Comments (2)
dariomanesku
commented on August 28, 2024
Yeah, the problem is in KTX parsing, I'm not sure exactly where.
from cmft.
gy741
commented on August 28, 2024
Hello,
I think there is a problem in the source code below.
"read = readFn (_rw, & faceData, faceSize);"
const size_t size = fread(_data, 1, _size, _src->m_file);
Thanks.
image.cpp:4580
for (uint8_t face = 0; face < ktxHeader.m_numFaces; ++face)
{
uint8_t* faceData = (uint8_t*)data + offsets[mip][face];
if (0 == pitchRounding)
{
// Read entire face at once.
read = readFn(_rw, &faceData, faceSize); <---------------------------Crash.
DEBUG_CHECK(read == faceSize, "Error reading Ktx face data.");
}
#0 0x0000000000402ee7 in cmft::rwReadFile (_src=0x7ffffffe5240, _data=0x7ffffffe4f70, _size=0xc648)
at ../../src/cmft/image.cpp:238
size = 0x4
#1 0x000000000040e2e7 in cmft::imageLoadKtx (_image=..., _rw=0x7ffffffe5240, _allocator=0x64d3a0 <cmft::g_crtAllocator>)
at ../../src/cmft/image.cpp:4587
faceData = 0x6b3e60 ""
face = 0x0
faceSize = 0xc648
mipSize = 0xc648
width = 0xb4
height = 0x5e
pitch = 0x21c
pitchRounding = 0x0
faceRounding = 0x0
mipRounding = 0x0
mip = 0x0
read = 0x4
didOpen = 0x0
scopeClose = {
m_rw = 0x7ffffffe5240,
m_condition = 0x0
}
seekFn = 0x402dd6 <cmft::rwSeekFile(cmft::Rw*, long, cmft::Whence::Enum)>
readFn = 0x402ebb <cmft::rwReadFile(cmft::Rw*, void*, unsigned long)>
ktxHeader = {
m_endianness = 0x4030201,
m_glType = 0x1401,
m_glTypeSize = 0x1,
m_glFormat = 0x1907,
m_glInternalFormat = 0x1907,
m_glBaseInternalFormat = 0x1907,
m_pixelWidth = 0xb4,
m_pixelHeight = 0x5e,
m_pixelDepth = 0x0,
m_numArrayElements = 0x0,
m_numFaces = 0x1,
m_numMips = 0x1,
m_bytesKeyValue = 0x1c
}
magic = "\253KTX 11\273\r\n\032\n"
ktxMagic = "\253KTX 11\273\r\n\032\n"
format = cmft::TextureFormat::RGB8
bytesPerPixel = 0x3
offsets = {{0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x100ffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x7074756f, 0x35317475, 0x0,
0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x40404040, 0x40404040}, {0x40404040,
0x40404040, 0x0, 0x0, 0x0, 0x0}, {0x5a5a5a5a, 0x5a5a5a5a, 0x5a5a5a5a, 0x5a5a5a5a, 0x0, 0x0}, {0x0, 0x0, 0x20202020,
0x20202020, 0x20202020, 0x20202020}, {0x0, 0x0, 0x0, 0x0, 0xffffffff, 0xffff}, {0xffffff00, 0xffffff00, 0x0, 0x0,
0x0, 0x0}, {0x6b2c20, 0x0, 0x1, 0x0, 0x6b2c20, 0x0}, {0xf6bbd5e8, 0x7fff, 0x6b2c20, 0x0, 0x6b2c20, 0x0}, {0x0, 0x0,
0xf6bbbfd3, 0x7fff, 0x6b2c20, 0x0}, {0x6b2e50, 0x0, 0x0, 0x0, 0x6b2d00, 0x0}, {0x6b2c20, 0x0, 0x6b2d00, 0x0,
0x6b2c20, 0x0}, {0xfffe5190, 0x7fff, 0xfffe53c0, 0x7fff, 0xffffdc70, 0x7fff}}
dataSize = 0xc648
data = 0x6b3e60
result = {
m_width = 0x6b3e60,
m_height = 0x0,
m_dataSize = 0x0,
m_format = cmft::TextureFormat::BGR8,
m_numMips = 0x90,
m_numFaces = 0x51,
m_data = 0x7ffff7de6ac6 <_dl_fixup+214>
}
#2 0x000000000040f48c in cmft::imageLoad (_image=..., _rw=0x7ffffffe5240, _convertTo=cmft::TextureFormat::RGBA32F,
_allocator=0x64d3a0 <cmft::g_crtAllocator>) at ../../src/cmft/image.cpp:5030
didOpen = 0x1
scopeClose = {
m_rw = 0x7ffffffe5240,
m_condition = 0x1
}
seekFn = 0x402dd6 <cmft::rwSeekFile(cmft::Rw*, long, cmft::Whence::Enum)>
readFn = 0x402ebb <cmft::rwReadFile(cmft::Rw*, void*, unsigned long)>
magic = 0x58544bab
loaded = 0x0
#3 0x000000000040f570 in cmft::imageLoad (_image=..., _filePath=0x7ffffffe5620 "poc.ktx",
_convertTo=cmft::TextureFormat::RGBA32F, _allocator=0x64d3a0 <cmft::g_crtAllocator>) at ../../src/cmft/image.cpp:5057
