ZaneYork
/
zoneminder
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #3266 from Carbenium/fill-out-of-bounds 

Image: Remove std::vector out-of-bounds access when filling polygons
This commit is contained in:
Isaac Connor 2021-05-29 15:05:19 -04:00 committed by GitHub
parent 09b0353592 339cfd49bc
commit 2e61ee4c95
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
cmake/compiler/gcc/settings.cmake
View File

@ -20,6 +20,7 @@ endif()
if(ASAN)
target_compile_options(zm-compile-option-interface
INTERFACE
-D_GLIBCXX_SANITIZE_VECTOR=1
-fno-omit-frame-pointer
-fsanitize=address
-fsanitize-recover=address

8
src/zm_image.cpp
View File

@ -2513,10 +2513,16 @@ void Image::Fill(Rgb colour, int density, const Polygon &polygon) {
++it;
}
}
// Not enough edges to perform the fill operation.
// Continue to next line.
if (active_edges.size() < 2) {
continue;
}
std::sort(active_edges.begin(), active_edges.end(), PolygonFill::Edge::CompareX);
if (!(scan_line % density)) {
for (auto it = active_edges.begin(); it != active_edges.end(); ++it) {
for (auto it = active_edges.begin(); it < active_edges.end() - 1; ++it) {
int32 lo_x = static_cast<int32>(it->min_x);
int32 hi_x = static_cast<int32>(std::next(it)->min_x);
if (colours == ZM_COLOUR_GRAY8) {