In app/mvox.cpp:268-270, the user can override nx, ny, nz via command-line options:
if (nx == 0) nx = size[0];
if (ny == 0) ny = size[1];
if (nz == 0) nz = size[2];
If the user sets values larger than the actual image dimensions, the loops at lines 363-364 and 449 index past the image buffer:
int mask = masks[i]; // out of bounds
int attr = attributes[i]; // out of bounds
The same issue applies to the tensor image, and there is no validation that the masks, attributes, and tensor images have matching dimensions.
Fix: Validate user-provided dimensions do not exceed actual image size, and check that all input images have the same dimensions.
In
app/mvox.cpp:268-270, the user can overridenx,ny,nzvia command-line options:If the user sets values larger than the actual image dimensions, the loops at lines 363-364 and 449 index past the image buffer:
The same issue applies to the tensor image, and there is no validation that the masks, attributes, and tensor images have matching dimensions.
Fix: Validate user-provided dimensions do not exceed actual image size, and check that all input images have the same dimensions.