I found a unexpected SEGV bug. This bug is caused by invalid patient name
parsing.
# Environment
Debian unstable
aeskulap 0.2.2-beta2+git20180219.8787e95-1
# How to reproduce it
2. Run aeskulap CR_LEE_IR87a.dcm
It just crash.
** (aeskulap:12216): WARNING **: 22:42:16.808: invalid source position for vertical gradient
prescan: 1
W: DcmItem: Element (0008,1090) found twice in one data set or item, ignoring second entry
W: DcmItem: Element (0008,1090) found twice in one data set or item, ignoring second entry
opened file:CR_LEE_IR87a.dcm
*** stack smashing detected ***: <unknown> terminated
# Details about this bug
This crash is caused by array overrun at std::string Instance::convert_string
which is implemented in imagepool/poolinstance.cpp.
This function assumes that string must be separated by only two '='.
So, if there is three or more '=' is contained in given string, array stack will be smashed because array part is declared as
char part[3][500]. It means that part[4][...] or part[5][...] will be accessed without no guard.
669 std::string Instance::convert_string(const char* dicom_string) {
670 std::string result = "";
671 char part[3][500];
--