Safer I/O
Currently we:
- Completely read input into a buffer (either from stdin or a file)
-
Do not check what the header dimensions arefixed in !15 (merged) - Do not impose an upper bound on how many chunks we are processing (in case we have more chunks than the header dimensions would have us believe, or just more chunks than memory would allow for)
In the short term we should probably:
-
read the header first and bail if the resulting expected pixel count is too high (reference implementation sets this at 4000000) (fixed in !15 (merged)) -
bail if the number of chunks has exceeded this limit
Longer term we could try and support streaming (so that we don't read the whole file at once, create the whole vector of pixels at once, etc. etc.)
Edited by Tristan Matthews