Skip to content

Test: regression for signed atoi() -> unsigned wrap in IccTagXml ParseXml (#1346)#1350

Merged
xsscx merged 2 commits into
masterfrom
test-1346-imageparse-atoi-unsigned-regression
Jun 14, 2026
Merged

Test: regression for signed atoi() -> unsigned wrap in IccTagXml ParseXml (#1346)#1350
xsscx merged 2 commits into
masterfrom
test-1346-imageparse-atoi-unsigned-regression

Conversation

@colourbill-ctrl

@colourbill-ctrl colourbill-ctrl commented Jun 14, 2026

Copy link
Copy Markdown
Contributor

Summary

Deterministic regression for the #1346 sweep (fix: #1349). Replays a PoC profile with a negative cicpFields ColorPrimaries attribute through iccFromXml; under the integer / implicit-conversion sanitizer it fails if UBSan's implicit-integer-sign-change diagnostic reappears, and skips cleanly on a plain build.

Files

  • .github/ci/test-data/ub-cicp-colorprimaries-1346.xml — PoC: a valid copy of Testing/HDR/BT2100PQFullScene.xml with ColorPrimaries="-1". Because it is otherwise valid, iccFromXml parses and saves it; the pass/fail signal is purely the sanitizer diagnostic, not the tool exit code.
  • .github/scripts/iccdev-issue-1346-imageparse-atoi-unsigned-regression.sh — gates on the build's CMakeCache.txt (ENABLE_INTEGER_SANITIZER/ENABLE_UBSAN, or an explicit -fsanitize=*integer/undefined/implicit); [SKIP]s otherwise; signal = presence of runtime error: implicit conversion. Exit 0 pass/skip, 2 on finding.
  • Build/Cmake/Testing/CMakeLists.txt — registers iccdev.issue-1346-imageparse-atoi-unsigned-regression (labels include ubsan).

Scope note

This exercises the implicit Class A arm of the sweep. The explicit-cast Class B sites carry an (icUIntNN) cast that suppresses the UBSan check, so they are invisible to any sanitizer-based test by construction — they are guarded by the shared icXmlAttrToUInt() helper and review in #1349, not here.

Verification (clang-18, -DENABLE_ASAN=ON -DENABLE_UBSAN=ON -DENABLE_INTEGER_SANITIZER=ON)

⚠️ Expected to stay red on master until the fix #1349 is merged — the regression is doing its job by detecting the unfixed UB. Merge #1349 first, then this goes green (fork-gate split: fix on fork, test upstream).

🤖 Generated with Claude Code

@colourbill-ctrl @claude
Test: regression for signed atoi() -> unsigned wrap in IccTagXml Pars…
b651f3c 
…eXml (#1346)

Replays a PoC profile (a valid copy of Testing/HDR/BT2100PQFullScene.xml with
cicpFields ColorPrimaries set to -1) through iccFromXml.  Under the integer /
implicit-conversion sanitizer the test FAILS if UBSan's
implicit-integer-sign-change diagnostic at the cicp ParseXml site reappears,
and SKIPS cleanly on a plain build (it gates on the build's CMakeCache).

Covers the implicit "Class A" arm of the #1346 sweep; the explicit-cast
"Class B" sites are invisible to any sanitizer by construction and are guarded
by the shared icXmlAttrToUInt() helper / review instead.

Verified: FAILS (exit 2, UB at IccTagXml.cpp:1172 CIccTagXmlCicp::ParseXml)
against pre-fix master, PASSES against the #1349 fix, SKIPS without the
sanitizer.  Registered as iccdev.issue-1346-imageparse-atoi-unsigned-regression.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@github-actions github-actions Bot added Testing CTest, regression, or test coverage Scripts Shell, PowerShell, or repository automation scripts Configuration Repository, CMake, YAML, JSON, or tool configuration Build Build system, CMake, compiler, or packaging Unix Linux, macOS, Bash, or POSIX shell scope labels Jun 14, 2026
@colourbill-ctrl colourbill-ctrl mentioned this pull request Jun 14, 2026
Closed
@github-actions github-actions Bot added the pending CI checks still running label Jun 14, 2026
@github-actions github-actions Bot added failed One or more CI checks failed and removed pending CI checks still running labels Jun 14, 2026
xsscx
xsscx approved these changes Jun 14, 2026
View reviewed changes

@xsscx xsscx left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

2026-06-14 20:01:37 UTC

@colourbill-ctrl

colourbill-ctrl commented Jun 14, 2026

Copy link
Copy Markdown
Contributor Author

@xsscx note on the red CTest ASAN+UBSAN check here:

Expected red-by-design — the paired fix (#1349) is not merged yet, so master still has the signed atoi()→unsigned wrap and the regression correctly fails on it (UBSan implicit conversion at IccTagXml.cpp:1172, CIccTagXmlCicp::ParseXml).

Sequence to green:

  1. merge fix Fix: signed atoi() -> unsigned wrap across IccTagXml ParseXml handlers (#1346) #1349
  2. I refresh this branch with master
  3. CTest goes green → merge this test PR

Verified locally: FAILS on pre-fix master, PASSES with #1349, SKIPS on a non-sanitizer build.

@github-actions github-actions Bot added pending CI checks still running failed One or more CI checks failed and removed failed One or more CI checks failed pending CI checks still running labels Jun 14, 2026
@github-actions github-actions Bot added pending CI checks still running and removed failed One or more CI checks failed labels Jun 14, 2026
@xsscx xsscx enabled auto-merge (squash) June 14, 2026 22:16
@xsscx xsscx merged commit dc44d18 into master Jun 14, 2026
31 checks passed
@colourbill-ctrl colourbill-ctrl mentioned this pull request Jun 14, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@xsscx xsscx xsscx approved these changes

@ChrisCoxArt ChrisCoxArt Awaiting requested review from ChrisCoxArt ChrisCoxArt is a code owner

@maxderhak maxderhak Awaiting requested review from maxderhak maxderhak is a code owner

@dwtza dwtza Awaiting requested review from dwtza dwtza is a code owner

Assignees

@colourbill-ctrl colourbill-ctrl

Labels

Build Build system, CMake, compiler, or packaging Configuration Repository, CMake, YAML, JSON, or tool configuration pending CI checks still running Scripts Shell, PowerShell, or repository automation scripts Testing CTest, regression, or test coverage Unix Linux, macOS, Bash, or POSIX shell scope

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@colourbill-ctrl @xsscx