mirror of
https://github.com/RGBCube/serenity
synced 2025-07-26 05:07:35 +00:00
LibGfx: Reject GIFs with ridiculously large symbols
This also prevents exploitation by malicious GIFs.
Found by OSS Fuzz, long-standing issue
(since 259f8541fc
)
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29034
This commit is contained in:
parent
39c09cec88
commit
7224308358
1 changed files with 3 additions and 0 deletions
|
@ -335,6 +335,9 @@ static bool decode_frame(GIFLoadingContext& context, size_t frame_index)
|
|||
copy_frame_buffer(*context.frame_buffer, *context.prev_frame_buffer);
|
||||
}
|
||||
|
||||
if (image.lzw_min_code_size > 8)
|
||||
return false;
|
||||
|
||||
LZWDecoder decoder(image.lzw_encoded_bytes, image.lzw_min_code_size);
|
||||
|
||||
// Add GIF-specific control codes
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue