dany/libwebp
1
0
Fork 0
mirror of https://github.com/webmproject/libwebp.git synced 2024-11-19 20:08:28 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

animdecoder_fuzzer: validate canvas size

Browse Source 
avoids some OOMs due to extreme resolutions

BUG=oss-fuzz:28658

Change-Id: I60b5fb3d7a7d17694a89237d521b851b0897e9fb
This commit is contained in:
James Zern 2020-12-18 11:18:11 -08:00
parent 9eb2638119
commit 6325882327
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
tests/fuzzer/animdecoder_fuzzer.cc
View File

@ -36,6 +36,10 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
WebPAnimInfo info;
if (!WebPAnimDecoderGetInfo(dec, &info)) return 0;
if (!ImgIoUtilCheckSizeArgumentsOverflow(info.canvas_width * 4,
info.canvas_height)) {
return 0;
}
while (WebPAnimDecoderHasMoreFrames(dec)) {
uint8_t* buf;