Page MenuHomePhabricator
Create Task
Maniphest T4331

memory bug in iil4mitkPicImage::display(*)
Closed, ResolvedPublic
Actions

Description

mitkExp was often crashing with a segmentation fault. The crash
usually/always occurs when I segment at the boundary of the image.

Using gdb I found the position of the seg fault to be in the function
iil4mitkPicImage::display(*), picimage.cpp, line 553.

I think this is because current-line/current+line/current+1/current-1 is
not always valid.

After correcting the code to the following, the application is much more
stable:

int ii = 0, nn = _pic->n[0]*_pic->n[1];
for (current = (mitkIpInt1_t*)_pic->data; current<end; current++, ii++) {

if (*current != 0) {
  if (ii >= line && *(current-line) == 0) {
    glVertex3f( x,     y, 0.0 );
    glVertex3f( x+1.0, y, 0.0 );
  }
  if (ii <= nn-line && *(current+line) == 0) {
    glVertex3f( x,     y+1.0, 0.0 );
    glVertex3f( x+1.0, y+1.0, 0.0 );
  }
  if (ii > 1 && *(current-1) == 0) {
    glVertex3f( x, y,     0.0 );
    glVertex3f( x, y+1.0, 0.0 );
  }
  if (ii < nn-1 && *(current+1) == 0) {
    ...
  }

Event Timeline

lloyd added projects: MITK, Bugzilla.Jun 16 2010, 1:53 PM
lloyd added a subscriber: lloyd.Jun 18 2010, 9:42 AM

A simple test using valgrinds memory checker, shows that such code causes an invalid read (which leads to a seg fault on my machine)

#include <cstdio>

int main(int argc,char **argv) {

const int N = 100;
int line = 2;
int *var = new int[N];
for(int i=0; i<N; i++) var[i] = 0;

var[1] = 1;
var[5] = 1;
var[N-1] = 1;

int *end = var + 9;
int *current;
for(current = var; current<=end; current++) {
if( *(var) == 1) printf("is one\n");
if( *(var-line) == 1) printf("- is one\n"); // INVALID READ HERE SAYS VALGRIND
if( *(var+line) == 1) printf("+ is one\n");
}

delete []var;

return 0;
}

schwarzt added a subscriber: schwarzt.Aug 4 2010, 2:15 PM

Will have a look at this...

schwarzt added a comment.Aug 4 2010, 2:26 PM

You are absolutely right, the index goes out of bounds at direct image borders. Your suggested changes solve this issue, thanks. Will commit them soon.

schwarzt added a comment.Aug 4 2010, 4:28 PM

[SVN revision 25180]
FIX (#4331): IIL4Mitk: When calculating delineation of segmentations, search index could went out of bounds.

nolden added a subscriber: nolden.Jul 27 2011, 11:50 AM

Merging "Utilities" component into "Other"

MITK · MIC · IMSY · DKFZ