Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15
libwebp
libwebp-CVE-2018-25011.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libwebp-CVE-2018-25011.patch of Package libwebp
From eb82ce76ddca13ad6fb13376bb58b9fd3f850e9e Mon Sep 17 00:00:00 2001 From: James Zern <jzern@google.com> Date: Fri, 29 Jun 2018 01:12:20 -0700 Subject: [PATCH] muxread,anmf: fail on multiple image chunks treat an ANMF chunk containing multiple VP8/VP8L file as malformed. fixes a WebPMuxImage::img_ leak. Though the invalid free in #9106 was avoided in (ubsan): be738c6d muxread,ChunkVerifyAndAssign: validate chunk_size that file would still cause a leak similar to #9099. BUG=oss-fuzz:9099,oss-fuzz:9106 Change-Id: Ib873446a1188afeeb2fe5d53a86b75e0c5de9573 --- src/mux/muxread.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/mux/muxread.c b/src/mux/muxread.c index ef50dae5..fbe9f051 100644 --- a/src/mux/muxread.c +++ b/src/mux/muxread.c @@ -138,6 +138,7 @@ static int MuxImageParse(const WebPChunk* const chunk, int copy_data, wpi->is_partial_ = 1; // Waiting for a VP8 chunk. break; case WEBP_CHUNK_IMAGE: + if (wpi->img_ != NULL) goto Fail; // Only 1 image chunk allowed. if (ChunkSetNth(&subchunk, &wpi->img_, 1) != WEBP_MUX_OK) goto Fail; if (!MuxImageFinalize(wpi)) goto Fail; wpi->is_partial_ = 0; // wpi is completely filled. -- 2.31.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor