The root cause was an unchecked access to the `newMats` vector using `matIdx`.
When a material name (`meshMaterial`) is not found in `mMaterialIndexByName`,
`matIdx` defaults to 0. If `newMats` is empty (which happens if the material
library is empty or failed to load), accessing `newMats[0]` results in a
container-overflow.
The fix involves adding a bounds check `matIdx < newMats.size()` to the
condition guarding the access to `newMats`. Additionally, based on maintainer
feedback, I added a warning log `ASSIMP_LOG_WARN` when the index is out of
bounds, to inform the user about the missing material definition or broken
reference.
I verified the fix using the provided reproduction command. The
container-overflow is no longer triggered. I also built and ran the unit tests.
Since `bin/unit` was missing, I manually built the unit tests using
`cmake.real` and `ninja` in `/src/assimp/build_tests` with
`ASSIMP_BUILD_TESTS=ON`, `ASSIMP_BUILD_ZLIB=ON`, and
`ASSIMP_WARNINGS_AS_ERRORS=OFF` (to bypass a gtest compilation warning), and
updated `run_tests.sh` to point to the built binary. All 584 tests passed.
Fixes: https://issues.oss-fuzz.com/issues/483102958
Signed-off-by: Bill Wendling <morbo@google.com>
Co-authored-by: CodeMender <codemender-patching@google.com>
Co-authored-by: Kim Kulling <kimkulling@users.noreply.github.com>
* Update copyright year and project version
- Fixes version in lib
* Update copyright year to 2026
* Update copyright year to 2026 in Version.cpp
* Update copyright year and version patch test
* Fix copyright year
* Adapt copyrights
* Fix Whitespace
No functional changes. This commit removes trailing spaces, undesired line breaks, and formatting screwups.
* Remove more useless line breaks in license (500 out of 630 license copies do NOT use double line breaks here)
---------
Co-authored-by: Krishty <krishty@krishty.com>
Co-authored-by: Kim Kulling <kimkulling@users.noreply.github.com>
* Allow empty slots in aiMesh::mTextureCoords.
1.Explicitly say in documentation that empty slots are allowed (it was unclear).
2.Change GetNumUVChannels() implementation to allow empty slots.
3.Revert fraction of 2da2835b29 where empty slots are detected and error logged.
* Fix#5632 by reverting fraction of d6aacefa1e where Collada texcoords are renumbered to avoid empty slots.
---------
Co-authored-by: Kim Kulling <kimkulling@users.noreply.github.com>
This commit does not add or remove c’tors or d’tors, so it is *not* ABI-breaking.
If a c’tor/d’tor does nothing else than the default behavior, this commit replaces it with “= default”.
If an initializer list entry does nothing else than the default behavior, this commit removes it. First and foremost, remove default c’tor calls of base classes (always called by the compiler if no other base c’tor is explicitly called) and c’tor calls of members with complex types (e.g. “std::vector”).
In a few instances, user-defined copy c’tors / move c’tors / assignment operators / move assignment operators were replaced with “= default”, too. I only did this if I had a clear understanding of what’s going on.
BaseImporter::SearchFileHeaderForToken() expected a pointer to a non-const token list. This was probably an oversight, as nobody would realistically expect the function to change the list. Furthermore, it prevented token lists from being compiled to read-only memory, in some cases even causing the compiler to generate thread-safe initialization.
The list is now const and all callers declare their token lists static const, thus compiling them to read-only memory.
The search for a matching importer had a few issues, see #3791. There were two different mechanisms to determine whether an importer accepts a specific file extension:
1. `aiImporterDesc::mFileExtensions`, which was forwarded to the UI via `BaseImporter::GetExtensionList()`.
2. `BaseImporter::CanRead()` when called with `checkSig == false`, which determines whether to actually use that importer.
Both were redundant and got out of sync repeatedly. I removed 2. completely and replaced it with 1., thereby syncing UI/import and shortening all `BaseImporter::CanRead()` implementations.
Further bugfixes:
- fixed glTF2 importer throwing exceptions when checking whether it can load a file
- removed `BaseImporter::SimpleExtensionCheck()` because it is no longer used and had a bug with case sensitivity
Since the `checkSig` parameter in `BaseImporter::CanRead()` is now useless, it can be removed completely. I’m not sure if this would break ABI compatiblity, so I’ll submit it with a later pull request.
std::string s(""); s = ""; calls the copy constructor, which in turn calls strlen(), … assigning a default-constructed string generates fewer instructions and is therefore preferred.
With C++11 uniform initialization, you’d simply write s = { } instead.
