libfprint issueshttps://gitlab.freedesktop.org/libfprint/libfprint/-/issues2020-05-04T11:20:30Zhttps://gitlab.freedesktop.org/libfprint/libfprint/-/issues/98Possible integer overflow in ./examples/img_capture_continuous.c2020-05-04T11:20:30ZBastien NoceraPossible integer overflow in ./examples/img_capture_continuous.cFrom https://bugs.launchpad.net/ubuntu/+source/libfprint/+bug/1745454/comments/2
> - main() in ./examples/img_capture_continuous.c integer overflows in
> malloc()From https://bugs.launchpad.net/ubuntu/+source/libfprint/+bug/1745454/comments/2
> - main() in ./examples/img_capture_continuous.c integer overflows in
> malloc()1.0https://gitlab.freedesktop.org/libfprint/libfprint/-/issues/95Possible large mem alloc in sanitize_image()2020-05-04T09:51:16ZBastien NoceraPossible large mem alloc in sanitize_image()From https://bugs.launchpad.net/ubuntu/+source/libfprint/+bug/1745454/comments/2
> - sanitize_image() does not validate reasonable height and width
> parametersFrom https://bugs.launchpad.net/ubuntu/+source/libfprint/+bug/1745454/comments/2
> - sanitize_image() does not validate reasonable height and width
> parameters1.0https://gitlab.freedesktop.org/libfprint/libfprint/-/issues/91Possible integer overflow in alloc_power_stats()2018-12-13T14:57:11ZBastien NoceraPossible integer overflow in alloc_power_stats()From https://bugs.launchpad.net/ubuntu/+source/libfprint/+bug/1745454/comments/2
> - alloc_power_stats() multiple integer overflow possibilities; parameter
> 'nstats' appears to come from outside the library in at least one code
> pa...From https://bugs.launchpad.net/ubuntu/+source/libfprint/+bug/1745454/comments/2
> - alloc_power_stats() multiple integer overflow possibilities; parameter
> 'nstats' appears to come from outside the library in at least one code
> path, so this routine should handle large values properly: change the
> malloc() calls to calloc() calls.1.0https://gitlab.freedesktop.org/libfprint/libfprint/-/issues/92Possible integer overflow in morph_TF_map()2018-12-13T14:56:59ZBastien NoceraPossible integer overflow in morph_TF_map()From https://bugs.launchpad.net/ubuntu/+source/libfprint/+bug/1745454/comments/2
> - morph_TF_map() multiplies mw and mh together for memory allocations,
> loop bounds; I could not find any constraints on inputs for these
> parameter...From https://bugs.launchpad.net/ubuntu/+source/libfprint/+bug/1745454/comments/2
> - morph_TF_map() multiplies mw and mh together for memory allocations,
> loop bounds; I could not find any constraints on inputs for these
> parameters. It's possible the inputs come from within the library, I
> lost track at a global parameter. I think this routine should enforce
> reasonable sizes on these parameters before performing memory allocation
> and calcuating loop bounds.1.0https://gitlab.freedesktop.org/libfprint/libfprint/-/issues/96Possible integer overflow in pixelize_map()2018-12-13T14:56:46ZBastien NoceraPossible integer overflow in pixelize_map()From https://bugs.launchpad.net/ubuntu/+source/libfprint/+bug/1745454/comments/2
> - pixelize_map() integer overflows in malloc(), loop boundsFrom https://bugs.launchpad.net/ubuntu/+source/libfprint/+bug/1745454/comments/2
> - pixelize_map() integer overflows in malloc(), loop bounds1.0https://gitlab.freedesktop.org/libfprint/libfprint/-/issues/97Possible integer overflow in allocate_contour()2018-12-13T14:56:39ZBastien NoceraPossible integer overflow in allocate_contour()From https://bugs.launchpad.net/ubuntu/+source/libfprint/+bug/1745454/comments/2
> - allocate_contour() integer overflows in malloc()From https://bugs.launchpad.net/ubuntu/+source/libfprint/+bug/1745454/comments/2
> - allocate_contour() integer overflows in malloc()1.0https://gitlab.freedesktop.org/libfprint/libfprint/-/issues/99Possible integer overflow in gen_initial_maps()2018-12-13T14:56:30ZBastien NoceraPossible integer overflow in gen_initial_maps()From https://bugs.launchpad.net/ubuntu/+source/libfprint/+bug/1745454/comments/2
> - gen_initial_maps() integer overflows in malloc(), memset() callsFrom https://bugs.launchpad.net/ubuntu/+source/libfprint/+bug/1745454/comments/2
> - gen_initial_maps() integer overflows in malloc(), memset() calls1.0https://gitlab.freedesktop.org/libfprint/libfprint/-/issues/100Possible integer overflow in interpolate_direction_map()2018-12-13T14:56:21ZBastien NoceraPossible integer overflow in interpolate_direction_map()From https://bugs.launchpad.net/ubuntu/+source/libfprint/+bug/1745454/comments/2
> - interpolate_direction_map() integer overflows in malloc(), memcpy() callsFrom https://bugs.launchpad.net/ubuntu/+source/libfprint/+bug/1745454/comments/2
> - interpolate_direction_map() integer overflows in malloc(), memcpy() calls1.0https://gitlab.freedesktop.org/libfprint/libfprint/-/issues/101Possible integer overflow in gen_high_curve_map()2018-12-13T14:56:12ZBastien NoceraPossible integer overflow in gen_high_curve_map()From https://bugs.launchpad.net/ubuntu/+source/libfprint/+bug/1745454/comments/2
> - gen_high_curve_map() integer overflows in malloc(), memset() callsFrom https://bugs.launchpad.net/ubuntu/+source/libfprint/+bug/1745454/comments/2
> - gen_high_curve_map() integer overflows in malloc(), memset() calls1.0https://gitlab.freedesktop.org/libfprint/libfprint/-/issues/103Possible integer overflow in gen_quality_map()2018-12-13T14:55:57ZBastien NoceraPossible integer overflow in gen_quality_map()From https://bugs.launchpad.net/ubuntu/+source/libfprint/+bug/1745454/comments/2
> - gen_quality_map() integer overflows in malloc(), array indexFrom https://bugs.launchpad.net/ubuntu/+source/libfprint/+bug/1745454/comments/2
> - gen_quality_map() integer overflows in malloc(), array index1.0https://gitlab.freedesktop.org/libfprint/libfprint/-/issues/129Document image manipulation functions2018-12-03T15:10:42ZBastien NoceraDocument image manipulation functionsFrom libfprint-undocumented.txt:
```
fpi_assemble_frames (<parameters>)
fpi_assemble_lines (<parameters>)
fpi_do_movement_estimation (<parameters>)
fpi_frame (<items>)
fpi_frame_asmbl_ctx (<items>)
fpi_line_asmbl_ctx (<items>)
fpi_mean_s...From libfprint-undocumented.txt:
```
fpi_assemble_frames (<parameters>)
fpi_assemble_lines (<parameters>)
fpi_do_movement_estimation (<parameters>)
fpi_frame (<items>)
fpi_frame_asmbl_ctx (<items>)
fpi_line_asmbl_ctx (<items>)
fpi_mean_sq_diff_norm (<parameters>)
fpi_std_sq_dev (<parameters>)
```
@anarsoul any chance you could document those? They are the last functions for driver development in libfprint that aren't documented.
I'd like this to be documented before mid-December, so I can release a pre-1.0 version for testing, finishing up the first round of modernisation in libfprint.1.0