On Thu, 22 Jan 2026 17:57:42 GMT, Phil Race <[email protected]> wrote:
>> Some of the medialib native functions implementing Convolve read data from >> arrays when it is not needed or used instead of reading just what is needed >> and used. >> This is detected as a read out of bounds. It is limited and hasn't been seen >> to result in any crashes without ASAN, and the OOB values that are read are >> never used so there's a very limited problem. >> The changes here make the mlib_ImageConv_*nw.c files match what happens in >> the mlib_ImageConv_*ext.c files which read just the data they need. >> The changes are fairly mechanical but there could be copy/paste errors for a >> reviewer to find. >> >> Not easy to provide a test case, building with --enable-asan is needed and >> for me it works only on macOS. >> I did that and ran all our existing automated tests on our CI systems. > > Phil Race has updated the pull request incrementally with one additional > commit since the last revision: > > 8373626 Looks like we need to delete or update code at some places. src/java.desktop/share/native/libmlib_image/mlib_ImageConv_16nw.c line 922: > 920: off += kw; > 921: > 922: p2 = sp[0]; p3 = sp[chan1]; p4 = sp[chan2]; Do we need to delete these lines? Since the values are getting copied individually for each conditions? src/java.desktop/share/native/libmlib_image/mlib_ImageConv_8nw.c line 923: > 921: off += kw; > 922: > 923: sp += (kw - 1)*chan1; Do we need to move this change in address of `sp` to each conditions? ------------- PR Review: https://git.openjdk.org/jdk/pull/29257#pullrequestreview-3818618306 PR Review Comment: https://git.openjdk.org/jdk/pull/29257#discussion_r2821164498 PR Review Comment: https://git.openjdk.org/jdk/pull/29257#discussion_r2821233636
