Skip to content

fix(heif): Invalid read writing 8bit and dimensions not a multiple of 64#5095

Merged
lgritz merged 1 commit intoAcademySoftwareFoundation:mainfrom
brechtvl:fix-heif-stride
Mar 18, 2026
Merged

fix(heif): Invalid read writing 8bit and dimensions not a multiple of 64#5095
lgritz merged 1 commit intoAcademySoftwareFoundation:mainfrom
brechtvl:fix-heif-stride

Conversation

@brechtvl
Copy link
Contributor

@brechtvl brechtvl commented Mar 18, 2026

Description

Don't coy from memory using the stride, as this can get padded and read past the end of the input pixel data. The 10 and 12 bit paths were correct.

Tests

Test added, this only failed with address sanitizer.

Checklist:

  • I have read the guidelines on contributions and code review procedures.
  • I have updated the documentation if my PR adds features or changes
    behavior.
  • I am sure that this PR's changes are tested somewhere in the
    testsuite    .
  • I have run and passed the testsuite in CI before submitting the
    PR, by pushing the changes to my fork and seeing that the automated CI
    passed there. (Exceptions: If most tests pass and you can't figure out why
    the remaining ones fail, it's ok to submit the PR and ask for help. Or if
    any failures seem entirely unrelated to your change; sometimes things break
    on the GitHub runners.)
  • My code follows the prevailing code style of this project and I
    fixed any problems reported by the clang-format CI test.
  • If I added or modified a public C++ API call, I have also amended the
    corresponding Python bindings. If altering ImageBufAlgo functions, I also
    exposed the new functionality as oiiotool options.

@brechtvl
fix(heif): Invalid read writing 8bit and dimensions not a multiple of 64
57fdaa1 
Don't coy from memory using the stride, as this can get padded and read past
the end of the input pixel data. The 10 and 12 bit paths were correct.

Signed-off-by: Brecht Van Lommel <brecht@blender.org>
lgritz
lgritz approved these changes Mar 18, 2026
View reviewed changes
Copy link
Collaborator

@lgritz lgritz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@lgritz lgritz merged commit ad0abda into AcademySoftwareFoundation:main Mar 18, 2026
31 checks passed
lgritz pushed a commit to lgritz/OpenImageIO that referenced this pull request Mar 19, 2026
@brechtvl @lgritz
fix(heif): Invalid read writing 8bit and dimensions not a multiple of…
408428c 
… 64 (AcademySoftwareFoundation#5095)

Don't copy from memory using the stride, as this can get padded and read
past the end of the input pixel data. The 10 and 12 bit paths were
correct.

Test added, this only failed with address sanitizer.

Signed-off-by: Brecht Van Lommel <brecht@blender.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lgritz lgritz lgritz approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@brechtvl @lgritz