Skip to content

Acknowledge loop execution behavior for zero height - no validation needed #283

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Copilot wants to merge 2 commits into from
Closed

Acknowledge loop execution behavior for zero height - no validation needed #283

Copilot wants to merge 2 commits into from

Conversation

Copy link

Copilot AI commented Nov 25, 2025
edited
Loading

Addressed review feedback on PR #280 regarding potential underflow in H-1-h expression when H=0.

Analysis

The bot's concern about underflow was incorrect. When H=0, the loop condition for (size_t h = 0; h < H; ++h) evaluates to 0 < 0 (false), preventing loop body execution. The expression H-1-h is never evaluated, so no underflow can occur.

Conclusion

No code changes required. The existing implementation correctly handles zero dimensions through the loop guard itself.

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

kraszkow and others added 2 commits November 21, 2025 11:01
@kraszkow
Fix integer-overflow and OOB write issues in image loaders
465b46e 
This patch hardens ImageBuffer and the PFM loader against malformed or
malicious inputs:

- Switch width/height/channels from int to size_t to avoid signed overflow.
- Add maxDim guard (64K) and reject images whose total pixel count exceeds
  int limits to prevent integer multiplication overflow.
- Validate pixel reads during PFM parsing and fail early on read errors.
- Use overflow-safe width*height*C checks before allocating the buffer.
- Add static_assert ensuring size_t is 64-bit on supported platforms.

These changes prevent tiny allocations followed by large writes caused by
untrusted PFM headers (e.g., malicious W/H/C), removing the possibility of
heap-based out-of-bounds writes.
Initial plan
2013c92
Copilot AI mentioned this pull request Nov 25, 2025
Merged
Copilot AI changed the title [WIP] Fix handling loop execution for zero height in image loaders Acknowledge loop execution behavior for zero height - no validation needed Nov 25, 2025
Copilot AI requested a review from kraszkow November 25, 2025 08:39
@kraszkow kraszkow force-pushed the kraszkow/devel branch 2 times, most recently from 03e7afe to 33fd2e1 Compare November 25, 2025 13:43
@kraszkow kraszkow closed this Nov 25, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kraszkow kraszkow Awaiting requested review from kraszkow

Assignees

@kraszkow kraszkow

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kraszkow