fix: Increase PNGdec buffer size to support wide images#995
fix: Increase PNGdec buffer size to support wide images#995daveallie merged 4 commits intocrosspoint-reader:masterfrom
Conversation
|
Increasing PNG scanline buffer fixes crash on book from #993 |
osteotek
changed the title
📝 WalkthroughWalkthroughAdds runtime validation helpers to PNG decoding to prevent buffer overflows by computing required memory and checking against PNG_MAX_BUFFERED_PIXELS, while increasing the maximum buffered scanline width from 800px to 2048px in build configuration. Changes
Estimated code review effort🎯 2 (Simple) | ⏱️ ~12 minutes Suggested reviewers
🚥 Pre-merge checks | ✅ 4✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. Comment |
@allgoewer Correct. Added buffer check, overruning buffer size will stop png decoding with log message |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
📜 Review details
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (2)
lib/Epub/Epub/converters/PngToFramebufferConverter.cppplatformio.ini
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
- GitHub Check: build
🔇 Additional comments (2)
lib/Epub/Epub/converters/PngToFramebufferConverter.cpp (2)
93-117: Clear, focused sizing helpers.The per-pixel-type sizing and internal-buffer requirement calculation are clean and easy to reason about.
333-343: Good safety gate before decode.The preflight check cleanly prevents PNGdec internal buffer overruns before the callback runs.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@platformio.ini`:
- Around line 34-36: The PNG buffer constant in platformio.ini is too low for
2048px RGBA images and causes the guard in PngToFramebufferConverter.cpp (around
the check at line 335) to reject valid images; update the
-DPNG_MAX_BUFFERED_PIXELS definition to at least 16418 (preferably 16450 or a
small safety margin) so the computed requirement ((2048*4)+1)*2+32 is satisfied,
then rebuild so the preprocessor macro used by PngToFramebufferConverter.cpp
reflects the new limit.
| # Increase PNG scanline buffer to support up to 2048px wide images | ||
| # Default is (320*4+1)*2=2562, we need more for larger images | ||
| -DPNG_MAX_BUFFERED_PIXELS=6402 | ||
| -DPNG_MAX_BUFFERED_PIXELS=16416 |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
# Locate key files
fd -i platformio\.ini
fd -i "PngToFramebufferConverter" --type f
rg -l "PNG_MAX_BUFFERED_PIXELS" -t cpp -t iniRepository: crosspoint-reader/crosspoint-reader
Length of output: 246
🏁 Script executed:
# Read platformio.ini around lines 34-36
cat -n platformio.ini | sed -n '30,40p'Repository: crosspoint-reader/crosspoint-reader
Length of output: 459
🏁 Script executed:
# Read PngToFramebufferConverter.cpp to find the guard
cat -n lib/Epub/Epub/converters/PngToFramebufferConverter.cppRepository: crosspoint-reader/crosspoint-reader
Length of output: 15427
🏁 Script executed:
# Search for PNG_MAX_BUFFERED_PIXELS definition and usage
rg "PNG_MAX_BUFFERED_PIXELS" -B 2 -A 2Repository: crosspoint-reader/crosspoint-reader
Length of output: 2400
🏁 Script executed:
# Search for PNGdec.h
fd -i "pngdec" -o -i "png.h"Repository: crosspoint-reader/crosspoint-reader
Length of output: 195
PNG_MAX_BUFFERED_PIXELS=16416 is insufficient for advertised 2048px RGBA support.
The guard in PngToFramebufferConverter.cpp line 335 will reject 2048px RGBA images, which require 16,418 bytes (((2048*4)+1)*2+32), while the constant is set to 16,416 bytes. Raise the limit to at least 16,418:
🔧 Suggested adjustment
- -DPNG_MAX_BUFFERED_PIXELS=16416
+ -DPNG_MAX_BUFFERED_PIXELS=16418🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@platformio.ini` around lines 34 - 36, The PNG buffer constant in
platformio.ini is too low for 2048px RGBA images and causes the guard in
PngToFramebufferConverter.cpp (around the check at line 335) to reject valid
images; update the -DPNG_MAX_BUFFERED_PIXELS definition to at least 16418
(preferably 16450 or a small safety margin) so the computed requirement
((2048*4)+1)*2+32 is satisfied, then rebuild so the preprocessor macro used by
PngToFramebufferConverter.cpp reflects the new limit.
## Summary * Increased `PNG_MAX_BUFFERED_PIXELS` from 6402 to 16416 in `platformio.ini` to support up to 2048px wide RGBA images * adds a check to abort decoding and log an error if the required PNG scanline buffer exceeds the configured `PNG_MAX_BUFFERED_PIXELS`, preventing possible buffer overruns. * fixes #993 --- ### AI Usage While CrossPoint doesn't have restrictions on AI tools in contributing, please be transparent about their usage as it helps set the right context for reviewers. Did you use AI tools to help write this code? _**< YES >**_
…eader#995) ## Summary * Increased `PNG_MAX_BUFFERED_PIXELS` from 6402 to 16416 in `platformio.ini` to support up to 2048px wide RGBA images * adds a check to abort decoding and log an error if the required PNG scanline buffer exceeds the configured `PNG_MAX_BUFFERED_PIXELS`, preventing possible buffer overruns. * fixes crosspoint-reader#993 --- ### AI Usage While CrossPoint doesn't have restrictions on AI tools in contributing, please be transparent about their usage as it helps set the right context for reviewers. Did you use AI tools to help write this code? _**< YES >**_
|
@osteotek what was the png size and type which was causing the crash ? Maybe I can add another page to the test epub generator (https://github.com/crosspoint-reader/crosspoint-reader/blob/master/scripts/generate_test_epub.py) so we can catch any future regressions ? |
|
@martinbrook PNG with width=1400, it's on the first page of this epub - https://standardebooks.org/ebooks/dashiell-hammett/the-maltese-falcon/downloads/dashiell-hammett_the-maltese-falcon.epub |
…eader#995) ## Summary * Increased `PNG_MAX_BUFFERED_PIXELS` from 6402 to 16416 in `platformio.ini` to support up to 2048px wide RGBA images * adds a check to abort decoding and log an error if the required PNG scanline buffer exceeds the configured `PNG_MAX_BUFFERED_PIXELS`, preventing possible buffer overruns. * fixes crosspoint-reader#993 --- ### AI Usage While CrossPoint doesn't have restrictions on AI tools in contributing, please be transparent about their usage as it helps set the right context for reviewers. Did you use AI tools to help write this code? _**< YES >**_
|
@martinbrook I may have fixed it incorrectly, I haven't been really following how images subsystems work. Please feel free to fix it properly, if needed. |
…eader#995) ## Summary * Increased `PNG_MAX_BUFFERED_PIXELS` from 6402 to 16416 in `platformio.ini` to support up to 2048px wide RGBA images * adds a check to abort decoding and log an error if the required PNG scanline buffer exceeds the configured `PNG_MAX_BUFFERED_PIXELS`, preventing possible buffer overruns. * fixes crosspoint-reader#993 --- ### AI Usage While CrossPoint doesn't have restrictions on AI tools in contributing, please be transparent about their usage as it helps set the right context for reviewers. Did you use AI tools to help write this code? _**< YES >**_
Summary
PNG_MAX_BUFFERED_PIXELSfrom 6402 to 16416 inplatformio.inito support up to 2048px wide RGBA imagesPNG_MAX_BUFFERED_PIXELS, preventing possible buffer overruns.AI Usage
While CrossPoint doesn't have restrictions on AI tools in contributing, please be transparent about their usage as it
helps set the right context for reviewers.
Did you use AI tools to help write this code? < YES >