Skip to content

Fix out of bounds read in backend_tk. #14461

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 7, 2019
Merged

Fix out of bounds read in backend_tk. #14461

merged 1 commit into from
Jun 7, 2019

Conversation

anntzer
Copy link
Contributor

@anntzer anntzer commented Jun 6, 2019

Really, we should specify somewhere how rounding of bboxes passed to
blit() (and to copy_from_bbox()) works, but at least this patch will
avoid out-of-bounds reads in the tk blit.

@aliaa @cgohlke I think this closes #14225, can you confirm?

PR Summary

PR Checklist

  • Has Pytest style unit tests
  • Code is Flake 8 compliant
  • New features are documented, with examples if plot related
  • Documentation is sphinx and numpydoc compliant
  • Added an entry to doc/users/next_whats_new/ if major new feature (follow instructions in README.rst there)
  • Documented in doc/api/api_changes.rst if API changed in a backward-incompatible way

@anntzer
Fix out of bounds read in backend_tk.
7ba3ea9 
Really, we should specify somewhere how rounding of bboxes passed to
blit() (and to copy_from_bbox()) works, but at least this patch will
avoid out-of-bounds reads in the tk blit.
@anntzer anntzer added the Release critical For bugs that make the library unusable (segfaults, incorrect plots, etc) and major regressions. label Jun 6, 2019
@anntzer anntzer added this to the v3.1.1 milestone Jun 6, 2019
@cgohlke cgohlke mentioned this pull request Jun 6, 2019
Closed
WeatherGod
WeatherGod approved these changes Jun 6, 2019
View reviewed changes
Copy link
Member

@WeatherGod WeatherGod left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

makes sense as a sanitation measure. A little concerned that out-of-bounds stuff can happen, but it is probably benign.

@cgohlke
Copy link
Contributor

cgohlke commented Jun 6, 2019

As an extra layer of protection one could raise an error in mpl_tk_blit if any values are out of bounds, e.g. height < y2 or x1 < 0 etc.

@tacaswell tacaswell merged commit 1c06de3 into matplotlib:master Jun 7, 2019
meeseeksmachine pushed a commit to meeseeksmachine/matplotlib that referenced this pull request Jun 7, 2019
@tacaswell
Backport PR matplotlib#14461: Fix out of bounds read in backend_tk.
daa153f
@meeseeksmachine meeseeksmachine mentioned this pull request Jun 7, 2019
Merged
@tacaswell
Copy link
Member

I will follow up with a PR at the c level.

timhoffm added a commit that referenced this pull request Jun 7, 2019
@timhoffm
Merge pull request #14477 from meeseeksmachine/auto-backport-of-pr-14…
6299c88 
…461-on-v3.1.x

Backport PR #14461 on branch v3.1.x (Fix out of bounds read in backend_tk.)
@anntzer anntzer deleted the tkoutofbounds branch June 7, 2019 06:14
@richardsheridan richardsheridan mentioned this pull request Aug 24, 2021
Merged
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@WeatherGod WeatherGod WeatherGod approved these changes

@QuLogic QuLogic QuLogic approved these changes

Assignees
No one assigned
Labels
Release critical For bugs that make the library unusable (segfaults, incorrect plots, etc) and major regressions.
Projects
None yet
Milestone
v3.1.1
Development

Successfully merging this pull request may close these issues.

Matplotlib crashes on windows while maximizing plot window when using Multicursor
5 participants
@anntzer @cgohlke @tacaswell @WeatherGod @QuLogic