

* Make sure scratch space allocates enough for tile padding.

* Check for non-zero image origin coordinates (which are not allowed
  in IFF files).

* Change some 16-bit loop variables to uint32_t to avoid possible
  overflow.

Fixes TALOS-2022-1654, TALOS-2022-1655, TALOS-2022-1656
@lgritz lgritz merged commit 209c1bf into AcademySoftwareFoundation:master Nov 18, 2022
@lgritz lgritz deleted the lg-iffout branch November 19, 2022 06:52
lgritz added a commit to lgritz/OpenImageIO that referenced this pull request Nov 21, 2022
* Maya IFF documentation says IFF file has max resolution of 8192, and
  our implementation only allows writing RGB and RGBA, so check these
  limits when an IFF file is opened for output.

* Make sure scratch space allocates enough for tile padding.

* Check for non-zero image origin coordinates (which are not allowed
  in IFF files).

* Change some 16-bit loop variables to uint32_t to avoid possible
  overflow.

Fixes TALOS-2022-1654, TALOS-2022-1655, TALOS-2022-1656
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant