EXC_BAD_ACCESS lime::PNG::Decode

[barisyild]

I get crash errors for this reason at least once a day.

Lime 8.2.1

OS Version: iOS 17.5.1 (21F90)
Report Version: 104

Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: SEGV_NOOP
Crashed Thread: 20

Application Specific Information:
Exception 1, Code 1, Subcode 0 >
Attempted to dereference null pointer.

Thread 20 Crashed:
0   libsystem_platform.dylib        0x3cf15cb24         _platform_memcmp
1   Application                        0x20446e02c         lime::PNG::Decode
2   Application                        0x204460e48         lime::lime_image_load_bytes
3   Application                        0x20556d844         lime::graphics::Image_obj::_hx___fromBytes
4   Application                        0x20556e500         lime::graphics::Image_obj::fromBytes
5   Application                        0x205571ba8         lime::graphics::Image_obj::loadFromBytes::_hx_Closure_0::__run
6   Application                        0x205145164         lime::app::FutureWork_obj::threadPool_doWork
7   Application                        0x20514523c         lime::app::__FutureWork_objthreadPool_doWork
8   Application                        0x205071140         lime::_hx_system::ThreadPool_obj::_hx___executeThread
9   Application                        0x2050713c4         lime::_hx_system::__ThreadPool_obj_hx___executeThread
10  Application                        0x20567ab30         sys::thread::_Thread::HaxeThread_obj::create::_hx_Closure_0::_hx_run
11  Application                        0x20567a920         sys::thread::_Thread::HaxeThread_obj::create::_hx_Closure_0::__run
12  Application                        0x2059d6188         hxThreadFunc
13  libsystem_pthread.dylib         0x3cf2cc06c         _pthread_start

[trnzk]

The png_sig_cmp function uses memcmp while checking the png signature, the crash also occurred in memcmp. Maybe the png could not be loaded from the network, and the length of the bytes could be less than PNG_SIG_SIZE. Checking if the byte is long enough may solve the crash.

@:noCompletion private function __fromBytes(bytes:Bytes, onload:Image->Void = null):Bool
{
  if (bytes == null || bytes.length < 8) // <-- check bytes length
    return false;

  #if (js && html5)

lime/src/lime/graphics/Image.hx

Line 1462 in abb92a2

#if (js && html5)

[barisyild]

The png_sig_cmp function uses memcmp while checking the png signature, the crash also occurred in memcmp. Maybe the png could not be loaded from the network, and the length of the bytes could be less than PNG_SIG_SIZE. Checking if the byte is long enough may solve the crash.

@:noCompletion private function __fromBytes(bytes:Bytes, onload:Image->Void = null):Bool
{
if (bytes == null || bytes.length < 8) // <-- check bytes length
return false;

#if (js && html5)
lime/src/lime/graphics/Image.hx

Line 1462 in abb92a2

#if (js && html5)

It seems to be true.

[joshtynjala]

JPEG and GIF can have smaller byte lengths for their signatures. If we're specifically going to check that it's larger than 8 bytes for PNG, it should probably be somewhere around here:

https://github.com/openfl/lime/blob/a03c0c3/project/src/graphics/format/PNG.cpp#L94-L95

[trnzk]

The problem here is that Bytes.b is null. This could be a problem for jpeg and gif as well. Just checking if bytes is valid could solve the problem.

if (bytes == null || bytes.length == 0)
    return false;

[barisyild]

The problem here is that Bytes.b is null. This could be a problem for jpeg and gif as well. Just checking if bytes is valid could solve the problem.

if (bytes == null || bytes.length == 0)
return false;

I think it makes more sense to throw an exception instead of returning false, doesn't it?

[trnzk]

There is no exception used in the Image class, in fact the throw on line 1479 is remarked, there may be a reason for this. Also, __fromBytes is called by fromBytes and it returns null instead of an exception in case of an error. I think, just return false is more appropriate instead of using an exception.