dany/libwebp
1
0
Fork 0
mirror of https://github.com/webmproject/libwebp.git synced 2024-12-25 21:28:22 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
Mirror only. Please do not send pull requests. See https://chromium.googlesource.com/webm/libwebp/+/HEAD/CONTRIBUTING.md.
4,553 Commits 35 Branches 66 Tags 15 MiB
C 94.3%
C++ 1.4%
Shell 1.1%
CMake 1.1%
M4 1%
Other 1.1%
1669e0dbac
Go to file
James Zern 1669e0dbac EncodeAlphaInternal: add missing error check 
VP8LBitWriterFinish() may cause the VP8LBitWriter's buffer to be grown.
If that allocation fails, VP8LBitWriterNumBytes() will return a size
larger than the current allocation resulting in a heap overwrite of the
missing bytes.

==13==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x61900005b880 at pc 0x00000049ffc1 bp 0x7fff144f5b40 sp 0x7fff144f5310
READ of size 1028 at 0x61900005b880 thread T0
    #0 0x49ffc0 in __asan_memcpy
    #1 0x695861 in VP8BitWriterAppend src/utils/bit_writer_utils.c:186:3
    #2 0x65acf9 in EncodeAlphaInternal src/enc/alpha_enc.c:169:14

Found by Nallocfuzz (https://github.com/catenacyber/nallocfuzz).

This is the same issue that was fixed in the non-alpha lossless path in:
d49cfbb3 vp8l_enc,WriteImage: add missing error check

Bug: chromium:1455619
Change-Id: I6bd10de213707d3d6b7ce3d0d2b3942af45d317f
(cherry picked from commit c3bd7cff2e)
2023-06-22 01:38:01 +00:00
cmake sharpyuv/Makefile.am+cmake: add missing -lm 2022-10-25 15:58:21 -07:00
doc doc/api.md,webp_js/README.md: Webp -> WebP 2022-12-15 18:14:19 -08:00
examples */Android.mk: add a check for NDK_ROOT 2022-12-16 12:10:36 -08:00
extras bump version to 1.3.0 2022-12-16 16:47:42 -08:00
gradle/wrapper update gradle to 6.1.1 2021-01-02 15:51:55 -08:00
imageio */Android.mk: add a check for NDK_ROOT 2022-12-16 12:10:36 -08:00
infra run_static_analysis.sh: fix scan-build archive path 2022-06-13 16:17:42 -07:00
m4 autoconf: update ax_pthread.m4 2013-12-29 11:56:21 -05:00
man man/cwebp.1: add note about crop/resize order 2022-03-17 16:08:34 -07:00
sharpyuv sharpyuv: add SharpYuvGetVersion() 2022-10-28 19:15:32 -07:00
src EncodeAlphaInternal: add missing error check 2023-06-22 01:38:01 +00:00
swig Markdownify libwebp docs and reorganize them. 2022-02-15 15:31:56 +00:00
tests Create libsharpyuv.a in makefile.unix. 2022-08-08 09:40:34 +02:00
webp_js Merge "extras: WebpToSDL -> WebPToSDL" into main 2022-12-16 20:15:12 +00:00
.gitattributes update gradle to 6.1.1 2021-01-02 15:51:55 -08:00
.gitignore .gitignore: add Android Studio & VS code dirs 2022-04-04 10:28:06 -07:00
.mailmap update .mailmap 2022-06-30 19:29:53 -07:00
.pylintrc presubmit: Add pylint-2.7 and .pylintrc 2021-10-12 01:01:14 +00:00
.style.yapf Reformat docstrings and imports 2021-10-04 23:42:35 +00:00
Android.mk */Android.mk: add a check for NDK_ROOT 2022-12-16 12:10:36 -08:00
AUTHORS update AUTHORS 2022-12-16 16:47:36 -08:00
autogen.sh build: just use autoreconf, avoid calling tools manually 2011-03-26 09:50:31 -07:00
build.gradle sharpyuv: add SharpYuvGetCPUInfo 2022-10-26 13:07:01 -07:00
ChangeLog update ChangeLog 2022-12-19 16:23:35 -08:00
CMakeLists.txt extras: WebpToSDL -> WebPToSDL 2022-12-15 18:11:40 -08:00
codereview.settings add codereview.settings 2018-11-07 19:12:35 -08:00
configure.ac bump version to 1.3.0 2022-12-16 16:47:42 -08:00
CONTRIBUTING.md add CONTRIBUTING.md 2021-04-23 18:35:44 -07:00
COPYING Initial commit 2010-09-30 09:55:07 -04:00
gradle.properties Add gradle support 2016-05-24 15:35:20 +02:00
gradlew update gradle to 6.1.1 2021-01-02 15:51:55 -08:00
gradlew.bat update gradle to 6.1.1 2021-01-02 15:51:55 -08:00
iosbuild.sh fix ios build scripts after sharpyuv dep added 2022-03-08 19:52:45 -08:00
Makefile.am Make libwebp depend on libsharpyuv. 2022-03-04 11:35:03 +01:00
makefile.unix sharpyuv: add SharpYuvGetCPUInfo 2022-10-26 13:07:01 -07:00
Makefile.vc sharpyuv: add SharpYuvGetVersion() 2022-10-28 19:15:32 -07:00
NEWS update NEWS 2022-12-16 16:47:42 -08:00
PATENTS fix typo: constitutes -> constitute 2015-04-18 08:46:53 -07:00
PRESUBMIT.py patch-check: detect duplicated files 2021-12-17 00:25:43 +00:00
README.md bump version to 1.3.0 2022-12-16 16:47:42 -08:00
xcframeworkbuild.sh xcframeworkbuild.sh: bump MACOSX_CATALYST_MIN_VERSION 2022-12-15 15:14:44 -08:00

README.md

WebP Codec

      __   __  ____  ____  ____
     /  \\/  \/  _ \/  _ )/  _ \
     \       /   __/  _  \   __/
      \__\__/\____/\_____/__/ ____  ___
            / _/ /    \    \ /  _ \/ _/
           /  \_/   / /   \ \   __/  \__
           \____/____/\_____/_____/____/v1.3.0

WebP codec is a library to encode and decode images in WebP format. This package contains the library that can be used in other programs to add WebP support, as well as the command line tools 'cwebp' and 'dwebp' to compress and decompress images respectively.

See https://developers.google.com/speed/webp for details on the image format.

The latest source tree is available at https://chromium.googlesource.com/webm/libwebp

It is released under the same license as the WebM project. See https://www.webmproject.org/license/software/ or the "COPYING" file for details. An additional intellectual property rights grant can be found in the file PATENTS.

Building

See the building documentation.

Encoding and Decoding Tools

The examples/ directory contains tools to encode and decode images and animations, view information about WebP images, and more. See the tools documentation.

APIs

See the APIs documentation, and API usage examples in the examples/ directory.

Bugs

Please report all bugs to the issue tracker: https://bugs.chromium.org/p/webp

Patches welcome! See how to contribute.

Discuss

Email: webp-discuss@webmproject.org

Web: https://groups.google.com/a/webmproject.org/group/webp-discuss