rw = {
m_error = 0x0,
m_type = 0x1,
{
{
m_path = 0x7ffffffe5620 "poc.ktx",
m_file = 0x6b2c20
},
{
m_mem = 0x7ffffffe5620,
m_size = 0x6b2c20,
m_offset = 0x0
}
}
}
#4 0x0000000000438c2f in cmftMain (_argc=0x5, _argv=0x7fffffffdc78) at ../../src/cmft_cli/cmft_cli.h:895
cmdLine = {
m_argc = 0x5,
m_argv = 0x7fffffffdc78
}
inputParameters = <error reading variable inputParameters (value of type `InputParameters' requires 99628 bytes, which is more than max-value-size)>
image = {
m_width = 0x0,
m_height = 0x0,
m_dataSize = 0x0,
m_format = cmft::TextureFormat::Null,
m_numMips = 0x0,
m_numFaces = 0x0,
m_data = 0x0
}
imageFaceList = {{
m_width = 0x0,
m_height = 0x0,
m_dataSize = 0x0,
m_format = cmft::TextureFormat::Null,
m_numMips = 0x0,
m_numFaces = 0x0,
m_data = 0x0
}, {
m_width = 0x0,
m_height = 0x0,
m_dataSize = 0x0,
m_format = cmft::TextureFormat::Null,
m_numMips = 0x0,
m_numFaces = 0x0,
m_data = 0x0
}, {
m_width = 0x0,
m_height = 0x0,
m_dataSize = 0x0,
m_format = cmft::TextureFormat::Null,
m_numMips = 0x0,
m_numFaces = 0x0,
m_data = 0x0
}, {
m_width = 0x0,
m_height = 0x0,
m_dataSize = 0x0,
m_format = cmft::TextureFormat::Null,
m_numMips = 0x0,
m_numFaces = 0x0,
m_data = 0x0
}, {
m_width = 0x0,
m_height = 0x0,
m_dataSize = 0x0,
m_format = cmft::TextureFormat::Null,
m_numMips = 0x0,
m_numFaces = 0x0,
m_data = 0x0
}, {
m_width = 0x0,
m_height = 0x0,
m_dataSize = 0x0,
m_format = cmft::TextureFormat::Null,
m_numMips = 0x0,
m_numFaces = 0x0,
m_data = 0x0
}}
imageLoaded = 0x0
#5 0x00000000004396d4 in main (_argc=0x5, _argv=0x7fffffffdc78) at ../../src/main.cpp:22
No locals.
#6 0x00007ffff6b63830 in __libc_start_main (main=0x4396b4 <main(int, char const* const*)>, argc=0x5, argv=0x7fffffffdc78,
init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffdc68) at ../csu/libc-start.c:291
result = <optimized out>
unwind_buf = {
cancel_jmp_buf = {{
jmp_buf = {0x0, 0x5fbf91a5e9fabc06, 0x401f90, 0x7fffffffdc70, 0x0, 0x0, 0xa0406edd67dabc06, 0xa0407c4ebf4abc06},
mask_was_saved = 0x0
}},
priv = {
pad = {0x0, 0x0, 0x5, 0x4396b4 <main(int, char const* const*)>},
data = {
prev = 0x0,
cleanup = 0x0,
canceltype = 0x5
}
}
}
not_first_call = <optimized out>
#7 0x0000000000401fb9 in _start ()
No symbol table info available.
from cmft.
Related Issues (20)
- osx build failed HOT 3
- How to build this?
- Stack buffer overflow in function cmft::rwReadFile
- Are there any plans to port to Metal2 GPGPU for macOS ? HOT 1
- Is there any documents or paper for cubemap filtering in cmft? HOT 1
- Causing Maya crashed when importing dds image generated from cmft HOT 2
- Segmentation fault (ASAN: memcpy-param-overlap)
- Segmentation fault (ASAN: SEGV on unknown address)
- Heap buffer overflow on cmft::imageTransformArg
- Segmentation fault (ASAN: heap-buffer-overflow) on cmft::bgr8ToRgba32f
- Segmentation fault (ASAN: heap-buffer-overflow) on cmft::imageLoadStb
- Heap buffer overflow on cmft::imageLoadTga
- Segmentation fault (ASAN: negative-size-param)
- SEGV (ASAN: heap-buffer-overflow) on cmft::rgba8ToRgba32f
- SEGV on cmft::imageIsCubeCross
- input image limit - 268 435 456 pixels does not allow 32K panorama conversion)
- is there a way to encode dds in rgba8 texture format?
- Typo in RGBM encoding?
- Does not build on Alpine 3.14 inside Docker container
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cmft.