35 lines
1.4 KiB
Diff
35 lines
1.4 KiB
Diff
From a6ddaf5faa6e0e2119763ed93e5745c2ec164c2d Mon Sep 17 00:00:00 2001
|
|
From: Cary Phillips <cary@ilm.com>
|
|
Date: Sat, 21 Feb 2026 17:15:42 -0800
|
|
Subject: [PATCH] Report an error if a deep pixel as more than UINT_MAX samples
|
|
|
|
There was no overflow check in totalling the samples per pixel, so a
|
|
pixel with more samples than could fit in an unsigned int would
|
|
overflow.
|
|
|
|
This formalizes a limit of 4,294,967,295 samples per pixel, which the
|
|
library has always had by virtue of failing when attempting to add
|
|
more.
|
|
|
|
Signed-off-by: Cary Phillips <cary@ilm.com>
|
|
---
|
|
src/lib/OpenEXR/ImfCompositeDeepScanLine.cpp | 4 ++++
|
|
1 file changed, 4 insertions(+)
|
|
|
|
diff --git a/src/lib/OpenEXR/ImfCompositeDeepScanLine.cpp b/src/lib/OpenEXR/ImfCompositeDeepScanLine.cpp
|
|
index 8ac4a166bf..01b8bec411 100644
|
|
--- a/src/lib/OpenEXR/ImfCompositeDeepScanLine.cpp
|
|
+++ b/src/lib/OpenEXR/ImfCompositeDeepScanLine.cpp
|
|
@@ -508,6 +508,10 @@ CompositeDeepScanLine::readPixels (int start, int end)
|
|
num_sources[ptr] = 0;
|
|
for (size_t j = 0; j < parts; j++)
|
|
{
|
|
+ if (total_sizes[ptr] > std::numeric_limits<unsigned int>::max() - counts[j][ptr])
|
|
+ throw IEX_NAMESPACE::ArgExc (
|
|
+ "Cannot composite scanline: pixel cannot have more than UINT_MAX samples");
|
|
+
|
|
total_sizes[ptr] += counts[j][ptr];
|
|
if (counts[j][ptr] > 0) num_sources[ptr]++;
|
|
}
|
|
|