Open
Description
Hi Dr. Lindstrom,
I was working on integrating a WASM fpzip decoder into a web viewer (Neuroglancer). However, the maintainer felt it would be best if fpzip performed bounds checking on arrays for the functions. It can cause buffer overflow issues if the number of bytes is not provided.
fpzip_read_from_buffer(const void* buffer, const size_t num_bytes)fpzip_read(FPZ* fpz, void* data, const size_t num_bytes)
There may be others, but those are the big ones. It seems like this would be backwards incompatible without adding new functions, so perhaps fpzip_read_from_buffer2 and fpzip_read2 would be better?
Thanks so much for your work. Let me know if you need any updates to https://github.com/seung-lab/fpzip . I could potentially help a PR for this as well.
Will
Metadata
Metadata
Assignees
Labels
No labels