Security context

What an agent needs to avoid regressing past fixes and find the next vuln in this repo.

lemenkov/libyuv
main @ afff0cf
18
Fixes
0
CVEs
HIGH
Peak severity
Highlights
Integer Overflow: 9 prior fixes. Scrutinize any change in this area.
source/convert_to_i420.cc: most-fixed (4 issues). Treat as high-risk during review.
15 high-severity fixes in this history; regressions here are high-impact.
Recurring patterns

The bug types that recur here, drawn from past fixes, not open vulnerabilities.

Integer Overflow: Negative image height parameters (such as INT_MIN) trigger integer negation overflows and incorrect offset calculations during coordinate mapping. Developers must strictly sanitize height inputs before performing any negation or absolute value calculations.
Integer Overflow: Unbounded width and height arguments in scaling operations lead to integer overflows in fixed-point math and stride calculations. Enforcing strict upper-bound limits (e.g., 32768 pixels) and casting stride operands to 64-bit types (ptrdiff_t) is critical to prevent heap overflows.
Out-of-bounds Read: Parsing untrusted JPEG and MJPEG container streams without validating buffer boundaries during marker scanning allows out-of-bounds reads. Any logic advancing input pointers or scanning markers must enforce strict remaining-size bounds checks.