[Zlib-devel] known bugs in distance-checking code?
Greg Roelofs
newt at pobox.com
Sat Feb 26 16:53:15 EST 2005
Two updates and two questions:
>> http://messy.desk.pl/mw/0000/mw__0020.png
> That png does indeed have an invalid distance too far back. The
> relevant portions are shown below disassembled. There are five
> literals followed by a match with distance 132. The maximum distance
> allowed at that point is five. With the old inflate, it will most
I just got a response from the maintainer of this site (actually,
of the original at http://www.ibiblio.org/sripedia/ebooks/mw/),
Srinivasan Sriram, and he's fixed the first 99 and will be doing
the rest shortly.
He reports that the software that generated the bogus images was
"ScanSoft Ominpage SE (the free version, not the Pro version) and
this came along with the scanner circa 2002." If someone on this
list has access to Omnipage, perhaps you could see if there's any
hint that it's based on Colosseum Builders' (John Miano's) Image
Library.
>> http://audio.rightmark.org/test/audiotrak-prodigy192-1644/thd.png
> That one doesn't have any literals at all before the first match!
This one identified itself as having been created with John's software,
and after I pointed out the section of the zlib spec that specifically
forbids distances pointing outside the window ("However a distance cannot
refer past the beginning of the output stream."), he agreed to fix his
code when he has a chance.
Unfortunately, there's no telling how many applications use his code,
so these things will probably continue to turn up. (Then again, that's
pretty much guaranteed when a piece of bundled scanning software violates
the spec.)
Now the questions:
(1) When the zlib strategy is Z_RLE, are the results dependent on the
compression level (as with default and Z_FILTERED) or independent
(as with Z_HUFFMAN_ONLY)?
(2) Mark, are your pngdat and infgen utilities generally available? I
assume they're pretty trivial, but they look pretty handy, and even
trivial programs take time to write. :-)
Thanks,
Greg
More information about the Zlib-devel
mailing list