Segfault from TransformPaletteC::process()

[jihyunhillpark]

Hi.

I found that the encoder of commit b36d310 crashes for a segfault when it runs with attached test.png. The test was ran on Ubuntu 18.04.3 with kernel 4.15.0-72-generic with x86_64. The crash can be reproduced by the following command.

$ flif test.png target.flif --overwrite

Here’s the the crash stack trace taken with GDB:

#0 0x0000555555676853 in TransformPaletteC::process () at transform/palette_C.hpp:130
#1 0x000055555574af78 in flif_encode () at flif-enc.cpp:914
#2 0x00005555555b3681 in encode_flif () at flif.cpp:344
#3 0x0000555555564dbf in main () at flif.cpp:763

This crash was found with AFL fuzzer, and test.png is originated from not_kitty_alpha.png of the AFL seed corpus.

Hope this help.

[bjorn3]

Development of FLIF has basically stopped. The last comment was 1 year ago. Also several other memory corruption bugs remain unfixed. For example #541.