Fix heap buffer overflow in decode_png (#7691)

kobrineli · web-flow · commit b5401b942441 · 2023-06-22T10:12:04.000+01:00
diff --git a/test/assets/toosmall_png/heapbof.png b/test/assets/toosmall_png/heapbof.png
diff --git a/test/test_image.py b/test/test_image.py
@@ -32,6 +32,7 @@
 DAMAGED_PNG = os.path.join(IMAGE_ROOT, "damaged_png")
 ENCODE_JPEG = os.path.join(IMAGE_ROOT, "encode_jpeg")
 INTERLACED_PNG = os.path.join(IMAGE_ROOT, "interlaced_png")
+TOOSMALL_PNG = os.path.join(IMAGE_ROOT, "toosmall_png")
 IS_WINDOWS = sys.platform in ("win32", "cygwin")
 PILLOW_VERSION = tuple(int(x) for x in PILLOW_VERSION.split("."))
 
@@ -193,6 +194,8 @@ def test_decode_png_errors():
         decode_png(torch.randint(3, 5, (300,), dtype=torch.uint8))
     with pytest.raises(RuntimeError, match="Out of bound read in decode_png"):
         decode_png(read_file(os.path.join(DAMAGED_PNG, "sigsegv.png")))
+    with pytest.raises(RuntimeError, match="Content is too small for png"):
+        decode_png(read_file(os.path.join(TOOSMALL_PNG, "heapbof.png")))
 
 
 @pytest.mark.parametrize(
diff --git a/torchvision/csrc/io/image/cpu/decode_png.cpp b/torchvision/csrc/io/image/cpu/decode_png.cpp
@@ -49,6 +49,7 @@ torch::Tensor decode_png(
     png_destroy_read_struct(&png_ptr, &info_ptr, nullptr);
     TORCH_CHECK(false, "Internal error.");
   }
+  TORCH_CHECK(datap_len >= 8, "Content is too small for png!")
   auto is_png = !png_sig_cmp(datap, 0, 8);
   TORCH_CHECK(is_png, "Content is not png!")
 

Original file line number	Diff line number	Diff line change
`@@ -49,6 +49,7 @@ torch::Tensor decode_png(`
`49`	`49`	`png_destroy_read_struct(&png_ptr, &info_ptr, nullptr);`
`50`	`50`	`TORCH_CHECK(false, "Internal error.");`
`51`	`51`	`}`
	`52`	`+ TORCH_CHECK(datap_len >= 8, "Content is too small for png!")`
`52`	`53`	`auto is_png = !png_sig_cmp(datap, 0, 8);`
`53`	`54`	`TORCH_CHECK(is_png, "Content is not png!")`
`54`	`55`