-
Notifications
You must be signed in to change notification settings - Fork 1.2k
Commit 3759088
committed
Blend: _blend_colorspace_channels(): raw has 1 channel per pixel
This was probably missed (or it was not noticed) in 78fc8af
Fixes:
=================================================================
==19419==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7f31036b66e0 at pc 0x7f31cd73ce7a bp 0x7f3145815a80 sp 0x7f3145815a78
READ of size 4 at 0x7f31036b66e0 thread T57
#0 0x7f31cd73ce79 in _blend_normal_unbounded /home/lebedevri/darktable/src/develop/blend.c:486
#1 0x7f31cd744916 in dt_develop_blend_process._omp_fn.6 /home/lebedevri/darktable/src/develop/blend.c:2194
#2 0x7f31c6ba5715 (/usr/lib/x86_64-linux-gnu/libgomp.so.1+0xd715)
#3 0x7f31c9db80a3 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x80a3)
#4 0x7f31c68cdccc in clone (/lib/x86_64-linux-gnu/libc.so.6+0xe5ccc)
0x7f31036b66e0 is located 0 bytes to the right of 89644768-byte region [0x7f30fe138800,0x7f31036b66e0)
allocated by thread T10 here:
#0 0x7f31cdbd4c9b in __interceptor_posix_memalign (/usr/lib/x86_64-linux-gnu/libasan.so.1+0x54c9b)
#1 0x7f31cd65c18d in dt_alloc_align /home/lebedevri/darktable/src/common/darktable.c:997
#2 0x7f31cd731cd8 in dt_dev_pixelpipe_cache_get_weighted /home/lebedevri/darktable/src/develop/pixelpipe_cache.c:163
#3 0x7f31cd7369dd in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:827
#4 0x7f31cd732452 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:689
#5 0x7f31cd732452 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:689
#6 0x7f31cd732452 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:689
#7 0x7f31cd732c54 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:814
#8 0x7f31cd732452 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:689
#9 0x7f31cd732452 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:689
#10 0x7f31cd732452 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:689
#11 0x7f31cd732452 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:689
#12 0x7f31cd732452 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:689
#13 0x7f31cd732452 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:689
#14 0x7f31cd732452 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:689
#15 0x7f31cd732c54 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:814
#16 0x7f31cd732452 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:689
#17 0x7f31cd732c54 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:814
#18 0x7f31cd732452 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:689
#19 0x7f31cd732452 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:689
#20 0x7f31cd732c54 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:814
#21 0x7f31cd732452 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:689
#22 0x7f31cd732452 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:689
#23 0x7f31cd732452 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:689
#24 0x7f31cd732452 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:689
#25 0x7f31cd732452 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:689
#26 0x7f31cd732452 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:689
#27 0x7f31cd732452 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:689
#28 0x7f31cd732452 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:689
#29 0x7f31cd732452 in dt_dev_pixelpipe_process_rec /home/lebedevri/darktable/src/develop/pixelpipe_hb.c:689
Thread T57 created by T10 here:
#0 0x7f31cdba3bba in pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.1+0x23bba)
#1 0x7f31c6ba5c56 (/usr/lib/x86_64-linux-gnu/libgomp.so.1+0xdc56)
#2 0x7f31c6ba17d9 in GOMP_parallel (/usr/lib/x86_64-linux-gnu/libgomp.so.1+0x97d9)
#3 0x3ed921823dcccccc
Thread T10 created by T0 here:
#0 0x7f31cdba3bba in pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.1+0x23bba)
#1 0x7f31cd6fc149 in dt_control_jobs_init /home/lebedevri/darktable/src/control/jobs.c:512
#2 0x7f31cd6f1945 in dt_control_init /home/lebedevri/darktable/src/control/control.c:317
#3 0x7f31cd65fe3c in dt_init /home/lebedevri/darktable/src/common/darktable.c:745
#4 0x400b7f in main /home/lebedevri/darktable/src/main.c:24
#5 0x7f31c6809b44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b44)
SUMMARY: AddressSanitizer: heap-buffer-overflow /home/lebedevri/darktable/src/develop/blend.c:486 _blend_normal_unbounded
Shadow bytes around the buggy address:
0x0fe6a06cec80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0fe6a06cec90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0fe6a06ceca0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0fe6a06cecb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0fe6a06cecc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0fe6a06cecd0: 00 00 00 00 00 00 00 00 00 00 00 00[fa]fa fa fa
0x0fe6a06cece0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0fe6a06cecf0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0fe6a06ced00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0fe6a06ced10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0fe6a06ced20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Contiguous container OOB:fc
ASan internal: fe
==19419==ABORTING1 parent 3df382e commit 3759088Copy full SHA for 3759088
File tree
Expand file treeCollapse file tree
1 file changed
+1
-1
lines changedOpen diff view settings
Filter options
- src/develop
Expand file treeCollapse file tree
1 file changed
+1
-1
lines changedOpen diff view settings
Collapse file
+1-1Lines changed: 1 addition & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
366 | 366 | | |
367 | 367 | | |
368 | 368 | | |
369 | | - | |
| 369 | + | |
370 | 370 | | |
371 | 371 | | |
372 | 372 | | |
| |||
0 commit comments