Skip to content

Fix: TagTextDescription, CIccTagLut16, CIccTagLut8 validation #400

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
xsscx merged 2 commits into from
Jan 1, 2026
Merged

Fix: TagTextDescription, CIccTagLut16, CIccTagLut8 validation #400

xsscx merged 2 commits into from
Jan 1, 2026
+37 −33

Conversation

@ChrisCoxArt
Copy link
Contributor

@ChrisCoxArt ChrisCoxArt commented Jan 1, 2026
edited
Loading

Fixes #396 #397 #399

Pull Request Checklist

  • Have you followed the guidelines in Contributing document?
  • Have you checked to ensure there aren't other open Pull Requests for the same change?
  • Have you built your Pull Request locally with the Build Instructions?
  • Have you added or updated relevant tests?
  • Have you added or updated relevant docs?

@ChrisCoxArt
Add safety to CIccTagTextDescription unicode buffer handling
24de806 
Fixes #396
@ChrisCoxArt
Verify 3DLUT channel counts as read
e91fe72 
This avoids crashes while validating LUTs with bad channel counts, and we flag the bad channel counts in the parent class.
Fixes #397
@ChrisCoxArt ChrisCoxArt requested a review from xsscx as a code owner January 1, 2026 20:23
@xsscx xsscx self-assigned this Jan 1, 2026
@xsscx xsscx added PR Pull Request Review in Process PR being Reviewed by Maintainers Security Security Related labels Jan 1, 2026
xsscx
xsscx approved these changes Jan 1, 2026
View reviewed changes
Copy link
Member

@xsscx xsscx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thu Jan 1 09:55:45 PM UTC 2026

@xsscx xsscx added Pending Merge Maintainer indicates Merge Pending and requests no further changes and removed Review in Process PR being Reviewed by Maintainers labels Jan 1, 2026
This was linked to issues Jan 1, 2026
heap-buffer-overflow in CIccTagLut16::Validate() at IccTagLut.cpp:5305 #397
Closed
heap-buffer-overflow in CIccTagLut8::Validate() at IccTagLut.cpp:4880 #399
Closed
@xsscx xsscx changed the title Fix LUT Validate() and ReleaseUnicode() buffer overflows Fix: TagTextDescription, CIccTagLut16, CIccTagLut8 validation Jan 1, 2026
@xsscx xsscx merged commit 7c2cb71 into master Jan 1, 2026
25 checks passed
@xsscx xsscx added Merged Merged CVE Requested Maintainer indicates a CVE has been Requested and removed Pending Merge Maintainer indicates Merge Pending and requests no further changes labels Jan 1, 2026
@xsscx
Copy link
Member

xsscx commented Jan 3, 2026

Post Merge Note

3 CVE's were requested:

  • Unicode buffer overflow in CIccTagTextDescription
  • Heap buffer overflow in CIccTagLut16:: Validate()
  • Heap buffer overflow in CIccTagLut8::Validate()

@ChrisCoxArt ChrisCoxArt deleted the issue-396 branch January 4, 2026 09:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@xsscx xsscx xsscx approved these changes

Assignees

@xsscx xsscx

Labels

CVE Requested Maintainer indicates a CVE has been Requested Merged Merged PR Pull Request Security Security Related

Projects

None yet

Milestone

No milestone

3 participants

@ChrisCoxArt @xsscx