Home Explore Help
Sign In
software
/
assimp.assimp
mirror of https://github.com/assimp/assimp.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Ply-Importer: Fix vulnerability (#5739)

Kim Kulling 1 year ago
parent
edaf87f186
commit
1e09642382
3 changed files with 39 additions and 0 deletions
Split View Show Diff Stats
  1. 3 0
      code/AssetLib/Ply/PlyLoader.cpp
  2. 30 0
      test/models/PLY/payload_JVN42386607
  3. 6 0
      test/unit/utPLYImportExport.cpp

+ 3 - 0
code/AssetLib/Ply/PlyLoader.cpp
View File 

@@ -448,6 +448,9 @@ void PLYImporter::LoadVertex(const PLY::Element *pcElement, const PLY::ElementIn
 
             mGeneratedMesh->mNumVertices = pcElement->NumOccur;
 
             mGeneratedMesh->mVertices = new aiVector3D[mGeneratedMesh->mNumVertices];
 
         }
 
+        if (pos >= mGeneratedMesh->mNumVertices) {
 
+            throw DeadlyImportError("Invalid .ply file: Too many vertices");
 
+        }
 
 
         mGeneratedMesh->mVertices[pos] = vOut;

File diff suppressed because it is too large
+ 30 - 0
test/models/PLY/payload_JVN42386607


+ 6 - 0
test/unit/utPLYImportExport.cpp
View File 

@@ -203,3 +203,9 @@ TEST_F(utPLYImportExport, parseInvalid) {
 
     const aiScene *scene = importer.ReadFile(ASSIMP_TEST_MODELS_DIR "/invalid/crash-30d6d0f7c529b3b66b4131700b7a4580cd7082df.ply", 0);
 
     EXPECT_EQ(nullptr, scene);
 
 }
 
+
 
+TEST_F(utPLYImportExport, payload_JVN42386607) {
 
+    Assimp::Importer importer;
 
+    const aiScene *scene = importer.ReadFile(ASSIMP_TEST_MODELS_DIR "/PLY/payload_JVN42386607", 0);
 
+   EXPECT_EQ(nullptr, scene);
 
+}

Some files were not shown because too many files changed in this diff