Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

ellipse() bug found!

I am using OpenCV 2.4.6, I am sorry if this was corrected in the most recent versions.

If I call ellipse() as:

ellipse(image, RotatedRect(Point2f(-78877.320,-79104.328),Size2f(1.0649987e-010f,3.1949962e-010f),0.0f), CV_RGB(255, 0, 0), 1, 8); // OpenCV Bug discovered!

being image a 640x480 image, my program crashes.

ellipse() calls EllipeseEx() who calls ellipse2Poly() who crashes.

ellipse() does:

Point center(cvRound(box.center.x*(1 << XY_SHIFT)), cvRound(box.center.y*(1 << XY_SHIFT)));

which makes center.x and center.y equals to INT_MIN. this way ellipse2Poly() crashes when it tries in it's last line to acessa an empty vector [0] position in:

if( pts.size() < 2 )
        pts.push_back(pts[0]);

since for this case

if( pt != prevPt )
            pts.push_back(pt);

Is never != so the push_back() is never executed.

The code should be changed to

if( pts.size() < 2  && pts.size() > 0 )
        pts.push_back(pts[0]);

So this way, the vector will be never acessed in case it's empty, crashing the program.

I am sorry to not submit this to the repository myself, I just can't upload that code right now.

ellipse() bug found!

I am using OpenCV 2.4.6, I cant test it in the most recent versions, so I thougt it will be just better to place it in here...I am sorry if this was already corrected in the most recent versions.ones.

If I call ellipse() as:

ellipse(image, RotatedRect(Point2f(-78877.320,-79104.328),Size2f(1.0649987e-010f,3.1949962e-010f),0.0f), CV_RGB(255, 0, 0), 1, 8); // OpenCV Bug discovered!

being image a 640x480 image, my program crashes.

ellipse() calls EllipeseEx() who calls ellipse2Poly() who crashes.

ellipse() does:

Point center(cvRound(box.center.x*(1 << XY_SHIFT)), cvRound(box.center.y*(1 << XY_SHIFT)));

which makes center.x and center.y equals to INT_MIN. this way ellipse2Poly() crashes when it tries in it's last line to acessa an empty vector [0] position in:

if( pts.size() < 2 )
        pts.push_back(pts[0]);

since for this case

if( pt != prevPt )
            pts.push_back(pt);

Is never != so the push_back() is never executed.

The code should be changed to

if( pts.size() < 2  && pts.size() > 0 )
        pts.push_back(pts[0]);

So this way, the vector will be never acessed in case it's empty, crashing the program.

I am sorry to not submit this to the repository myself, I just can't upload that code right now.