Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:FrontRunner
libwebp.29258
libwebp-CVE-2018-25009.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libwebp-CVE-2018-25009.patch of Package libwebp.29258
From 95fd65070662e01cc9170c4444f5c0859a710097 Mon Sep 17 00:00:00 2001 From: Pascal Massimino <skal@google.com> Date: Sun, 1 Jul 2018 20:01:12 -0700 Subject: [PATCH] fix read-overflow while parsing VP8X chunk The available size was not checked before parsing the VP8X data BUG=oss-fuzz:9100,oss-fuzz:9123 Change-Id: I0143cc4554883c1015e2f084a0e371229e04a8ca --- src/mux/muxread.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/mux/muxread.c b/src/mux/muxread.c index fbe9f051..ea07dbfd 100644 --- a/src/mux/muxread.c +++ b/src/mux/muxread.c @@ -264,6 +264,7 @@ WebPMux* WebPMuxCreateInternal(const WebPData* bitstream, int copy_data, chunk_list = MuxGetChunkListFromId(mux, id); // List to add this chunk. if (ChunkSetNth(&chunk, chunk_list, 0) != WEBP_MUX_OK) goto Err; if (id == WEBP_CHUNK_VP8X) { // grab global specs + if (data_size < CHUNK_HEADER_SIZE + VP8X_CHUNK_SIZE) goto Err; mux->canvas_width_ = GetLE24(data + 12) + 1; mux->canvas_height_ = GetLE24(data + 15) + 1; } -- 2.31.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor