Skip to content

x/image/tiff: slice bounds out of range #10596

Closed
@dvyukov

Description

@dvyukov

The following program crashes as:

panic: runtime error: slice bounds out of range
goroutine 1 [running]:
golang.org/x/image/tiff.(*decoder).ifdUint(0xc208072000, 0xc20801a0e4, 0xc, 0x3c, 0xc208074000, 0xc0000001, 0xc0000001, 0x0, 0x0)
    /ssd/src/gopath/src/golang.org/x/image/tiff/reader.go:98 +0x5e7
golang.org/x/image/tiff.(*decoder).parseIFD(0xc208072000, 0xc20801a0e4, 0xc, 0x3c, 0x0, 0x0)
    /ssd/src/gopath/src/golang.org/x/image/tiff/reader.go:125 +0x122
golang.org/x/image/tiff.newDecoder(0x7fdfb9016260, 0xc20800e440, 0x0, 0x0, 0x0)
    /ssd/src/gopath/src/golang.org/x/image/tiff/reader.go:415 +0x6d7
golang.org/x/image/tiff.Decode(0x7fdfb9016260, 0xc20800e440, 0x0, 0x0, 0x0, 0x0)
    /ssd/src/gopath/src/golang.org/x/image/tiff/reader.go:517 +0x6b
main.main()
    /tmp/tiff.go:9 +0xa6
package main

import (
    "strings"
    "golang.org/x/image/tiff"
)

func main() {
    tiff.Decode(strings.NewReader(data))
}

var data =  "II*\x00\xc8\x03\x00\x00000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000\f\x000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "00000000000000\x17\x01\x04\x00\x01\x00" +
    "\x00\xc0000000000000000000" +
    "00000000000000000000" +
    "00000000000000000000" +
    "000000"

on commit b2f48f3f517c959ebf11245aa7bf39b127497e9c

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions