[Insight-users] Is the bug tracking page dead?

Hans J. Johnson hjohnson at engineering . uiowa . edu
Fri, 07 Jun 2002 15:00:05 -0500 

Hello,

I have submitted a bug to the http://www.itk.org/cgi-bin/gnatsweb.pl bug 
tracking page, but it looks like that is not being used any longer (Last 
resolved issue was almost 4 months ago, yet this news group is quite 
active).

In case the bug page is not being maintained, I have replicated the bug 
report here.

Regards,
Hans J. Johnson
hans-johnson@uiowa.edu

PS: I am just getting started with ITK, so if there is any else I can do 
to help resolve this issue, please let me know.
PPS: ITK is GREAT!


*Category:* Source
*Synopsis:* MetaImageIO::CanReadFile Segfaults when checking 
non-MetaImage File
*Confidential:* no
*Severity:* serious
*Priority:* high
*Responsible:*
*State:* open
*Quarter:*
*Keywords:*
*Date-Required:*
*Class:* bug
*Submitter-Id:* developers
*Arrival-Date:* Fri Jun 07 15:50:05 -0400 2002
*Closed-Date:*
*Cases:*
*Last-Modified:*
*Originator:* Hans J. Johnson
*Release:* 1.19
*Organization:* The University of Iowa
Mental Health Clinical Research Center
Image Processing Lab
*Environment:* Athlon, Redhat 7.3, ITK IO
*Description:* Module: $RCSfile: itkMetaImageIO.cxx,v $
Version: $Revision: 1.19 $

I have written an Analyze v7.5 file reader. When 
MetaImageIOFactory::RegisterOne() is not included, the reader works just 
fine, but when MetaImageIOFactory::RegisterOne() is included, a 
segmentation fault occurs in MetaImageIO::CanReadFile. The problem is a 
buffer overrun of the variable key[8000] when the 80MB analyze file is 
streamed into that variable.

The fix that I propose below has been tested, and works, but if a binary 
file with more than 8000 bytes and a .mh[da] extension were passed to 
this file, it would likely segfault, instead of throwing an exception.

Just random thoughts on better fixes:
A more thorough solution would be to ensure that no more than the number 
of bytes were streamed into a variable, or to change key[8000] into a 
variable length structure (i.e. std::string).

maxLineLength and restOfTheLine will have similar problems if the first 
line is OK, but the rest is broken.
*File Attachments:*
*How-To-Repeat:* Try to determine the type of a binary file greater than 
8000 bytes long when MetaImageIOFactory is the first one registered.
*Fix:* Replace:
bool MetaImageIO::CanReadFile( const char* filename )
{
WITH:
bool MetaImageIO::CanReadFile( const char* filename )·
{
//MetaImage files must have an mha or mhd extension!
{
const std::string tempfilename=filename;
if( tempfilename == "" ||
!( tempfilename.find(".mha") < tempfilename.length() ||
tempfilename.find(".mhd") < tempfilename.length() ) )
{
return false;
}
}