Hi,
When running with UBSan, the program reports implicit conversion** diagnostics in jas_stream.c. This is not a security violation in my point of view, and I’m proposing a minimal change to suppress the sanitizer noise.
stack trace
/root/build/jasper-4.2.8/src/libjasper/base/jas_stream.c:648:18: runtime error: implicit conversion from type 'int' of value -128 (32-bit, signed) to type 'unsigned char' changed the value to 128 (8-bit, unsigned)
#0 0x53f338 in jas_stream_ungetc /root/build/jasper-4.2.8/src/libjasper/base/jas_stream.c:648:18
#1 0x540039 in jas_stream_peek /root/build/jasper-4.2.8/src/libjasper/base/jas_stream.c:714:7
#2 0x68084d in pnm_validate /root/build/jasper-4.2.8/src/libjasper/pnm/pnm_dec.c:270:6
#3 0x512ef4 in jas_image_getfmt /root/build/jasper-4.2.8/src/libjasper/base/jas_image.c:897:9
#4 0x4cbde5 in main /root/build/jasper-4.2.8/src/app/jasper.c:312:25
#5 0x792f87515c86 in __libc_start_main /build/glibc-CVJwZb/glibc-2.27/csu/../csu/libc-start.c:310
#6 0x41bb99 in _start (/work/build/jasper-4.2.8/obj-gcov2/src/app/jasper+0x41bb99)Root cause
In src/libjasper/base/jas_stream.c, an int byte value is stored into a byte buffer without an explicit cast, e.g.:
*stream->ptr_ = c; /* ptr_ is jas_uchar* */
Potential fix
Make the byte stores explicit using jas_uchar in src/libjasper/base/jas_stream.c:
int jas_stream_ungetc(jas_stream_t *stream, int c)
{
if (!stream->ptr_ || stream->ptr_ == stream->bufbase_) {
return -1;
}
/* Reset the EOF indicator (since we now have at least one character
to read). */
stream->flags_ &= ~JAS_STREAM_EOF;
--stream->rwcnt_;
--stream->ptr_;
++stream->cnt_;
*stream->ptr_ = (jas_uchar)c; // fix here
return 0;
}
Hi,
When running with UBSan, the program reports implicit conversion** diagnostics in
jas_stream.c. This is not a security violation in my point of view, and I’m proposing a minimal change to suppress the sanitizer noise.stack trace
Root cause
In
src/libjasper/base/jas_stream.c, anintbyte value is stored into a byte buffer without an explicit cast, e.g.:Potential fix
Make the byte stores explicit using
jas_ucharinsrc/libjasper/base/jas_stream.c: