LibGfx: Make all image decoders reject image sizes above 16384 pixels

Let's just say no to shenanigans by capping images at 16384 pixels both wide and tall. If a day comes in the future where we need to handle images larger than this, we can deal with it then.
2025-10-31 19:12:43 +00:00 · 2020-12-25 00:19:06 +01:00 · 2020-12-25 00:19:06 +01:00 · edf01803cd
commit edf01803cd
parent a5f4cb78cf
7 changed files with 38 additions and 10 deletions
--- a/Libraries/LibGfx/BMPLoader.cpp
+++ b/Libraries/LibGfx/BMPLoader.cpp
@ -518,6 +518,11 @@ static bool decode_bmp_core_dib(BMPLoadingContext& context, Streamer& streamer)
        return false;
    }

+    if (static_cast<size_t>(core.width) > maximum_width_for_decoded_images || static_cast<size_t>(abs(core.height)) > maximum_height_for_decoded_images) {
+        dbgln("This BMP is too large for comfort: {}x{}", core.width, abs(core.height));
+        return false;
+    }
+
    auto color_planes = streamer.read_u16();
    if (color_planes != 1) {
        IF_BMP_DEBUG(dbg() << "BMP has an invalid number of color planes: " << color_planes);