fix: potential buffer overflow in flood_fill due to unchecked stack size#446
Open
zendy199x wants to merge 1 commit intoBinomialLLC:masterfrom
Open
Conversation
There was a problem hiding this comment.
Pull request overview
This PR aims to harden image_u8::flood_fill() against unbounded growth of its internal fill-segment work stack, which could otherwise lead to excessive memory usage in worst-case images.
Changes:
- Add a maximum stack size guard to
image_u8::flood_fill()and return early if exceeded. - Add a new Python test file intended to validate flood fill overflow protection, normal operation, and out-of-bounds behavior.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 5 comments.
| File | Description |
|---|---|
example_transcoding/utils.cpp |
Adds MAX_STACK_SIZE check during the flood fill loop to cap work-stack growth. |
tests/test_utils.py |
Introduces pytest-style tests targeting flood fill behavior and the new stack limit behavior. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Signed-off-by: Zendy <50132805+zendy199x@users.noreply.github.com>
zendy199x
force-pushed
the
fix/potential-buffer-overflow-in-flood-fill-due-to-unc
branch
from
fdd913e to
6a5b4d3
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
The flood_fill function uses a stack to track fill segments without any bounds checking on stack size. If the image contains a large connected region, the stack can grow uncontrollably and lead to stack overflow or memory corruption. This is particularly dangerous in recursive-like operations where the stack depth can grow linearly with image dimensions.
Changes
example_transcoding/utils.cppAdd a maximum stack size limit and return an error or abort if exceeded. Consider switching to an iterative approach with heap allocation or using a more memory-efficient algorithm like scanline flood fill.
Testing