Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Quadratic loop in PentaxMakerNote::printVersion #1909

Closed
kevinbackhouse opened this issue Sep 17, 2021 · 0 comments · Fixed by #1910
Closed

Quadratic loop in PentaxMakerNote::printVersion #1909

kevinbackhouse opened this issue Sep 17, 2021 · 0 comments · Fixed by #1910
Assignees
@kevinbackhouse
Labels
bug OSS-Fuzz Bug reported by https://google.github.io/oss-fuzz/
Milestone
v0.27.5

Comments

@kevinbackhouse
Copy link
Collaborator

Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38887

The loop in printVersion is quadratic, because it keeps searching from the start of the string:

while ((i = val.find(' ')) != std::string::npos && i != val.length() - 1) {
    val.replace(i, 1, ".");
}

poc: poc.tar.gz
@kevinbackhouse kevinbackhouse self-assigned this Sep 17, 2021
@kevinbackhouse kevinbackhouse added bug OSS-Fuzz Bug reported by https://google.github.io/oss-fuzz/ labels Sep 17, 2021
@kevinbackhouse kevinbackhouse added this to the v1.00 milestone Sep 17, 2021
@kevinbackhouse kevinbackhouse mentioned this issue Sep 17, 2021
Merged
@kevinbackhouse kevinbackhouse modified the milestones: v1.00, v0.27.5 Sep 24, 2021
@clanmills clanmills mentioned this issue Oct 21, 2021
Open
@nehaljwani nehaljwani mentioned this issue Apr 30, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kevinbackhouse kevinbackhouse

Labels
bug OSS-Fuzz Bug reported by https://google.github.io/oss-fuzz/
Projects
None yet
Milestone
v0.27.5
Development

Successfully merging a pull request may close this issue.

Fix quadratic loops in pentaxmn_int.cpp kevinbackhouse/exiv2
1 participant
@kevinbackhouse